This paper addresses the operational challenge of adopting Post-Quantum Cryptography (PQC) in complex financial TLS environments by presenting a methodology to automatically profile and normalize cryp…

The paper argues that current Software Bills of Materials (SBOMs) are fundamentally flawed due to a lack of shared understanding regarding what constitutes a 'component,' demonstrating that existing t…

This paper evaluates the Crypto Agility Maturity Model (CAMM) and finds that it suffers from ambiguities, lack of operationalization, and structural flaws, proposing concrete improvements for reliable…

zkSBOM introduces a zero-knowledge mechanism for sharing Software Bills of Materials (SBOMs) that allows consumers to check for vulnerabilities without suppliers revealing the full, sensitive contents…

The paper systematically explores a vast design space of cryptographic Boolean networks by formalizing six structural constraints, finding that optimal designs result from sparse, mutually compatible…

This paper conducts an extensive microbenchmark study to characterize the performance of core cryptographic workloads across various cloud services, architectures, and programming languages, identifyi…

The paper proposes a novel semi-automated method to perform continuous threat modeling by inferring the actual system architecture from combined static configuration and dynamic network flow data, sig…

The paper introduces ASTRAL, a multimodal LLM-driven framework that reconstructs and analyzes fragmented cyber-physical system architectures to enable comprehensive and quantitative security risk asse…

This study empirically evaluates the cryptographic security of LLM-generated Rust code, finding that while general analysis tools are insufficient, a custom crypto-specific analyzer successfully ident…

This review analyzes the dual impact of integrating Large Language Models (LLMs) into hardware design, detailing both their transformative potential in EDA and the critical security vulnerabilities th…

This Systematic Literature Review (SoK) investigates PQC implementation challenges using the Human, Organisation, and Technology (HOT) framework, concluding that successful adoption requires addressin…

The paper presents a highly optimized, low-stack implementation of the HAETAE signature scheme, reducing peak stack usage significantly to enable its use on severely memory-constrained microcontroller…

This paper investigates the potential of real-world Processing-in-Memory (PIM) architectures, specifically using UPMEM, to accelerate cryptographic algorithms, demonstrating that distributing computat…

This paper replicates and extends a study on Java security API misuse in LLMs, finding that while newer models improve performance, the misuse risk persists and is significantly mitigated by external…

The study simulates various Post-Quantum Cryptography (PQC) signature standards for Australia's New Payments Platform, finding that Falcon-512 is the most viable candidate for maintaining Service Leve…

The paper proposes a comprehensive, phased hybrid migration framework to transition vulnerable IoT-based healthcare systems to quantum-safe cryptography.

This paper systematizes two decades of hardware reverse engineering research by analyzing 187 publications, identifying key technical methods and recommending improvements for reproducibility, standar…

The paper proposes a comprehensive cryptographic distribution provenance system to structurally defend against dependency confusion attacks in software package ecosystems.

The paper introduces a novel toolkit to enhance RISC-V Trusted Execution Environments (TEEs) by adding modular extensions for secure enclave update, migration, state continuity, and trusted time, ther…

This paper provides the first systematic threat analysis of State-Space Models (SSMs) in safety-critical applications, introducing novel attack classes and formal metrics to quantify their security an…