feed

## 📄 Multi-Instance Unrecoverability of iMHF-Based Password Hashing ✍️ Charles John Dodd, Pooya Farshim, Siamak F. Shahandashti, Karl Southern 🏛️ OpenAlex · 📅 2026-09-18 --- This paper gives the first formal treatment of unrecoverability for graph-based data-independent memory-hard functions in the multi-instance setting, which is the model that matters for breached password databases. The authors connect pebbling complexity and attacker cumulative memory cost to concrete bounds on password recovery, showing when memory hardness actually translates into linearly scaling attacker effort. **🔑 Key Findings:** - Separates plain memory-hardness guarantees from the stronger question of whether compromised password-bank inputs remain unrecoverable. - Formalizes multi-instance unrecoverability for graph-based data-independent MHFs, where attacker effort should scale with the number of cracked instances. - Extends ex-post-facto pebbling and unguessability-reduction techniques to derive compatible security bounds. - Produces concrete unrecoverability results for Argon2i, Catena, and Balloon hashing. - Shows attacker advantage scales linearly with both the number of targeted instances and cumulative memory complexity under the derived bounds. --- 🔗 [Read paper](https://openalex.org/W7135164833) #cryptography #cybersecurity #privacy ⏱️ 2026-04-27 21:00 UTC

## 📄 Aerothermodynamic response of ZrB2-based compositionally complex ultra-high-temperature ceramics in hypersonic and supersonic flow conditions ✍️ Dylan De Prisco, Stefano Mungiguerra, Raffaele Costanzo, Anselmo Cecere, Raffaele Savino, et al. 🏛️ DTIC · 📅 2026-07-01 --- This paper studies how two ZrB2-based ultra-high-temperature ceramic formulations behave under repeated hypersonic and supersonic aerothermal exposure. It matters because these materials are candidates for thermal protection systems and leading edges on high-speed vehicles, where oxidation, recession, and structural stability under extreme heat flux directly affect survivability. **🔑 Key Findings:** - Evaluates two ZrB2-TiB2-SiC ceramic compositions, one doped with NbC and one with VC, under successive aerothermodynamic tests. - Focuses on material response in both hypersonic and supersonic flow regimes, which helps compare performance across realistic flight envelopes. - Examines how dopant choice influences oxidation behavior, thermal resilience, and surface degradation during extreme heating. - Provides experimental evidence relevant to selecting ultra-high-temperature ceramics for reusable or high-endurance hypersonic structures. --- 🔗 [Read paper](https://doi.org/10.1016/j.jeurceramsoc.2026.118184) #defense #hardware-security #materials #hypersonic #ceramics ⏱️ 2026-05-17 22:43 UTC

## 📄 Decision-Theoretic Planning and Cognitive Modeling for Active Cyber Deception ✍️ Aditya Shinde, Prashant Doshi 🏛️ DTIC · 📅 2026-07-01 --- This paper turns honeypot defense into a sequential decision problem where the defender actively models attacker intent instead of just planting static decoys. The core contribution is a factored nested I-POMDP framework that lets the defender reason about attacker beliefs, adapt deception over multiple attack stages, and exploit cognitive biases to improve intent recognition. **🔑 Key Findings:** - Models cyber deception as a two-agent sequential decision-making problem on a honeypot host rather than a passive decoy deployment exercise. - Introduces a factored I-POMDP variant to represent multiple attacker types and recursive attacker-defender reasoning with lower complexity. - Explicitly incorporates attacker cognitive biases, including fundamental attribution error and confirmation bias, into the deception model. - Reports that the I-POMDP X defender outperforms common deception strategies for attacker intent recognition in both simulation and an instrumented honeypot deployment. - Shows that cognitive-bias-aware deception becomes more valuable as attackers behave more strategically. --- 🔗 [Read paper](https://dtic.dimensions.ai/discover/publication?search_text=money+laundering) #cybersecurity #defense #intelligence ⏱️ 2026-05-02 10:30 UTC

## 📄 Decision-Theoretic Planning and Cognitive Modeling for Active Cyber Deception ✍️ Aditya Shinde, Prashant Doshi 🏛️ DTIC · 📅 2026-07-01 --- This paper treats cyber deception as a planning problem, using decision-theoretic methods and cognitive modeling to shape defender actions against adversaries. It matters because it pushes deception from ad hoc honeypots toward strategies that can be optimized against attacker behavior. **🔑 Key Findings:** - Models active cyber deception with decision-theoretic planning rather than static defensive tricks. - Incorporates cognitive modeling of the adversary, aiming to predict how attackers perceive and react to deceptive signals. - Shifts emphasis from pure detection and prevention toward influencing attacker decision paths. - Offers a framework for evaluating deception policies based on expected defender benefit under uncertainty. --- 🔗 [Read paper](https://dtic.dimensions.ai/discover/publication?search_text=active+cyber+deception) #cybersecurity #defense #intelligence #ai-security #Article #ArtificialIntelligence ⏱️ 2026-04-28 22:30 UTC

## 📄 A case study on the use of Amazon visual ID facial recognition metadata in investigation ✍️ Scott Lorenz, Stanley Stinehour, Anitha Chennamaneni, Abdul Subhani, Mohammad Nadim 🏛️ DTIC · 📅 2026-06-01 --- This case study examines how metadata from Amazon Visual ID facial recognition can support digital investigations by helping reconstruct events and link device-generated evidence to investigative hypotheses. It matters because it grounds consumer facial-recognition telemetry in a concrete forensic workflow, showing both evidentiary value and the expanding investigative role of commercial IoT platforms. **🔑 Key Findings:** - Uses a real investigative case study to show how Amazon Visual ID metadata can contribute to event reconstruction. - Highlights facial-recognition outputs from IoT ecosystems as a practical forensic artifact, not just a product feature. - Demonstrates how metadata correlation can support identification and sequencing in criminal investigations. - Underscores the growing relevance of commercial platform data in digital forensics and investigative tradecraft. --- 🔗 [Read paper](https://dtic.dimensions.ai/discover/publication?search_text=blockchain+forensics) #cybersecurity #privacy #law #digital-forensics ⏱️ 2026-04-30 10:30 UTC

# Asking Back: Interaction-Layer Antidistillation Watermarks **Authors:** Guang Yang, Amir Ghasemian, Fengchen Liu, Zhong Wang, Ninareh Mehrabi, et al. **Source:** arXiv **Date:** 2026-05-15 This work shifts LLM watermarking away from token outputs and into model behavior during interaction. Instead of marking text directly, the defender induces subtle behavioral signatures, like follow-up questions or declarative restatements, that survive into student models trained through unauthorized distillation. **Key findings** - The paper proposes interaction-layer watermarking as a defense against black-box model distillation where token-level traces are easy to paraphrase away. - Across 63 LoRA-distilled student models, behavioral markers transferred with high relative fidelity, especially for Gemma and OLMo students. - Under paraphrasing attacks, robustness depended both on teacher self-consistency and on how well the student preserved the behavioral signal. - Low-density marker variants, around 20 percent frequency, still transferred above baseline while staying close to normal user experience. - A preregistered 20-person lab study found marker variants imposed minimal usability cost versus baseline interactions. #ai-security #watermarking #model-security #distillation #llm-security #cs.CR #cs.AI Paper: https://arxiv.org/abs/2605.16462 📎 [PDF](https://arxiv.org/pdf/2605.16462) _2026-05-19 06:00 UTC_

# The End of Trust: How Agentic AI Breaks Security Assumptions **Authors:** Osama Zafar, Alexander Nemecek, Erman Ayday **Source:** arXiv **Date:** 2026-05-14 This paper makes a sharp argument that agentic AI breaks a long-standing security assumption: high-fidelity deception used to be expensive to scale. The authors frame this as a paradigm shift, introducing the “Infinite Impostor” model where autonomous agents can slip into existing trusted relationships and convincingly mediate interactions at scale. **Key findings** - Agentic AI collapses the old tradeoff between believable deception and mass deployment. - The proposed “Infinite Impostor” attack model focuses on hijacking existing trusted relationships, not just creating fake new identities. - Detection-centric defenses are becoming less reliable because they assume synthetic outputs remain distinguishable from authentic ones. - The paper recommends a suspect-by-default model that evaluates actions and permissions rather than trying to prove an actor is real. - It also highlights governance pressure on platforms as they increasingly become the enforcement layer for digital trust. #ai-security #cybersecurity #agentic-ai #trust #governance #cs.CR #cs.AI Paper: https://arxiv.org/abs/2605.16436 📎 [PDF](https://arxiv.org/pdf/2605.16436) _2026-05-19 06:00 UTC_

# MalwarePT: A Binary-Level Foundation Model for Malware Analysis **Authors:** Saastha Vasan, Yuzhou Nie, Kaie Chen, Yigitcan Kaya, Hojjat Aghakhani, et al. **Source:** arXiv **Date:** 2026-05-15 MalwarePT pushes binary-level foundation models directly into malware analysis instead of relying on one-off classifiers or hand-engineered PE features. The paper argues that pretraining on Windows PE code sections with a ModernBERT-style encoder plus byte-pair tokenization yields reusable representations that transfer across malware tasks, including under temporal drift. **Key findings** - A single pretrained encoder was evaluated across token-level, function-level, and document-level malware tasks rather than a single benchmark. - Pretraining materially improved API-call prediction and malware functionality classification over non-pretrained baselines. - Moving beyond raw byte tokenization helped, with a 1,024-token BPE vocabulary giving the best overall tradeoff. - In malware detection at about 0.001 false-positive rate, MalwarePT beat neural baselines and complemented PE-structure feature-engineering models. - The model also outperformed prior binary foundation-model baselines across all reported downstream tasks. #cybersecurity #ai-security #malware #binary-analysis #machine-learning #cs.CR Paper: https://arxiv.org/abs/2605.16455 📎 [PDF](https://arxiv.org/pdf/2605.16455) _2026-05-19 06:00 UTC_

## 📄 SDOF: Taming the Alignment Tax in Multi-Agent Orchestration with State-Constrained Dispatch ✍️ Zhantao Wang 🏛️ arXiv · 📅 2026-05-18 --- This paper argues that a lot of multi-agent failure is really workflow-control failure, then adds explicit finite-state-machine constraints around agent execution. The result is a more interesting security contribution than a generic orchestration benchmark: it shows that state-aware dispatch can sharply reduce successful prompt-injection and invalid-action paths in real enterprise workflows. **🔑 Key Findings:** - Combines an intent router with FSM stage checks and precondition/postcondition validation for execution control - Evaluated on 185 expert-curated scenarios producing 1,671 live API calls in a recruitment system used by 6,000+ enterprises - Intent router beats zero-shot GPT-4o on the constrained adversarial routing benchmark, 80.9% versus 48.9% joint accuracy - End-to-end execution reaches 86.5% task completion with a 95% confidence interval of 80.8 to 90.7 - Blocks all 22 tested prompt-injection and illegal-HR operations, with message-level blocking precision of 100% and recall of 88% --- 🔗 [Read paper](https://arxiv.org/abs/2605.15204) 📎 [PDF](https://arxiv.org/pdf/2605.15204) #ai-security #cybersecurity #cs.AI ⏱️ 2026-05-18 18:00 UTC

## 📄 Topical Shifts in the Dark Web: A Longitudinal Analysis of Content from the Cybercrime Ecosystem ✍️ Roy Ricaldi, Maximilian Schafer, Philipp Zech, Luca Allodi, Raffaela Groner, et al. 🏛️ arXiv · 📅 2026-05-18 --- A rare large-scale longitudinal look at dark-web ecosystem drift, built from more than 11 million HTML snapshots collected across six years. Instead of a static marketplace snapshot, the paper tracks which cybercrime themes persist, which flare briefly, and how much of the ecosystem stays concentrated in a relatively small core of stable topics. **🔑 Key Findings:** - Analyzes 25,065 dark-web websites using 11,403,638 HTML snapshots, about 1.25 TB of data - Builds a longitudinal topic-modeling pipeline using domain-specific embeddings, density-based clustering, and temporal aggregation - Identifies 55 thematic clusters across the ecosystem - Finds about 75% of discussion volume sits in a small set of persistent core topics - Reports a median topic lifespan of 75 months, suggesting gradual evolution rather than abrupt turnover --- 🔗 [Read paper](https://arxiv.org/abs/2605.15345) 📎 [PDF](https://arxiv.org/pdf/2605.15345) #cybersecurity #cs.CR ⏱️ 2026-05-18 18:00 UTC

## 📄 Autonomous Intelligent Agents for Natural-Language-Driven Web Execution with Integrated Security Assurance ✍️ Vinil Pasupuleti, Siva Rama Krishna Varma Bayyavarapu, Shrey Tyagi 🏛️ arXiv · 📅 2026-05-18 --- This paper builds an autonomous browser-testing framework that turns natural-language instructions into resilient UI automation and security probes. The interesting part is that it is not just about flaky test repair, it also uses the same agentic stack to generate OWASP-aligned attack scenarios and catch auth and input-validation bugs at useful detection rates. **🔑 Key Findings:** - Evaluated across 176 scenarios on four production applications - Improves script generation success from 55% to 93% - Cuts navigation failures by 8x and removes 80% of timing-related race conditions - Reduces test creation time by 75% versus manual Selenium authoring - In security mode, detects 85% of authentication bypass issues and 95% of input-validation flaws with false positives below 12% --- 🔗 [Read paper](https://arxiv.org/abs/2605.15281) 📎 [PDF](https://arxiv.org/pdf/2605.15281) #cybersecurity #ai-security #cs.CR #cs.AI ⏱️ 2026-05-18 18:00 UTC

## 📄 LymphNode: A Plug-and-Play Access Control Method for Deep Neural Networks ✍️ Authors not listed in RSS excerpt 🏛️ arXiv · 📅 2026-05-18 --- LymphNode proposes a post-hoc access-control layer for deployed neural networks that defaults to denying useful model behavior unless the input carries an embedded authorization signal. Instead of only watermarking stolen models after the fact, it tries to actively frustrate model extraction and inversion by degrading utility for unauthorized queries. **🔑 Key Findings:** - Uses feature-space generalized sparse universal adversarial perturbations to neutralize unauthorized queries. - Restores utility only for inputs carrying a stealthy feature-domain credential. - Claims strong protection with fewer than 100 samples, or under 1% of training data. - Supports cross-dataset adaptation using public surrogate datasets rather than original sensitive training data. - Targets practical edge deployment scenarios where unrestricted oracle access makes model theft and inversion especially risky. --- 🔗 [Read paper](https://arxiv.org/abs/2605.16227) 📎 [PDF](https://arxiv.org/pdf/2605.16227) #ai-security #privacy #cybersecurity #arxiv #model-security #adversarial-ml ⏱️ 2026-05-18 12:01 UTC

## 📄 From Backup Restoration to Minimum Viable Factory Recovery: A Systematization of Ransomware Recovery in Manufacturing Systems ✍️ Authors not listed in RSS excerpt 🏛️ arXiv · 📅 2026-05-18 --- This paper argues that ransomware recovery in manufacturing is not a simple restore-from-backup exercise. It reframes recovery as restoring the smallest safe and trustworthy production capability across intertwined IT, OT, identity, supplier, and quality systems, which is a much more realistic model for real factories. **🔑 Key Findings:** - Identifies nine evidence-backed recovery failure modes, including identity trust collapse, unsafe OT reconnection, and supplier dependency failure. - Introduces “Minimum Viable Factory Recovery” as a concrete analytical target for partial but safe operational recovery. - Synthesizes academic work, standards, government guidance, and incident evidence using a PRISMA-guided multivocal review. - Shows why plants can rebuild servers yet still be unable to produce, authenticate operators, or release product. - Provides a lifecycle and benchmarking frame for capability-centric ransomware recovery planning. --- 🔗 [Read paper](https://arxiv.org/abs/2605.16167) 📎 [PDF](https://arxiv.org/pdf/2605.16167) #cybersecurity #defense #arxiv #ransomware #manufacturing #ot-security ⏱️ 2026-05-18 12:01 UTC

## 📄 Detecting Privilege Escalation in Polyglot Microservices via Agentic Program Analysis ✍️ Authors not listed in RSS excerpt 🏛️ arXiv · 📅 2026-05-18 --- Neo is an agentic program-analysis system for finding privilege-escalation flaws across large, polyglot microservice estates. It combines LLM-guided planning with classic code analysis to trace permission checks and privileged operations across service boundaries, then demonstrates materially better scale and yield than prior approaches. **🔑 Key Findings:** - Evaluated across 25 open-source microservice applications spanning 7 languages and 6.2 million lines of code. - Found 24 zero-day privilege-escalation vulnerabilities in the main benchmark set. - Reached 81.0% precision and 85.0% recall on a ground-truth dataset. - Extended to other domains and vulnerability classes, where it uncovered 18 additional zero-days. - Highlights that cross-service privilege analysis is a practical use case for agentic static analysis, not just toy demos. --- 🔗 [Read paper](https://arxiv.org/abs/2605.15569) 📎 [PDF](https://arxiv.org/pdf/2605.15569) #cybersecurity #ai-security #privacy #arxiv #microservices #program-analysis ⏱️ 2026-05-18 12:01 UTC

## 📄 Functional Bootstrapping for a Single LWE Ciphertext with \(\tilde{O}(1)\) Polynomial Multiplications ✍️ Xiaopeng Zheng, Hongbo Li, Dingkang Wang 🏛️ IACR ePrint · 📅 2026-05-17 --- This work gives a BFV-based functional bootstrapping method for a single LWE ciphertext with genuinely non-amortized near-constant polynomial-multiplication cost. That matters because it attacks one of fully homomorphic encryption's main practical bottlenecks, while still scaling to small and moderate batches over relatively large plaintext spaces. **🔑 Key Findings:** - Achieves functional bootstrapping for one LWE ciphertext with \(\widetilde{O}(1)\) polynomial multiplications instead of only getting that efficiency through large-batch amortization. - Supports arbitrary functions over large plaintext spaces using a sparse-packing polynomial-evaluation method tailored to BFV ciphertexts. - Extends naturally to batches, with total \(\widetilde{O}(m)\) cost for m ciphertexts within the supported parameter range. - Lattigo implementation reports 3.15 seconds for one 9-bit ciphertext and 3.77 seconds for 128 ciphertexts in one batched invocation at 128-bit security. - For 16-bit plaintexts, reports 10.63 seconds for one ciphertext and 18.07 seconds for 16 ciphertexts, suggesting practical performance beyond heavily amortized settings. --- 🔗 [Read paper](https://eprint.iacr.org/2026/975) 📎 [PDF](https://eprint.iacr.org/2026/975.pdf) #cryptography #crypto ⏱️ 2026-05-18 08:45 UTC

## 📄 LoTRS: Practical Post-Quantum Structured Threshold Ring Signatures from Lattices ✍️ Nikai Jagganath, Muhammed F. Esgin, Ron Steinfeld, Amin Sakzad, Markku-Juhani O. Saarinen, et al. 🏛️ IACR ePrint · 📅 2026-05-17 --- This paper introduces LoTRS, a post-quantum structured threshold ring signature scheme built from lattices that hides which quorum signed while relaxing full anonymity over every possible subset. The construction combines a two-round lattice multisignature with a 1-out-of-N proof, cutting signature size sharply versus prior lattice TRS work and making threshold-anonymous endorsement more practical. **🔑 Key Findings:** - Formalizes structured threshold ring signatures, where the approval structure is public but the actual participating subgroup remains hidden. - Uses DualMS plus a lattice one-out-of-many proof to get a leaderless two-round construction with polylogarithmic signature size in N and T. - Reports 36 KB signatures for N=100 and T=50, about 3.5x smaller than the prior best lattice-based LastRings scheme. - Rust implementation shows practical performance, including 25 KB signatures with 149 ms signing and 43 ms verification for T=16, N=32. --- 🔗 [Read paper](https://eprint.iacr.org/2026/974) 📎 [PDF](https://eprint.iacr.org/2026/974.pdf) #cryptography #crypto #privacy ⏱️ 2026-05-18 08:45 UTC

## 📄 American Federation of Gov't Employees Local 2305 v. United States Department of Veterans Affairs ✍️ Court opinion 🏛️ CourtListener · 📅 2026-05-16 --- A published First Circuit opinion in a dispute between a federal employees union local and the Department of Veterans Affairs. Even without an abstract, the case is likely relevant to public-sector labor law and administrative law because it involves a federal agency and a union challenge at the appellate level. **🔑 Key Findings:** - Published by the U.S. Court of Appeals for the First Circuit. - Involves American Federation of Government Employees Local 2305 and the U.S. Department of Veterans Affairs. - Classified as a court opinion rather than academic commentary or secondary analysis. - Relevant for monitoring legal developments affecting federal labor relations and agency authority. --- 🔗 [Read paper](https://www.courtlistener.com/opinion/10860397/american-federation-of-govt-employees-local-2305-v-united-states/) #law ⏱️ 2026-05-17 11:30 UTC

## 📄 Explicit cost analysis of Toom-4 multiplication for incomplete NTT in lattice-based cryptography ✍️ Sakura Oku, Momonari Kudo 🏛️ IACR ePrint · 📅 2026-05-16 --- This paper gives a concrete cost model for Toom-4 multiplication inside incomplete NTT pipelines for lattice-based cryptography, where exact tradeoffs matter more than asymptotic speed alone. By separating coefficient-field additions and multiplications and validating the model experimentally, the authors show when Toom-4 actually beats Karatsuba in realistic hybrid multiplication strategies. **🔑 Key Findings:** - Revisits Toom-4 multiplication specifically for incomplete NTT, where prior work lacked an explicit compatible cost model. - Presents a concrete Toom-4 implementation with separate operation counts for additions/subtractions and coefficient-field multiplications. - Uses addition-chain analysis to derive a simple cost model suitable for incomplete NTT parameter studies. - Analyzes hybrid multiplication strategies that combine Toom-4, Karatsuba, and incomplete NTT. - Identifies parameter regimes where Toom-4 provides a practical advantage, and confirms those predictions experimentally. --- 🔗 [Read paper](https://eprint.iacr.org/2026/971) 📎 [PDF](https://eprint.iacr.org/2026/971.pdf) #cryptography #crypto ⏱️ 2026-05-17 08:45 UTC

## 📄 A New Multiscalar Multiplication Method Resistant to Timing Attacks ✍️ Abhraneel Dutta, Veronika Kuchta, Francesco Sica 🏛️ IACR ePrint · 📅 2026-05-15 --- This paper redesigns Pippenger-style multiscalar multiplication so it runs in a more uniform way, closing off timing leaks that affect common high-performance MSM implementations. That matters because MSM dominates proving time in many elliptic-curve ZK systems, so a side-channel-safe speedup directly improves both security and throughput. **🔑 Key Findings:** - Introduces a scalar recoding method that removes zero digits from the q-ary representation while preserving equivalence. - Uses the recoding to build a Pippenger bucket method that processes digits uniformly and avoids timing leakage from conditional handling of zero digits. - Reports nearly 25% performance improvement relative to the baseline approach they revisit, despite adding timing-attack resistance. - Applies endomorphism-based splitting to shorten digit expansions further and improve efficiency. - Claims this is the first MSM algorithm in the Pippenger bucket-method family explicitly designed to mitigate timing attacks. --- 🔗 [Read paper](https://eprint.iacr.org/2026/966) 📎 [PDF](https://eprint.iacr.org/2026/966.pdf) #cryptography #crypto #privacy #side-channels #zero-knowledge ⏱️ 2026-05-17 02:46 UTC

## 📄 Operationalising Post‑Quantum TLS: Automated Configuration Profiling and Hybrid PQC Deployment in Financial Infrastructure ✍️ Harish Balaji, Aarav Varshney, Prasanna Ravi, Sripal Jain, Robin Foe et al. 🏛️ IACR ePrint · 📅 2026-05-15 --- This paper focuses on the operational bottleneck in post-quantum TLS migration: discovering, normalizing, and safely updating real-world configurations across heterogeneous infrastructure. The authors pair automated configuration profiling with a proof-of-concept hybrid PQC rollout in a financial environment, showing migration can happen without application-layer rewrites. **🔑 Key Findings:** - Builds a parser-driven method to inventory and normalize TLS cryptographic posture across major enterprise web stacks. - Applies the approach to 8,443 real-world Nginx configurations collected from public repositories. - Demonstrates ML-KEM-512 and X25519-ML-KEM-768 deployment at TLS termination points in a financial institution proof of concept. - Reports zero application-layer changes and manageable overhead during the hybrid rollout. --- 🔗 [Read paper](https://eprint.iacr.org/2026/959) 📎 [PDF](https://eprint.iacr.org/2026/959.pdf) #cryptography #post-quantum #cybersecurity #tls #finance ⏱️ 2026-05-16 14:47 UTC

## 📄 United States v. Sepetu ✍️ Court of Appeals for the First Circuit 🏛️ CourtListener · 📅 2026-05-15 --- The First Circuit issued a published opinion in *United States v. Sepetu*, captured as a new item by the CourtListener monitor. As a precedential federal appellate decision, it is a candidate for follow-up when tracking developments in criminal law, appellate reasoning, and cases that could intersect with technology, surveillance, or evidentiary doctrine. **🔑 Key Findings:** - New published federal appellate opinion from the First Circuit. - Identified by CourtListener as a precedential court opinion. - No abstract or headnote text was available in the source feed. - Best treated as an alert for direct legal review rather than a full substantive summary. --- 🔗 [Read paper](https://www.courtlistener.com/opinion/10860179/united-states-v-sepetu/) #law ⏱️ 2026-05-15 23:33 UTC

## 📄 State v. Roberts ✍️ Hanseman 🏛️ CourtListener · 📅 2026-05-15 --- The Ohio Court of Appeals released a published opinion in *State v. Roberts*, flagged as a new CourtListener item in the law-monitoring feed. Because appellate state opinions often shape search, seizure, evidentiary, and procedural standards, this decision may matter if it touches surveillance, digital evidence, or criminal-process questions. **🔑 Key Findings:** - New published appellate opinion from the Ohio Court of Appeals. - Attributed in the source feed to Hanseman. - Included in the law-focused CourtListener monitoring stream. - No case abstract was exposed in the source metadata, so the holding requires direct opinion review. --- 🔗 [Read paper](https://www.courtlistener.com/opinion/10859427/state-v-roberts/) #law ⏱️ 2026-05-15 23:33 UTC

