{"results":[{"id":"arxiv_2512.09150","title":"Exposing Vulnerabilities in Counterfeit Prevention Systems Utilizing Physically Unclonable Surface Features","authors":[{"name":"Anirudh Nakra"},{"name":"Nayeeb Rashid"},{"name":"Chau-Wai Wong"},{"name":"Min Wu"}],"abstract":"Counterfeit products pose significant risks to public health and safety through infiltrating untrusted supply chains. Among numerous anti-counterfeiting techniques, leveraging inherent, unclonable microscopic irregularities of paper surfaces is an accurate and cost-effective solution. Prior work of this approach has focused on enabling ubiquitous acquisition of these physically unclonable features (PUFs). However, we will show that existing authentication methods relying on paper surface PUFs may be vulnerable to adversaries, resulting in a gap between technological feasibility and secure real-world deployment. This gap is investigated through formalizing an operational framework for paper-PUF-based authentication. Informed by this framework, we reveal system-level vulnerabilities across both physical and digital domains, designing physical denial-of-service and digital forgery attacks to disrupt proper authentication. The effectiveness of the designed attacks underscores the strong need for security countermeasures for reliable and resilient authentication based on paper PUFs. The proposed framework further facilitates a comprehensive, stage-by-stage security analysis, guiding the design of future counterfeit prevention systems. This analysis delves into potential attack strategies, offering a foundational understanding of how various system components, such as physical features and verification processes, might be exploited by adversaries.","source":"arXiv","year":2025,"language":"en","subjects":["cs.CR","eess.SP"],"url":"https://arxiv.org/abs/2512.09150","pdf_url":"https://arxiv.org/pdf/2512.09150","is_open_access":true,"published_at":"2025-12-09T21:59:11Z","score":69},{"id":"arxiv_2510.22566","title":"FAARM: Firmware Attestation and Authentication Framework for Mali GPUs","authors":[{"name":"Md. Mehedi Hasan"}],"abstract":"Recent work has revealed MOLE, the first practical attack to compromise GPU Trusted Execution Environments (TEEs), by injecting malicious firmware into the embedded Microcontroller Unit (MCU) of Arm Mali GPUs. By exploiting the absence of cryptographic verification during initialization, adversaries with kernel privileges can bypass memory protections, exfiltrate sensitive data at over 40 MB/s, and tamper with inference results, all with negligible runtime overhead. This attack surface affects commodity mobile SoCs and cloud accelerators, exposing a critical firmware-level trust gap in existing GPU TEE designs. To address this gap, this paper presents FAARM, a lightweight Firmware Attestation and Authentication framework that prevents MOLE-style firmware subversion. FAARM integrates digital signature verification at the EL3 secure monitor using vendor-signed firmware bundles and an on-device public key anchor. At boot, EL3 verifies firmware integrity and authenticity, enforces version checks, and locks the firmware region, eliminating both pre-verification and time-of-check-to-time-of-use (TOCTOU) attack vectors. We implement FAARM as a software-only prototype on a Mali GPU testbed, using a Google Colab-based emulation framework that models the firmware signing process, the EL1 to EL3 load path, and secure memory configuration. FAARM reliably detects and blocks malicious firmware injections, rejecting tampered images before use and denying overwrite attempts after attestation. Firmware verification incurs only 1.34 ms latency on average, demonstrating that strong security can be achieved with negligible overhead. FAARM thus closes a fundamental gap in shim-based GPU TEEs, providing a practical, deployable defense that raises the security baseline for both mobile and cloud GPU deployments.","source":"arXiv","year":2025,"language":"en","subjects":["cs.CR"],"url":"https://arxiv.org/abs/2510.22566","pdf_url":"https://arxiv.org/pdf/2510.22566","is_open_access":true,"published_at":"2025-10-26T07:46:27Z","score":69},{"id":"arxiv_2510.09619","title":"Risk-Calibrated Bayesian Streaming Intrusion Detection with SRE-Aligned Decisions","authors":[{"name":"Michel Youssef"}],"abstract":"We present a risk-calibrated approach to