@phdthesis{29763, abstract = {{Modern-day communication has become more and more digital. While this comes with many advantages such as a more efficient economy, it has also created more and more opportunities for various adversaries to manipulate communication or eavesdrop on it. The Snowden revelations in 2013 further highlighted the seriousness of these threats. To protect the communication of people, companies, and states from such threats, we require cryptography with strong security guarantees. Different applications may require different security properties from cryptographic schemes. For most applications, however, so-called adaptive security is considered a reasonable minimal requirement of security. Cryptographic schemes with adaptive security remain secure in the presence of an adversary that can corrupt communication partners to respond to messages of the adversaries choice, while the adversary may choose the messages based on previously observed interactions. While cryptography is associated the most with encryption, this is only one of many primitives that are essential for the security of digital interactions. This thesis presents novel identity-based encryption (IBE) schemes and verifiable random functions (VRFs) that achieve adaptive security as outlined above. Moreover, the cryptographic schemes presented in this thesis are proven secure in the standard model. That is without making use of idealized models like the random oracle model.}}, author = {{Niehues, David}}, keywords = {{public-key cryptography, lattices, pairings, verifiable random functions, identity-based encryption}}, title = {{{More Efficient Techniques for Adaptively-Secure Cryptography}}}, doi = {{10.25926/rdtq-jw45}}, year = {{2022}}, } @article{20533, author = {{Krüger, Stefan and Späth, Johannes and Ali, Karim and Bodden, Eric and Mezini, Mira}}, issn = {{2326-3881}}, journal = {{IEEE Transactions on Software Engineering}}, keywords = {{Java, Encryption, Static analysis, Tools, Ciphers, Semantics, cryptography, domain-specific language, static analysis}}, pages = {{1--1}}, title = {{{CrySL: An Extensible Approach to Validating the Correct Usage of Cryptographic APIs}}}, doi = {{10.1109/TSE.2019.2948910}}, year = {{2019}}, } @inproceedings{19, abstract = {{Version Control Systems (VCS) are a valuable tool for software development and document management. Both client/server and distributed (Peer-to-Peer) models exist, with the latter (e.g., Git and Mercurial) becoming increasingly popular. Their distributed nature introduces complications, especially concerning security: it is hard to control the dissemination of contents stored in distributed VCS as they rely on replication of complete repositories to any involved user. We overcome this issue by designing and implementing a concept for cryptography-enforced access control which is transparent to the user. Use of field-tested schemes (end-to-end encryption, digital signatures) allows for strong security, while adoption of convergent encryption and content-defined chunking retains storage efficiency. The concept is seamlessly integrated into Mercurial---respecting its distributed storage concept---to ensure practical usability and compatibility to existing deployments.}}, author = {{Lass, Michael and Leibenger, Dominik and Sorge, Christoph}}, booktitle = {{Proc. 41st Conference on Local Computer Networks (LCN)}}, isbn = {{978-1-5090-2054-6}}, keywords = {{access control, distributed version control systems, mercurial, peer-to-peer, convergent encryption, confidentiality, authenticity}}, publisher = {{IEEE}}, title = {{{Confidentiality and Authenticity for Distributed Version Control Systems - A Mercurial Extension}}}, doi = {{10.1109/lcn.2016.11}}, year = {{2016}}, }