{
  "schema_version": "0.1",
  "assessment_rubric": {"schema_version":"0.1","rubric_version":"0.2","levels":{"low":{"label":"Low","description":"Limited documented support for this dimension."},"medium":{"label":"Medium","description":"Meaningful documented support with important gaps or boundaries."},"high":{"label":"High","description":"Strong, multi-part documented support for this dimension."},"not_assessed":{"label":"Not assessed","description":"The available evidence has not yet been evaluated for this dimension."}},"axes":[{"id":"epistemic_evidence","label":"Epistemic evidence","short_label":"Evidence","description":"How directly and rigorously the work's important claims are supported, including the scope and limits of that support."},{"id":"auditability","label":"Auditability","short_label":"Auditability","description":"Whether readers can inspect the paper's evidence, artifacts, assumptions, and validation path.","resource_level_rule":{"high":"A publicly inspectable full-text copy is linked through a public archive or author-hosted route.","medium":"Only official publication metadata is linked; no archive or author-hosted copy is represented.","low":"No paper-specific official record, public archive, or author-hosted copy is represented."}},{"id":"production_provenance","label":"Production provenance","short_label":"Provenance","description":"How clearly the human, AI, tool, revision, and approval process that produced the work is documented.","default_level":"medium","default_basis":"Named authorship and the publication or review status establish a baseline human and lifecycle provenance trail; contributor roles, revision and effort history, AI or tool use, artifact-version lineage, and explicit final approval may remain incomplete."},{"id":"external_scrutiny","label":"External scrutiny","short_label":"Scrutiny","description":"The breadth and independence of review, reproduction, criticism, correction, or adversarial examination."},{"id":"reception","label":"Reception","short_label":"Reception","description":"Dated evidence of independent use, extension, discussion, replication, teaching, or research lineage.","citation_count_rule":{"low":"0 through 8 located citations, including a documented search that locates none.","medium":"9 or 10 located citations.","high":"11 or more located citations.","snapshot_required":"Record the count, source or search method, date, and known coverage limitations; counts are time-dependent observations rather than intrinsic paper quality."}},{"id":"contribution_significance","label":"Contribution significance","short_label":"Significance","description":"The degree to which the work adds a first-of-kind capability, resolves an important problem, changes a belief, or opens a research direction."}]},
  "contribution_type_vocabulary": {"schema_version":"0.1","field":"contribution_types","controlled_values":[{"id":"protocol","label":"protocol","definition":"An interactive or distributed procedure among parties, nodes, devices, or services."},{"id":"primitive","label":"primitive","definition":"A named foundational cryptographic or security functionality introduced, defined, or realized by the work."},{"id":"scheme","label":"scheme","definition":"A construction specified through a family of algorithms or interfaces, including encryption, secret-sharing, coding, and obfuscation schemes."},{"id":"algorithm","label":"algorithm","definition":"A computational, inference, optimization, allocation, or transformation procedure whose principal operation is not interactive."}],"policy":{"multi_value":true,"scope":"Types identify principal constructive contributions or substantive protocol content; merely using an existing protocol, primitive, scheme, or algorithm is not sufficient.","theory_only":"A Theory-only record without a contribution type is reserved for non-constructive definitions, impossibility or separation results, hardness or reduction results, analytical results, or records whose available evidence is insufficient to assert a construction.","audit_method":"AI-assisted review of all 79 curated titles, summaries, tags, resource boundaries, and knowledge-map records, with author corrections incorporated for theory-oriented records.","audited_at":"2026-07-11","author_corrections":[{"corrected_at":"2026-07-11","paper_ids":[57,63,71,72,75,77,78],"correction":"Treat these records as theory-oriented without a protocol, primitive, scheme, or algorithm contribution tag; retain Perspective as an additional orientation for the two timed-cryptography position papers."}]}},
  "count": 79,
  "papers": [
    
    
      
      
      
      
      
      
      {
        "id": 1,
        "stable_id": "paper-1",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-1/",
        "title": "Sub-Carrier Allocation Using Channel Prediction for OFDMA Systems Based on IEEE 802.16 Standard",
        "authors": "Karim Eldefrawy, Mohamed M. Khairy, and Amin Nassar",
        "year": 2006,
        "status": "Published",
        "venue": "International Conference on Computer Engineering and Systems (ICCES)",
        "venue_url": null,
        "topic": "algorithms-foundations",
        "labels": ["Theory","Applied"],
        "ai_ml_labels": null,
        "contribution_types": ["algorithm"],
        "tags": ["OFDMA","channel prediction","resource allocation"],
        "abstract": "The problem of sub-carrier allocation in OFDMA systems has been the focus of recent research efforts. All papers to our knowledge consider the problem of allocating sub-carriers one frame ahead. In this paper, we propose an OFDMA scheme which utilizes future channel prediction to adaptively allocate sub-carriers to each user based on their predicted channel states several frames ahead. The results obtained show that this scheme guarantees the required rates in addition to a fair allocation of the available sub-carriers among users when compared to the traditional single frame case",
        "abstract_kind": "Full paper abstract",
        "abstract_review_status": "extracted_from_author_full_text_route",
        "abstract_added_at": "2026-07-11",
        "abstract_note": "Transcribed from the public author-uploaded full text; only typography, discretionary hyphenation, and line-break artifacts were normalized. The source abstract has no final punctuation, which is retained. Local file fixity has not been recorded.",
        "abstract_source_url": "https://www.researchgate.net/publication/251829226_SubCarrier_Allocation_using_Channel_Prediction_for_OFDMA_systems_based_on_IEEE_80216_Standard",
        "summary": "This paper allocates OFDMA subcarriers using predicted channel states several frames ahead instead of only the next frame. Simulations show that the method meets users' rate requirements while distributing subcarriers more fairly than single-frame allocation.",
        "availability": null,
        "resources": {"id":1,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1109/ICCES.2006.320475"}],"archive":[],"author":[{"label":"ResearchGate author full text","url":"https://www.researchgate.net/publication/251829226_SubCarrier_Allocation_using_Channel_Prediction_for_OFDMA_systems_based_on_IEEE_80216_Standard"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-1.json"
      },
    
      
      
      
      
      
      
      {
        "id": 2,
        "stable_id": "paper-2",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-2/",
        "title": "Proposal for a Cross-Layer Coordination Framework for Next Generation Wireless Systems",
        "authors": "Karim Eldefrawy, Magda El Zarki, and Mohamed M. Khairy",
        "year": 2006,
        "status": "Published",
        "venue": "International Conference on Wireless Communications and Mobile Computing (IWCMC)",
        "venue_url": null,
        "topic": "secure-systems-networks",
        "labels": ["Applied"],
        "ai_ml_labels": null,
        "contribution_types": ["protocol"],
        "tags": ["cross-layer design","wireless systems","protocol architecture"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "The paper proposes a local coordination framework that lets non-adjacent layers of a wireless protocol stack exchange events and state through a cross-layer server while keeping each layer modular. It organizes adaptation logic, signaling, and shared parameters so new cross-layer schemes can be added systematically without redesigning the stack.",
        "availability": null,
        "resources": {"id":2,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1145/1143549.1143580"}],"archive":[{"label":"CiteSeerX archive","url":"https://citeseerx.ist.psu.edu/document?doi=5c6faed11ce6a9d687bfdbb5f1a0b253c5628995&repid=rep1&type=pdf"}],"author":[]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-2.json"
      },
    
      
      
      
      
      
      
      {
        "id": 3,
        "stable_id": "paper-3",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-3/",
        "title": "PEUC-WiN: Privacy Enhancement by User Cooperation in Wireless Networks",
        "authors": "Karim Eldefrawy and Claudio Soriente",
        "year": 2006,
        "status": "Published · workshop paper",
        "venue": "Second IEEE Workshop on Secure Network Protocols (NPSec)",
        "venue_url": null,
        "topic": "privacy-identity",
        "labels": ["Applied"],
        "ai_ml_labels": null,
        "contribution_types": ["protocol"],
        "tags": ["location privacy","wireless networks","user cooperation"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "PEUC-WiN combats location tracking caused by persistent wireless-interface identifiers by having users under the same access point cooperate. The design seeks to improve location privacy without the long silent periods, dropped sessions, and throughput disruption imposed by earlier identifier-changing approaches.",
        "availability": null,
        "resources": {"id":3,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1109/NPSEC.2006.320345"}],"archive":[{"label":"CiteSeerX archive","url":"https://citeseerx.ist.psu.edu/document?doi=0f2ebd193c1a279f035d877c6c43c4cc43829b57&repid=rep1&type=pdf"}],"author":[{"label":"Author-hosted PDF","url":"/pubs/2006/peuc-win-npsec2006.pdf"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-3.json"
      },
    
      
      
      
      
      
      
      {
        "id": 4,
        "stable_id": "paper-4",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-4/",
        "title": "Incentive-Based Cooperative and Secure Inter-Personal Networking",
        "authors": "Karim Eldefrawy, Magda El Zarki, and Gene Tsudik",
        "year": 2007,
        "status": "Published · workshop paper",
        "venue": "ACM MobiOpp",
        "venue_url": null,
        "topic": "secure-systems-networks",
        "labels": ["Applied","Perspective"],
        "ai_ml_labels": null,
        "contribution_types": [],
        "tags": ["cooperative networking","personal-area networks","connectivity sharing","incentive mechanisms"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "This paper outlines a framework in which a stranded user's personal-area network buys or barters connectivity through a nearby user's devices under short-term service contracts. It identifies policy, authentication, privacy, accounting, and incentive requirements for making such resource sharing secure and worthwhile.",
        "availability": null,
        "resources": {"id":4,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1145/1247694.1247706"}],"archive":[{"label":"CiteSeerX archive","url":"https://citeseerx.ist.psu.edu/document?doi=6d922a7deb8b99f108b5f1a4ccda0f94e7172db2&repid=rep1&type=pdf"}],"author":[{"label":"UCI author copy","url":"https://ics.uci.edu/~gts/paps/ezt07.pdf"},{"label":"Author-hosted PDF","url":"/pubs/2007/incentive-cooperative-interpersonal-mobiopp2007.pdf"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-4.json"
      },
    
      
      
      
      
      
      
      {
        "id": 5,
        "stable_id": "paper-5",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-5/",
        "title": "BotTorrent: Misusing BitTorrent to Launch DDoS Attacks",
        "authors": "Karim Eldefrawy, Minas Gjoka, and Athina Markopoulou",
        "year": 2007,
        "status": "Published · workshop paper",
        "venue": "USENIX Steps to Reducing Unwanted Traffic on the Internet (SRUTI)",
        "venue_url": null,
        "topic": "secure-systems-networks",
        "labels": ["Applied"],
        "ai_ml_labels": null,
        "contribution_types": [],
        "tags": ["BitTorrent","DDoS","protocol abuse"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "BotTorrent shows how an attacker can manipulate BitTorrent metadata and trackers so large numbers of legitimate clients send traffic to an arbitrary victim. Real-world experiments characterize the resulting DDoS traffic and motivate protocol checks that limit this abuse, while noting the broader danger of redirecting legitimate peer-to-peer traffic.",
        "availability": null,
        "resources": {"id":5,"official":[{"label":"USENIX paper page","url":"https://www.usenix.org/conference/sruti-07/bottorrent-misusing-bittorrent-launch-ddos-attacks"}],"archive":[{"label":"CiteSeerX archive","url":"https://citeseerx.ist.psu.edu/document?doi=f6e27485882d0986e8e939dd7f1a3dcc897d33ac&repid=rep1&type=pdf"}],"author":[{"label":"Author-hosted PDF","url":"/pubs/2007/bottorrent-sruti2007.pdf"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-5.json"
      },
    
      
      
      
      
      
      
      {
        "id": 6,
        "stable_id": "paper-6",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-6/",
        "title": "Optimal Filtering for DDoS Attacks",
        "authors": "Karim Eldefrawy, Athina Markopoulou, and Katerina Argyraki",
        "year": 2007,
        "status": "Published · workshop paper",
        "venue": "Information Theory and Applications Workshop (ITA)",
        "venue_url": null,
        "topic": "algorithms-foundations",
        "labels": ["Theory","Applied"],
        "ai_ml_labels": null,
        "contribution_types": ["algorithm"],
        "tags": ["DDoS","filter allocation","dynamic programming"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "The paper formulates how a victim gateway with too few packet filters should choose between blocking individual attackers and coarser source domains. It gives optimal dynamic-programming solutions for one- and two-tier filtering and evaluates heuristics that preserve more legitimate traffic under realistic DDoS scenarios.",
        "availability": null,
        "resources": {"id":6,"official":[],"archive":[{"label":"arXiv","url":"https://arxiv.org/abs/cs/0612066"}],"author":[{"label":"Author-hosted PDF","url":"/pubs/2007/optimal-filtering-ddos-ita2007.pdf"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-6.json"
      },
    
      
      
      
      
      
      
      {
        "id": 7,
        "stable_id": "paper-7",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-7/",
        "title": "ALARM: Anonymous Location-Aided Routing in Suspicious MANETs",
        "authors": "Karim Eldefrawy and Gene Tsudik",
        "year": 2007,
        "status": "Published",
        "venue": "IEEE International Conference on Network Protocols (ICNP)",
        "venue_url": null,
        "topic": "privacy-identity",
        "labels": ["Theory","Applied"],
        "ai_ml_labels": null,
        "contribution_types": ["protocol"],
        "tags": ["anonymous routing","location privacy","group signatures"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "ALARM uses current locations rather than persistent node identities to build an authenticated map and route through a suspicious mobile ad hoc network. Group signatures and one-time pseudonyms provide origin authentication and location integrity while preserving node anonymity and resistance to tracking.",
        "availability": null,
        "resources": {"id":7,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1109/ICNP.2007.4375861"}],"archive":[{"label":"CiteSeerX archive","url":"https://citeseerx.ist.psu.edu/document?doi=fc53c0247201ee1ebb23f5b7570d4bf4eb205f4b&repid=rep1&type=pdf"}],"author":[{"label":"UCI author copy","url":"https://ics.uci.edu/~gts/paps/alarm07.pdf"},{"label":"Author-hosted PDF","url":"/pubs/2007/alarm-icnp2007.pdf"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-7.json"
      },
    
      
      
      
      
      
      
      {
        "id": 8,
        "stable_id": "paper-8",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-8/",
        "title": "Filtering Sources of Unwanted Traffic Based on Blacklists",
        "authors": "Fabio Soldo, Karim Eldefrawy, Athina Markopoulou, Bala Krishnamurthy, and Kobus van der Merwe",
        "year": 2008,
        "status": "Published · workshop paper",
        "venue": "Information Theory and Applications Workshop (ITA)",
        "venue_url": null,
        "topic": "algorithms-foundations",
        "labels": ["Theory","Applied"],
        "ai_ml_labels": null,
        "contribution_types": ["algorithm"],
        "tags": ["traffic filtering","blacklists","optimization"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "The paper turns a blacklist of malicious source addresses into a limited set of router filters while balancing attack blocking against collateral damage to legitimate hosts in aggregated prefixes. Its optimal, efficient algorithms cover static and changing blacklists and perform especially well when malicious addresses are clustered.",
        "availability": null,
        "resources": {"id":8,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1109/ITA.2008.4601049"}],"archive":[{"label":"CiteSeerX archive","url":"https://citeseerx.ist.psu.edu/document?doi=b1e1e721800aa7c604e8680b7b63e029b470c6c2&repid=rep1&type=pdf"}],"author":[{"label":"Author-hosted paper","url":"https://rfob.org/papers/ita08.pdf"},{"label":"Author-hosted PDF","url":"/pubs/2008/filtering-blacklists-ita2008.pdf"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-8.json"
      },
    
      
      
      
      
      
      
      {
        "id": 9,
        "stable_id": "paper-9",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-9/",
        "title": "PRISM: Privacy-Friendly Routing in Suspicious MANETs (and VANETs)",
        "authors": "Karim Eldefrawy and Gene Tsudik",
        "year": 2008,
        "status": "Published",
        "venue": "IEEE International Conference on Network Protocols (ICNP)",
        "venue_url": null,
        "topic": "privacy-identity",
        "labels": ["Theory","Applied"],
        "ai_ml_labels": null,
        "contribution_types": ["protocol"],
        "tags": ["anonymous routing","location privacy","MANETs"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "PRISM is an on-demand, location-based routing protocol for suspicious MANETs in which nodes can communicate without exposing long-term identities or movement histories. Its design is analyzed against insider and outsider adversaries and is reported to provide stronger privacy with lower overhead than prior approaches.",
        "availability": null,
        "resources": {"id":9,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1109/ICNP.2008.4697044"}],"archive":[{"label":"CiteSeerX archive","url":"https://citeseerx.ist.psu.edu/document?doi=3fb81a9dd24b091c455549a3b04b8344f7e55290&repid=rep1&type=pdf"}],"author":[{"label":"UCI author copy","url":"https://sprout.ics.uci.edu/pubs/04697044.pdf"},{"label":"Author-hosted PDF","url":"/pubs/2008/prism-icnp2008.pdf"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-9.json"
      },
    
      
      
      
      
      
      
      {
        "id": 10,
        "stable_id": "paper-10",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-10/",
        "title": "Leveraging Social Contacts for Message Confidentiality in Delay Tolerant Networks",
        "authors": "Karim Eldefrawy, John Solis, and Gene Tsudik",
        "year": 2009,
        "status": "Published",
        "venue": "IEEE Computer Software and Applications Conference (COMPSAC)",
        "venue_url": null,
        "topic": "privacy-identity",
        "labels": ["Theory"],
        "ai_ml_labels": null,
        "contribution_types": ["scheme"],
        "tags": ["delay-tolerant networks","social trust","confidential messaging"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "The paper addresses key establishment in delay-tolerant networks, where intermittent contact makes credential lookup and multi-round handshakes impractical. Its schemes derive secure messaging relationships from social affiliations or shared contacts so users can protect messages despite long delays and sparse connectivity.",
        "availability": null,
        "resources": {"id":10,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1109/COMPSAC.2009.43"}],"archive":[],"author":[{"label":"Author-hosted PDF","url":"https://www.johnsolis.com/publications/dtn_compsac09.pdf"},{"label":"Author-hosted PDF","url":"/pubs/2009/social-contacts-dtn-compsac2009.pdf"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-10.json"
      },
    
      
      
      
      
      
      
      {
        "id": 11,
        "stable_id": "paper-11",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-11/",
        "title": "Link-Layer Encryption Effect on Achievable Capacity in Wireless Network Coding",
        "authors": "Claude Castelluccia, Karim Eldefrawy, and Gene Tsudik",
        "year": 2010,
        "status": "Published · workshop paper",
        "venue": "IEEE INFOCOM Workshops",
        "venue_url": null,
        "topic": "algorithms-foundations",
        "labels": ["Theory"],
        "ai_ml_labels": null,
        "contribution_types": [],
        "tags": ["network coding","link-layer encryption","wireless capacity"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "This paper analyzes how link-layer encryption, used to hide traffic patterns even when end-to-end encryption is present, interacts with wireless network coding. Its model shows that link-layer encryption can sharply reduce achievable multicast capacity and exposes a security-throughput tradeoff for coded wireless networks.",
        "availability": null,
        "resources": {"id":11,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1109/INFCOMW.2010.5466615"}],"archive":[],"author":[{"label":"Author-hosted paper","url":"https://archimedes-12-vagrant.ics.uci.edu/pubs/karim-wireless-net-code-ll-enc.pdf"},{"label":"Author-hosted PDF","url":"/pubs/2010/link-layer-encryption-network-coding-infocomw2010.pdf"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-11.json"
      },
    
      
      
      
      
      
      
      {
        "id": 12,
        "stable_id": "paper-12",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-12/",
        "title": "Attacks on Physical-Layer Identification",
        "authors": "Boris Danev, Heinrich Luecken, Srdjan Čapkun, and Karim Eldefrawy",
        "year": 2010,
        "status": "Published",
        "venue": "ACM Conference on Wireless Network Security (WiSec)",
        "venue_url": null,
        "topic": "privacy-identity",
        "labels": ["Applied"],
        "ai_ml_labels": null,
        "contribution_types": [],
        "tags": ["device fingerprinting","physical-layer security","impersonation"],
        "abstract": "Physical-layer identification of wireless devices, commonly referred to as Radio Frequency (RF) fingerprinting, is the process of identifying a device based on transmission imperfections exhibited by its radio transceiver. It can be used to improve access control in wireless networks, prevent device cloning and complement message authentication protocols. This paper studies the feasibility of performing impersonation attacks on the modulation-based and transient-based fingerprinting techniques. Both techniques are vulnerable to impersonation attacks; however, transient-based techniques are more difficult to reproduce due to the effects of the wireless channel and antenna in their recording process. We assess the feasibility of performing impersonation attacks by extensive measurements as well as simulations using collected data from wireless devices. We discuss the implications of our findings and how they affect current device identification techniques and related applications.",
        "abstract_kind": "Full paper abstract",
        "abstract_review_status": "extracted_from_checked_in_pdf",
        "abstract_added_at": "2026-07-11",
        "abstract_note": "Transcribed from the checked-in full-text PDF; only typography, discretionary hyphenation, and line-break artifacts were normalized.",
        "abstract_source_url": "/pubs/2010/physical-layer-identification-wisec2010.pdf#page=1",
        "summary": "The authors demonstrate impersonation attacks against radio-frequency fingerprinting by replaying either selected signal features or entire captured waveforms. Experiments show modulation-based fingerprints can be forged very reliably, while transient-based fingerprints are harder to reproduce because recording depends on the channel and antenna.",
        "availability": null,
        "resources": {"id":12,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1145/1741866.1741882"}],"archive":[{"label":"Archived ETH institutional copy","url":"https://web.archive.org/web/20120120122917id_/http://www.syssec.ethz.ch/research/wisec10-attks.pdf"}],"author":[{"label":"Author-hosted PDF","url":"/pubs/2010/physical-layer-identification-wisec2010.pdf"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-12.json"
      },
    
      
      
      
      
      
      
      {
        "id": 13,
        "stable_id": "paper-13",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-13/",
        "title": "Group Distance Bounding Protocols (Short Paper)",
        "authors": "Srdjan Čapkun, Karim Eldefrawy, and Gene Tsudik",
        "year": 2011,
        "status": "Published · short paper",
        "venue": "4th International Conference on Trust and Trustworthy Computing (TRUST)",
        "venue_url": null,
        "topic": "secure-systems-networks",
        "labels": ["Theory"],
        "ai_ml_labels": null,
        "contribution_types": ["protocol","primitive"],
        "tags": ["distance bounding","proximity","authentication"],
        "abstract": "Distance bounding (DB) protocols allow one entity, the verifier, to securely obtain an upper-bound on the distance to another entity, the prover. Thus far, DB was considered mostly in the context of a single prover and a single verifier. There has been no substantial prior work on secure DB in group settings, where a set of provers interact with a set of verifiers. The need for group distance bounding (GDB) is motivated by many practical scenarios, including: group device pairing, location-based access control and secure distributed localization. This paper addresses, for the first time, one-way GDB protocols by utilizing a new passive DB primitive. We show how passive DB can be used to construct secure and efficient GDB protocols for various one-way GDB settings. We analyze the security and performance of proposed protocols and compare them with existing DB techniques extended to group settings.",
        "abstract_kind": "Full paper abstract",
        "abstract_review_status": "extracted_from_checked_in_pdf",
        "abstract_added_at": "2026-07-11",
        "abstract_note": "Transcribed from the checked-in short-paper PDF; only typography, discretionary hyphenation, and line-break artifacts were normalized.",
        "abstract_source_url": "/pubs/2011/group-distance-bounding-trust2011.pdf#page=1",
        "summary": "This work extends distance bounding from one prover and one verifier to groups of devices, motivated by pairing, access control, and secure localization. It introduces passive distance bounding and multi-party protocols that reduce cost and improve security compared with simply running every pairwise distance-bounding exchange.",
        "availability": null,
        "resources": {"id":13,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1007/978-3-642-21599-5_23"}],"archive":[{"label":"Archived UCI author copy","url":"https://web.archive.org/web/20150703110554id_/http://www.ics.uci.edu/~keldefra/papers/trust11.pdf"}],"author":[{"label":"Author-hosted PDF","url":"/pubs/2011/group-distance-bounding-trust2011.pdf"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-13.json"
      },
    
      
      
      
      
      
      
      {
        "id": 14,
        "stable_id": "paper-14",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-14/",
        "title": "ALARM: Anonymous Location-Aided Routing in Suspicious MANETs",
        "authors": "Karim Eldefrawy and Gene Tsudik",
        "year": 2011,
        "status": "Published · journal article",
        "venue": "IEEE Transactions on Mobile Computing, Volume 10, Number 9",
        "venue_url": null,
        "topic": "privacy-identity",
        "labels": ["Theory","Applied"],
        "ai_ml_labels": null,
        "contribution_types": ["protocol"],
        "tags": ["anonymous routing","location privacy","MANETs"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "This journal version of ALARM gives a comprehensive security, privacy, and performance analysis of location-based link-state routing for suspicious MANETs. Nodes use signed location announcements and group signatures to authenticate topology information while remaining anonymous and difficult to track, even against specified insider and outsider attacks.",
        "availability": null,
        "resources": {"id":14,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1109/TMC.2010.256"}],"archive":[{"label":"CiteSeerX archive","url":"https://citeseerx.ist.psu.edu/document?doi=7a36caaf053d725da668419e3e765021f7f145ea&repid=rep1&type=pdf"}],"author":[]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-14.json"
      },
    
      
      
      
      
      
      
      {
        "id": 15,
        "stable_id": "paper-15",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-15/",
        "title": "Privacy-Preserving Location-Based On-Demand Routing in MANETs",
        "authors": "Karim Eldefrawy and Gene Tsudik",
        "year": 2011,
        "status": "Published · journal article",
        "venue": "IEEE Journal on Selected Areas in Communications, Volume 29, Number 10",
        "venue_url": null,
        "topic": "privacy-identity",
        "labels": ["Theory","Applied"],
        "ai_ml_labels": null,
        "contribution_types": ["protocol"],
        "tags": ["location privacy","MANET routing"],
        "abstract": "Mobile Ad-Hoc Networks (MANETs) are particularly useful and well-suited for critical scenarios, including military, law enforcement as well as emergency rescue and disaster recovery. When operating in hostile or suspicious settings, MANETs require communication security and privacy, especially, in underlying routing protocols. Unlike most networks, where communication is based on long-term identities (addresses), we argue that the location-centric communication paradigm is better-suited for privacy in suspicious MANETs. To this end, we construct an on-demand location-based anonymous MANET routing protocol (PRISM) that achieves privacy and security against both outsider and insider adversaries. We analyze the security, privacy and performance of PRISM and compare it to alternative techniques. Results show that PRISM is more efficient and offers better privacy than prior work.",
        "abstract_kind": "Full paper abstract",
        "abstract_review_status": "extracted_from_checked_in_pdf",
        "abstract_added_at": "2026-07-11",
        "abstract_note": "Transcribed from the checked-in full-text PDF; only typography, discretionary hyphenation, and line-break artifacts were normalized.",
        "abstract_source_url": "/pubs/2011/privacy-preserving-routing-jsac2011.pdf#page=1",
        "summary": "PRISM replaces identity-centric route discovery with on-demand routing addressed to current locations, protecting participants in hostile or compromised MANETs. Its analysis and evaluation find that the protocol resists insider and outsider attacks while offering better privacy and efficiency than alternative techniques.",
        "availability": null,
        "resources": {"id":15,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1109/JSAC.2011.111203"}],"archive":[{"label":"Archived UCI author copy","url":"https://web.archive.org/web/20150703110555id_/http://www.ics.uci.edu/~keldefra/papers/jsac11.pdf"}],"author":[{"label":"Author-hosted PDF","url":"/pubs/2011/privacy-preserving-routing-jsac2011.pdf"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-15.json"
      },
    
      
      
      
      
      
      
      {
        "id": 16,
        "stable_id": "paper-16",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-16/",
        "title": "Harvesting SSL Certificate Data to Identify Web-Fraud",
        "authors": "Mishari Al Mishari, Emiliano De Cristofaro, Karim Eldefrawy, and Gene Tsudik",
        "year": 2012,
        "status": "Published · journal article",
        "venue": "International Journal of Network Security, Volume 14, Number 6",
        "venue_url": null,
        "topic": "ai-machine-learning",
        "labels": ["Applied"],
        "ai_ml_labels": ["AI for security"],
        "contribution_types": ["algorithm"],
        "tags": ["web fraud","TLS certificates","measurement"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "The paper studies how SSL certificate fields differ between popular legitimate domains and HTTPS-enabled phishing or typosquatting sites. It builds and validates a certificate-only classifier that detects fraudulent domains with high accuracy without relying on user data, making it complementary to other anti-fraud tools.",
        "availability": null,
        "resources": {"id":16,"official":[{"label":"Journal PDF","url":"http://ijns.jalaxy.com.tw/contents/ijns-v14-n6/ijns-2012-v14-n6-p324-338.pdf"}],"archive":[{"label":"arXiv","url":"https://arxiv.org/abs/0909.3688"}],"author":[{"label":"Author-hosted PDF","url":"https://emilianodc.com/PAPERS/IJSN12.pdf"},{"label":"Author-hosted PDF","url":"/pubs/2012/ssl-certificate-web-fraud-ijns2012.pdf"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-16.json"
      },
    
      
      
      
      
      
      
      {
        "id": 17,
        "stable_id": "paper-17",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-17/",
        "title": "SMART: Secure and Minimal Architecture for (Establishing a Dynamic) Root of Trust",
        "authors": "Karim Eldefrawy, Aurélien Francillon, Daniele Perito, and Gene Tsudik",
        "year": 2012,
        "status": "Published",
        "venue": "Network and Distributed System Security Symposium (NDSS)",
        "venue_url": null,
        "topic": "secure-systems-networks",
        "labels": ["Theory","Applied"],
        "ai_ml_labels": null,
        "contribution_types": ["primitive"],
        "tags": ["root of trust","remote attestation","microcontrollers"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "SMART is a minimal hardware-software architecture that lets a remote party establish a dynamic root of trust and run isolated code on low-end microcontrollers. AVR and MSP430 implementations show that only small changes to memory-access logic are needed, avoiding the cost of a separate security coprocessor while providing concrete security guarantees.",
        "availability": null,
        "resources": {"id":17,"official":[{"label":"NDSS paper page","url":"https://www.ndss-symposium.org/ndss2012/ndss-2012-programme/smart-secure-and-minimal-architecture-establishing-dynamic-root-trust/"}],"archive":[],"author":[{"label":"UCI author copy","url":"https://ics.uci.edu/~gts/paps/smart.pdf"},{"label":"Author-hosted PDF","url":"/pubs/2012/smart-ndss2012.pdf"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-17.json"
      },
    
      
      
      
      
      
      
      {
        "id": 18,
        "stable_id": "paper-18",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-18/",
        "title": "Secure and Privacy-Preserving Querying of Content in MANETs",
        "authors": "Karim Eldefrawy and Gavin Holland",
        "year": 2012,
        "status": "Published",
        "venue": "IEEE International Conference on Technologies for Homeland Security (HST)",
        "venue_url": null,
        "topic": "privacy-identity",
        "labels": ["Theory"],
        "ai_ml_labels": null,
        "contribution_types": ["protocol"],
        "tags": ["private search","MANETs","access control"],
        "abstract": "Ensuring security and privacy of content in a mobile ad-hoc network (MANET) is a challenging problem, especially when that content is distributed over the network using some form of peer-to-peer dissemination scheme. Since cooperation among nodes is vital in MANETs, the capture or compromise of a single node not only exposes locally cached content, but also allows an adversary to interrogate the network with the authority of an insider, acquiring important information such as content access patterns, popularity and location. Previous work in MANETs has predominantly focused on providing solutions for security and anonymity of routing protocols, confidentiality, and key management. In this paper, we present protocols that provide the ability to securely and privately locate content for two common peer-to-peer dissemination operations: publish/subscribe (content PUSH), and direct query (content PULL).",
        "abstract_kind": "Full paper abstract",
        "abstract_review_status": "extracted_from_author_full_text_route",
        "abstract_added_at": "2026-07-11",
        "abstract_note": "Transcribed from the public author-uploaded full text; only typography, discretionary hyphenation, and line-break artifacts were normalized. Local file fixity has not been recorded.",
        "abstract_source_url": "https://www.researchgate.net/publication/261493217_Secure_and_privacy-preserving_querying_of_content_in_MANETs",
        "summary": "The paper protects content discovery in peer-to-peer MANET dissemination, where a compromised node could otherwise learn queries, access patterns, and content locations. It builds private PUSH and PULL protocols from secure pattern matching, homomorphic encryption, secret sharing, and query-policy enforcement so nodes learn only authorized search results.",
        "availability": null,
        "resources": {"id":18,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1109/THS.2012.6459917"}],"archive":[],"author":[{"label":"ResearchGate author full text","url":"https://www.researchgate.net/publication/261493217_Secure_and_privacy-preserving_querying_of_content_in_MANETs"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-18.json"
      },
    
      
      
      
      
      
      
      {
        "id": 19,
        "stable_id": "paper-19",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-19/",
        "title": "5PM: Secure Pattern Matching",
        "authors": "Joshua Baron, Karim Eldefrawy, Kirill Minkovich, Rafail Ostrovsky, and Eric Tressler",
        "year": 2012,
        "status": "Published · conference version",
        "venue": "8th Conference on Security and Cryptography for Networks (SCN)",
        "venue_url": null,
        "topic": "secure-encrypted-computation",
        "labels": ["Theory"],
        "ai_ml_labels": null,
        "contribution_types": ["protocol","primitive"],
        "tags": ["secure pattern matching","homomorphic encryption"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "5PM lets a client search a server's text for exact, wildcard, approximate, and substring matches without revealing the query or exposing unrelated text, even against malicious participants. A linear-algebra formulation with additive homomorphic encryption gives sublinear-in-circuit communication, supports arbitrary alphabets and hidden pattern length, and completes in eight rounds in the malicious model.",
        "availability": null,
        "resources": {"id":19,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1007/978-3-642-32928-9_13"}],"archive":[{"label":"IACR ePrint","url":"https://eprint.iacr.org/2012/698"}],"author":[]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-19.json"
      },
    
      
      
      
      
      
      
      {
        "id": 20,
        "stable_id": "paper-20",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-20/",
        "title": "Blindfolded Data Search via Secure Pattern Matching",
        "authors": "Karim Eldefrawy and Sky Faber",
        "year": 2013,
        "status": "Published · magazine article",
        "venue": "IEEE Computer, Volume 46, Number 12",
        "venue_url": null,
        "topic": "secure-encrypted-computation",
        "labels": ["Applied","Perspective"],
        "ai_ml_labels": null,
        "contribution_types": [],
        "tags": ["secure pattern matching","privacy-preserving search","survey"],
        "abstract": "Balancing security and privacy concerns with information sharing is a top priority for corporations, law enforcement agencies, governments, and other organizations. Secure pattern matching (SPM) addresses some of the challenges faced in sharing and searching private data.",
        "abstract_kind": "Complete article deck",
        "abstract_review_status": "extracted_from_checked_in_pdf",
        "abstract_added_at": "2026-07-11",
        "abstract_note": "Transcribed from the complete introductory deck in the checked-in magazine PDF; the article does not contain a section labeled Abstract. Only line-break artifacts were normalized.",
        "abstract_source_url": "/pubs/2013/blindfolded-data-search-ieee-computer2013.pdf#page=1",
        "summary": "This article explains how secure pattern matching can support blindfolded searches in which a requester hides its query while a data holder reveals only matching records. It surveys practical constructions and illustrates privacy-preserving uses in law-enforcement and health-data sharing while retaining both input privacy and computational correctness.",
        "availability": null,
        "resources": {"id":20,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1109/MC.2013.73"}],"archive":[],"author":[{"label":"Author-hosted PDF","url":"/pubs/2013/blindfolded-data-search-ieee-computer2013.pdf"},{"label":"UCI coauthor copy","url":"https://sprout.ics.uci.edu/pubs/secure_pattern_matching.pdf"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-20.json"
      },
    
      
      
      
      
      
      
      {
        "id": 21,
        "stable_id": "paper-21",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-21/",
        "title": "5PM: Secure Pattern Matching",
        "authors": "Joshua Baron, Karim Eldefrawy, Kirill Minkovich, Rafail Ostrovsky, and Eric Tressler",
        "year": 2013,
        "status": "Published · journal article",
        "venue": "Journal of Computer Security, Volume 21, Number 5",
        "venue_url": null,
        "topic": "secure-encrypted-computation",
        "labels": ["Theory"],
        "ai_ml_labels": null,
        "contribution_types": ["protocol","primitive"],
        "tags": ["secure pattern matching","privacy-preserving search"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "5PM lets a client privately test a pattern against a server's private text while supporting wildcards, substring matching, nonbinary alphabets, and richer distance measures even when one party is malicious. Its carefully staged protocol uses eight rounds and can hide the pattern length without increasing asymptotic computation or communication.",
        "availability": null,
        "resources": {"id":21,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.3233/JCS-130481"}],"archive":[{"label":"IACR ePrint","url":"https://eprint.iacr.org/2012/698"}],"author":[{"label":"UCLA author copy","url":"https://web.cs.ucla.edu/~rafail/PUBLIC/129.pdf"},{"label":"Author-hosted full version","url":"/pubs/2013/5pm-secure-pattern-matching.pdf"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-21.json"
      },
    
      
      
      
      
      
      
      {
        "id": 22,
        "stable_id": "paper-22",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-22/",
        "title": "Neighborhood Watch: On Network Coding Throughput and Key Sharing",
        "authors": "Martin Strohmeier, Ivan Martinovic, Utz Roedig, Karim Eldefrawy, and Jens Schmitt",
        "year": 2013,
        "status": "Published",
        "venue": "IEEE Global Communications Conference (GLOBECOM)",
        "venue_url": null,
        "topic": "algorithms-foundations",
        "labels": ["Theory","Applied"],
        "ai_ml_labels": null,
        "contribution_types": ["algorithm"],
        "tags": ["network coding","key sharing","wireless networks"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "The paper exposes a practical tradeoff in wireless network coding: larger link-key groups enable more packet overhearing and throughput, but make each key compromise more damaging. It formulates key assignment as an optimization problem and finds that adding one member to a key-sharing group can improve coding gain by 1.3 to 13.7 percent across tested topologies.",
        "availability": null,
        "resources": {"id":22,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1109/GLOCOM.2013.6831179"}],"archive":[],"author":[{"label":"Oxford author copy","url":"https://www.cs.ox.ac.uk/files/7240/globecom_camera.pdf"},{"label":"Author-hosted PDF","url":"/pubs/2013/neighborhood-watch-network-coding-key-sharing.pdf"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-22.json"
      },
    
      
      
      
      
      
      
      {
        "id": 23,
        "stable_id": "paper-23",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-23/",
        "title": "An Architecture for a Resilient Cloud Computing Infrastructure",
        "authors": "Joshua Baron, Karim Eldefrawy, Aleksey Nogin, and Rafail Ostrovsky",
        "year": 2013,
        "status": "Published",
        "venue": "IEEE International Conference on Technologies for Homeland Security (HST)",
        "venue_url": null,
        "topic": "secure-systems-networks",
        "labels": ["Applied"],
        "ai_ml_labels": null,
        "contribution_types": ["protocol"],
        "tags": ["cloud resilience","self-healing systems","secure computation"],
        "abstract": "This paper proposes an architecture for a resilient cloud computing infrastructure that provably maintains cloud functionality against persistent successful corruptions of cloud nodes. The architecture is composed of a self-healing software mechanism for the entire cloud, as well as hardware-assisted regeneration of compromised (or faulty) nodes from a pristine state. Such an architecture aims to secure critical distributed cloud computations well beyond the current state of the art by tolerating, in a seamless fashion, a continuous rate of successful corruptions up to certain corruption rate limit, e.g., 30% of all cloud nodes may be corrupted within a tunable window of time. The proposed architecture achieves these properties based on a principled separation of distributed task supervision from the computation of user-defined jobs. The task supervision and enduser communication are performed by a new software mechanism called the Control Operations Plane (COP), which builds a trustworthy and resilient, self-healing cloud computing infrastructure out of the underlying untrustworthy and faulty hosts. The COP leverages provably-secure cryptographic protocols that are efficient and robust in the presence of many corrupted participants — such a cloud regularly and unobtrusively refreshes itself by restoring COP nodes from a pristine state at regular intervals.",
        "abstract_kind": "Full paper abstract",
        "abstract_review_status": "extracted_from_author_full_text_route",
        "abstract_added_at": "2026-07-11",
        "abstract_note": "Transcribed from the public author-uploaded full text; only typography, discretionary hyphenation, and line-break artifacts were normalized. Source wording such as 'enduser' is retained. Local file fixity has not been recorded.",
        "abstract_source_url": "https://www.researchgate.net/publication/261054497_An_architecture_for_a_resilient_cloud_computing_infrastructure",
        "summary": "The paper proposes a self-healing control operations plane that separates cloud task supervision from user computations and uses cryptographic protocols plus hardware-assisted reinitialization to recover corrupted nodes. The design aims to keep the cloud operating despite a continuing stream of compromises, provided the corruption rate stays below a configurable threshold within each recovery window.",
        "availability": null,
        "resources": {"id":23,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1109/THS.2013.6699036"}],"archive":[],"author":[{"label":"ResearchGate author full text","url":"https://www.researchgate.net/publication/261054497_An_architecture_for_a_resilient_cloud_computing_infrastructure"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "metadata_and_source_abstract",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-23.json"
      },
    
      
      
      
      
      
      
      {
        "id": 24,
        "stable_id": "paper-24",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-24/",
        "title": "Disincentivizing/Incentivizing Malicious/Honest Behavior on the Internet via Privacy-Preserving AppCoins",
        "authors": "Karim Eldefrawy and Joshua Lampkins",
        "year": 2014,
        "status": "Published",
        "venue": "Ninth Workshop on Secure Network Protocols (NPSec), co-located with IEEE ICNP",
        "venue_url": null,
        "topic": "privacy-identity",
        "labels": ["Theory","Applied"],
        "ai_ml_labels": null,
        "contribution_types": ["protocol","scheme"],
        "tags": ["micropayments","incentives","privacy"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "The paper proposes privacy-preserving digital AppCoins as low-overhead micropayments that make abusive online behavior more expensive and reward cooperative behavior. It gives non-malleable, double-spending-resistant protocols and shows how email and onion routing could use them with practical commodity-hardware costs.",
        "availability": null,
        "resources": {"id":24,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1109/ICNP.2014.100"}],"archive":[],"author":[]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "metadata_and_editorial_summary",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-24.json"
      },
    
      
      
      
      
      
      
      {
        "id": 25,
        "stable_id": "paper-25",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-25/",
        "title": "How to Withstand Mobile Virus Attacks, Revisited",
        "authors": "Joshua Baron, Karim Eldefrawy, Joshua Lampkins, and Rafail Ostrovsky",
        "year": 2014,
        "status": "Published",
        "venue": "ACM Symposium on Principles of Distributed Computing (PODC)",
        "venue_url": null,
        "topic": "secure-encrypted-computation",
        "labels": ["Theory"],
        "ai_ml_labels": null,
        "contribution_types": ["protocol","scheme"],
        "tags": ["proactive MPC","mobile adversaries","packed secret sharing"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "This work revisits proactive MPC, where different machines may be compromised over time, and identifies why standard precomputation and sharing techniques become too costly under mobile faults. It introduces packed proactive secret sharing and UC-secure MPC protocols with near-linear per-step communication while tolerating almost one-third perfect-security or one-half statistical-security moving corruptions.",
        "availability": null,
        "resources": {"id":25,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1145/2611462.2611474"}],"archive":[],"author":[{"label":"Author-hosted paper","url":"https://web.cs.ucla.edu/~rafail/PUBLIC/167.pdf"},{"label":"Author-hosted full version","url":"/pubs/2014/how-to-withstand-mobile-virus-attacks-revisited.pdf"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-25.json"
      },
    
      
      
      
      
      
      
      {
        "id": 26,
        "stable_id": "paper-26",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-26/",
        "title": "Founding Digital Currency on Secure Computation",
        "authors": "Karim Eldefrawy and Joshua Lampkins",
        "year": 2014,
        "status": "Published",
        "venue": "ACM Conference on Computer and Communications Security (CCS)",
        "venue_url": null,
        "topic": "secure-encrypted-computation",
        "labels": ["Theory"],
        "ai_ml_labels": null,
        "contribution_types": ["protocol"],
        "tags": ["digital currency","secure computation","distributed ledger"],
        "abstract": "Most current digital currency schemes and associated ledgers are either centralized or completely distributed similar to the design adopted by Bitcoin. Centralized schemes enable accountability, but leave the privacy of users' identities and transactions in the hands of one organization. Distributed schemes can ensure better privacy but provide little accountability. In this paper we design a privacy-preserving proactively-secure distributed ledger and associated transaction protocols that can be used to implement an accountable digital currency that inherits the ledger's privacy and security features. One of the main technical challenges that we address is dealing with the increase in ledger size over time, an unavoidable aspect as the currency spreads and the ledger is required to be maintained for a long time in the future. We accomplish this by reducing the distributed (secret-shared) storage footprint and the required bandwidth and computation for proactively refreshing the ledger to ensure long-term confidentiality and security.",
        "abstract_kind": "Full paper abstract",
        "abstract_review_status": "extracted_from_author_full_text_route",
        "abstract_added_at": "2026-07-11",
        "abstract_note": "Transcribed from the public author-uploaded full text; only typography, discretionary hyphenation, and line-break artifacts were normalized. Local file fixity has not been recorded.",
        "abstract_source_url": "https://www.researchgate.net/profile/Karim-Eldefrawy-2/publication/285835450_Founding_Digital_Currency_on_Secure_Computation/links/573dee9a08ae9f741b2ffd5a/Founding-Digital-Currency-on-Secure-Computation.pdf",
        "summary": "The paper designs a privacy-preserving, proactively secure distributed ledger for a digital currency that sits between a fully centralized bank and a fully decentralized system such as Bitcoin. Secret sharing and secure computation protect account and transaction data over time while still allowing a qualified group of servers to enforce accountability.",
        "availability": null,
        "resources": {"id":26,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1145/2660267.2660293"}],"archive":[],"author":[{"label":"ResearchGate author-uploaded PDF","url":"https://www.researchgate.net/profile/Karim-Eldefrawy-2/publication/285835450_Founding_Digital_Currency_on_Secure_Computation/links/573dee9a08ae9f741b2ffd5a/Founding-Digital-Currency-on-Secure-Computation.pdf"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "metadata_and_source_abstract",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-26.json"
      },
    
      
      
      
      
      
      
      {
        "id": 27,
        "stable_id": "paper-27",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-27/",
        "title": "Remote Attestation of Heterogeneous Cyber-Physical Systems: The Automotive Use Case",
        "authors": "Karim Eldefrawy, Gavin Holland, and Gene Tsudik",
        "year": 2015,
        "status": "Published · extended abstract",
        "venue": "Embedded Security in Cars USA (escar USA) Workshop",
        "venue_url": null,
        "topic": "secure-systems-networks",
        "labels": ["Applied","Perspective"],
        "ai_ml_labels": null,
        "contribution_types": [],
        "tags": ["remote attestation","automotive security","cyber-physical systems"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "This extended abstract argues that remote attestation should move from checking one embedded device to checking the many heterogeneous components of a cyber-physical system, using a modern vehicle as the motivating case. It outlines how multiple device attestations could be combined efficiently and identifies open problems for automotive and broader CPS deployments.",
        "availability": null,
        "resources": {"id":27,"official":[],"archive":[],"author":[{"label":"Author-hosted paper","url":"https://ics.uci.edu/~gtsudik/paps/attestation-ESCAR15.pdf"},{"label":"Author-hosted extended abstract PDF","url":"/pubs/2015/remote-attestation-heterogeneous-cps-automotive.pdf"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-27.json"
      },
    
      
      
      
      
      
      
      {
        "id": 28,
        "stable_id": "paper-28",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-28/",
        "title": "Communication-Optimal Proactive Secret Sharing for Dynamic Groups",
        "authors": "Joshua Baron, Karim Eldefrawy, Joshua Lampkins, and Rafail Ostrovsky",
        "year": 2015,
        "status": "Published",
        "venue": "International Conference on Applied Cryptography and Network Security (ACNS)",
        "venue_url": null,
        "topic": "secure-encrypted-computation",
        "labels": ["Theory"],
        "ai_ml_labels": null,
        "contribution_types": ["protocol","scheme"],
        "tags": ["proactive secret sharing","dynamic groups","communication complexity"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "This work protects long-lived secrets even as participants join, leave, or are eventually compromised by periodically refreshing shares and restoring parties. It gives the first dynamic proactive secret-sharing schemes with optimal amortized constant communication per secret, improving on polynomial or exponential prior costs, and extends them to dynamic proactive MPC.",
        "availability": null,
        "resources": {"id":28,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1007/978-3-319-28166-7_2"}],"archive":[{"label":"IACR ePrint","url":"https://eprint.iacr.org/2015/304"}],"author":[{"label":"UCLA author copy","url":"https://web.cs.ucla.edu/~rafail/PUBLIC/188.pdf"},{"label":"Author-hosted full version","url":"/pubs/2015/communication-optimal-proactive-secret-sharing-dynamic-groups.pdf"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-28.json"
      },
    
      
      
      
      
      
      
      {
        "id": 29,
        "stable_id": "paper-29",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-29/",
        "title": "Byzantine Fault Tolerant Software-Defined Networking (SDN) Controllers",
        "authors": "Karim Eldefrawy and Tyler Kaczmarek",
        "year": 2016,
        "status": "Published",
        "venue": "IEEE COMPSAC, MidCCI workshop",
        "venue_url": null,
        "topic": "secure-systems-networks",
        "labels": ["Theory","Applied"],
        "ai_ml_labels": null,
        "contribution_types": ["protocol"],
        "tags": ["software-defined networking","Byzantine fault tolerance"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "The paper replaces the single vulnerable SDN controller with replicated controllers that use Byzantine fault-tolerant state-machine replication to survive malicious behavior in both the control and data planes. Its prototype tolerates one compromised component among four replicas and demonstrates feasibility with roughly a twofold slowdown in the best configuration.",
        "availability": null,
        "resources": {"id":29,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1109/COMPSAC.2016.76"}],"archive":[],"author":[{"label":"Author-hosted paper","url":"https://sprout.ics.uci.edu/pubs/resilient_sdn_controller.pdf"},{"label":"Author-hosted PDF","url":"/pubs/2016/byzantine-fault-tolerant-sdn-controllers.pdf"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-29.json"
      },
    
      
      
      
      
      
      
      {
        "id": 30,
        "stable_id": "paper-30",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-30/",
        "title": "Automated Inference of Dependencies of Network Services and Applications via Transfer Entropy",
        "authors": "Karim Eldefrawy, Tiffany Kim, and Pape M. Sylla",
        "year": 2016,
        "status": "Published",
        "venue": "IEEE COMPSAC, ADMNET workshop",
        "venue_url": null,
        "topic": "ai-machine-learning",
        "labels": ["Applied"],
        "ai_ml_labels": ["AI for security"],
        "contribution_types": ["algorithm"],
        "tags": ["network service dependencies","transfer entropy","causal inference","network management"],
        "abstract": "As the scale and complexity of modern computer networks increases, administrators and operators of such networks need tools to accurately infer dependencies between different network services and applications. Such tools can aid in (1) detecting misconfigurations, (2) effectively scheduling major software and hardware maintenance operations with minimal disruptions, and (3) exposing potential anomalies in a timely manner. Existing tools either only consider temporal correlations which require installing additional software to monitor interfaces, ignore network service profiles of more than two services, or do not necessarily capture actual causations. Such shortcomings result in high false detection rates of inferred dependencies. This paper presents the design and evaluation of an algorithm that utilizes the notion of Transfer Entropy (TE) to passively analyze and identify dependencies between various network services and applications. With TE, our algorithm formalizes and measures the amount of information exchanged between two entities (services or applications) in a computer network. By constructing time series of the interactions of such services and applications and computing the pairwise TE from such time series, our algorithm accurately infers dependencies based on causation with low false (positive and negative) alarms. Using collected network traffic from a test and production network, we demonstrate that the algorithm provides lower false alarms with efficient run time and computational requirements.",
        "abstract_kind": "Full paper abstract",
        "abstract_review_status": "extracted_from_author_full_text_route",
        "abstract_added_at": "2026-07-11",
        "abstract_note": "Transcribed from the public author-uploaded full text; only typography, discretionary hyphenation, and line-break artifacts were normalized. Local file fixity has not been recorded.",
        "abstract_source_url": "https://www.researchgate.net/profile/Karim-Eldefrawy-2/publication/303252585_Automated_Identification_of_Network_Service_Dependencies_via_Transfer_Entropy/links/573dee7808ae9ace84112561/Automated-Identification-of-Network-Service-Dependencies-via-Transfer-Entropy.pdf",
        "summary": "The paper infers which network services and applications depend on one another by passively applying transfer entropy to time series derived from network interactions. Tests on production traffic show fewer false alarms and efficient runtime compared with correlation-based methods, helping operators diagnose failures, plan maintenance, and spot anomalies.",
        "availability": null,
        "resources": {"id":30,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1109/COMPSAC.2016.68"}],"archive":[],"author":[{"label":"ResearchGate author-uploaded PDF","url":"https://www.researchgate.net/profile/Karim-Eldefrawy-2/publication/303252585_Automated_Identification_of_Network_Service_Dependencies_via_Transfer_Entropy/links/573dee7808ae9ace84112561/Automated-Identification-of-Network-Service-Dependencies-via-Transfer-Entropy.pdf"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "metadata_and_source_abstract",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-30.json"
      },
    
