VApps: Verifiable Applications at Internet Scale

Blockchain technology promises a decentralized, trustless, and interoperable infrastructure. However, widespread adoption remains hindered by issues such as limited scalability, high transaction costs, and the complexity of maintaining coherent verification logic across different blockchain layer...

Federated One-Shot Learning with Data Privacy and Objective-Hiding

Privacy in federated learning is crucial, encompassing two key aspects: safeguarding the privacy of clients' data and maintaining the privacy of the federator's objective from the clients. While the first aspect has been extensively studied, the second has received much less attention. We present...

Trusted Compute Units: a Framework for Chained Verifiable Computations

Blockchain and distributed ledger technologies DLTs facilitate decentralized computations across trust boundaries. However, ensuring complex computations with low gas fees and confidentiality remains challenging. Recent advances in Confidential Computing -- leveraging hardware-based Trusted...

From Paper Trails to Trust on Tracks: Adding Public Transparency to Railways Via Zk-SNARKs

Railways provide a critical service and operate under strict regulatory frameworks for implementing changes or upgrades. Despite their impact on the public, these frameworks do not define means or mechanisms for transparency towards the public, leading to reduced trust and complex tracking...

Hybrid Privacy Policy-Code Consistency Check Using Knowledge Graphs and LLMs

The increasing concern in user privacy misuse has accelerated research into checking consistencies between smartphone apps' declared privacy policies and their actual behaviors. Recent advances in Large Language Models LLMs have introduced promising techniques for semantic comparison, but these...

NoEsis: Differentially Private Knowledge Transfer in Modular LLM Adaptation

Large Language Models LLM are typically trained on vast amounts of data from various sources. Even when designed modularly e.g., Mixture-of-Experts, LLMs can leak privacy on their sources. Conversely, training such models in isolation arguably prohibits generalization. To this end, we propose a...

PICO: Secure Transformers Via Robust Prompt Isolation and Cybersecurity Oversight

We propose a robust transformer architecture designed to prevent prompt injection attacks and ensure secure, reliable response generation. Our PICO Prompt Isolation and Cybersecurity Oversight framework structurally separates trusted system instructions from untrusted user inputs through dual...

Biting the CHERI Bullet: Blockers, Enablers and Security Implications of CHERI in Defence

There is growing interest in securing the hardware foundations software stacks build upon. However, before making any investment decision, software and hardware supply chain stakeholders require evidence from realistic, multiple long-term studies of adoption. We present results from a 12 month...

"Shifting Access Control Left" Using Asset and Goal Models

Access control needs have broad design implications, but access control specifications may be elicited before, during, or after these needs are captured. Because access control knowledge is distributed, we need to make knowledge asymmetries more transparent, and use expertise already available to...

The vulnerability of the SAP KMC WPC knowledge management business application, related to deficiencies in the authentication process, allows unauthorized users to gain unauthorized access to protected information.

The vulnerability of the SAP KMC WPC knowledge management business application is related to deficiencies in the authentication process. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...

Anonymous Public Announcements

We formalise the notion of an anonymous public announcement in the tradition of public announcement logic. Such announcements can be seen as in-between a public announcement from "the outside" an announcement of $φ$ and a public announcement by one of the agents an announcement of $Kaφ$: we get...

REDEditing: Relationship-Driven Precise Backdoor Poisoning on Text-To-Image Diffusion Models

The rapid advancement of generative AI highlights the importance of text-to-image T2I security, particularly with the threat of backdoor poisoning. Timely disclosure and mitigation of security vulnerabilities in T2I models are crucial for ensuring the safe deployment of generative models. We...

Post Quantum Cryptography (PQC) Signatures without Trapdoors

Some of our current public key methods use a trap door to implement digital signature methods. This includes the RSA method, which uses Fermat's little theorem to support the creation and verification of a digital signature. The problem with a back-door is that the actual trap-door method could, ...

ZkVC: Fast Zero-Knowledge Proof for Private and Verifiable Computing

Whitepaper called ZkVC: Fast Zero-Knowledge Proof For Private And Verifiable Computing...

ZkFuzz: Foundation and Framework for Effective Fuzzing of Zero-Knowledge Circuits

Zero-knowledge ZK circuits enable privacy-preserving computations and are central to many cryptographic protocols. Systems like Circom simplify ZK development by combining witness computation and circuit constraints in one program. However, even small errors can compromise security of ZK programs...

The Digital Cybersecurity Expert: How Far Have We Come?

The increasing deployment of large language models LLMs in the cybersecurity domain underscores the need for effective model selection and evaluation. However, traditional evaluation methods often overlook specific cybersecurity knowledge gaps that contribute to performance limitations. To addres...

CVE-2025-32383

MaxKB Max Knowledge Base is an open source knowledge base question-answering system based on a large language model and retrieval-augmented generation RAG. A reverse shell vulnerability exists in the module of function library. The vulnerability allow privileged‌ users to create a reverse shell...

CVE-2025-32383 MaxKB has a reverse shell vulnerability in function library

MaxKB Max Knowledge Base is an open source knowledge base question-answering system based on a large language model and retrieval-augmented generation RAG. A reverse shell vulnerability exists in the module of function library. The vulnerability allow privileged‌ users to create a reverse shell...

2025-04 Cumulative Update for Windows 10 Version 22H2 for x86-based Systems (KB5055518)

Install this update to resolve issues in Windows. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article for more information. After you install this item, you may have to restart your computer...

2025-04 Dynamic Cumulative Update for Windows 10 Version 22H2 for ARM64-based Systems (KB5055518)

ComponentUpdate: A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft...