-
# International Mobile Subscriber Identity Catching Attack
## Implementation (gNB):
Create a dummy gNB:
- configure the gNB to have a higher signal strength than the other
- configure the dumm…
-
We currently don't support deduplication because block ids are computed as hashes of block ciphertext which is computed using a random nonce. So if the same plaintext is written multiple times, it pro…
-
WDYT? Is this publication in scope?
```
@article{Farhady_Ghalaty_2016,
author = {Farhady Ghalaty, Nahid and Yuce, Bilgiday and Schaumont, Patrick},
doi = {10.1109/les.2016.2524652},
issn = {1943-06…
-
The encrypted data is not authenticated, thus allowing easy manipulation of the ciphertext with predictable changes to the plaintext. This is especially bad as unauthenticated [AES-CBC](https://en.wik…
-
Someone might be able to do a command line injection attack against your system here: https://github.com/Lootcode-Dev/lootcode/blob/4b49b2d1a4c6ececaad83705176196964686439d/src/server/api/routers/dock…
-
Please, enable Dependabot or Renovate for keeping dependencies up to date. When a known vulnerability is detected, it automatically opens a pull request to update the affected package.
```
fronte…
-
I recently realized that this construction has a [chosen application attack](https://github.com/calvinmetcalf/hmac-stream/issues/5)
A chosen application attack means I can describe a reasonable appli…
-
### Is your suggested enhancement related to a problem? Please describe.
Trying to do this:
```shell
curl -v 'https://api.modrinth.com/v2/version' \
-H "Authorization: $MODRINTH_TOKEN" \
-…
-
I found the [Probabilistic relational verification types](https://dl.acm.org/doi/10.1145/2535838.2535847) work in the [F*](http://research.microsoft.com/apps/mobile/showpage.aspx?page=/en-us/projects/…
-
As far as I can see, the current proposal has some trouble with large files.
As a GCM decryption should not release plaintext before the tag has been verified, the client needs to buffer the comple…