      
      
      
      
      
      
      {
        "id": 31,
        "stable_id": "paper-31",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-31/",
        "title": "Brief Announcement: Proactive Secret Sharing with a Dishonest Majority",
        "authors": "Shlomi Dolev, Karim Eldefrawy, Joshua Lampkins, Rafail Ostrovsky, and Moti Yung",
        "year": 2016,
        "status": "Published · brief announcement",
        "venue": "ACM Symposium on Principles of Distributed Computing (PODC)",
        "venue_url": null,
        "topic": "secure-encrypted-computation",
        "labels": ["Theory"],
        "ai_ml_labels": null,
        "contribution_types": ["protocol","scheme"],
        "tags": ["proactive secret sharing","dishonest majority"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "This brief announcement gives the first proactive secret-sharing feasibility result that remains confidential even when passive corruptions form a dishonest majority. It supports nearly all parties being passively compromised under stated fault conditions, allows mixed passive and active adversaries, and reduces batched communication to cubic in the number of parties.",
        "availability": null,
        "resources": {"id":31,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1145/2933057.2933059"}],"archive":[],"author":[{"label":"Author-hosted paper","url":"https://web.cs.ucla.edu/~rafail/PUBLIC/193.pdf"},{"label":"Author-hosted PDF","url":"/pubs/2016/proactive-secret-sharing-dishonest-majority-podc2016-brief.pdf"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-31.json"
      },
    
      
      
      
      
      
      
      {
        "id": 32,
        "stable_id": "paper-32",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-32/",
        "title": "Proactive Secret Sharing with a Dishonest Majority",
        "authors": "Shlomi Dolev, Karim Eldefrawy, Joshua Lampkins, Rafail Ostrovsky, and Moti Yung",
        "year": 2016,
        "status": "Published",
        "venue": "10th Conference on Security and Cryptography for Networks (SCN)",
        "venue_url": null,
        "topic": "secure-encrypted-computation",
        "labels": ["Theory"],
        "ai_ml_labels": null,
        "contribution_types": ["protocol","scheme"],
        "tags": ["proactive secret sharing","dishonest majority"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "The full paper develops proactive secret sharing whose confidentiality can survive a dishonest majority, unlike earlier schemes that fail once half the parties are observed within a refresh period. It combines additive sharing with verifiable polynomial sharing to tolerate up to n−1 passive corruptions in the basic case, while also analyzing recovery, active corruption, and communication costs.",
        "availability": null,
        "resources": {"id":32,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1007/978-3-319-44618-9_28"}],"archive":[],"author":[{"label":"UCLA author copy","url":"https://web.cs.ucla.edu/~rafail/PUBLIC/189.pdf"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-32.json"
      },
    
      
      
      
      
      
      
      {
        "id": 33,
        "stable_id": "paper-33",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-33/",
        "title": "Lightweight Swarm Attestation: A Tale of Two LISA-s",
        "authors": "Xavier Carpent, Karim Eldefrawy, Norrathep Rattanavipanon, and Gene Tsudik",
        "year": 2017,
        "status": "Published",
        "venue": "ACM Asia Conference on Computer and Communications Security (AsiaCCS)",
        "venue_url": null,
        "topic": "secure-systems-networks",
        "labels": ["Applied","System","Implementation"],
        "ai_ml_labels": null,
        "contribution_types": ["protocol"],
        "tags": ["swarm attestation","IoT","embedded systems"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "The paper brings remote attestation from one embedded device to a mobile swarm by defining Quality of Swarm Attestation, a metric for how much integrity information a protocol reveals. It then designs two lightweight LISA protocols with different assurance and cost tradeoffs, analyzes their security, and validates them with prototypes and experiments.",
        "availability": null,
        "resources": {"id":33,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1145/3052973.3053010"}],"archive":[{"label":"NSF Public Access","url":"https://par.nsf.gov/servlets/purl/10063091"}],"author":[{"label":"UCI author copy","url":"https://sprout.ics.uci.edu/projects/attestation/papers/lisa.pdf"},{"label":"Author-hosted PDF","url":"/pubs/2017/lisa-asiaccs2017.pdf"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-33.json"
      },
    
      
      
      
      
      
      
      {
        "id": 34,
        "stable_id": "paper-34",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-34/",
        "title": "Proactively Secure Cloud-Enabled Storage",
        "authors": "Karim Eldefrawy, Sky Faber, and Tyler Kaczmarek",
        "year": 2017,
        "status": "Published",
        "venue": "37th IEEE International Conference on Distributed Computing Systems (ICDCS)",
        "venue_url": null,
        "topic": "secure-systems-networks",
        "labels": ["Theory","Applied","System","Implementation"],
        "ai_ml_labels": null,
        "contribution_types": ["protocol"],
        "tags": ["cloud storage","proactive secret sharing"],
        "abstract": "Attacking cloud-enabled storage is becoming increasingly lucrative as more personal and enterprise data moves to the cloud. Traditional security mechanisms temporarily limit such attacks, but over a long period of time attackers will eventually find vulnerabilities; this can lead to compromising large amounts of valuable data and lead to large-scale privacy breaches. This paper addresses this problem by incorporating proactive security guarantees into cloud-enabled storage. Proactive security deals with an adversary’s ability to eventually compromise all involved servers in a distributed storage or computation system. While there are several proactively secure secret sharing protocols that can be used to improve confidentiality of data stored in the cloud, their high overhead has traditionally limited them to less than ten parties and to only 100s of bytes typical for cryptographic keys. Realizing proactively secure cloud storage for larger data (e.g, MBs) requires careful design and calibration of system parameters, and faces several challenges. In this paper we design, implement and assess performance of the first system for Proactively Secure Cloud-Enabled Storage (PiSCES) of data larger than cryptographic keys. Based on our practical performance results we advocate that the high level of resilience and long-term security and confidentiality guarantees enabled by proactive security should be considered in future distributed and cloud-based storage and computing services.",
        "abstract_kind": "Full paper abstract",
        "abstract_review_status": "extracted_from_author_full_text_route",
        "abstract_added_at": "2026-07-11",
        "abstract_note": "Transcribed from the public author-uploaded full text; only typography, discretionary hyphenation, and line-break artifacts were normalized. Source forms such as '100s of bytes' and '(e.g, MBs)' are retained. Local file fixity has not been recorded.",
        "abstract_source_url": "https://www.researchgate.net/publication/315452578_Proactively_Secure_Cloud-Enabled_Storage",
        "summary": "The paper designs and implements PiSCES, a cloud-storage system that periodically refreshes secret shares so data can stay confidential even if an attacker compromises different servers over time. Its evaluation shows that proactive protection can scale beyond tiny cryptographic keys to larger files and tens of commodity cloud servers at practical cost.",
        "availability": null,
        "resources": {"id":34,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1109/ICDCS.2017.293"}],"archive":[],"author":[{"label":"ResearchGate author full text","url":"https://www.researchgate.net/publication/315452578_Proactively_Secure_Cloud-Enabled_Storage"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-34.json"
      },
    
      
      
      
      
      
      
      {
        "id": 35,
        "stable_id": "paper-35",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-35/",
        "title": "Efficient, Reusable Fuzzy Extractors from LWE",
        "authors": "Daniel Apon, Chongwon Cho, Karim Eldefrawy, and Jonathan Katz",
        "year": 2017,
        "status": "Published",
        "venue": "International Symposium on Cyber Security Cryptography and Machine Learning (CSCML)",
        "venue_url": null,
        "topic": "algorithms-foundations",
        "labels": ["Theory"],
        "ai_ml_labels": null,
        "contribution_types": ["primitive","scheme"],
        "tags": ["fuzzy extractors","biometrics","LWE"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "The paper studies fuzzy extractors that repeatedly derive stable cryptographic keys from noisy biometric readings without letting multiple public helper strings leak the biometric. It breaks the claimed reusability of an earlier LWE construction, repairs it for weak reuse, and gives both generic and direct strongly reusable constructions, including one without random oracles.",
        "availability": null,
        "resources": {"id":35,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1007/978-3-319-60080-2_1"}],"archive":[{"label":"IACR ePrint","url":"https://eprint.iacr.org/2017/755"}],"author":[{"label":"UMD author copy","url":"https://www.cs.umd.edu/~jkatz/papers/reusable-FE.pdf"},{"label":"Author-hosted PDF","url":"/pubs/2017/reusable-fuzzy-extractors-lwe-cscml2017.pdf"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-35.json"
      },
    
      
      
      
      
      
      
      {
        "id": 36,
        "stable_id": "paper-36",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-36/",
        "title": "Brief Announcement: Secure Self-Stabilizing Computation",
        "authors": "Shlomi Dolev, Karim Eldefrawy, Juan A. Garay, Muni Venkateswarlu Kumaramangalam, Rafail Ostrovsky, and Moti Yung",
        "year": 2017,
        "status": "Published · brief announcement",
        "venue": "ACM Symposium on Principles of Distributed Computing (PODC)",
        "venue_url": null,
        "topic": "secure-encrypted-computation",
        "labels": ["Theory"],
        "ai_ml_labels": null,
        "contribution_types": ["protocol","algorithm"],
        "tags": ["self-stabilization","secure multiparty computation"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "The paper defines secure self-stabilizing computation, in which a distributed system recovers not only correct operation but also privacy and integrity after even a temporary compromise of every component. It demonstrates the idea with a jointly computed finite-state machine that autonomously restores secure MPC guarantees once enough parties recover and the Byzantine threshold is again satisfied.",
        "availability": null,
        "resources": {"id":36,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1145/3087801.3087864"}],"archive":[],"author":[{"label":"Author-hosted paper","url":"https://web.cs.ucla.edu/~rafail/PUBLIC/204.pdf"},{"label":"Author-hosted PDF","url":"/pubs/2017/secure-self-stabilizing-computation-podc2017-brief.pdf"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-36.json"
      },
    
      
      
      
      
      
      
      {
        "id": 37,
        "stable_id": "paper-37",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-37/",
        "title": "HYDRA: Hybrid Design for Remote Attestation Using a Formally Verified Microkernel",
        "authors": "Karim Eldefrawy, Norrathep Rattanavipanon, and Gene Tsudik",
        "year": 2017,
        "status": "Published",
        "venue": "10th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec)",
        "venue_url": null,
        "topic": "secure-systems-networks",
        "labels": ["Applied","System","Implementation","Formal Verification"],
        "ai_ml_labels": null,
        "contribution_types": ["protocol"],
        "tags": ["remote attestation","seL4","embedded systems"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "HYDRA is the first hybrid remote-attestation design to use the formally verified seL4 microkernel for memory isolation, protection, and access control instead of extensive custom hardware. Implementations on commodity boards show the approach is practical, attesting 10 MB of memory in under 250 ms with the fastest tested checksum.",
        "availability": null,
        "resources": {"id":37,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1145/3098243.3098261"}],"archive":[{"label":"arXiv","url":"https://arxiv.org/abs/1703.02688"}],"author":[{"label":"UCI author copy","url":"https://sprout.ics.uci.edu/projects/attestation/papers/hydra.pdf"},{"label":"Author-hosted PDF","url":"/pubs/2017/hydra-wisec2017.pdf"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-37.json"
      },
    
      
      
      
      
      
      
      {
        "id": 38,
        "stable_id": "paper-38",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-38/",
        "title": "Fusing Hybrid Remote Attestation with a Formally Verified Microkernel: Lessons Learned",
        "authors": "Karim Eldefrawy, Norrathep Rattanavipanon, and Gene Tsudik",
        "year": 2017,
        "status": "Published · experience paper",
        "venue": "47th IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W)",
        "venue_url": null,
        "topic": "secure-systems-networks",
        "labels": ["Applied","System","Implementation","Formal Verification"],
        "ai_ml_labels": null,
        "contribution_types": ["protocol"],
        "tags": ["remote attestation","seL4","lessons learned"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "This experience paper presents the HYDRA design and reports the engineering lessons involved in combining remote attestation with the formally verified seL4 microkernel. Its commodity-board prototype attests 10 MB in under 500 ms and highlights practical issues such as secure boot, trustworthy time, and cryptographic checksum selection.",
        "availability": null,
        "resources": {"id":38,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1109/DSN-W.2017.31"}],"archive":[],"author":[{"label":"UCI author copy","url":"https://ics.uci.edu/~gts/paps/hydra-dsn17.pdf"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-38.json"
      },
    
      
      
      
      
      
      
      {
        "id": 39,
        "stable_id": "paper-39",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-39/",
        "title": "Security Threats, Defenses, and Recommended Practices for Enterprise Mobility",
        "authors": "Karim Eldefrawy and Vincent Sritapan",
        "year": 2018,
        "status": "Published · public full text not located",
        "venue": "Information Systems Security Association (ISSA) Journal, Volume 16, Number 5",
        "venue_url": null,
        "topic": "secure-systems-networks",
        "labels": ["Perspective"],
        "ai_ml_labels": null,
        "contribution_types": [],
        "tags": ["enterprise mobility","security guidance"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "Based on the title and bibliographic context, this article appears to survey risks created by enterprise use of mobile devices and map them to available defenses. No public full text was available to verify a more detailed description of its recommendations.",
        "availability": "Public full text not located; the link is a publisher bibliographic listing.",
        "resources": {"id":39,"official":[{"label":"Publisher bibliography","url":"https://www.members.issa.org/page/journal-authors-2018"}],"archive":[],"author":[]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "metadata_only_full_text_unavailable",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-39.json"
      },
    
      
      
      
      
      
      
      {
        "id": 40,
        "stable_id": "paper-40",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-40/",
        "title": "BlockCIS: A Blockchain-Based Cyber Insurance System",
        "authors": "Tancrède Lepoint, Gabriela F. Ciocarlie, and Karim Eldefrawy",
        "year": 2018,
        "status": "Published",
        "venue": "IEEE International Conference on Cloud Engineering (IC2E), BAT workshop track",
        "venue_url": null,
        "topic": "secure-systems-networks",
        "labels": ["Applied","System","Implementation"],
        "ai_ml_labels": null,
        "contribution_types": ["protocol"],
        "tags": ["cyber insurance","blockchain","security monitoring"],
        "abstract": "While the cyber insurance market has been growing significantly in recent years, its insurance providers face several challenges: first, there is a lack of standardized frameworks to rate “cyber”; second, there’s a shortage of relevant data to calculate premiums; and third, security postures of insured organizations constantly change. Unlike other types of insurance, cyber insurance requires creating a continuous feedback loop between customers and insurers. In this article, we introduce BlockCIS, a blockchain-based continuous monitoring and processing system for cyber insurance. BlockCIS aims to realize an automated, real-time, and immutable feedback loop between the insurer, its customer, third parties and potential auditors. As an example instantiation, we prototype BlockCIS using the open source Hyperledger blockchain framework.",
        "abstract_kind": "Full paper abstract",
        "abstract_review_status": "extracted_from_author_full_text_route",
        "abstract_added_at": "2026-07-11",
        "abstract_note": "Transcribed from the public author-uploaded full text; only typography, discretionary hyphenation, and line-break artifacts were normalized. Local file fixity has not been recorded.",
        "abstract_source_url": "https://www.researchgate.net/profile/Karim-Eldefrawy-2/publication/325207891_BlockCIS-A_Blockchain-Based_Cyber_Insurance_System/links/5b43d703aca2728a0d6896db/BlockCIS-A-Blockchain-Based-Cyber-Insurance-System.pdf",
        "summary": "BlockCIS uses a permissioned blockchain to create an auditable feedback loop among insured organizations, insurers, third-party security services, and auditors. Its Hyperledger prototype supports continuous security monitoring, immutable evidence, and insurance terms that can respond to an organization's changing security posture.",
        "availability": null,
        "resources": {"id":40,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1109/IC2E.2018.00072"}],"archive":[],"author":[{"label":"ResearchGate author-uploaded PDF","url":"https://www.researchgate.net/profile/Karim-Eldefrawy-2/publication/325207891_BlockCIS-A_Blockchain-Based_Cyber_Insurance_System/links/5b43d703aca2728a0d6896db/BlockCIS-A-Blockchain-Based-Cyber-Insurance-System.pdf"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-40.json"
      },
    
      
      
      
      
      
      
      {
        "id": 41,
        "stable_id": "paper-41",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-41/",
        "title": "Temporal Consistency of Integrity-Ensuring Computations and Applications to Embedded Systems Security",
        "authors": "Xavier Carpent, Karim Eldefrawy, Norrathep Rattanavipanon, and Gene Tsudik",
        "year": 2018,
        "status": "Published",
        "venue": "ACM Asia Conference on Computer and Communications Security (AsiaCCS)",
        "venue_url": null,
        "topic": "secure-systems-networks",
        "labels": ["Theory","Applied"],
        "ai_ml_labels": null,
        "contribution_types": ["protocol","scheme"],
        "tags": ["temporal consistency","embedded systems","integrity"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "This paper formalizes the requirement that an interruptible integrity computation correspond to an input state that actually existed at some point in time. It demonstrates attacks caused by inconsistent inputs and evaluates several enforcement mechanisms on commodity embedded platforms.",
        "availability": null,
        "resources": {"id":41,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1145/3196494.3196526"}],"archive":[],"author":[{"label":"Author-hosted paper","url":"https://sprout.ics.uci.edu/projects/attestation/papers/consistency.pdf"},{"label":"Author-hosted PDF","url":"/pubs/2018/temporal-consistency-asiaccs2018.pdf"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-41.json"
      },
    
      
      
      
      
      
      
      {
        "id": 42,
        "stable_id": "paper-42",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-42/",
        "title": "Reconciling Remote Attestation and Safety-Critical Operation on Simple IoT Devices",
        "authors": "Xavier Carpent, Karim Eldefrawy, Norrathep Rattanavipanon, Ahmad-Reza Sadeghi, and Gene Tsudik",
        "year": 2018,
        "status": "Published · invited paper",
        "venue": "55th Design Automation Conference (DAC)",
        "venue_url": null,
        "topic": "secure-systems-networks",
        "labels": ["Theory"],
        "ai_ml_labels": null,
        "contribution_types": ["protocol"],
        "tags": ["remote attestation","safety-critical systems","IoT"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "This paper examines the conflict between atomic remote-attestation scans and devices that must remain available for safety-critical work. It analyzes transient and relocating malware and explores periodic measurement, shuffled traversal, interruptible attestation, and memory-locking mitigations.",
        "availability": null,
        "resources": {"id":42,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1145/3195970.3199853"}],"archive":[{"label":"NSF Public Access","url":"https://par.nsf.gov/servlets/purl/10063867"}],"author":[{"label":"UCI author copy","url":"https://sprout.ics.uci.edu/projects/attestation/papers/reconcile-ra-safety.pdf"},{"label":"Author-hosted PDF","url":"/pubs/2018/reconcile-ra-safety-dac2018.pdf"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-42.json"
      },
    
      
      
      
      
      
      
      {
        "id": 43,
        "stable_id": "paper-43",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-43/",
        "title": "Secure Non-Interactive User Re-Enrollment in Biometrics-Based Identification and Authentication Systems",
        "authors": "Ivan De Oliveira Nunes, Karim Eldefrawy, and Tancrède Lepoint",
        "year": 2018,
        "status": "Published · conference version",
        "venue": "2nd International Symposium on Cyber Security, Cryptography and Machine Learning (CSCML)",
        "venue_url": null,
        "topic": "privacy-identity",
        "labels": ["Theory","Applied"],
        "ai_ml_labels": null,
        "contribution_types": ["protocol"],
        "tags": ["biometrics","secure computation","re-enrollment"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "This conference paper introduces SNUSE, which uses secret sharing and MPC to regenerate biometric helper data without requiring users to appear and enroll again. Fingerprint and iris experiments show that large batches can be re-enrolled quickly while preserving authentication accuracy.",
        "availability": null,
        "resources": {"id":43,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1007/978-3-319-94147-9_13"}],"archive":[],"author":[{"label":"Author-hosted paper","url":"https://sprout.ics.uci.edu/people/ivan/pubs/2018_snuse.pdf"},{"label":"Author-hosted PDF","url":"/pubs/2018/snuse-cscml2018.pdf"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-43.json"
      },
    
      
      
      
      
      
      
      {
        "id": 44,
        "stable_id": "paper-44",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-44/",
        "title": "Proactive Secure Multiparty Computation with a Dishonest Majority",
        "authors": "Karim Eldefrawy, Rafail Ostrovsky, Sunoo Park, and Moti Yung",
        "year": 2018,
        "status": "Published",
        "venue": "11th Conference on Security and Cryptography for Networks (SCN)",
        "venue_url": null,
        "topic": "secure-encrypted-computation",
        "labels": ["Theory"],
        "ai_ml_labels": null,
        "contribution_types": ["protocol"],
        "tags": ["proactive MPC","dishonest majority"],
        "abstract": "Secure multiparty computation (MPC) protocols enable n distrusting parties to perform computations on their private inputs while guaranteeing confidentiality of inputs (and outputs, if desired) and correctness of the computation, as long as no adversary corrupts more than a threshold t of the n parties. Existing MPC protocols assure perfect security for t ≤ ⌈n/2⌉ − 1 active corruptions with termination (i.e., robustness), or up to t = n − 1 under cryptographic assumptions (with detection of misbehaving parties). However, when computations involve secrets that have to remain confidential for a long time such as cryptographic keys, or when dealing with strong and persistent adversaries, such security guarantees are not enough. In these situations, all parties may be corrupted over the lifetime of the secrets used in the computation, and the threshold t may be violated over time (even as portions of the network are being repaired or cleaned up). Proactive MPC (PMPC) addresses this stronger threat model: it guarantees correctness and input privacy in the presence of a mobile adversary that controls a changing set of parties over the course of a protocol, and could corrupt all parties over the lifetime of the computation, as long as no more than t are corrupted in each time window (called a refresh period). The threshold t in PMPC represents a tradeoff between the adversary’s penetration rate and the cleaning speed of the defense tools (or rebooting of nodes from a clean image), rather than being an absolute bound on corruptions. Prior PMPC protocols only guarantee correctness and confidentiality in the presence of an honest majority of parties, an adversary that corrupts even a single additional party beyond the n/2 − 1 threshold, even if only passively and temporarily, can learn all the inputs and outputs; and if the corruption is active rather than passive, then the adversary can even compromise the correctness of the computation. In this paper, we present the first feasibility result for constructing a PMPC protocol secure against a dishonest majority. To this end, we develop a new PMPC protocol, robust and secure against t < n − 2 passive corruptions when there are no active corruptions, and secure but non-robust (but with identifiable aborts) against t < n/2 − 1 active corruptions when there are no passive corruptions. Moreover, our protocol is secure (with identifiable aborts) against mixed adversaries controlling, both, passively and actively corrupted parties, provided that if there are k active corruptions, there are less than n − k − 1 total corruptions.",
        "abstract_kind": "Full paper abstract",
        "abstract_review_status": "extracted_from_author_full_text_route",
        "abstract_added_at": "2026-07-11",
        "abstract_note": "Transcribed from the public author-uploaded full text and cross-checked against the official Springer abstract; mathematical notation was normalized to plain Unicode and display line-break artifacts were removed. Local file fixity has not been recorded.",
        "abstract_source_url": "https://www.researchgate.net/profile/Karim-Eldefrawy-2/publication/325722786_Proactive_Secure_Multiparty_Computation_with_a_Dishonest_Majority/links/5b2f64a00f7e9b0df5c35611/Proactive-Secure-Multiparty-Computation-with-a-Dishonest-Majority.pdf",
        "summary": "This paper gives the first feasibility result for proactive MPC when a mobile adversary can control a dishonest majority over the system's lifetime. The protocol provides strong passive-corruption resilience and identifiable aborts under active or mixed corruptions, rather than unconditional robustness in every case.",
        "availability": null,
        "resources": {"id":44,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1007/978-3-319-98113-0_11"}],"archive":[],"author":[{"label":"ResearchGate author-uploaded PDF","url":"https://www.researchgate.net/profile/Karim-Eldefrawy-2/publication/325722786_Proactive_Secure_Multiparty_Computation_with_a_Dishonest_Majority/links/5b2f64a00f7e9b0df5c35611/Proactive-Secure-Multiparty-Computation-with-a-Dishonest-Majority.pdf"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "abstract_and_primary_lineage_only",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-44.json"
      },
    
      
      
      
      
      
      
      {
        "id": 45,
        "stable_id": "paper-45",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-45/",
        "title": "Theoretical Foundations for Mobile Target Defense: Proactive Secret Sharing and Secure Multiparty Computation",
        "authors": "Karim Eldefrawy, Rafail Ostrovsky, and Moti Yung",
        "year": 2018,
        "status": "Published · book chapter",
        "venue": "From Database to Cyber Security",
        "venue_url": null,
        "topic": "secure-encrypted-computation",
        "labels": ["Theory"],
        "ai_ml_labels": null,
        "contribution_types": ["protocol","scheme"],
        "tags": ["moving-target defense","proactive security","MPC"],
        "abstract": "One option to instantiate Mobile Target Defense (MTD) [JGS+11] strategies in distributed storage and computing systems is to design such systems from the ground up using cryptographic techniques such as secret sharing (SS) and secure multiparty computation (MPC). In standard SS a dealer shares a secret s among n parties such that an adversary corrupting no more than t parties does not learn s, while any t + 1 parties can efficiently recover s. MPC protocols based on secret sharing allow one to perform computations on such secret shared data without requiring reconstructing the data at a central location. MPC thus enables a set of distrusting parties to perform computation on their secret shared data while guaranteeing secrecy of their inputs and outputs, and correctness of the computation, also as long as no more than t parties are corrupted. Over a long period of time all parties may be corrupted and the threshold t may be violated, which is accounted for in proactively secure protocols such as Proactive Secret Sharing (PSS) and Proactive MPC (PMPC). Proactive security is an example of a cryptographically grounded and theoretically well-studied approach to realize MTD. PSS retains confidentiality even when a mobile adversary corrupts all parties over the lifetime of the secret, but no more than a threshold t during a certain window of time, called the refresh period. As an example of a proactively secure protocol that realizes an MTD strategy we overview the first PSS scheme secure in the presence of a dishonest majority (developed recently in [DEL+16]). The PSS scheme is robust and secure against t < n − 2 passive adversaries when there are no active corruptions, and secure but non-robust (but with identifiable aborts) against t < n/2 − 1 active adversaries when there are no additional passive corruptions. The scheme is also secure (with identifiable aborts) against mixed adversaries controlling a combination of passively and actively corrupted parties such that if there are k active corruptions there are less than n − k − 2 total corruptions.",
        "abstract_kind": "Full paper abstract",
        "abstract_review_status": "extracted_from_author_full_text_route",
        "abstract_added_at": "2026-07-11",
        "abstract_note": "Transcribed from the public author-uploaded full text; display typography and line-break artifacts were normalized, and the author-version bibliography keys were retained. Local file fixity has not been recorded.",
        "abstract_source_url": "https://www.researchgate.net/profile/Karim-Eldefrawy-2/publication/324897081_Theoretical_Foundations_for_Mobile_Target_Defense_Proactive_Secret_Sharing_and_Secure_Multiparty_Computation/links/5bf2178ca6fdcc3a8de0e245/Theoretical-Foundations-for-Mobile-Target-Defense-Proactive-Secret-Sharing-and-Secure-Multiparty-Computation.pdf",
        "summary": "This chapter explains how proactive secret sharing and proactive MPC realize moving-target defense by periodically replacing the information available to a mobile attacker. It surveys dishonest-majority constructions, their resilience guarantees, and open problems in communication, asynchrony, and dynamic participation.",
        "availability": null,
        "resources": {"id":45,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1007/978-3-030-04834-1_23"}],"archive":[],"author":[{"label":"ResearchGate author-uploaded PDF","url":"https://www.researchgate.net/profile/Karim-Eldefrawy-2/publication/324897081_Theoretical_Foundations_for_Mobile_Target_Defense_Proactive_Secret_Sharing_and_Secure_Multiparty_Computation/links/5bf2178ca6fdcc3a8de0e245/Theoretical-Foundations-for-Mobile-Target-Defense-Proactive-Secret-Sharing-and-Secure-Multiparty-Computation.pdf"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "abstract_and_primary_lineage_only",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-45.json"
      },
    
      
      
      
      
      
      
      {
        "id": 46,
        "stable_id": "paper-46",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-46/",
        "title": "PURE: Using Verified Remote Attestation to Obtain Proofs of Update, Reset and Erasure in Low-End Embedded Systems",
        "authors": "Ivan De Oliveira Nunes, Karim Eldefrawy, Norrathep Rattanavipanon, and Gene Tsudik",
        "year": 2019,
        "status": "Published",
        "venue": "IEEE/ACM International Conference on Computer-Aided Design (ICCAD)",
        "venue_url": null,
        "topic": "secure-systems-networks",
        "labels": ["Theory","Applied"],
        "ai_ml_labels": null,
        "contribution_types": ["protocol"],
        "tags": ["remote attestation","secure updates","embedded systems"],
        "abstract": "Remote Attestation (RA) is a security service that enables a trusted verifier (Vrf) to measure current memory state of an untrusted remote prover (Prv). If correctly implemented, RA allows Vrf to remotely detect if Prv’s memory reflects a compromised state. However, RA by itself offers no means of remedying the situation once Prv is determined to be compromised. In this work we show how a secure RA architecture can be extended to enable important and useful security services for low-end embedded devices. In particular, we extend the formally verified RA architecture, VRASED, to implement provably secure software update, erasure, and system-wide resets. When (serially) composed, these features guarantee to Vrf that a remote Prv has been updated to a functional and malware-free state, and was properly initialized after such process. These services are provably secure against an adversary (represented by malware) that compromises Prv and exerts full control of its software state. Our results demonstrate that such services incur minimal additional overhead (0.4% extra hardware footprint, and 100-s milliseconds to generate combined proofs of update, erasure, and reset), making them practical even for the lowest-end embedded devices, e.g., those based on MSP430 or AVR ATMega micro-controller units (MCUs). All changes introduced by our new services to VRASED trusted components are also formally verified.",
        "abstract_kind": "Full paper abstract",
        "abstract_review_status": "extracted_from_checked_in_pdf",
        "abstract_added_at": "2026-07-11",
        "abstract_note": "Transcribed from the checked-in full-text PDF; calligraphic verifier/prover symbols were normalized to Vrf and Prv, and only typography, discretionary hyphenation, and line-break artifacts were otherwise normalized.",
        "abstract_source_url": "/pubs/2019/pure_iccad2019.pdf#page=1",
        "summary": "PURE extends verified remote attestation so a verifier can obtain trustworthy proofs that a compromised embedded device was updated, erased, and reset correctly. The added services remain secure under full software compromise and require very little additional hardware.",
        "availability": null,
        "resources": {"id":46,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1109/ICCAD45719.2019.8942118"}],"archive":[],"author":[{"label":"Author-hosted PDF","url":"/pubs/2019/pure_iccad2019.pdf"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-46.json"
      },
    
      
      
      
      
      
      
      {
        "id": 47,
        "stable_id": "paper-47",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-47/",
        "title": "Opinion: Advancing Remote Attestation via Computer-Aided Formal Verification of Designs and Synthesis of Executables",
        "authors": "Karim Eldefrawy and Gene Tsudik",
        "year": 2019,
        "status": "Published · opinion paper",
        "venue": "12th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec)",
        "venue_url": null,
        "topic": "secure-systems-networks",
        "labels": ["Perspective"],
        "ai_ml_labels": null,
        "contribution_types": [],
        "tags": ["remote attestation","formal verification","program synthesis"],
        "abstract": "Remote Attestation (RA) of embedded/smart/IoT devices is a very important issue on today’s security landscape. RA enables a verifier to measures the current internal memory state of an untrusted remote device (prover). RA helps the verifier establish a static or dynamic root of trust in prover. Despite much prior work, state-of-the-art RA techniques unfortunately still lack any solid foundation and offer no ironclad security, safety or robustness guarantees. This paper argues that computer-aided formal verification, and synthesis of executables, of RA protocols and hybrid (software-hardware) architectures is required and currently unaddressed. We believe that this is achievable with current (computer-aided) formal methods frameworks and tools, and that this can help advance and mature RA research if used to establish more rigorous and clear security arguments. To support our opinion, we highlight several examples where subtle issues were missed in the design and security analysis of RA techniques. Despite deceptive simplicity of such protocols, manual analyses and ad hoc implementations often lead to over-simplification of (and subsequent glossing over) important details in the underlying processor and system architectures. Computer-aided formal verification forces a more scrupulous and disciplined consideration of such details, since, otherwise, verification simply fails. The key objective of the research direction we propose is to increase confidence in correctness and security guarantees of current and future RA techniques and their implementations.",
        "abstract_kind": "Full paper abstract",
        "abstract_review_status": "extracted_from_checked_in_pdf",
        "abstract_added_at": "2026-07-11",
        "abstract_note": "Transcribed from the checked-in full-text PDF; only typography, discretionary hyphenation, and line-break artifacts were normalized.",
        "abstract_source_url": "/pubs/2019/ra-opinion_wisec2019.pdf#page=1",
        "summary": "This position paper argues that remote-attestation designs and implementations need computer-aided verification and correct-by-construction synthesis. Examples from prior systems illustrate how manual reasoning can miss processor-level details that invalidate apparently simple security arguments.",
        "availability": null,
        "resources": {"id":47,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1145/3317549.3323403"}],"archive":[{"label":"NSF Public Access","url":"https://par.nsf.gov/servlets/purl/10121392"}],"author":[{"label":"Author-hosted PDF","url":"/pubs/2019/ra-opinion_wisec2019.pdf"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-47.json"
      },
    
      
      
      
      
      
      
      {
        "id": 48,
        "stable_id": "paper-48",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-48/",
        "title": "SNUSE: A Secure Computation Approach for Large-Scale User Re-Enrollment in Biometric Authentication Systems",
        "authors": "Ivan De Oliveira Nunes, Karim Eldefrawy, and Tancrède Lepoint",
        "year": 2019,
        "status": "Published · journal article",
        "venue": "Future Generation Computer Systems, Volume 98",
        "venue_url": null,
        "topic": "privacy-identity",
        "labels": ["Theory","Applied"],
        "ai_ml_labels": null,
        "contribution_types": ["protocol"],
        "tags": ["biometrics","secure computation","re-enrollment"],
        "abstract": "Recent years have witnessed an increasing demand for biometrics based identification, authentication and access control (BIA) systems, which offer convenience, ease of use, and (in some cases) improved security. In contrast to other methods, such as passwords or pins, BIA systems face new unique challenges; chiefly among them is ensuring long-term confidentiality of biometric data stored in backends, as such data has to be secured for the lifetime of an individual. Cryptographic approaches such as Fuzzy Extractors (FE) and Fuzzy Vaults (FV) have been developed to address this challenge. FE/FV do not require storing any biometric data in backends, and instead generate and store helper data that enables BIA when a new biometric reading is supplied. Security of FE/FV ensures that an adversary obtaining such helper data cannot (efficiently) learn the biometric. Relying on such cryptographic approaches raises the following question: what happens when helper data is lost or destroyed (e.g., due to a failure, or malicious activity), or when new helper data has to be generated (e.g., in response to a breach or to update the system)? Requiring a large number of users to physically re-enroll is impractical, and the literature falls short of addressing this problem. In this paper we develop SNUSE, a secure computation based approach for non-interactive re-enrollment of a large number of users in BIA systems. We prototype SNUSE to illustrate its feasibility, and evaluate its performance and accuracy on two biometric modalities, fingerprints and iris scans. Our results show that thousands of users can be securely re-enrolled in seconds without affecting the accuracy of the system.",
        "abstract_kind": "Full paper abstract",
        "abstract_review_status": "extracted_from_checked_in_pdf",
        "abstract_added_at": "2026-07-11",
        "abstract_note": "Transcribed from the checked-in full-text PDF; only typography, discretionary hyphenation, and line-break artifacts were normalized.",
        "abstract_source_url": "/pubs/2019/snuse_fgcs2019.pdf#page=1",
        "summary": "SNUSE distributes biometric templates across re-enrollment servers and uses secure computation to refresh authentication material without storing a complete template at any one server. Its fingerprint and iris prototypes re-enroll thousands of users in seconds without materially reducing matching accuracy.",
        "availability": null,
        "resources": {"id":48,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1016/j.future.2019.03.051"}],"archive":[],"author":[{"label":"Author-hosted PDF","url":"/pubs/2019/snuse_fgcs2019.pdf"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-48.json"
      },
    
      
      
      
      
      
      
      {
        "id": 49,
        "stable_id": "paper-49",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-49/",
        "title": "Longitudinal Analysis of Misuse of Bitcoin",
        "authors": "Karim Eldefrawy, Ashish Gehani, and Alexandre Matton",
        "year": 2019,
        "status": "Published",
        "venue": "17th International Conference on Applied Cryptography and Network Security (ACNS)",
        "venue_url": null,
        "topic": "secure-systems-networks",
        "labels": ["Applied"],
        "ai_ml_labels": null,
        "contribution_types": ["algorithm"],
        "tags": ["Bitcoin","measurement","dark web"],
        "abstract": "We conducted a longitudinal study to analyze the misuse of Bitcoin. We first investigated usage characteristics of Bitcoin by analyzing how many addresses each address transacts with (from January 2009 to May 2018). To obtain a quantitative estimate of the malicious activity that Bitcoin is associated with, we collected over 2.3 million candidate Bitcoin addresses, harvested from the dark web between June 2016 and December 2017. The Bitcoin addresses found on the dark web were labeled with tags that classified the activities associated with the onions that these addresses were collected from. The tags covered a wide range of activities, from suspicious to outright malicious or illegal. Of these addresses, only 47,697 have tags we consider indicative of suspicious or malicious activities. We saw a clear decline in the monthly number of Bitcoin addresses seen on the dark web in the periods coinciding with takedowns of known dark web markets. We also found interesting behavior that distinguishes the Bitcoin addresses collected from the dark web when compared to activity of a random address on the Bitcoin blockchain. For example, we found that Bitcoin addresses used on the dark web are more likely to be involved in mixing transactions. To identify mixing transactions, we developed a new heuristic that extends previously known ones. We found that Bitcoin addresses found on the dark web are significantly more active, they engage in transactions with 20 times the neighbors and 4 times the Bitcoin amounts when compared to random addresses. We also found that just 2,828 Bitcoin addresses are responsible for 99% of the Bitcoin value used on the dark web.",
        "abstract_kind": "Full paper abstract",
        "abstract_review_status": "extracted_from_checked_in_pdf",
        "abstract_added_at": "2026-07-11",
        "abstract_note": "Transcribed from the checked-in full-text PDF; only typography, paragraph joining, discretionary hyphenation, and line-break artifacts were normalized.",
        "abstract_source_url": "/pubs/2019/btc_acns2019.pdf#page=1",
        "summary": "This paper combines Bitcoin blockchain history with millions of candidate addresses collected from the dark web to quantify suspicious and malicious use over time. It develops mixing heuristics and finds that a small concentration of addresses accounts for most of the observed dark-web Bitcoin value.",
        "availability": null,
        "resources": {"id":49,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1007/978-3-030-21568-2_13"}],"archive":[],"author":[{"label":"Author-hosted PDF","url":"/pubs/2019/btc_acns2019.pdf"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-49.json"
      },
    
      
      
      
      
      
      
      {
        "id": 50,
        "stable_id": "paper-50",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-50/",
        "title": "VRASED: A Verified Hardware/Software Co-Design for Remote Attestation",
        "authors": "Ivan De Oliveira Nunes, Karim Eldefrawy, Norrathep Rattanavipanon, Michael Steiner, and Gene Tsudik",
        "year": 2019,
        "status": "Published",
        "venue": "28th USENIX Security Symposium",
        "venue_url": null,
        "topic": "secure-systems-networks",
        "labels": ["Applied","System","Implementation","Formal Verification"],
        "ai_ml_labels": null,
        "contribution_types": ["protocol"],
        "tags": ["remote attestation","formal verification","embedded systems","verified system","FPGA implementation"],
        "abstract": "Remote Attestation (RA) is a distinct security service that allows a trusted verifier (Vrf) to measure the software state of an untrusted remote prover (Prv). If correctly implemented, RA allows Vrf to remotely detect if Prv is in an illegal or compromised state. Although several RA approaches have been explored (including hardware-based, software-based, and hybrid) and many concrete methods have been proposed, comparatively little attention has been devoted to formal verification. In particular, thus far, no RA designs and no implementations have been formally verified with respect to claimed security properties. In this work, we take the first step towards formal verification of RA by designing and verifying an architecture called VRASED: Verifiable Remote Attestation for Simple Embedded Devices. VRASED instantiates a hybrid (HW/SW) RA co-design aimed at low-end embedded systems, e.g., simple IoT devices. VRASED provides a level of security comparable to HW-based approaches, while relying on SW to minimize additional HW costs. Since security properties must be jointly guaranteed by HW and SW, verification is a challenging task, which has never been attempted before in the context of RA. We believe that VRASED is the first formally verified RA scheme. To the best of our knowledge, it is also the first formal verification of a HW/SW co-design implementation of any security service. To demonstrate VRASED’s practicality and low overhead, we instantiate and evaluate it on a commodity platform (TI MSP430). VRASED was deployed using the Basys3 Artix-7 FPGA and its implementation is publicly available.",
        "abstract_kind": "Full paper abstract",
        "abstract_review_status": "extracted_from_checked_in_pdf",
        "abstract_added_at": "2026-07-11",
        "abstract_note": "Transcribed from the checked-in full-text PDF; calligraphic verifier/prover symbols were normalized to Vrf and Prv, and only typography, discretionary hyphenation, and line-break artifacts were otherwise normalized.",
        "abstract_source_url": "/pubs/2019/vrased_usenixsec2019.pdf#page=1",
        "summary": "VRASED is a formally specified and verified remote-attestation architecture for resource-constrained embedded devices. Its hardware/software split provides strong protection with limited hardware cost, and the authors demonstrate it on an MSP430-based FPGA implementation.",
        "availability": null,
        "resources": {"id":50,"official":[{"label":"USENIX paper page","url":"https://www.usenix.org/conference/usenixsecurity19/presentation/de-oliveira-nunes"}],"archive":[],"author":[{"label":"Author-hosted PDF","url":"/pubs/2019/vrased_usenixsec2019.pdf"}]},
        "knowledge_stage": "author_approved",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-50.json"
      },
    
      
      
      
      
      
      
      {
        "id": 51,
        "stable_id": "paper-51",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-51/",
        "title": "A High-Assurance Evaluator for Machine-Checked Secure Multiparty Computation",
        "authors": "Karim Eldefrawy and Vitor Pereira",
        "year": 2019,
        "status": "Published",
        "venue": "26th ACM Conference on Computer and Communications Security (CCS)",
        "venue_url": null,
        "topic": "secure-encrypted-computation",
        "labels": ["Theory","Applied"],
        "ai_ml_labels": null,
        "contribution_types": ["protocol","scheme"],
        "tags": ["secure multiparty computation","EasyCrypt","code extraction"],
        "abstract": "Secure Multiparty Computation (MPC) enables a group of n distrusting parties to jointly compute a function using private inputs. MPC guarantees correctness of computation and confidentiality of inputs if no more than a threshold t of the parties are corrupted. Proactive MPC (PMPC) addresses the stronger threat model of a mobile adversary that controls a changing set of parties (but only up to t at any instant), and may eventually corrupt all n parties over a long time. This paper takes a first stab at developing high-assurance implementations of (P)MPC. We formalize in EasyCrypt, a tool-assisted framework for building high-confidence cryptographic proofs, several abstract and reusable variations of secret sharing and of (P)MPC protocols building on them. Using those, we prove a series of abstract theorems for the proactive setting. We implement and perform computer-checked security proofs of concrete instantiations of the required (abstract) protocols in EasyCrypt. We also develop a new tool-chain to extract high-assurance executable implementations of protocols formalized and verified in EasyCrypt. Our tool-chain uses Why3 as an intermediate tool, and enables us to extract executable code from our (P)MPC formalizations. We conduct an evaluation of the extracted executables by comparing their performance to performance of manually implemented versions using Python-based Charm framework for prototyping cryptographic schemes. We argue that the small overhead of our high-assurance executables is a reasonable price to pay for the increased confidence about their correctness and security.",
        "abstract_kind": "Full paper abstract",
        "abstract_review_status": "extracted_from_checked_in_pdf",
        "abstract_added_at": "2026-07-11",
        "abstract_note": "Transcribed from the checked-in full-text PDF; only typography, discretionary hyphenation, and line-break artifacts were normalized.",
        "abstract_source_url": "/pubs/2019/verif-mpc_ccs2019.pdf#page=1",
        "summary": "This paper formalizes reusable secret-sharing and proactive MPC constructions in EasyCrypt and proves concrete instantiations with machine assistance. A Why3-based extraction toolchain turns the verified specifications into executable code with modest overhead relative to manually written implementations.",
        "availability": null,
        "resources": {"id":51,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1145/3319535.3354205"}],"archive":[{"label":"IACR ePrint","url":"https://eprint.iacr.org/2019/922"}],"author":[{"label":"Author-hosted PDF","url":"/pubs/2019/verif-mpc_ccs2019.pdf"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-51.json"
      },
    
      
      
      
      
      
      
      {
        "id": 52,
        "stable_id": "paper-52",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-52/",
        "title": "Communication-Efficient Proactive Secret Sharing for Dynamic Groups with Dishonest Majorities",
        "authors": "Karim Eldefrawy, Tancrède Lepoint, and Antonin Leroux",
        "year": 2020,
        "status": "Published",
        "venue": "18th International Conference on Applied Cryptography and Network Security (ACNS)",
        "venue_url": null,
        "topic": "secure-encrypted-computation",
        "labels": ["Theory"],
        "ai_ml_labels": null,
        "contribution_types": ["protocol","scheme"],
        "tags": ["proactive secret sharing","dynamic groups","dishonest majority"],
        "abstract": "In standard Secret Sharing (SS), a dealer shares a secret s among n parties such that an adversary corrupting no more than t parties does not learn s, while any t + 1 parties can efficiently recover s. Proactive Secret Sharing (PSS) retains confidentiality of s even when a mobile adversary corrupts all parties over the lifetime of the secret, but no more than a threshold t in each epoch (called a refresh period). Withstanding such adversaries has become of increasing importance with the emergence of settings where private (cryptographic) keys are secret shared and used to sign cryptocurrency transactions, among other applications. Feasibility of single-secret PSS for static groups with dishonest majorities was demonstrated but with a protocol that requires inefficient communication of O(n⁴). In this work, we improve over prior work in three directions: batching without incurring a linear loss in corruption threshold, communication efficiency, and handling dynamic groups. While each of properties we improve upon appeared independently in the context of PSS and in other previous work, handling them simultaneously (and efficiently) in a single scheme faces non-trivial challenges. Some PSS protocols can handle batching of ℓ ∼ n secrets, but all of them are for the honest majority setting. Techniques typically used to accomplish such batching decrease the tolerated corruption threshold bound by a linear factor in ℓ, effectively limiting the number of elements that can be batched with dishonest majority. We solve this problem by reducing the threshold decrease to √ℓ instead, allowing us to deal with the dishonest majority setting when ℓ ∼ n. This is accomplished based on new bivariate-polynomials-based techniques for sharing, and refreshing and recovering of shares, that allow batching of up to n − 2 secrets in our PSS. To tackle the efficiency bottleneck the constructed PSS protocol requires only O(n³/ℓ) communication for ℓ secrets, i.e., an amortized communication complexity of O(n²) when the maximum batch size is used. To handle dynamic groups we develop three new sub-protocols to deal with parties joining and leaving the group.",
        "abstract_kind": "Full paper abstract",
        "abstract_review_status": "extracted_from_checked_in_pdf",
        "abstract_added_at": "2026-07-11",
        "abstract_note": "Transcribed from the checked-in full-text PDF; mathematical symbols were normalized to plain Unicode, and only typography, discretionary hyphenation, and line-break artifacts were otherwise normalized.",
        "abstract_source_url": "/pubs/2020/pssdgdm_acns2020.pdf#page=1",
        "summary": "This paper refreshes long-lived secret shares against a mobile adversary even when group membership changes and a majority may be dishonest. Its batching and bivariate-sharing techniques substantially reduce communication and provide building blocks for later proactive MPC protocols.",
        "availability": null,
        "resources": {"id":52,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1007/978-3-030-57808-4_1"}],"archive":[{"label":"IACR ePrint","url":"https://eprint.iacr.org/2019/1383"}],"author":[{"label":"Author-hosted PDF","url":"/pubs/2020/pssdgdm_acns2020.pdf"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-52.json"
      },
    
      
      
      
      
      
      
      {
        "id": 53,
        "stable_id": "paper-53",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-53/",
        "title": "Towards Automated Augmentation and Instrumentation of Legacy Cryptographic Executables",
        "authors": "Karim Eldefrawy, Michael E. Locasto, Norrathep Rattanavipanon, and Hassen Saïdi",
        "year": 2020,
        "status": "Published",
        "venue": "18th International Conference on Applied Cryptography and Network Security (ACNS)",
        "venue_url": null,
        "topic": "secure-systems-networks",
        "labels": ["Applied"],
        "ai_ml_labels": null,
        "contribution_types": ["algorithm"],
        "tags": ["binary instrumentation","legacy cryptography","automation"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "This paper presents ALICE, a toolchain that locates weak cryptographic primitives in binaries and replaces them without requiring source code or debugging symbols. Experiments show that it can replace insecure hash functions in real programs while preserving behavior and adding little runtime overhead.",
        "availability": null,
        "resources": {"id":53,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1007/978-3-030-57878-7_18"}],"archive":[{"label":"arXiv extended version","url":"https://arxiv.org/abs/2004.09713"}],"author":[{"label":"UCI author copy","url":"https://sprout.ics.uci.edu/pubs/augmented2020.pdf"},{"label":"Author-hosted extended version","url":"/pubs/2020/alice-acns2020-extended.pdf"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-53.json"
      },
    
      
      
      
      
      
      
      {
        "id": 54,
        "stable_id": "paper-54",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-54/",
        "title": "APEX: A Verified Architecture for Proofs of Execution on Remote Devices Under Full Software Compromise",
        "authors": "Ivan De Oliveira Nunes, Karim Eldefrawy, Norrathep Rattanavipanon, and Gene Tsudik",
        "year": 2020,
        "status": "Published",
        "venue": "29th USENIX Security Symposium",
        "venue_url": null,
        "topic": "secure-systems-networks",
        "labels": ["Theory","Applied"],
        "ai_ml_labels": null,
        "contribution_types": ["protocol","primitive"],
        "tags": ["proofs of execution","remote attestation","embedded systems"],
        "abstract": "Modern society is increasingly surrounded by, and is growing accustomed to, a wide range of Cyber-Physical Systems (CPS), Internet-of-Things (IoT), and smart devices. They often perform safety-critical functions, e.g., personal medical devices, automotive CPS as well as industrial and residential automation, e.g., sensor-alarm combinations. On the lower end of the scale, these devices are small, cheap and specialized sensors and/or actuators. They tend to host small anemic CPUs, have small amounts of memory and run simple software. If such devices are left unprotected, consequences of forged sensor readings or ignored actuation commands can be catastrophic, particularly, in safety-critical settings. This prompts the following three questions: (1) How to trust data produced, or verify that commands were performed, by a simple remote embedded device?, (2) How to bind these actions/results to the execution of expected software? and, (3) Can (1) and (2) be attained even if all software on a device can be modified and/or compromised? In this paper we answer these questions by designing, demonstrating security of, and formally verifying, APEX: an Architecture for Provable Execution. To the best of our knowledge, this is the first of its kind result for low-end embedded systems. Our work has a range of applications, especially, authenticated sensing and trustworthy actuation, which are increasingly relevant in the context of safety-critical systems. APEX is publicly available and our evaluation shows that it incurs low overhead, affordable even for very low-end embedded devices, e.g., those based on TI MSP430 or AVR ATmega processors.",
        "abstract_kind": "Full paper abstract",
        "abstract_review_status": "extracted_from_checked_in_pdf",
        "abstract_added_at": "2026-07-11",
        "abstract_note": "Transcribed from the checked-in full-text PDF; only typography, discretionary hyphenation, and line-break artifacts were normalized. Unusual source punctuation in the three numbered questions is preserved.",
        "abstract_source_url": "/pubs/2020/apex_usenixsec2020.pdf#page=1",
        "summary": "APEX lets a low-end remote device produce an unforgeable proof that specified software executed successfully and optionally generated a particular authenticated output. Its security architecture is formally verified and incurs low overhead even on MSP430- and AVR-class devices.",
        "availability": null,
        "resources": {"id":54,"official":[{"label":"USENIX paper page","url":"https://www.usenix.org/conference/usenixsecurity20/presentation/nunes"}],"archive":[{"label":"USENIX prepublication","url":"https://www.usenix.org/system/files/sec20fall_nunes_prepub.pdf"}],"author":[{"label":"Author-hosted PDF","url":"/pubs/2020/apex_usenixsec2020.pdf"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-54.json"
      },
    
      
      
      
      
      
      
      {
        "id": 55,
        "stable_id": "paper-55",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-55/",
        "title": "Communication-Efficient (Proactive) Secure Computation for Dynamic General Adversary Structures and Dynamic Groups",
        "authors": "Karim Eldefrawy, Seoyeon Hwang, Rafail Ostrovsky, and Moti Yung",
        "year": 2020,
        "status": "Published",
        "venue": "12th Conference on Security and Cryptography for Networks (SCN)",
        "venue_url": null,
        "topic": "secure-encrypted-computation",
        "labels": ["Theory"],
        "ai_ml_labels": null,
        "contribution_types": ["protocol"],
        "tags": ["proactive MPC","general adversary structures","dynamic groups"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "This paper designs proactive MPC for changing groups and non-threshold corruption patterns described by dynamic general adversary structures. Efficient conversions between additive sharing and monotone-span-program sharing support refreshing, recovery, membership changes, and adaptation to the current threat structure.",
        "availability": null,
        "resources": {"id":55,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1007/978-3-030-57990-6_6"}],"archive":[{"label":"IACR ePrint","url":"https://eprint.iacr.org/2020/747"}],"author":[]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-55.json"
      },
    
      
      
      
      
      
      
      {
        "id": 56,
        "stable_id": "paper-56",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-56/",
        "title": "Optimizing Registration Based Encryption",
        "authors": "Kelong Cong, Karim Eldefrawy, and Nigel P. Smart",
        "year": 2021,
        "status": "Published",
        "venue": "18th IMA International Conference on Cryptography and Coding (IMACC)",
        "venue_url": null,
        "topic": "algorithms-foundations",
        "labels": ["Theory","Applied"],
        "ai_ml_labels": null,
        "contribution_types": ["scheme"],
        "tags": ["registration-based encryption","key escrow"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "Registration-based encryption removes identity-based encryption's key-escrow authority but originally had prohibitive concrete ciphertext costs. This work replaces Merkle trees with crit-bit trees and adjusts public parameters, reducing ciphertext size by 57.5 percent while also lowering decryption cost.",
        "availability": null,
        "resources": {"id":56,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1007/978-3-030-92641-0_7"}],"archive":[{"label":"IACR ePrint","url":"https://eprint.iacr.org/2021/499"}],"author":[]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-56.json"
      },
    
      
      
      
      
      
      
      {
        "id": 57,
        "stable_id": "paper-57",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-57/",
        "title": "On Regenerating Codes and Proactive Secret Sharing: Relationships and Implications",
        "authors": "Karim Eldefrawy, Nicholas Genise, Rutuja Kshirsagar, and Moti Yung",
        "year": 2021,
        "status": "Published",
        "venue": "23rd International Symposium on Stabilization, Safety, and Security of Distributed Systems (SSS)",
        "venue_url": null,
        "topic": "secure-encrypted-computation",
        "labels": ["Theory"],
        "ai_ml_labels": null,
        "contribution_types": [],
        "tags": ["proactive secret sharing","regenerating codes"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "This paper systematically relates proactive secret sharing, which refreshes and repairs shares under mobile attacks, to regenerating codes, which repair distributed storage efficiently. It identifies partial-leakage weaknesses, proves conditional connections between the two notions, and introduces generalized-decoding regenerating codes.",
        "availability": null,
        "resources": {"id":57,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1007/978-3-030-91081-5_23"}],"archive":[{"label":"IACR ePrint","url":"https://eprint.iacr.org/2022/096"}],"author":[]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-57.json"
      },
    
      
      
      
      
      
      
      {
        "id": 58,
        "stable_id": "paper-58",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-58/",
        "title": "Machine-Checked ZKP for NP Relations: Formally Verified Security Proofs and Implementations of MPC-in-the-Head",
        "authors": "José Bacelar Almeida, Manuel Barbosa, Manuel L. Correia, Karim Eldefrawy, Stéphane Graham-Lengrand, Hugo Pacheco, and Vitor Pereira",
        "year": 2021,
        "status": "Published",
        "venue": "28th ACM Conference on Computer and Communications Security (CCS)",
        "venue_url": null,
        "topic": "secure-encrypted-computation",
        "labels": ["Theory","Applied"],
        "ai_ml_labels": null,
        "contribution_types": ["protocol","algorithm"],
        "tags": ["zero knowledge","MPC-in-the-head","formal verification"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "This paper gives the first machine-checked implementation of the general MPC-in-the-Head transformation from secure computation to zero-knowledge proofs. Its modular EasyCrypt proof accepts suitable MPC protocols as components and supports extracting a verified executable implementation for benchmarking.",
        "availability": null,
        "resources": {"id":58,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1145/3460120.3484771"}],"archive":[{"label":"IACR ePrint","url":"https://eprint.iacr.org/2021/1149"}],"author":[{"label":"Author-hosted PDF","url":"/pubs/2021/machine-checked-zkp-mpc-in-the-head.pdf"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-58.json"
      },
    
      
      
      
      
      
      
      {
        "id": 59,
        "stable_id": "paper-59",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-59/",
        "title": "F1: A Fast and Programmable Accelerator for Fully Homomorphic Encryption (Extended Version)",
        "authors": "Axel Feldmann, Nikola Samardzic, Aleksandar Krastev, Srini Devadas, Ronald G. Dreslinski, Karim Eldefrawy, Nicholas Genise, Chris Peikert, and Daniel Sánchez",
        "year": 2021,
        "status": "Extended version of the MICRO 2021 paper",
        "venue": "54th IEEE/ACM International Symposium on Microarchitecture (MICRO)",
        "venue_url": null,
        "topic": "secure-encrypted-computation",
        "labels": ["Applied"],
        "ai_ml_labels": null,
        "contribution_types": ["algorithm"],
        "tags": ["fully homomorphic encryption","hardware acceleration"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "F1 is a programmable hardware accelerator designed to execute complete fully homomorphic encryption programs rather than isolated kernels. Specialized vector units, an explicitly managed memory hierarchy, and a scheduling compiler yield several-thousand-fold average speedups over software.",
        "availability": null,
        "resources": {"id":59,"official":[{"label":"Related conference version","url":"https://doi.org/10.1145/3466752.3480070"}],"archive":[{"label":"arXiv","url":"https://arxiv.org/abs/2109.05371"}],"author":[{"label":"Author-hosted extended version","url":"/pubs/2021/f1-fhe-accelerator-extended.pdf"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-59.json"
      },
    
      
      
      
      
      
      
      {
        "id": 60,
        "stable_id": "paper-60",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-60/",
        "title": "Quantum Optimization Heuristics with an Application to Knapsack Problems",
        "authors": "Wim van Dam, Karim Eldefrawy, Nicholas Genise, and Natalie Parham",
        "year": 2021,
        "status": "Published",
        "venue": "IEEE International Conference on Quantum Computing and Engineering (QCE)",
        "venue_url": null,
        "topic": "algorithms-foundations",
        "labels": ["Theory","Applied"],
        "ai_ml_labels": null,
        "contribution_types": ["algorithm"],
        "tags": ["quantum optimization","knapsack"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "This paper adapts QAOA to constrained optimization by starting near a classical greedy solution and using mixers that explore feasible nearby alternatives. Experiments on difficult knapsack instances show that the shallow quantum heuristics often outperform several classical heuristics.",
        "availability": null,
        "resources": {"id":60,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1109/QCE52317.2021.00033"}],"archive":[{"label":"arXiv","url":"https://arxiv.org/abs/2108.08805"}],"author":[{"label":"Author-hosted PDF","url":"/pubs/2021/quantum-optimization-knapsack.pdf"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-60.json"
      },
    
      
      
      
      
      
      
      {
        "id": 61,
        "stable_id": "paper-61",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-61/",
        "title": "Communication-Efficient Proactive MPC for Dynamic Groups with Dishonest Majorities",
        "authors": "Karim Eldefrawy, Tancrède Lepoint, and Antonin Leroux",
        "year": 2022,
        "status": "Published",
        "venue": "20th International Conference on Applied Cryptography and Network Security (ACNS)",
        "venue_url": null,
        "topic": "secure-encrypted-computation",
        "labels": ["Theory"],
        "ai_ml_labels": null,
        "contribution_types": ["protocol"],
        "tags": ["secure multiparty computation","proactive security","dynamic groups"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "This paper constructs proactive multiparty computation for groups whose membership changes while a mobile adversary may control a dishonest majority in each period. It reduces amortized communication to quadratic per secret and introduces efficient bivariate multiplication and batched proactive sharing techniques.",
        "availability": null,
        "resources": {"id":61,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1007/978-3-031-09234-3_28"}],"archive":[{"label":"IACR ePrint","url":"https://eprint.iacr.org/2021/1564"}],"author":[]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-61.json"
      },
    
      
      
      
      
      
      
      {
        "id": 62,
        "stable_id": "paper-62",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-62/",
        "title": "In-App Cryptographically-Enforced Selective Access Control for Microsoft Office and Similar Platforms",
        "authors": "Karim Eldefrawy, Tancrède Lepoint, and Laura Tam",
        "year": 2022,
        "status": "Published",
        "venue": "6th International Symposium on Cyber Security, Cryptology, and Machine Learning (CSCML)",
        "venue_url": null,
        "topic": "privacy-identity",
        "labels": ["Applied"],
        "ai_ml_labels": null,
        "contribution_types": ["scheme"],
        "tags": ["access control","attribute-based encryption","documents"],
        "abstract": "The interplay between cryptography and access control has been widely investigated in the literature. On the bright side, attribute-based encryption (ABE) has appeared as a major cryptographic tool going beyond the all-or-nothing approach of public-key encryption by supporting fine-grained access control for encrypted data. Unfortunately, the deployment and adoption of ABE have been slow, and few commercial widely-used products use it to date. In particular, selective and fine-grained control over what is shared, and with whom, is absent from common data products and formats, such as those generated by commercial products (Microsoft Word documents, Excel spreadsheets, PowerPoint slides, and so on). This lack of selective and fine-grained control results in users simply not sharing. This major usability shortcoming impacts defense and military coalition operations, as well as commercial settings, such as life sciences, healthcare, and the financial sectors. This paper addresses this identified usability problem head-on by proposing a cryptographically-enforced selective access control in Microsoft Office products and similar platforms. We focus on Excel as an illustrative use-case, but note that our work is applicable to (and is implemented for) other Microsoft products such as Word, PowerPoint, and Outlook. Using the JavaScript API for Microsoft Office, we designed and developed simple add-ins that enable cell encryption according to a policy, and requires a key that embeds attributes satisfying the policy in order to decrypt. Our performance evaluation not only shows that cryptographic-based selective sharing of information in widely-deployed and widely-used commercial authoring and collaboration platforms is possible, but also efficient.",
        "abstract_kind": "Full published-paper abstract",
        "abstract_review_status": "extracted_from_checked_in_pdf",
        "abstract_added_at": "2026-07-11",
        "abstract_note": "Transcribed from the checked-in published PDF; only typography, discretionary hyphenation, and line-break artifacts were normalized. The distinct extended-version PDF has a materially revised abstract and is not used here.",
        "abstract_source_url": "/pubs/2022/cscml2022-abe-msoffice.pdf#page=1",
        "summary": "This work adds cryptographically enforced, fine-grained access control inside familiar document applications such as Microsoft Office. Selected portions of a document remain encrypted and become readable only to users whose attributes satisfy the embedded policy, reducing reliance on the surrounding platform to enforce permissions correctly.",
        "availability": null,
        "resources": {"id":62,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1007/978-3-031-07689-3_32"}],"archive":[],"author":[{"label":"Author-hosted PDF","url":"/pubs/2022/cscml2022-abe-msoffice.pdf"},{"label":"Extended version","url":"/pubs/2022/cscml2022-abe-msoffice-extended-version.pdf"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-62.json"
      },
    
      
      
      
      
      
      
      {
        "id": 63,
        "stable_id": "paper-63",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-63/",
        "title": "How Byzantine Is a Send Corruption?",
        "authors": "Karim Eldefrawy, Julian Loss, and Ben Terner",
        "year": 2022,
        "status": "Published",
        "venue": "20th International Conference on Applied Cryptography and Network Security (ACNS)",
        "venue_url": null,
        "topic": "algorithms-foundations",
        "labels": ["Theory"],
        "ai_ml_labels": null,
        "contribution_types": [],
        "tags": ["consensus","Byzantine faults","corruption models"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "This paper asks how consensus changes when some parties behave honestly but an adversary can selectively drop the messages they send, alongside ordinary Byzantine and receive faults. It gives expected-constant-round protocols with improved fault thresholds and shows why send corruption can be surprisingly close to full Byzantine power.",
        "availability": null,
        "resources": {"id":63,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1007/978-3-031-09234-3_34"}],"archive":[{"label":"IACR ePrint","url":"https://eprint.iacr.org/2021/796"}],"author":[{"label":"CISPA author page","url":"https://cispa.de/en/research/publications/66354-how-byzantine-is-a-send-corruption-"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-63.json"
      },
    
      
      
      
      
      
      
      {
        "id": 64,
        "stable_id": "paper-64",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-64/",
        "title": "CraterLake: A Hardware Accelerator for Efficient Unbounded Computation on Encrypted Data",
        "authors": "Nikola Samardzic, Axel Feldmann, Aleksandar Krastev, Nathan Manohar, Nicholas Genise, Srinivas Devadas, Karim Eldefrawy, Chris Peikert, and Daniel Sánchez",
        "year": 2022,
        "status": "Published",
        "venue": "49th International Symposium on Computer Architecture (ISCA)",
        "venue_url": null,
        "topic": "secure-encrypted-computation",
        "labels": ["Applied"],
        "ai_ml_labels": null,
        "contribution_types": ["algorithm"],
        "tags": ["fully homomorphic encryption","hardware acceleration","FHE bootstrapping","compiler optimization"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "CraterLake is a hardware accelerator for fully homomorphic encryption that supports computations of unbounded depth by accelerating the expensive refresh operations that prevent ciphertext noise from growing without limit. Its architecture is designed to make long, general encrypted programs practical rather than restricting acceleration to a narrow fixed workload.",
        "availability": null,
        "resources": {"id":64,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1145/3470496.3527393"}],"archive":[{"label":"NSF Public Access","url":"https://par.nsf.gov/servlets/purl/10350313"}],"author":[{"label":"MIT author copy","url":"https://people.csail.mit.edu/sanchez/papers/2022.craterlake.isca.pdf"},{"label":"Author-hosted PDF","url":"/pubs/2022/craterlake-isca2022.pdf"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-64.json"
      },
    
      
      
      
      
      
      
      {
        "id": 65,
        "stable_id": "paper-65",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-65/",
        "title": "On the Hardness of Scheme-Switching Between SIMD FHE Schemes",
        "authors": "Karim Eldefrawy, Nicholas Genise, and Nathan Manohar",
        "year": 2023,
        "status": "Published",
        "venue": "14th International Conference on Post-Quantum Cryptography (PQCrypto)",
        "venue_url": null,
        "topic": "secure-encrypted-computation",
        "labels": ["Theory"],
        "ai_ml_labels": null,
        "contribution_types": [],
        "tags": ["fully homomorphic encryption","scheme switching"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "This paper shows that efficiently switching between exact BGV/BFV ciphertexts and approximate CKKS ciphertexts would also yield an efficient bootstrapping method. It gives similar reductions for homomorphic comparison and related functions, providing evidence that substantially cheaper scheme switching is unlikely without better bootstrapping.",
        "availability": null,
        "resources": {"id":65,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1007/978-3-031-40003-2_8"}],"archive":[{"label":"IACR ePrint","url":"https://eprint.iacr.org/2023/988"}],"author":[{"label":"IBM author page","url":"https://research.ibm.com/publications/on-the-hardness-of-scheme-switching-between-simd-fhe-schemes"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-65.json"
      },
    
      
      
      
      
      
      
      {
        "id": 66,
        "stable_id": "paper-66",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-66/",
        "title": "Traffic Analysis by Adversaries with Partial Visibility",
        "authors": "Iness Ben Guirat, Claudia Díaz, Karim Eldefrawy, and Hadas Zeilberger",
        "year": 2023,
        "status": "Published · proceedings issued in 2024",
        "venue": "28th European Symposium on Research in Computer Security (ESORICS 2023)",
        "venue_url": null,
        "topic": "privacy-identity",
        "labels": ["Theory","Applied"],
        "ai_ml_labels": ["AI for security"],
        "contribution_types": ["algorithm"],
        "tags": ["traffic analysis","mix networks","Bayesian inference"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "This paper models traffic-analysis attackers who can observe only part of a mix network, rather than assuming an unrealistic view of every communication. It combines Bayesian inference with Metropolis-Hastings sampling to study what different partially informed adversaries can still learn.",
        "availability": null,
        "resources": {"id":66,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1007/978-3-031-51476-0_17"}],"archive":[],"author":[{"label":"Author-hosted paper","url":"https://www.esat.kuleuven.be/cosic/publications/article-3637.pdf"},{"label":"Author-hosted PDF","url":"/pubs/2023/traffic-analysis-partial-visibility-esorics2023.pdf"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-66.json"
      },
    
      
      
      
      
      
      
      {
        "id": 67,
        "stable_id": "paper-67",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-67/",
        "title": "Boosting the Performance of High-Assurance Cryptography: Parallel Execution and Optimizing Memory Access in Formally Verified Line-Point Zero-Knowledge",
        "authors": "Samuel Dittmer, Karim Eldefrawy, Stéphane Graham-Lengrand, Steve Lu, Rafail Ostrovsky, and Vitor Pereira",
        "year": 2023,
        "status": "Published",
        "venue": "30th ACM Conference on Computer and Communications Security (CCS)",
        "venue_url": null,
        "topic": "algorithms-foundations",
        "labels": ["Theory","Applied"],
        "ai_ml_labels": null,
        "contribution_types": ["algorithm"],
        "tags": ["zero knowledge","formal verification","performance"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "This paper formally verifies parallel-execution and memory-access optimizations for an EasyCrypt implementation of Line-Point Zero-Knowledge. The verified optimizations produce roughly a 3,000-fold speedup and bring automatically extracted code close to the manually implemented version.",
        "availability": null,
        "resources": {"id":67,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1145/3576915.3616583"}],"archive":[{"label":"IACR ePrint","url":"https://eprint.iacr.org/2023/1322"}],"author":[]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-67.json"
      },
    
      
      
      
      
      
      
      {
        "id": 68,
        "stable_id": "paper-68",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-68/",
        "title": "Short Concurrent Covert Authenticated Key Exchange (Short cAKE)",
        "authors": "Karim Eldefrawy, Nicholas Genise, and Stanislaw Jarecki",
        "year": 2023,
        "status": "Published",
        "venue": "29th Annual International Conference on the Theory and Applications of Cryptology and Information Security (ASIACRYPT)",
        "venue_url": null,
        "topic": "privacy-identity",
        "labels": ["Theory","Applied"],
        "ai_ml_labels": null,
        "contribution_types": ["protocol"],
        "tags": ["authenticated key exchange","covert communication","concurrency"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "This paper constructs authenticated key exchange whose protocol traffic remains indistinguishable from random communication even when many sessions run concurrently. It supplies a composable security model, minimal message complexity, substantially lower bandwidth than prior constructions, and a proof-of-concept implementation.",
        "availability": null,
        "resources": {"id":68,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1007/978-981-99-8742-9_3"}],"archive":[{"label":"IACR ePrint","url":"https://eprint.iacr.org/2023/1418"}],"author":[]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-68.json"
      },
    
      
      
      
      
      
      
      {
        "id": 69,
        "stable_id": "paper-69",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-69/",
        "title": "The Key Lattice Framework for Concurrent Group Messaging",
        "authors": "Kelong Cong, Karim Eldefrawy, Nigel P. Smart, and Ben Terner",
        "year": 2024,
        "status": "Published",
        "venue": "22nd International Conference on Applied Cryptography and Network Security (ACNS)",
        "venue_url": null,
        "topic": "privacy-identity",
        "labels": ["Theory"],
        "ai_ml_labels": null,
        "contribution_types": ["protocol"],
        "tags": ["group messaging","key management"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "This paper represents concurrent group-key evolution as a lattice, making forward secrecy and post-compromise security directional versions of one abstraction without relying on global epochs. Its dynamic-group protocol supports concurrent updates with constant payload overhead and linear update cost.",
        "availability": null,
        "resources": {"id":69,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1007/978-3-031-54773-7_6"}],"archive":[{"label":"IACR ePrint","url":"https://eprint.iacr.org/2022/1531"}],"author":[]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-69.json"
      },
    
      
      
      
      
      
      
      {
        "id": 70,
        "stable_id": "paper-70",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-70/",
        "title": "Entanglement-Based Mutual Quantum Distance Bounding",
        "authors": "Aysajan Abidin, Karim Eldefrawy, and Dave Singelée",
        "year": 2024,
        "status": "Published",
        "venue": "8th International Symposium on Cyber Security, Cryptology, and Machine Learning (CSCML)",
        "venue_url": null,
        "topic": "secure-systems-networks",
        "labels": ["Theory"],
        "ai_ml_labels": null,
        "contribution_types": ["protocol"],
        "tags": ["quantum protocols","distance bounding"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "This paper uses entangled qubits for distance bounding and presents a protocol that lets two parties bound their distance mutually in one execution. The constructions resist attacks affecting earlier one-way quantum protocols and remove a final prover-to-verifier communication step.",
        "availability": null,
        "resources": {"id":70,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1007/978-3-031-76934-4_14"}],"archive":[{"label":"arXiv","url":"https://arxiv.org/abs/2305.09905"}],"author":[{"label":"Author-hosted preprint PDF","url":"/pubs/2024/quantum-distance-bounding-cscml2024.pdf"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-70.json"
      },
    
      
      
      
      
      
      
      {
        "id": 71,
        "stable_id": "paper-71",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-71/",
        "title": "Challenges in Timed-Cryptography: A Position Paper (Short Paper)",
        "authors": "Karim Eldefrawy, Ben Terner, and Moti Yung",
        "year": 2024,
        "status": "Published · short paper",
        "venue": "8th International Symposium on Cyber Security, Cryptology, and Machine Learning (CSCML)",
        "venue_url": null,
        "topic": "secure-encrypted-computation",
        "labels": ["Theory","Perspective"],
        "ai_ml_labels": null,
        "contribution_types": [],
        "tags": ["timed cryptography","research agenda"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "This position paper argues that common analyses of time-lock puzzles rely on idealizations or simulators that do not faithfully model computations whose security expires. It calls for realistic and falsifiable models that track running time, leakage, and security loss when timed components are composed.",
        "availability": null,
        "resources": {"id":71,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1007/978-3-031-76934-4_22"}],"archive":[{"label":"IACR ePrint","url":"https://eprint.iacr.org/2024/1529"}],"author":[]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-71.json"
      },
    
      
      
      
      
      
      
      {
        "id": 72,
        "stable_id": "paper-72",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-72/",
        "title": "Challenges in Timed Cryptography: A Position Paper (Full Paper)",
        "authors": "Karim Eldefrawy, Ben Terner, and Moti Yung",
        "year": 2025,
        "status": "Full version · under review",
        "venue": "Cryptography and Communications special issue",
        "venue_url": null,
        "topic": "secure-encrypted-computation",
        "labels": ["Theory","Perspective"],
        "ai_ml_labels": null,
        "contribution_types": [],
        "tags": ["timed cryptography","research agenda"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "The listed full version appears to expand the position paper's critique of idealized time-lock analyses, unbounded simulators, and missing composition guarantees. No distinct public full-paper record was found, and the linked ePrint may instead correspond to the shorter published version.",
        "availability": null,
        "resources": {"id":72,"official":[],"archive":[],"author":[]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "metadata_and_editorial_summary",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-72.json"
      },
    
      
      
      
      
      
      
      {
        "id": 73,
        "stable_id": "paper-73",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-73/",
        "title": "Multi-Party Time-Lock Puzzles: Quorum-Controlled Delays Without a Single Point of Failure",
        "authors": "Karim Eldefrawy, Sashidhar Jakkamsetti, Ben Terner, and Moti Yung",
        "year": 2025,
        "status": "Published",
        "venue": "9th International Symposium on Cyber Security, Cryptology, and Machine Learning (CSCML)",
        "venue_url": null,
        "topic": "secure-encrypted-computation",
        "labels": ["Theory"],
        "ai_ml_labels": null,
        "contribution_types": ["protocol","primitive"],
        "tags": ["time-lock puzzles","threshold cryptography"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "This paper introduces time-lock puzzles whose secret is generated and controlled collectively, preventing any one participant from revealing it early. It gives a practical protocol and uses it to construct timed multiparty computation with a time-locked output.",
        "availability": null,
        "resources": {"id":73,"official":[{"label":"Publisher / DOI","url":"https://doi.org/10.1007/978-3-032-10759-6_5"}],"archive":[],"author":[]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "official_abstract_and_metadata",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-73.json"
      },
    
      
      
      
      
      
      
      {
        "id": 74,
        "stable_id": "paper-74",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-74/",
        "title": "Private Identity-Based Bulletin Boards for Anonymous Messaging and Other Online Services (Regular Academic Track Paper)",
        "authors": "Karim Eldefrawy, Stanislaw Jarecki, Benjamin Terner, and Gene Tsudik",
        "year": null,
        "status": "Under review",
        "venue": null,
        "venue_url": null,
        "topic": "privacy-identity",
        "labels": ["Theory","Applied","System","Implementation"],
        "ai_ml_labels": null,
        "contribution_types": ["protocol","scheme"],
        "tags": ["anonymous messaging","delay-and-disruption-prone networks","identity-based encryption","private information retrieval","searchable ciphertexts"],
        "abstract": "Secure and anonymous messaging has many compelling use-cases and is becoming increasingly popular. In this paper, we consider it in the context of delay-and-disruption-prone networks, which are characterized by handicapped network access, disrupted operation, censorship, and intermittent network outages. With such settings in mind, we define and design a Private Identity-Based Bulletin Board (PIB³) scheme, which allows users to anonymously post and retrieve messages to and from a distributed database, and supports communication between users without pre-established setup or pre-exchanged keys. Anyone can encrypt a message for an identity and public epoch, such that only the party with the decryption key for that identity can identify, retrieve, and decrypt the message. Against one corrupted non-colluding PIB³ server, the server learns neither the recipient identity nor the retrieved record indices beyond the leakage explicitly modeled by the scheme: the public epoch, the database size, and the number of retrievals made by the receiver. If retrieval-count privacy is required, retrievals can be padded to a fixed bound. The multi-server construction extends this guarantee to larger server sets, and gives coalition privacy whenever the underlying multi-server PIR scheme is private against the corresponding coalition. Contributions of this work are: (1) formally defining functionality and security requirements for PIB³-s, (2) defining and constructing a Hierarchical Identity-Based Encryption (HIBE) scheme with searchable ciphertexts, which serves as a building block for the proposed PIB³ scheme and may be of independet interest, (3) designing an efficient PIB³ scheme that can be realized with n ≥ 2 servers based on the HIBE scheme with searchable ciphertexts combined with additional primitives, and (4) implementing a functional PIB³ prototype which demonstrates practicality of the entire concept and allows us to assess its performance empirically.",
        "abstract_kind": "Full paper abstract",
        "abstract_review_status": "extracted_from_checked_in_pdf",
        "abstract_added_at": "2026-07-11",
        "abstract_note": "Transcribed from the checked-in author manuscript; mathematical notation was normalized to plain Unicode, and only typography, discretionary hyphenation, and line-break artifacts were otherwise normalized. The source typo 'independet' is retained.",
        "abstract_source_url": "/pubs/2026/private-identity-bulletin-boards-cscml2026.pdf#page=1",
        "summary": "The paper defines Private Identity-Based Bulletin Boards for asynchronous anonymous messaging without pre-established keys in censored or disruption-prone networks. It combines anonymous identity-based encryption, searchable HIBE, and multi-server private information retrieval, then implements a prototype to measure practical performance.",
        "availability": "An author-hosted manuscript PDF is available on this site; the work remains under review.",
        "resources": {"id":74,"official":[],"archive":[],"author":[{"label":"Author-hosted manuscript PDF","url":"/pubs/2026/private-identity-bulletin-boards-cscml2026.pdf"}]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-74.json"
      },
    
      
      
      
      
      
      
      {
        "id": 75,
        "stable_id": "paper-75",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-75/",
        "title": "Decomposable MPC with Security Against Malicious Adversaries",
        "authors": "Kelong Cong, Karim Eldefrawy, Ben Terner, and Titouan Tanguy",
        "year": null,
        "status": "Under review",
        "venue": null,
        "venue_url": null,
        "topic": "secure-encrypted-computation",
        "labels": ["Theory"],
        "ai_ml_labels": null,
        "contribution_types": [],
        "tags": ["secure multiparty computation","malicious security"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "Based on its working title, this paper studies how a secure multiparty computation can be split into reusable or independently handled pieces without losing security. The design targets malicious participants, who may deviate arbitrarily from the protocol rather than merely observe it.",
        "availability": "Public manuscript not found; this work is listed as under review.",
        "resources": {"id":75,"official":[],"archive":[],"author":[]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "metadata_and_documented_public_source_search",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-75.json"
      },
    
      
      
      
      
      
      
      {
        "id": 76,
        "stable_id": "paper-76",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-76/",
        "title": "PRISM: PRivacy-Preserving Intrusion-Resilient Secure Multiparty-Computation-Based Messaging Overlay",
        "authors": "Linda Briesemeister, Karim Eldefrawy, Bob Haley, Tim McCarthy, and Ben Terner",
        "year": null,
        "status": "Ongoing work",
        "venue": null,
        "venue_url": null,
        "topic": "privacy-identity",
        "labels": ["Applied"],
        "ai_ml_labels": null,
        "contribution_types": ["protocol"],
        "tags": ["anonymous messaging","intrusion resilience","MPC"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "Based on its working title, PRISM combines secure multiparty computation with an anonymous messaging overlay designed to tolerate compromised infrastructure. Its goal is to protect communication privacy and keep the service resilient even when some participating components are penetrated.",
        "availability": "Public manuscript not found; this work is listed as ongoing.",
        "resources": {"id":76,"official":[],"archive":[],"author":[]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "metadata_project_provenance_and_documented_public_source_search",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-76.json"
      },
    
      
      
      
      
      
      
      {
        "id": 77,
        "stable_id": "paper-77",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-77/",
        "title": "Towards Further Realizing Random Oracles: Post-Quantum Non-Malleable Point Obfuscation",
        "authors": "Daniel Apon, Chongwon Cho, Karim Eldefrawy, Feng-Hao Liu, and Rafail Ostrovsky",
        "year": null,
        "status": "Ongoing work",
        "venue": null,
        "venue_url": null,
        "topic": "algorithms-foundations",
        "labels": ["Theory"],
        "ai_ml_labels": null,
        "contribution_types": [],
        "tags": ["post-quantum cryptography","obfuscation"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "Based on its working title, this project studies point-function obfuscation that remains non-malleable against quantum-capable attackers. It asks how a concrete post-quantum construction can reproduce useful random-oracle behavior without letting an adversary transform an obfuscated program into a related one.",
        "availability": "Public manuscript not found; this work is listed as ongoing.",
        "resources": {"id":77,"official":[],"archive":[],"author":[]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "metadata_administrative_provenance_and_documented_public_source_search",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-77.json"
      },
    
      
      
      
      
      
      
      {
        "id": 78,
        "stable_id": "paper-78",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-78/",
        "title": "Composing Timed Cryptographic Protocols: Foundations and Applications",
        "authors": "Karim Eldefrawy, Ben Terner, and Moti Yung",
        "year": 2024,
        "status": "Preprint · under review",
        "venue": "IACR Cryptology ePrint Archive",
        "venue_url": null,
        "topic": "secure-encrypted-computation",
        "labels": ["Theory"],
        "ai_ml_labels": null,
        "contribution_types": [],
        "tags": ["timed cryptography","protocol composition"],
        "abstract": null,
        "abstract_kind": null,
        "abstract_review_status": null,
        "abstract_added_at": null,
        "abstract_note": null,
        "abstract_source_url": null,
        "summary": "This work develops a fine-grained complexity framework for reasoning about cryptographic components whose security expires over time. It introduces residual complexity, proves composition results for timed multiparty protocols, and demonstrates the framework with an auction application.",
        "availability": null,
        "resources": {"id":78,"official":[],"archive":[{"label":"IACR ePrint","url":"https://eprint.iacr.org/2024/676"}],"author":[]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "full_source_audit",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-78.json"
      },
    
      
      
      
      
      
      
      {
        "id": 79,
        "stable_id": "paper-79",
        "url": "https://keldefrawy.github.io/knowledge/papers/paper-79/",
        "title": "Can Composing Generative Models Avoid Hallucinations? Implications for Cybersecurity Use Cases",
        "authors": "Karim Eldefrawy",
        "year": 2026,
        "status": "Under review",
        "venue": "10th International Symposium on Cyber Security, Cryptology and Machine Learning (CSCML 2026)",
        "venue_url": "https://www.cscml.org/",
        "topic": "ai-machine-learning",
        "labels": ["Theory"],
        "ai_ml_labels": ["Foundations","AI for security"],
        "contribution_types": [],
        "tags": ["generative models","model composition","hallucinations","cybersecurity AI"],
        "abstract": "Today’s AI-powered enterprise systems are increasingly combining multiple models with pre- and post-processing, score aggregation, routing to expert models, and model-as-judge mechanisms. This raises a natural theoretical question with immediate practical implications: can compositions of models and pre- and post-processing techniques reduce hallucination rates inherent in single models?\n\nWe answer this question for the calibrated core of systems composing multiple models with pre- and post-processing techniques. Calibration in this context means that among all claims assigned score z, the average truth rate is z. Kalai and Vempala (KV) proved a limitation for a single calibrated fact-level generator: it must hallucinate monofacts (facts appearing once in training data) at a rate lower-bounded by the Good–Turing missing-mass estimate minus calibration error.\n\nWe show that calibration is preserved by three natural and common composition operators: (1) deterministic semantic post-processing, (2) Bayesian-compatible score aggregation, and (3) routing to one of many expert models (sometimes called a mixture of experts). The KV hallucination floor thus survives compositions built from these operators. A combined system that beats this floor must therefore either be miscalibrated as a final composite or violate one of our closure theorems. We give two counterexamples showing that, when the conditions of our theorems are violated, the overall system may not be calibrated: marginally calibrated experts need not average to a calibrated ensemble, and globally calibrated expert models need not remain calibrated under routing to one of the expert models.\n\nWe map our results to cybersecurity-relevant settings; in such settings, composed systems powered by generative models discover vulnerabilities, review code, generate code and test cases, analyze logs, triage alerts, and summarize incidents. In cybersecurity, “facts” are operational claims whose tail can be viewed as the monofact regime. Such claims can concern, for example, vulnerability existence, exploitability, patch safety, alert validity, or incident attribution. Vulnerability discovery also marks the theorem’s boundary: a model-generated claim that a rare bug exists is monofact-like when supported only by model confidence, while a concrete exploit, proof certificate, or execution trace is a checkable witness. Thus, our theorems apply to pre-verification composition; verified witnesses provide an escape by changing the evidence state.\n\nWe conclude with an evaluation procedure for auditing composed systems powered by generative models acting as a cybersecurity AI assistant or automated pipeline addressing specific tasks in such settings. The evaluation procedure enables one to explain whether, and by which mechanism, an observed hallucination reduction is compatible with our analysis.",
        "abstract_kind": "Author-supplied abstract",
        "abstract_review_status": "author_supplied_not_manuscript_audited",
        "abstract_added_at": "2026-07-11",
        "abstract_note": "Supplied by the author for this website; the manuscript and theorem proofs have not been independently audited.",
        "abstract_source_url": "/knowledge/papers/paper-79/#paper-abstract",
        "summary": "The author-supplied abstract reports that a Kalai–Vempala hallucination lower bound persists under deterministic semantic post-processing, Bayesian-compatible score aggregation, and expert-model routing when the resulting system remains calibrated. It identifies counterexamples outside these closure conditions, connects the theory to cybersecurity workflows, distinguishes unverified model claims from checkable witnesses, and proposes an audit procedure for explaining apparent hallucination reductions.",
        "availability": "Public manuscript not yet linked; an author-supplied abstract and the CSCML 2026 venue website are represented.",
        "resources": {"id":79,"official":[],"archive":[],"author":[]},
        "knowledge_stage": "mapped_draft",
        "source_scope": "metadata_and_author_supplied_abstract",
        "knowledge_map_url": "https://keldefrawy.github.io/knowledge/papers/paper-79.json"
      }
    
  ]
}
