Add figure management script
This commit is contained in:
jaseg
parent
26bbd76ae0
commit
0238e388cd
29 changed files with 1320 additions and 0 deletions
45
main.bib
45
main.bib
|
|
@ -15,6 +15,14 @@
|
|||
file = {/home/jaseg/Zotero/storage/7C2Z5Y9P/Adhikari et al. - 2022 - Don't Look Up Ubiquitous Data Exfiltration Pathwa.pdf}
|
||||
}
|
||||
|
||||
@article{albertiniHowAbuseFix,
|
||||
title = {How to {{Abuse}} and {{Fix Authenticated Encryption Without Key Commitment}}},
|
||||
author = {Albertini, Ange and Duong, Thai and Gueron, Shay and Kölbl, Stefan and Luykx, Atul and Schmieg, Sophie},
|
||||
abstract = {Authenticated encryption (AE) is used in a wide variety of applications, potentially in settings for which it was not originally designed. Recent research tries to understand what happens when AE is not used as prescribed by its designers. A question given relatively little attention is whether an AE scheme guarantees “key commitment”: ciphertext should only decrypt to a valid plaintext under the key used to generate the ciphertext. Generally, AE schemes do not guarantee key commitment as it is not part of AE’s design goal. Nevertheless, one would not expect this seemingly obscure property to have much impact on the security of actual products. In reality, however, products do rely on key commitment. We discuss three recent applications where missing key commitment is exploitable in practice. We provide proof-of-concept attacks via a tool that constructs AES-GCM ciphertext which can be decrypted to two plaintexts valid under a wide variety of file formats, such as PDF, Windows executables, and DICOM. Finally we discuss two solutions to add key commitment to AE schemes which have not been analyzed in the literature: a generic approach that adds an explicit key commitment scheme to the AE scheme, and a simple fix which works for AE schemes like AES-GCM and ChaCha20Poly1305, but requires separate analysis for each scheme.},
|
||||
langid = {english},
|
||||
file = {/home/jaseg/Zotero/storage/586UJPWU/Albertini et al. - How to Abuse and Fix Authenticated Encryption With.pdf}
|
||||
}
|
||||
|
||||
@article{alomairInformationTheoreticallySecure,
|
||||
title = {Information {{Theoretically Secure Encryption}} with {{Almost Free Authentication}}},
|
||||
author = {Alomair, Basel},
|
||||
|
|
@ -649,6 +657,25 @@
|
|||
file = {/home/jaseg/Zotero/storage/LZU2NVHW/Castryck and Decru - 2023 - An Efficient Key Recovery Attack on SIDH.pdf}
|
||||
}
|
||||
|
||||
@incollection{chanCommittingAuthenticatedEncryption2022,
|
||||
title = {On {{Committing Authenticated-Encryption}}},
|
||||
booktitle = {Computer {{Security}} – {{ESORICS}} 2022},
|
||||
author = {Chan, John and Rogaway, Phillip},
|
||||
editor = {Atluri, Vijayalakshmi and Di Pietro, Roberto and Jensen, Christian D. and Meng, Weizhi},
|
||||
date = {2022},
|
||||
volume = {13555},
|
||||
pages = {275--294},
|
||||
publisher = {Springer Nature Switzerland},
|
||||
location = {Cham},
|
||||
doi = {10.1007/978-3-031-17146-8_14},
|
||||
url = {https://link.springer.com/10.1007/978-3-031-17146-8_14},
|
||||
urldate = {2024-08-26},
|
||||
abstract = {We provide a strong definition for committing authenticatedencryption (cAE), as well as a framework that encompasses earlier and weaker definitions. The framework attends not only to what is committed but also the extent to which the adversary knows or controls keys. We slot into our framework strengthened cAE-attacks on GCM and OCB. Our main result is a simple and efficient construction, CTX, that makes a nonce-based AE (nAE) scheme committing. The transformed scheme achieves the strongest security notion in our framework. Just the same, the added computational cost (on top of the nAE scheme’s cost) is a single hash over a short string, a cost independent of the plaintext’s length. And there is no increase in ciphertext length compared to the base nAE scheme. That such a thing is possible, let alone easy, upends the (incorrect) intuition that you can’t commit to a plaintext or ciphertext without hashing one or the other. And it motivates a simple and practical tweak to AE-schemes to make them committing.},
|
||||
isbn = {978-3-031-17145-1 978-3-031-17146-8},
|
||||
langid = {english},
|
||||
file = {/home/jaseg/Zotero/storage/EPWFII67/Chan and Rogaway - 2022 - On Committing Authenticated-Encryption.pdf}
|
||||
}
|
||||
|
||||
@inproceedings{chatterjeeARDWAugmentedReality2022,
|
||||
title = {{{ARDW}}: {{An Augmented Reality Workbench}} for {{Printed Circuit Board Debugging}}},
|
||||
shorttitle = {{{ARDW}}},
|
||||
|
|
@ -1167,6 +1194,24 @@
|
|||
file = {/home/jaseg/Zotero/storage/Z5G4ZLGR/Gonzalez et al. - 2013 - Information Theoretically Secure, Enhanced Johnson.pdf}
|
||||
}
|
||||
|
||||
@article{gonzalezLayerLayerPatterned2022,
|
||||
title = {Layer by {{Layer}}, {{Patterned Valves Enable Programmable Soft Surfaces}}},
|
||||
author = {Gonzalez, Jesse T. and Hudson, Scott E.},
|
||||
date = {2022-03-29},
|
||||
journaltitle = {Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies},
|
||||
shortjournal = {Proc. ACM Interact. Mob. Wearable Ubiquitous Technol.},
|
||||
volume = {6},
|
||||
number = {1},
|
||||
pages = {1--25},
|
||||
issn = {2474-9567},
|
||||
doi = {10.1145/3517251},
|
||||
url = {https://dl.acm.org/doi/10.1145/3517251},
|
||||
urldate = {2024-08-02},
|
||||
abstract = {Programmable surfaces, which can be instructed to alter their shape or texture, may one day serve as a platform for tangible interfaces and adaptive environments. But so far, these structures have been constrained in scale by a challenging fabrication process, as the numerous constituent actuators must be built and assembled individually. We look towards emerging trends in mechanical engineering and consider an alternate framework — layer-driven design, which enables the production of dynamic, discretely-actuated surfaces at multiple scales. By centering the construction around patterning and stacking, forgoing individual assembly in favor of bulk processes such as photo-etching and laser cutting, we avoid the need for multiple manufacturing steps that are repeated for each of the many actuators that compose the surface. As an instance of this layer-driven model, we build an array of electrostatic valves, and use this composite material (which we refer to as Stoma-Board) to drive four types of pneumatic transducers. We also show how this technique may be readily industrialized, through integration with the highly mature and automated manufacturing processes of modern electronics. CCS Concepts: • Hardware → PCB design and layout; • Human-centered computing → Haptic devices; Interface design prototyping; • Computer systems organization → Robotics.},
|
||||
langid = {english},
|
||||
file = {/home/jaseg/Zotero/storage/MMG6X3Q8/Gonzalez and Hudson - 2022 - Layer by Layer, Patterned Valves Enable Programmab.pdf}
|
||||
}
|
||||
|
||||
@incollection{goosInformationTheoreticallySecure1999,
|
||||
title = {Information {{Theoretically Secure Communication}} in the {{Limited Storage Space Model}}},
|
||||
booktitle = {Advances in {{Cryptology}} — {{CRYPTO}}’ 99},
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue