Search
Results
-
Victory by KO: Attacking OpenPGP Using Key Overwriting
(2022)We present a set of attacks on the OpenPGP specification and implementations of it which result in full recovery of users’ private keys. The attacks exploit the lack of cryptographic binding between the different fields inside an encrypted private key packet, which include the key algorithm identifier, the cleartext public parameters, and the encrypted private parameters. This allows an attacker who can overwrite certain fields in OpenPGP ...Conference Paper -
Automating Cookie Consent and GDPR Violation Detection
(2022)The European Union’s General Data Protection Regulation (GDPR) requires websites to inform users about personal data collection and request consent for cookies. Yet the majority of websites do not give users any choices, and others attempt to deceive them into accepting all cookies. We document the severity of this situation through an analysis of potential GDPR violations in cookie banners in almost 30k websites. We identify six novel ...Conference Paper -
-
Breaking Bridgefy, again: Adopting libsignal is not enough
(2022)Bridgefy is a messaging application that uses Bluetooth-based mesh networking. Its developers and others have advertised it for use in areas witnessing large-scale protests involving confrontations between protesters and state agents. In August 2020, a security analysis reported severe vulnerabilities that invalidated Bridgefy’s claims of confidentiality, authentication, and resilience. In response, the developers adopted the Signal ...Conference Paper -
Photochemistry Beyond Color Prints. Ciba’s R & D Center in Marly in the 1960s/70s
(2022)Conference Paper -
Towards an Evidence-Based Simulation Toolkit for Architectural Design Pedagogy
(2022)The presentation addresses the limitations of current architectural design pedagogy to integrate occupancy-related perspectives and analytics in the design studio [1]. To bridge this gap we develop, disseminate and critically evaluate an occupancy analytics toolkit grounded in evidence-based design, spatial cognition research and architectural design. The toolkit consists of an agent-analysis tool[2] , a cognitive-walkthrough protocol, ...Other Conference Item -
KEMTLS with Delayed Forward Identity Protection in (Almost) a Single Round Trip
(2022)Conference Paper -
HyperLogLog: Exponentially Bad in Adversarial Settings
(2022)Computing the count of distinct elements in large data sets is a common task but naive approaches are memory-expensive. The HyperLogLog (HLL) algorithm (Flajolet et al., 2007) estimates a data set's cardinality while using significantly less memory than a naive approach, at the cost of some accuracy. This trade-off makes the HLL algorithm very attractive for a wide range of applications such as database management and network monitoring, ...Conference Paper -
Optimal Global Path Planning for Multimodel Locomotion on Lunar Terrain
(2022)Identifying robotic traverses on the surface of other celestial bodies is essential to assess the capabilities of the required system at the mission planning stage. With increasingly diverse robotic systems designs for space, including wheeled, walking, and multimodal systems, a wider range of behaviors concerning electrical energy consumption and failure risk are becoming available. Thus, it becomes necessary to define path optimality ...Conference Paper