streaming intrusion detection that couples Bayesian Online Changepoint Detection (BOCPD) with decision thresholds aligned to Site Reliability Engineering (SRE) error budgets. BOCPD provides run-length posteriors that adapt to distribution shift and concept drift; we map these posteriors to alert decisions by optimizing expected operational cost under false-positive and false-negative budgets. We detail the hazard model, conjugate updates, and an O(1)-per-event implementation. A concrete SRE example shows how a 99.9% availability SLO (43.2 minutes per month error budget) yields a probability threshold near 0.91 when missed incidents are 10x more costly than false alarms. We evaluate on the full UNSW-NB15 and CIC-IDS2017 benchmarks with chronological splits, comparing against strong unsupervised baselines (ECOD, COPOD, and LOF). Metrics include PR-AUC, ROC-AUC, Brier score, calibration reliability diagrams, and detection latency measured in events. Results indicate improved precision-recall at mid to high recall and better probability calibration relative to baselines. We release implementation details, hyperparameters, and ablations for hazard sensitivity and computational footprint. Code and reproducibility materials will be made available upon publication; datasets and implementation are available from the corresponding author upon reasonable request.","source":"arXiv","year":2025,"language":"en","subjects":["cs.CR","cs.LG"],"url":"https://arxiv.org/abs/2510.09619","pdf_url":"https://arxiv.org/pdf/2510.09619","is_open_access":true,"published_at":"2025-09-17T17:36:08Z","score":69},{"id":"arxiv_2511.00140","title":"Supply Chain Exploitation of Secure ROS 2 Systems: A Proof-of-Concept on Autonomous Platform Compromise via Keystore Exfiltration","authors":[{"name":"Tahmid Hasan Sakib"},{"name":"Yago Romano Martinez"},{"name":"Carter Brady"},{"name":"Syed Rafay Hasan"},{"name":"Terry N. Guo"}],"abstract":"This paper presents a proof-of-concept supply chain attack against the Secure ROS 2 (SROS 2) framework, demonstrated on a Quanser QCar2 autonomous vehicle platform. A Trojan-infected Debian package modifies core ROS 2 security commands to exfiltrate newly generated keystore credentials via DNS in base64-encoded chunks to an attacker-controlled nameserver. Possession of these credentials enables the attacker to rejoin the SROS 2 network as an authenticated participant and publish spoofed control or perception messages without triggering authentication failures. We evaluate this capability on a secure ROS 2 Humble testbed configured for a four-stop-sign navigation routine using an Intel RealSense camera for perception. Experimental results show that control-topic injections can cause forced braking, sustained high-speed acceleration, and continuous turning loops, while perception-topic spoofing can induce phantom stop signs or suppress real detections. The attack generalizes to any data distribution service (DDS)-based robotic system using SROS 2, highlighting the need for both supply chain integrity controls and runtime semantic validation to safeguard autonomous systems against insider and impersonation threats.","source":"arXiv","year":2025,"language":"en","subjects":["cs.CR","cs.OS","cs.RO","eess.SY"],"doi":"10.1109/MILCOM64451.2025.11309897","url":"https://arxiv.org/abs/2511.00140","pdf_url":"https://arxiv.org/pdf/2511.00140","is_open_access":true,"published_at":"2025-10-31T17:27:10Z","score":69},{"id":"arxiv_2510.22609","title":"CLIN-LLM: A Safety-Constrained Hybrid Framework for Clinical Diagnosis and Treatment Generation","authors":[{"name":"Md. Mehedi Hasan"},{"name":"Rafid Mostafiz"},{"name":"Md. Abir Hossain"},{"name":"Bikash Kumar Paul"}],"abstract":"Accurate symptom-to-disease classification and clinically grounded treatment recommendations remain challenging, particularly in heterogeneous patient settings with high diagnostic risk. Existing large language model (LLM)-based systems often lack medical grounding and fail to quantify uncertainty, resulting in unsafe outputs. We propose CLIN-LLM, a safety-constrained hybrid pipeline that integrates multimodal patient encoding, uncertainty-calibrated disease classification, and retrieval-augmented treatment generation. The framework fine-tunes BioBERT on 1,200 clinical cases from the Symptom2Disease dataset and incorporates Focal Loss with Monte Carlo