[{"publication":"Proceedings of the 3rd International Workshop on Virtual and Augmented Reality Software Engineering (VARSE) @ ASE 2025 ","type":"conference","status":"public","_id":"61506","department":[{"_id":"66"},{"_id":"534"}],"user_id":"8447","language":[{"iso":"eng"}],"year":"2025","citation":{"apa":"Karakaya, K., Klauke, J., & Yigitbas, E. (2025). Toward Static Analysis of Immersive Attacks. Proceedings of the 3rd International Workshop on Virtual and Augmented Reality Software Engineering (VARSE) @ ASE 2025 .","mla":"Karakaya, Kadiray, et al. “Toward Static Analysis of Immersive Attacks.” Proceedings of the 3rd International Workshop on Virtual and Augmented Reality Software Engineering (VARSE) @ ASE 2025 , 2025.","short":"K. Karakaya, J. Klauke, E. Yigitbas, in: Proceedings of the 3rd International Workshop on Virtual and Augmented Reality Software Engineering (VARSE) @ ASE 2025 , 2025.","bibtex":"@inproceedings{Karakaya_Klauke_Yigitbas_2025, title={Toward Static Analysis of Immersive Attacks}, booktitle={Proceedings of the 3rd International Workshop on Virtual and Augmented Reality Software Engineering (VARSE) @ ASE 2025 }, author={Karakaya, Kadiray and Klauke, Jonas and Yigitbas, Enes}, year={2025} }","ieee":"K. Karakaya, J. Klauke, and E. Yigitbas, “Toward Static Analysis of Immersive Attacks,” 2025.","chicago":"Karakaya, Kadiray, Jonas Klauke, and Enes Yigitbas. “Toward Static Analysis of Immersive Attacks.” In Proceedings of the 3rd International Workshop on Virtual and Augmented Reality Software Engineering (VARSE) @ ASE 2025 , 2025.","ama":"Karakaya K, Klauke J, Yigitbas E. Toward Static Analysis of Immersive Attacks. In: Proceedings of the 3rd International Workshop on Virtual and Augmented Reality Software Engineering (VARSE) @ ASE 2025 . ; 2025."},"date_updated":"2026-01-15T11:45:28Z","author":[{"last_name":"Karakaya","orcid":"https://orcid.org/0000-0001-9266-2084","id":"70410","full_name":"Karakaya, Kadiray","first_name":"Kadiray"},{"first_name":"Jonas","last_name":"Klauke","orcid":"0000-0001-9160-9636","id":"40915","full_name":"Klauke, Jonas"},{"orcid":"0000-0002-5967-833X","last_name":"Yigitbas","full_name":"Yigitbas, Enes","id":"8447","first_name":"Enes"}],"date_created":"2025-10-02T08:40:40Z","title":"Toward Static Analysis of Immersive Attacks"},{"abstract":[{"text":"AbstractSince its inception two decades ago, Soot has become one of the most widely used open-source static analysis frameworks. Over time it has been extended with the contributions of countless researchers. Yet, at the same time, the requirements for Soot have changed over the years and become increasingly at odds with some of the major design decisions that underlie it. In this work, we thus present SootUp, a complete reimplementation of Soot that seeks to fulfill these requirements with a novel design, while at the same time keeping elements that Soot users have grown accustomed to.","lang":"eng"}],"status":"public","publication":"Tools and Algorithms for the Construction and Analysis of Systems","type":"book_chapter","language":[{"iso":"eng"}],"_id":"53942","project":[{"name":"Reaktor: SFB 901 - Automatisierte Risikoanalyse in Bezug auf Open-Source-Abhängigkeiten (Hektor) (Transferproject T3)","_id":"107"},{"name":"HEKTOR: Automatisierte Risikoanalyse unter Berücksichtigung von Open-Source-Abhängigkeiten","_id":"668"},{"name":"SFB 901: On-The-Fly Computing - Individualisierte IT-Dienstleistungen in dynamischen Märkten","_id":"1"},{"name":"SFB 901; Projektbereich T: Transferprojekte des Sonderforschungsbereichs","_id":"82"},{"_id":"107","name":"SFB 901; TP T3: Automatisierte Risikoanalyse in Bezug auf Open-Source-Abhängigkeiten (Hektor)"}],"department":[{"_id":"76"}],"user_id":"477","place":"Cham","year":"2024","citation":{"short":"K. Karakaya, S. Schott, J. Klauke, E. Bodden, M. Schmidt, L. Luo, D. He, in: Tools and Algorithms for the Construction and Analysis of Systems, Springer Nature Switzerland, Cham, 2024.","bibtex":"@inbook{Karakaya_Schott_Klauke_Bodden_Schmidt_Luo_He_2024, place={Cham}, title={SootUp: A Redesign of the Soot Static Analysis Framework}, DOI={10.1007/978-3-031-57246-3_13}, booktitle={Tools and Algorithms for the Construction and Analysis of Systems}, publisher={Springer Nature Switzerland}, author={Karakaya, Kadiray and Schott, Stefan and Klauke, Jonas and Bodden, Eric and Schmidt, Markus and Luo, Linghui and He, Dongjie}, year={2024} }","mla":"Karakaya, Kadiray, et al. “SootUp: A Redesign of the Soot Static Analysis Framework.” Tools and Algorithms for the Construction and Analysis of Systems, Springer Nature Switzerland, 2024, doi:10.1007/978-3-031-57246-3_13.","apa":"Karakaya, K., Schott, S., Klauke, J., Bodden, E., Schmidt, M., Luo, L., & He, D. (2024). SootUp: A Redesign of the Soot Static Analysis Framework. In Tools and Algorithms for the Construction and Analysis of Systems. Springer Nature Switzerland. https://doi.org/10.1007/978-3-031-57246-3_13","ieee":"K. Karakaya et al., “SootUp: A Redesign of the Soot Static Analysis Framework,” in Tools and Algorithms for the Construction and Analysis of Systems, Cham: Springer Nature Switzerland, 2024.","chicago":"Karakaya, Kadiray, Stefan Schott, Jonas Klauke, Eric Bodden, Markus Schmidt, Linghui Luo, and Dongjie He. “SootUp: A Redesign of the Soot Static Analysis Framework.” In Tools and Algorithms for the Construction and Analysis of Systems. Cham: Springer Nature Switzerland, 2024. https://doi.org/10.1007/978-3-031-57246-3_13.","ama":"Karakaya K, Schott S, Klauke J, et al. SootUp: A Redesign of the Soot Static Analysis Framework. In: Tools and Algorithms for the Construction and Analysis of Systems. Springer Nature Switzerland; 2024. doi:10.1007/978-3-031-57246-3_13"},"publication_identifier":{"issn":["0302-9743","1611-3349"],"isbn":["9783031572456","9783031572463"]},"publication_status":"published","title":"SootUp: A Redesign of the Soot Static Analysis Framework","doi":"10.1007/978-3-031-57246-3_13","date_updated":"2025-11-11T14:26:52Z","publisher":"Springer Nature Switzerland","author":[{"full_name":"Karakaya, Kadiray","id":"70410","last_name":"Karakaya","orcid":"https://orcid.org/0000-0001-9266-2084","first_name":"Kadiray"},{"full_name":"Schott, Stefan","id":"54847","last_name":"Schott","first_name":"Stefan"},{"last_name":"Klauke","orcid":"0000-0001-9160-9636","id":"40915","full_name":"Klauke, Jonas","first_name":"Jonas"},{"id":"59256","full_name":"Bodden, Eric","orcid":"0000-0003-3470-3647","last_name":"Bodden","first_name":"Eric"},{"full_name":"Schmidt, Markus","last_name":"Schmidt","first_name":"Markus"},{"first_name":"Linghui","last_name":"Luo","full_name":"Luo, Linghui"},{"last_name":"He","full_name":"He, Dongjie","first_name":"Dongjie"}],"date_created":"2024-05-06T11:29:36Z"},{"publication":"38th