数据来自谷歌学术搜索与微软学术搜索。

A Fully Homomorphic Encryption Scheme

C Gentry

PhD Thesis, 2009

Craig Gentry presented the first fully homomorphic encryption scheme, which allows both multiplication and addiition operations between encrypted data. Partially homomorphic encryption schemes that exclusively allowed one operation or the other were well known, but it was a long outstanding problem whether a cryptosystem could support both operations.

Hey, you, get off of my cloud: exploring information leakage in third-party compute cloud

T Ristenpart, E Tromer, H Shacham, S Savage

CCS, 2009

This paper discusses how to target a VM running on an infrastructure as a service provider (namely EC2), and place another VM on the same host. It then shows how a co-tenant VM can then be used to mount cross-VM side-channel attacks, which extract information from the target VM.

Android Permissions Demystified

AP Felt, E Chin, S Hanna, D Song, D Wagner

CCS, 2011

This paper presents a tool, Stowaway, which can analyze Android apps and determine which API calls they are using. Stowaway then determines whether apps are overprivileged. The paper found that was the case for a third out of a sample of 940 apps.

Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization

B Waters

Public Key Cryptography, 2011

This paper presents a more efficient construction of an Attribute-Based Encryption (ABE) scheme. ABE schemes essentially allow an encryptor to specify how to share data by expressing an access control policy in the algorithm itself.

A Study of Android Application Security

W Enck, D Octeau, P McDaniel, S Chaudhuri

Usenix Security 2011

This paper presents the ded decompiler, which recovers Android app source code from the installation image. They performed static analysis on 21 million lines of recovered code, yet found no evidence of malware or exploitable vulnerabilities.

Fully homomorphic encryption over the integers

M van Dijk, C Gentry, S Halevi, V Vaikuntanathan

Eurocrypt 2010

This paper presents a "somewhat homomorphic" encryption scheme using basic modular arithmetic, then uses Craig Gentry's techniques to convert it to a fully homomorphic scheme. This is conceptually simpler than Gentry's original fully homomorphic scheme.

Lest We Remember: Cold Boot Attacks on Encryption Keys

JA Halderman, SD Schoen, N Heninger, W Clarkson, W Paul, JA Calandrino, AJ Feldman, J Applebaum, E Felton

Usenix Security, 2008

The "cold boot" paper: The authors demonstrate how to recover data remnants from frozen DRAM modules. They then analyze the recovered contents to extract encryption keys and circumvent popular disk encryption systems.

BotMiner: Clustering Analysis of Network Traffic for Protocol-and Structure-Independent Botnet Detection.

G Gu, R Perdisci, J Zhang, W Lee

Usenix Security, 2008

This paper presents a botnet detection framework that is independent of a specific botnet command & control protocol or structure. The authors implemented BotMinder and were able to successfully detect traces of live botnets.

Robust De-anonymization of Large Sparse Datasets and De-anonymizing Social Networks

A Narayanan, V Shmatikov

IEEE Security & Privacy 2008 and 2009

Both of these papers cover de-anonymizing large sets of supposedly anonymized data. The first paper de-anonymizes the the Netflix Prize data set while the second paper links accounts between Twitter and Flickr.

Fully Secure Functional Encryption: Attribute-based Encryption and (Hierarchical) Inner Product Encryption

A Lewko, T Okamoto, A Sahai, K Takashima, B Waters

Eurocrypt, 2010

This paper gives two constructions of secure functional encryption schemes: one is an attribute-based encryption scheme and the other is a predicate encryption scheme.

HAIL: a high-availability and integrity layer for cloud storage

KD Bowers, A Juels, A Oprea

CCS, 2009

This paper presents a distributed cryptographic system that allows a set of servers to prove to a client that a stored file is intact and retrievable.

Controlling Data in the Cloud: Outsourcing Computation without Outsourcing Control

R Chow, P Golle, M Jakobsson, E Shi, J Staddon, R Masuoka, J Molina

CCSW, 2009

This paper reviews the state of data security when outsourcing computation in the cloud. The authors proposes a security model based Trusted Computing and suggest the use of some technologies like searchable encryption.

Trapdoors for Hard Lattices and New Cryptographic Constructions

C Gentry, C Peikert, V Vaikuntanathan

STOC, 2008

This paper discusses how to use standard lattice problems as an underlying building block to construct cryptographic trapdoor functions.

Your Botnet is My Botnet: Analysis of a Botnet Takeover

B Stone-Gross, M Cova, L Cavallaro, B Gilbert, M Szydlowski, R Kemmerer, C Kruegel, G Vigna

CCS, 2009

This paper describes the authors attempt to takeover the Torpig botnet and observe its operations for a 10 day period.

Fully homomorphic encryption with relatively small key and ciphertext sizes

NP Smart, F Vercauteren

Public Key Crypto, 2010

This paper presents a version of Gentry's fully homomorphic encryption scheme with a smaller message expansion and key size.