Dropout to enable confidence-aware predictions from free-text symptoms and structured vitals. Low-certainty cases (18%) are automatically flagged for expert review, ensuring human oversight. For treatment generation, CLIN-LLM employs Biomedical Sentence-BERT to retrieve top-k relevant dialogues from the 260,000-sample MedDialog corpus. The retrieved evidence and patient context are fed into a fine-tuned FLAN-T5 model for personalized treatment generation, followed by post-processing with RxNorm for antibiotic stewardship and drug-drug interaction (DDI) screening. CLIN-LLM achieves 98% accuracy and F1 score, outperforming ClinicalBERT by 7.1% (p \u003c 0.001), with 78% top-5 retrieval precision and a clinician-rated validity of 4.2 out of 5. Unsafe antibiotic suggestions are reduced by 67% compared to GPT-5. These results demonstrate CLIN-LLM's robustness, interpretability, and clinical safety alignment. The proposed system provides a deployable, human-in-the-loop decision support framework for resource-limited healthcare environments. Future work includes integrating imaging and lab data, multilingual extensions, and clinical trial validation.","source":"arXiv","year":2025,"language":"en","subjects":["cs.AI"],"url":"https://arxiv.org/abs/2510.22609","pdf_url":"https://arxiv.org/pdf/2510.22609","is_open_access":true,"published_at":"2025-10-26T10:11:53Z","score":69},{"id":"arxiv_2509.22663","title":"Security Friction Quotient for Zero Trust Identity Policy with Empirical Validation","authors":[{"name":"Michel Youssef"}],"abstract":"We define a practical method to quantify the trade-off between security and operational friction in modern identity-centric programs. We introduce the Security Friction Quotient (SFQ), a bounded composite index that combines a residual-risk estimator with empirically grounded friction terms (latency, failure rate, and helpdesk impact). We establish clarity properties (boundedness, monotonic response, and weight identifiability) with short proofs, then evaluate widely used Conditional Access policies over a 12-week horizon using Monte Carlo simulation (n = 2,000 runs per policy/scenario) with effect sizes and 95% confidence intervals. We further assess rank stability under 10,000 random weight draws, finding 95.5% preservation of policy ordering. Finally, we provide a 12-week passkey field observation from an enterprise-scale cohort (N = 1,200) that directionally aligns with the simulation's phishing-resistant MFA gains. The SFQ framework is designed to be reproducible, interpretable, and directly actionable for Zero Trust identity policy decisions, with artifacts and parameter ranges provided to support policy design, review, and continuous improvement.","source":"arXiv","year":2025,"language":"en","subjects":["cs.CR","cs.HC"],"url":"https://arxiv.org/abs/2509.22663","pdf_url":"https://arxiv.org/pdf/2509.22663","is_open_access":true,"published_at":"2025-09-02T16:42:31Z","score":69},{"id":"arxiv_2409.12765","title":"Towards AI-enabled Cyber Threat Assessment in the Health Sector","authors":[{"name":"Patrizia Heinl"},{"name":"Andrius Patapovas"},{"name":"Michael Pilgermann"}],"abstract":"Cyber attacks on the healthcare industry can have tremendous consequences and the attack surface expands continuously. In order to handle the steadily rising workload, an expanding amount of analog processes in healthcare institutions is digitized. Despite regulations becoming stricter, not all existing infrastructure is sufficiently protected against cyber attacks. With an increasing number of devices and digital processes, the system and network landscape becomes more complex and harder to manage and therefore also more difficult to protect. The aim of this project is to introduce an AI-enabled platform that collects security relevant information from the outside of a health organization, analyzes it, delivers a risk score and supports decision makers in healthcare institutions to optimize investment choices for security measures. Therefore, an architecture of such a platform is designed, relevant information sources are identified, and AI methods for relevant data collection, selection, and risk scoring are explored.","source":"arXiv","year":2024,"language":"en","subjects":["cs.CR"],"url":"https://arxiv.org/abs/2409.12765","pdf_url":"https://arxiv.org/pdf/2409.12765","is_open_access":true,"published_at":"2024-09-19T13:34:34Z","score":68},{"id":"ss_4d1485aa76aad0bf4e4354c25c213c17c8c1adaf","title":"Cuscuta