European Conference on Object-Oriented Programming (ECOOP 2024)","type":"conference","status":"public","department":[{"_id":"76"}],"user_id":"477","_id":"57550","project":[{"_id":"668","name":"HEKTOR: Automatisierte Risikoanalyse unter Berücksichtigung von Open-Source-Abhängigkeiten"},{"name":"Reaktor: SFB 901 - Automatisierte Risikoanalyse in Bezug auf Open-Source-Abhängigkeiten (Hektor) (Transferproject T3)","_id":"107"},{"name":"SFB 901: On-The-Fly Computing - Individualisierte IT-Dienstleistungen in dynamischen Märkten","_id":"1"},{"name":"SFB 901; Projektbereich T: Transferprojekte des Sonderforschungsbereichs","_id":"82"},{"name":"SFB 901; TP T3: Automatisierte Risikoanalyse in Bezug auf Open-Source-Abhängigkeiten (Hektor)","_id":"107"}],"language":[{"iso":"eng"}],"citation":{"ama":"Schott S, Ponta SE, Fischer W, Klauke J, Bodden E. Java Bytecode Normalization for Code Similarity Analysis. In: 38th European Conference on Object-Oriented Programming (ECOOP 2024). ; 2024. doi:10.4230/LIPIcs.ECOOP.2024.37","chicago":"Schott, Stefan, Serena Elisa Ponta, Wolfram Fischer, Jonas Klauke, and Eric Bodden. “Java Bytecode Normalization for Code Similarity Analysis.” In 38th European Conference on Object-Oriented Programming (ECOOP 2024), 2024. https://doi.org/10.4230/LIPIcs.ECOOP.2024.37.","ieee":"S. Schott, S. E. Ponta, W. Fischer, J. Klauke, and E. Bodden, “Java Bytecode Normalization for Code Similarity Analysis,” presented at the 38th European Conference on Object-Oriented Programming (ECOOP 2024), Vienna, 2024, doi: 10.4230/LIPIcs.ECOOP.2024.37.","bibtex":"@inproceedings{Schott_Ponta_Fischer_Klauke_Bodden_2024, title={Java Bytecode Normalization for Code Similarity Analysis}, DOI={10.4230/LIPIcs.ECOOP.2024.37}, booktitle={38th European Conference on Object-Oriented Programming (ECOOP 2024)}, author={Schott, Stefan and Ponta, Serena Elisa and Fischer, Wolfram and Klauke, Jonas and Bodden, Eric}, year={2024} }","short":"S. Schott, S.E. Ponta, W. Fischer, J. Klauke, E. Bodden, in: 38th European Conference on Object-Oriented Programming (ECOOP 2024), 2024.","mla":"Schott, Stefan, et al. “Java Bytecode Normalization for Code Similarity Analysis.” 38th European Conference on Object-Oriented Programming (ECOOP 2024), 2024, doi:10.4230/LIPIcs.ECOOP.2024.37.","apa":"Schott, S., Ponta, S. E., Fischer, W., Klauke, J., & Bodden, E. (2024). Java Bytecode Normalization for Code Similarity Analysis. 38th European Conference on Object-Oriented Programming (ECOOP 2024). 38th European Conference on Object-Oriented Programming (ECOOP 2024), Vienna. https://doi.org/10.4230/LIPIcs.ECOOP.2024.37"},"year":"2024","author":[{"full_name":"Schott, Stefan","id":"54847","last_name":"Schott","first_name":"Stefan"},{"full_name":"Ponta, Serena Elisa","last_name":"Ponta","first_name":"Serena Elisa"},{"first_name":"Wolfram","last_name":"Fischer","full_name":"Fischer, Wolfram"},{"first_name":"Jonas","id":"40915","full_name":"Klauke, Jonas","last_name":"Klauke","orcid":"0000-0001-9160-9636"},{"last_name":"Bodden","orcid":"0000-0003-3470-3647","full_name":"Bodden, Eric","id":"59256","first_name":"Eric"}],"date_created":"2024-12-03T08:15:07Z","date_updated":"2025-11-11T14:29:43Z","doi":"10.4230/LIPIcs.ECOOP.2024.37","conference":{"name":"38th European Conference on Object-Oriented Programming (ECOOP 2024)","location":"Vienna"},"title":"Java Bytecode Normalization for Code Similarity Analysis"},{"citation":{"mla":"Schott, Stefan, et al. “Compilation of Commit Changes Within Java Source Code Repositories.” 2024 IEEE International Conference on Software Maintenance and Evolution (ICSME), IEEE, 2024, doi:10.1109/icsme58944.2024.00038.","short":"S. Schott, W. Fischer, S.E. Ponta, J. Klauke, E. Bodden, in: 2024 IEEE International Conference on Software Maintenance and Evolution (ICSME), IEEE, 2024.","bibtex":"@inproceedings{Schott_Fischer_Ponta_Klauke_Bodden_2024, title={Compilation of Commit Changes Within Java Source Code Repositories}, DOI={10.1109/icsme58944.2024.00038}, booktitle={2024 IEEE International Conference on Software Maintenance and Evolution (ICSME)}, publisher={IEEE}, author={Schott, Stefan and Fischer, Wolfram and Ponta, Serena Elisa and Klauke, Jonas and Bodden, Eric}, year={2024} }","apa":"Schott, S., Fischer, W., Ponta, S. E., Klauke, J., & Bodden, E. (2024). Compilation of Commit Changes Within Java Source Code Repositories. 2024 IEEE International Conference on Software Maintenance and Evolution (ICSME). https://doi.org/10.1109/icsme58944.2024.00038","ama":"Schott S, Fischer W, Ponta SE, Klauke J, Bodden E. Compilation of Commit Changes Within Java Source Code Repositories. In: 2024 IEEE International Conference on Software Maintenance and Evolution (ICSME). IEEE; 2024. doi:10.1109/icsme58944.2024.00038","chicago":"Schott, Stefan, Wolfram Fischer, Serena Elisa Ponta, Jonas Klauke, and Eric Bodden. “Compilation of Commit Changes Within Java Source Code Repositories.” In 2024 IEEE International Conference on Software Maintenance and Evolution (ICSME). IEEE, 2024. https://doi.org/10.1109/icsme58944.2024.00038.","ieee":"S. Schott, W. Fischer, S. E. Ponta, J. Klauke, and E. Bodden, “Compilation of Commit Changes Within Java Source Code Repositories,” 2024, doi: 10.1109/icsme58944.2024.00038."},"year":"2024","publication_status":"published","doi":"10.1109/icsme58944.2024.00038","title":"Compilation of Commit Changes Within Java Source Code Repositories","date_created":"2025-02-19T15:47:18Z","author":[{"first_name":"Stefan","full_name":"Schott, Stefan","id":"54847","last_name":"Schott"},{"first_name":"Wolfram","last_name":"Fischer","full_name":"Fischer, Wolfram"},{"last_name":"Ponta","full_name":"Ponta, Serena Elisa","first_name":"Serena Elisa"},{"last_name":"Klauke","orcid":"0000-0001-9160-9636","full_name":"Klauke, Jonas","id":"40915","first_name":"Jonas"},{"id":"59256","full_name":"Bodden, Eric","orcid":"0000-0003-3470-3647","last_name":"Bodden","first_name":"Eric"}],"date_updated":"2025-11-11T15:01:44Z","publisher":"IEEE","status":"public","publication":"2024 IEEE International Conference on Software Maintenance and Evolution (ICSME)","type":"conference","language":[{"iso":"eng"}],"department":[{"_id":"76"}],"user_id":"54847","_id":"58716","project":[{"_id":"1072","name":"SFB 901; TP T5: Zuverlässige und automatisierte codebasierte Analyse von Open-Source-Abhängigkeiten (Reaktor)"}]},{"status":"public","publication":"Journal on Computer Languages (COLA) ","type":"journal_article","language":[{"iso":"eng"}],"department":[{"_id":"66"},{"_id":"534"}],"user_id":"8447","_id":"34402","citation":{"ieee":"E. Yigitbas, J. Klauke, S. Gottschalk, and G. Engels, “End-User Development of