More Like this

1. Towards an Effective Method of ReDoS Detection for Non-backtracking Engines

   Su, Weihao; Huang, Hong; Li, Rongchen; Chen, Haiming; Ge, Tingjian (August 2024, USENIX Association)

   33rd USENIX Security Symposium (USENIX Security 24) 

   more » « less
2. An LLM-Assisted Easy-to-Trigger Backdoor Attack on Code Completion Models: Injecting Disguised Vulnerabilities against Strong Detection

   Yan, Shenao; Wang, Shen; Duan, Yue; Hong, Hanbin; Lee, Kiho; Kim, Doowon; Hong, Yuan (August 2024, USENIX Association)

   In Proceedings of the 33rd USENIX Security Symposium (USENIX Security), Philadelphia, PA, USA, August 14-16, 2024. 

   more » « less
3. Do You See How I Pose? Using Poses as an Implicit Authentication Factor for QR Code Payment

   Wu, Chuxiong; Zeng, Qiang (August 2025, USENIX Association)

   33rd USENIX Security Symposium 

   more » « less
4. Understanding How to Inform Blind and Low-Vision Users about Data Privacy through Privacy Question Answering Assistants

   https://doi.org/10.17605/OSF.IO/K9FV6  

   Feng, Yuanyuan; Ravichander, Abhilasha; Yao, Yaxing; Zhang, Shikun; Chen, Rex; Wilson, Shomir; Sadeh, Norman (January 2023, OSF)

   This repository archives the supplemental materials for the USENIX Security '24 paper of the same title. 

   more » « less
5. Scalable Private Set Union, with Stronger Security

   Jia, Yanxue; Sun, Shi-Feng; Zhou, Hong-Sheng; Gu, Dawu (August 2024, USENIX Association)

   Private Set Union (PSU) protocol allows parties, each hold- ing an input set, to jointly compute the union of the sets without revealing anything else. In the literature, scalable PSU protocols follow the “split-execute-assemble” paradigm (Kolesnikov et al., ASIACRYPT 2019); in addition, those fast protocols often use Oblivious Transfer as building blocks. Kolesnikov et al. (ASIACRYPT 2019) and Jia et al. (USENIX Security 2022), pointed out that certain security issues can be introduced in the “split-execute-assemble” paradigm. In this work, surprisingly, we observe that the typical way of invoking Oblivious Transfer also causes unnecessary leakage, and only the PSU protocols based on additively homomor- phic encryption (AHE) can avoid the leakage. However, the AHE-based PSU protocols are far from being practical. To bridge the gap, we also design a new PSU protocol that can avoid the unnecessary leakage. Unlike the AHE- based PSU protocols, our new construction only relies on symmetric-key operations other than base OTs, thereby being much more scalable. The experimental results demonstrate that our protocol can obtain at least 873.74× speedup over the best-performing AHE-based scheme. Moreover, our per- formance is comparable to that of the state-of-the-art PSU protocol (Chen et al., USENIX Security 2023), which also suffers from the unnecessary leakage. 

   more » « less