reflexa Roxb. Expedites the Healing Process in Contact Frostbite","authors":[{"name":"W. Hassan"},{"name":"M. Buabeid"},{"name":"U. Kalsoom"},{"name":"Sahar Bakht"},{"name":"I. Akhtar"},{"name":"F. Iqbal"},{"name":"El‐Shaimaa A. Arafa"}],"abstract":"Frostbite is caused due to extreme vulnerability to cold, resulting in damage of deeper and superficial tissues alike. In this study, we report the anti-inflammatory and wound-healing properties of aqueous methanolic extract of Cuscuta reflexa (Cs.Cr) against contact frostbite. Thirty rats were divided into five groups including three treatment groups with increasing doses of Cs.Cr, a standard drug group receiving acetylsalicylic acid (ASA), and a metal bar-induced frostbite group. Frostbite injury was induced by a 3 × 3.5 cm metal bar frozen up to -79°C on shaved skin for continuous 3 minutes. Wounded area percentages were recorded to measure the healing rate in response to Cs.Cr administration. Haematological parameters and malondialdehyde content were also noted. On treatment with Cs.Cr, the healing rate is drastically increased and lipid peroxidation product malondialdehyde was decreased in a dose-dependent manner. Results were compared with frostbite and ASA (standard drug group). These results indicate that Cs.Cr possesses excellent wound-healing properties against frostbite injury and can prove to be a prospective compound in such conditions.","source":"Semantic Scholar","year":2020,"language":"en","subjects":["Medicine"],"doi":"10.1155/2020/4327651","url":"https://www.semanticscholar.org/paper/4d1485aa76aad0bf4e4354c25c213c17c8c1adaf","pdf_url":"https://downloads.hindawi.com/journals/bmri/2020/4327651.pdf","is_open_access":true,"citations":4,"published_at":"","score":64.12},{"id":"arxiv_2008.13578","title":"Against Membership Inference Attack: Pruning is All You Need","authors":[{"name":"Yijue Wang"},{"name":"Chenghong Wang"},{"name":"Zigeng Wang"},{"name":"Shanglin Zhou"},{"name":"Hang Liu"},{"name":"Jinbo Bi"},{"name":"Caiwen Ding"},{"name":"Sanguthevar Rajasekaran"}],"abstract":"The large model size, high computational operations, and vulnerability against membership inference attack (MIA) have impeded deep learning or deep neural networks (DNNs) popularity, especially on mobile devices. To address the challenge, we envision that the weight pruning technique will help DNNs against MIA while reducing model storage and computational operation. In this work, we propose a pruning algorithm, and we show that the proposed algorithm can find a subnetwork that can prevent privacy leakage from MIA and achieves competitive accuracy with the original DNNs. We also verify our theoretical insights with experiments. Our experimental results illustrate that the attack accuracy using model compression is up to 13.6% and 10% lower than that of the baseline and Min-Max game, accordingly.","source":"arXiv","year":2020,"language":"en","subjects":["cs.LG","stat.ML"],"url":"https://arxiv.org/abs/2008.13578","pdf_url":"https://arxiv.org/pdf/2008.13578","is_open_access":true,"published_at":"2020-08-28T02:15:44Z","score":64},{"id":"ss_9a3bf14474abd45a74278ee103f2eb277abe6acc","title":"An Improved Revocable Fuzzy Vault Scheme for Face Recognition Under Unconstrained Illumination Conditions","authors":[{"name":"Chafia Ferhaoui Cherifi"},{"name":"Mohamed Deriche"},{"name":"Khaled-Walid Hidouci"}],"abstract":"","source":"Semantic Scholar","year":2019,"language":"en","subjects":["Computer Science"],"doi":"10.1007/s13369-019-03916-5","url":"https://www.semanticscholar.org/paper/9a3bf14474abd45a74278ee103f2eb277abe6acc","is_open_access":true,"citations":2,"published_at":"","score":63.06},{"id":"arxiv_1911.07486","title":"Zero-Interaction Security -- Towards Sound Experimental Validation","authors":[{"name":"Mikhail Fomichev"},{"name":"Max Maass"},{"name":"Matthias Hollick"}],"abstract":"Reproducibility and realistic datasets are crucial for advancing research. Unfortunately, they are often neglected as valid scientific contributions in many young disciplines, with computer science being no exception. In this article, we show the challenges encountered when reproducing the work of others, collecting realistic data in the wild, and ensuring that our own work is reproducible