Interactive Web-Based Virtual Reality Scenes,” Journal on Computer Languages (COLA) , 2023.","chicago":"Yigitbas, Enes, Jonas Klauke, Sebastian Gottschalk, and Gregor Engels. “End-User Development of Interactive Web-Based Virtual Reality Scenes.” Journal on Computer Languages (COLA) , 2023.","ama":"Yigitbas E, Klauke J, Gottschalk S, Engels G. End-User Development of Interactive Web-Based Virtual Reality Scenes. Journal on Computer Languages (COLA) . Published online 2023.","apa":"Yigitbas, E., Klauke, J., Gottschalk, S., & Engels, G. (2023). End-User Development of Interactive Web-Based Virtual Reality Scenes. Journal on Computer Languages (COLA) .","mla":"Yigitbas, Enes, et al. “End-User Development of Interactive Web-Based Virtual Reality Scenes.” Journal on Computer Languages (COLA) , Elsevier, 2023.","bibtex":"@article{Yigitbas_Klauke_Gottschalk_Engels_2023, title={End-User Development of Interactive Web-Based Virtual Reality Scenes}, journal={Journal on Computer Languages (COLA) }, publisher={Elsevier}, author={Yigitbas, Enes and Klauke, Jonas and Gottschalk, Sebastian and Engels, Gregor}, year={2023} }","short":"E. Yigitbas, J. Klauke, S. Gottschalk, G. Engels, Journal on Computer Languages (COLA) (2023)."},"year":"2023","title":"End-User Development of Interactive Web-Based Virtual Reality Scenes","date_created":"2022-12-12T20:04:29Z","author":[{"full_name":"Yigitbas, Enes","id":"8447","orcid":"0000-0002-5967-833X","last_name":"Yigitbas","first_name":"Enes"},{"first_name":"Jonas","orcid":"0000-0001-9160-9636","last_name":"Klauke","full_name":"Klauke, Jonas","id":"40915"},{"last_name":"Gottschalk","id":"47208","full_name":"Gottschalk, Sebastian","first_name":"Sebastian"},{"first_name":"Gregor","last_name":"Engels","id":"107","full_name":"Engels, Gregor"}],"date_updated":"2023-02-14T10:48:12Z","publisher":"Elsevier"},{"publication":"Proceedings of the 2021 IEEE Symposium on Visual Languages and Human-Centric Computing (VL/HCC) ","type":"conference","status":"public","_id":"22482","department":[{"_id":"66"},{"_id":"534"}],"user_id":"8447","language":[{"iso":"eng"}],"year":"2021","citation":{"apa":"Yigitbas, E., Klauke, J., Gottschalk, S., & Engels, G. (2021). VREUD - An End-User Development Tool to Simplify the Creation of Interactive VR Scenes. Proceedings of the 2021 IEEE Symposium on Visual Languages and Human-Centric Computing (VL/HCC) .","mla":"Yigitbas, Enes, et al. “VREUD - An End-User Development Tool to Simplify the Creation of Interactive VR Scenes.” Proceedings of the 2021 IEEE Symposium on Visual Languages and Human-Centric Computing (VL/HCC) , IEEE, 2021.","bibtex":"@inproceedings{Yigitbas_Klauke_Gottschalk_Engels_2021, title={VREUD - An End-User Development Tool to Simplify the Creation of Interactive VR Scenes}, booktitle={Proceedings of the 2021 IEEE Symposium on Visual Languages and Human-Centric Computing (VL/HCC) }, publisher={IEEE}, author={Yigitbas, Enes and Klauke, Jonas and Gottschalk, Sebastian and Engels, Gregor}, year={2021} }","short":"E. Yigitbas, J. Klauke, S. Gottschalk, G. Engels, in: Proceedings of the 2021 IEEE Symposium on Visual Languages and Human-Centric Computing (VL/HCC) , IEEE, 2021.","ama":"Yigitbas E, Klauke J, Gottschalk S, Engels G. VREUD - An End-User Development Tool to Simplify the Creation of Interactive VR Scenes. In: Proceedings of the 2021 IEEE Symposium on