in turn. The presented findings are based on our study investigating the limits of zero-interaction security (ZIS) -- a novel concept, leveraging sensor data collected by Internet of Things (IoT) devices to pair or authenticate devices. In particular, we share our experiences in reproducing five state-of-the-art ZIS schemes, collecting a comprehensive dataset of sensor data from the real world, evaluating these schemes on the collected data, and releasing the data, code, and documentation to facilitate reproducibility of our results. In our discussion, we outline general considerations when conducting similar studies and give specific examples of technical and methodological issues that we experienced. We hope that our findings will raise awareness about the importance of reproducibility and realistic datasets in computer science and inform future research.","source":"arXiv","year":2019,"language":"en","subjects":["cs.CR"],"doi":"10.1145/3372300.3372304","url":"https://arxiv.org/abs/1911.07486","pdf_url":"https://arxiv.org/pdf/1911.07486","is_open_access":true,"published_at":"2019-11-18T08:46:49Z","score":63},{"id":"arxiv_1809.00371","title":"Post-Quantum Secure Cryptographic Algorithms","authors":[{"name":"Xenia Bogomolec"},{"name":"Jochen Gerhard"}],"abstract":"An overview on current developments in post quantum cryptography","source":"arXiv","year":2018,"language":"en","subjects":["cs.CR"],"url":"https://arxiv.org/abs/1809.00371","pdf_url":"https://arxiv.org/pdf/1809.00371","is_open_access":true,"published_at":"2018-09-02T17:59:27Z","score":62},{"id":"doaj_10.46298/jdmdh.4085","title":"A Secured Data Processing Technique for Effective Utilization of Cloud Computing","authors":[{"name":"Mbarek Marwan"},{"name":"Ali Kartit"},{"name":"Hassan Ouahmane"}],"abstract":"Digital humanities require IT Infrastructure and sophisticated analytical tools, including datavisualization, data mining, statistics, text mining and information retrieval. Regarding funding, tobuild a local data center will necessitate substantial investments. Fortunately, there is another optionthat will help researchers take advantage of these IT services to access, use and share informationeasily. Cloud services ideally offer on-demand software and resources over the Internet to read andanalyze ancient documents. More interestingly, billing system is completely flexible and based onresource usage and Quality of Service (QoS) level. In spite of its multiple advantages, outsourcingcomputations to an external provider arises several challenges. Specifically, security is the majorfactor hindering the widespread acceptance of this new concept. As a case study, we review the use ofcloud computing to process digital images safely. Recently, various solutions have been suggested tosecure data processing in cloud environement. Though, ensuring privacy and high performance needsmore improvements to protect the organization's most sensitive data. To this end, we propose aframework based on segmentation and watermarking techniques to ensure data privacy. In this respect,segementation algorithm is used to to protect client's data against untauhorized access, whilewatermarking method determines and maintains ownership. Consequentely, this framework willincrease the speed of development on ready-to-use digital humanities tools.","source":"DOAJ","year":2018,"language":"","subjects":["History of scholarship and learning. The humanities","Bibliography. Library science. Information resources"],"doi":"10.46298/jdmdh.4085","url":"https://jdmdh.episciences.org/4085/pdf","pdf_url":"https://jdmdh.episciences.org/4085/pdf","is_open_access":true,"published_at":"","score":62},{"id":"doaj_10.46298/jdmdh.3154","title":"A novel approach based on segmentation for securing medical image processing over cloud","authors":[{"name":"Mbarek Marwan"},{"name":"Ali Kartit"},{"name":"Hassan Ouahmane"}],"abstract":"Healthcare professionals require advanced image processing software to enhance the quality of clinical decisions. However, any investment in sophisticated local applications would dramatically increase healthcare costs. To address this issue, medical providers are interested in adopting cloud technology. In spite of its multiple advantages, outsourcing computations to an external provider arises several challenges. In fact, security is the major factor hindering the widespread acceptance of this new concept. Recently, various solutions have been suggested to fulfill healthcare demands. Though, ensuring privacy and high performance needs more improvements to meet the healthcare sector requirements. To this end, we propose a framework based on segmentation approach to secure cloud-based medical image processing in the healthcare system.","source":"DOAJ","year":2018,"language":"","subjects":["History of scholarship and learning. The humanities","Bibliography. Library science. Information resources"],"doi":"10.46298/jdmdh.3154","url":"https://jdmdh.episciences.org/3154/pdf","pdf_url":"https://jdmdh.episciences.org/3154/pdf","is_open_access":true,"published_at":"","score":62},{"id":"ss_637d66f5c8c2f5d6af2b379bffcdb309f5f7cee7","title":"A wireless physically secure key distribution system","authors":[{"name":"G. Barbosa"}],"abstract":"A secure key distribution protocol protected by light's noise was introduced in 2003 [Phys. Rev. A 68, 052307 (2003)]. That protocol utilized the shot noise of light present in the optical channel (eg., an optical fiber) to restrict information leaks to an adversary. An initial shared information between the legitimate users allowed them to extract more information from the channel than the one obtained by the adversary. That original paper recognized the need for a privacy amplification step but no specific protocol was presented. More recently that original idea was improved with a specific privacy amplification protocol [arXiv:1406.1543v2 [cs.CR] 8 Jul 2015] while keeping the use of an optical communication channel. This work merges main ideas of the protection given by the light's noise in a protocol applied to wireless channels. The use of a wireless channels together with recorded physical noise was introduced from 2005 to 2007 (see eg, arXiv:quant-ph/0510011 v2 16 Nov 2005 and arXiv:0705.2243v2 [quant-ph] 17 May 2007). This work improves those embrionary ideas of wireless channels secured by recorded optical noise. The need for specific optical channels is eliminated with the wireless variation and opens up the possibility to apply the technique to mobile devices. This work introduces this new scheme and calculates the associated security level.","source":"Semantic Scholar","year":2016,"language":"en","subjects":["Computer Science"],"doi":"10.17648/enig.v3i1.56","url":"https://www.semanticscholar.org/paper/637d66f5c8c2f5d6af2b379bffcdb309f5f7cee7","pdf_url":"https://enigma.unb.br/index.php/enigma/article/download/56/36","is_open_access":true,"citations":1,"published_at":"","score":60.03},{"id":"arxiv_1601.00082","title":"A wireless physically secure key distribution system","authors":[{"name":"Geraldo A. Barbosa"}],"abstract":"A secure key distribution protocol protected by light's noise was introduced in 2003 [Phys. Rev. A 68, 052307 (2003)]. That protocol utilized the shot noise of light present in the optical channel (eg., an optical fiber) to restrict information leaks to an adversary. An initial shared information between the legitimate users allowed them to extract more information from the channel than the one obtained by the adversary. That original paper recognized the need for a privacy amplification step but no specific protocol was presented. More recently that original idea was improved with a specific privacy amplification protocol [arXiv:1406.1543v2 [cs.CR] 8 Jul 2015] while keeping the use of an optical communication channel. This work merges main ideas of the protection given by the light's noise in a protocol applied to wireless channels. The use of a wireless channels together with recorded physical noise was introduced from 2005 to 2007 (see eg, arXiv:quant-ph/0510011 v2 16 Nov 2005 and arXiv:0705.2243v2 [quant-ph] 17 May 2007). This work improves those embrionary ideas of wireless channels secured by recorded optical noise. The need for specific optical channels is eliminated with the wireless variation and opens up the possibility to apply the technique to mobile devices. This work introduces this new scheme and calculates the associated security level.","source":"arXiv","year":2016,"language":"en","subjects":["cs.CR"],"url":"https://arxiv.org/abs/1601.00082","pdf_url":"https://arxiv.org/pdf/1601.00082","is_open_access":true,"published_at":"2016-01-01T14:55:47Z","score":60},{"id":"ss_1d8dffc8940a50f7c3c8821f2fc751f43553c33a","title":"GASTROPROTECTIVE