Visual Languages and Human-Centric Computing (VL/HCC) . IEEE; 2021.","ieee":"E. Yigitbas, J. Klauke, S. Gottschalk, and G. Engels, “VREUD - An End-User Development Tool to Simplify the Creation of Interactive VR Scenes,” 2021.","chicago":"Yigitbas, Enes, Jonas Klauke, Sebastian Gottschalk, and Gregor Engels. “VREUD - An End-User Development Tool to Simplify the Creation of Interactive VR Scenes.” In Proceedings of the 2021 IEEE Symposium on Visual Languages and Human-Centric Computing (VL/HCC) . IEEE, 2021."},"publisher":"IEEE","date_updated":"2022-01-31T13:39:38Z","author":[{"full_name":"Yigitbas, Enes","id":"8447","last_name":"Yigitbas","orcid":"0000-0002-5967-833X","first_name":"Enes"},{"full_name":"Klauke, Jonas","id":"40915","last_name":"Klauke","first_name":"Jonas"},{"first_name":"Sebastian","full_name":"Gottschalk, Sebastian","id":"47208","last_name":"Gottschalk"},{"id":"107","full_name":"Engels, Gregor","last_name":"Engels","first_name":"Gregor"}],"date_created":"2021-06-21T07:54:22Z","title":"VREUD - An End-User Development Tool to Simplify the Creation of Interactive VR Scenes"},{"title":"Forward-Secure 0-RTT Goes Live: Implementation and Performance Analysis in QUIC","conference":{"end_date":"2020-12-16","location":"Vienna","name":"CANS 2020","start_date":"2020-12-14"},"doi":"10.1007/978-3-030-65411-5_11","publisher":"Springer-Verlag","date_updated":"2022-03-11T10:59:41Z","author":[{"last_name":"Dallmeier","full_name":"Dallmeier, Fynn","first_name":"Fynn"},{"full_name":"Drees, Jan P.","last_name":"Drees","first_name":"Jan P."},{"first_name":"Kai","full_name":"Gellert, Kai","last_name":"Gellert"},{"first_name":"Tobias","last_name":"Handirk","full_name":"Handirk, Tobias"},{"first_name":"Tibor","full_name":"Jager, Tibor","last_name":"Jager"},{"id":"40915","full_name":"Klauke, Jonas","last_name":"Klauke","orcid":"0000-0001-9160-9636","first_name":"Jonas"},{"full_name":"Nachtigall, Simon","last_name":"Nachtigall","first_name":"Simon"},{"first_name":"Timo","last_name":"Renzelmann","full_name":"Renzelmann, Timo"},{"last_name":"Wolf","full_name":"Wolf, Rudi","first_name":"Rudi"}],"date_created":"2021-12-15T17:43:11Z","year":"2020","place":"Cham","citation":{"ama":"Dallmeier F, Drees JP, Gellert K, et al. Forward-Secure 0-RTT Goes Live: Implementation and Performance Analysis in QUIC. In: Cryptology and Network Security. Springer-Verlag; 2020:211-231. doi:10.1007/978-3-030-65411-5_11","chicago":"Dallmeier, Fynn, Jan P. Drees, Kai Gellert, Tobias Handirk, Tibor Jager, Jonas Klauke, Simon Nachtigall, Timo Renzelmann, and Rudi Wolf. “Forward-Secure 0-RTT Goes Live: Implementation and Performance Analysis in QUIC.” In Cryptology and Network Security, 211–31. Cham: Springer-Verlag, 2020. https://doi.org/10.1007/978-3-030-65411-5_11.","ieee":"F. Dallmeier et al., “Forward-Secure 0-RTT Goes Live: Implementation and Performance Analysis in QUIC,” in Cryptology and Network Security, Vienna, 2020, pp. 211–231, doi: 10.1007/978-3-030-65411-5_11.","bibtex":"@inproceedings{Dallmeier_Drees_Gellert_Handirk_Jager_Klauke_Nachtigall_Renzelmann_Wolf_2020, place={Cham}, title={Forward-Secure 0-RTT Goes Live: Implementation and Performance Analysis in QUIC}, DOI={10.1007/978-3-030-65411-5_11}, booktitle={Cryptology and Network Security}, publisher={Springer-Verlag}, author={Dallmeier, Fynn and Drees, Jan P. and Gellert, Kai and Handirk, Tobias and Jager, Tibor and Klauke, Jonas and Nachtigall, Simon and Renzelmann, Timo and Wolf, Rudi}, year={2020}, pages={211–231} }","mla":"Dallmeier, Fynn, et al. “Forward-Secure 0-RTT Goes Live: Implementation and Performance Analysis in QUIC.” Cryptology and Network Security, Springer-Verlag, 2020, pp. 211–31, doi:10.1007/978-3-030-65411-5_11.","short":"F. Dallmeier, J.P. Drees, K. Gellert, T. Handirk, T. Jager, J. Klauke, S. Nachtigall, T. Renzelmann, R. Wolf, in: Cryptology and Network Security, Springer-Verlag, Cham, 2020, pp. 211–231.","apa":"Dallmeier, F., Drees, J. P., Gellert, K., Handirk, T., Jager, T., Klauke, J., Nachtigall, S., Renzelmann, T., & Wolf, R. (2020). Forward-Secure 0-RTT Goes Live: Implementation and Performance Analysis in QUIC. Cryptology and Network Security, 211–231. https://doi.org/10.1007/978-3-030-65411-5_11"},"page":"211-231","publication_status":"published","publication_identifier":{"issn":["0302-9743","1611-3349"],"isbn":["9783030654108","9783030654115"]},"language":[{"iso":"eng"}],"extern":"1","_id":"28997","user_id":"40915","abstract":[{"text":"Modern cryptographic protocols, such as TLS 1.3 and QUIC, can send cryptographically protected data in “zero round-trip times (0-RTT)”, that is, without the need for a prior interactive handshake. Such protocols meet the demand for communication with minimal latency, but those currently deployed in practice achieve only rather weak security properties, as they may not achieve forward security for the first transmitted payload message and require additional countermeasures against replay attacks.Recently, 0-RTT protocols with full forward security and replay resilience have been proposed in the academic literature. These are based on puncturable encryption, which uses rather heavy building blocks, such as cryptographic pairings. Some constructions were claimed to have practical efficiency, but it is unclear how they compare concretely to protocols deployed in practice, and we currently do not have any benchmark results that new protocols can be compared with.We provide the first concrete performance analysis of a modern 0-RTT protocol with full forward security, by integrating the Bloom Filter Encryption scheme of Derler et al. (EUROCRYPT 2018) in the Chromium QUIC implementation and comparing it to Google’s original QUIC protocol. We find that for reasonable deployment parameters, the server CPU load increases approximately by a factor of eight and the memory consumption on the server increases significantly, but stays below 400 MB even for medium-scale deployments that handle up to 50K connections per day. The difference of the size of handshake messages is small enough that transmission time on the network is identical, and therefore not significant.We conclude that while current 0-RTT protocols with full forward security come with significant computational overhead, their use in practice is feasible, and may be used in applications where the increased CPU and memory load can be tolerated in exchange for full forward security and replay resilience on the cryptographic protocol level. Our results serve as a first benchmark that can be used to assess the efficiency of 0-RTT protocols potentially developed in the future.\r\n","lang":"eng"}],"status":"public","type":"conference","publication":"Cryptology and Network Security"}]