EFFECTS OF CUSCUTA REFLEXA ON ASPIRIN-INDUCED PEPTIC ULCER","authors":[{"name":"Rubina Mubashar"},{"name":"Hafiz Muhammad Farhan Rasheed"},{"name":"Mushtaq Ahmed"},{"name":"Q. Jabeen"}],"abstract":"","source":"Semantic Scholar","year":2015,"language":"en","subjects":null,"url":"https://www.semanticscholar.org/paper/1d8dffc8940a50f7c3c8821f2fc751f43553c33a","is_open_access":true,"citations":1,"published_at":"","score":59.03},{"id":"ss_cdb67f85bd0165cd2f6b9a78c9c81f4fbd647602","title":"Coriander fruit exhibits gut modulatory, blood pressure lowering and diuretic activities.","authors":[{"name":"Q. Jabeen"},{"name":"S. Bashir"},{"name":"B. Lyoussi"},{"name":"A. Gilani"}],"abstract":"","source":"Semantic Scholar","year":2009,"language":"en","subjects":["Medicine"],"doi":"10.1016/j.jep.2008.12.016","url":"https://www.semanticscholar.org/paper/cdb67f85bd0165cd2f6b9a78c9c81f4fbd647602","is_open_access":true,"citations":155,"published_at":"","score":57.65},{"id":"arxiv_1307.6458","title":"Distinguisher-Based Attacks on Public-Key Cryptosystems Using Reed-Solomon Codes","authors":[{"name":"Alain Couvreur"},{"name":"Philippe Gaborit"},{"name":"Valérie Gauthier-Umaña"},{"name":"Ayoub Otmani"},{"name":"Jean-Pierre Tillich"}],"abstract":"Because of their interesting algebraic properties, several authors promote the use of generalized Reed-Solomon codes in cryptography. Niederreiter was the first to suggest an instantiation of his cryptosystem with them but Sidelnikov and Shestakov showed that this choice is insecure. Wieschebrink proposed a variant of the McEliece cryptosystem which consists in concatenating a few random columns to a generator matrix of a secretly chosen generalized Reed-Solomon code. More recently, new schemes appeared which are the homomorphic encryption scheme proposed by Bogdanov and Lee, and a variation of the McEliece cryptosystem proposed by Baldi et \\textit{al.} which hides the generalized Reed-Solomon code by means of matrices of very low rank.   In this work, we show how to mount key-recovery attacks against these public-key encryption schemes. We use the concept of distinguisher which aims at detecting a behavior different from the one that one would expect from a random code. All the distinguishers we have built are based on the notion of component-wise product of codes. It results in a powerful tool that is able to recover the secret structure of codes when they are derived from generalized Reed-Solomon codes. Lastly, we give an alternative to Sidelnikov and Shestakov attack by building a filtration which enables to completely recover the support and the non-zero scalars defining the secret generalized Reed-Solomon code.","source":"arXiv","year":2013,"language":"en","subjects":["cs.CR","cs.IT"],"url":"https://arxiv.org/abs/1307.6458","pdf_url":"https://arxiv.org/pdf/1307.6458","is_open_access":true,"published_at":"2013-07-24T15:28:56Z","score":57},{"id":"arxiv_1307.7534","title":"PotLLL: A Polynomial Time Version of LLL With Deep Insertions","authors":[{"name":"Felix Fontein"},{"name":"Michael Schneider"},{"name":"Urs Wagner"}],"abstract":"Lattice reduction algorithms have numerous applications in number theory, algebra, as well as in cryptanalysis. The most famous algorithm for lattice reduction is the LLL algorithm. In polynomial time it computes a reduced basis with provable output quality. One early improvement of the LLL algorithm was LLL with deep insertions (DeepLLL). The output of this version of LLL has higher quality in practice but the running time seems to explode. Weaker variants of DeepLLL, where the insertions are restricted to blocks, behave nicely in practice concerning the running time. However no proof of polynomial running time is known. In this paper PotLLL, a new variant of DeepLLL with provably polynomial running time, is presented. We compare the practical behavior of the new algorithm to classical LLL, BKZ as well as blockwise variants of DeepLLL regarding both the output quality and running time.","source":"arXiv","year":2013,"language":"en","subjects":["cs.CR"],"url":"https://arxiv.org/abs/1307.7534","pdf_url":"https://arxiv.org/pdf/1307.7534","is_open_access":true,"published_at":"2013-07-29T10:47:16Z","score":57}],"total":197826,"page":1,"page_size":20,"sources":["CrossRef","arXiv","DOAJ","Semantic Scholar"],"query":"cs.CR"}