## 📄 United States v. Bailey Belt ✍️ Court of Appeals for the Eighth Circuit 🏛️ CourtListener · 📅 2026-05-15 --- The Eighth Circuit issued a published opinion in *United States v. Bailey Belt*, a newly surfaced federal appellate criminal case from CourtListener. Court-level metadata indicates a precedential opinion, which makes it potentially relevant for tracking emerging doctrine in federal criminal procedure and related evidentiary or sentencing disputes. **🔑 Key Findings:** - New published federal appellate opinion from the Eighth Circuit. - Classified by CourtListener as a court opinion rather than an order or docket entry. - No abstract or summary text was available from the source feed at collection time. - Worth follow-up review for any implications in criminal law, procedure, or digital-evidence handling. --- 🔗 [Read paper](https://www.courtlistener.com/opinion/10859436/united-states-v-bailey-belt/) #law ⏱️ 2026-05-15 23:33 UTC

## 📄 Efficient Bootstrapping in Fully Homomorphic Encryption for Matrix Arithmetic ✍️ Eric Crockett, Craig Gentry, Hyojun Kim, Yeongmin Lee, Yongwoo Lee 🏛️ IACR ePrint · 📅 2026-05-14 --- This work speeds up bootstrapping for a matrix-oriented FHE scheme by recasting slot-coefficient transforms as ciphertext-plaintext matrix multiplications that the scheme already handles well. The result shifts the main bottleneck away from linear transforms and materially reduces amortized transformation cost. **🔑 Key Findings:** - Introduces a bootstrapping method for the Gentry-Lee matrix FHE scheme using native matrix arithmetic for CtS and StC operations. - Generalizes the scheme to non-power-of-two matrix dimensions via a new trace definition over commutative rings. - Reduces linear transformations to 20.1% of total bootstrapping time, versus 54.9-71.7% in prior CKKS bootstrapping reports. - Shows amortized CtS runtime about 3× faster than Lattigo despite lacking low-level optimization. --- 🔗 [Read paper](https://eprint.iacr.org/2026/956) 📎 [PDF](https://eprint.iacr.org/2026/956.pdf) #cryptography #fhe #privacy #implementation ⏱️ 2026-05-16 14:47 UTC

## 📄 Threshold FHE with Short Decryption Shares without a Semi-trusted Server ✍️ Hiroki Okada, Tsuyoshi Takagi 🏛️ IACR ePrint · 📅 2026-05-14 --- The paper removes a risky trust assumption from recent threshold FHE designs by eliminating the semi-trusted rounding server. In its place, it introduces two serverless schemes with polynomially short decryption shares, improving deployability for threshold homomorphic systems. **🔑 Key Findings:** - Shows how parties can round decryption shares directly instead of depending on a semi-trusted server that could enable key recovery if it colludes. - Presents two serverless threshold FHE schemes with polynomially short decryption shares. - The first construction based on {0,1}-LSS strictly improves on Boneh et al. CRYPTO 2018. - The second construction based on Shamir sharing removes the O(N^4.3) share-size overhead of the first scheme. --- 🔗 [Read paper](https://eprint.iacr.org/2026/957) 📎 [PDF](https://eprint.iacr.org/2026/957.pdf) #cryptography #fhe #threshold-crypto #privacy ⏱️ 2026-05-16 14:47 UTC

## 📄 From Text to Voice: A Reproducible and Verifiable Framework for Evaluating Tool Calling LLM Agents ✍️ Md Tahmid Rahman Laskar, Xue-Yong Fu, Seyyed Saeed Sarfjoo, Quinten McNamara, Jonas Robertson, et al. 🏛️ arXiv · 📅 2026-05-14 --- This paper turns existing text-based tool-calling benchmarks into paired audio evaluations, letting researchers measure how well voice agents preserve tool-use accuracy under speech, speaker variation, and background noise. It matters because deployment failures in spoken agents often come from argument misunderstanding rather than tool-schema errors, and this framework gives a reproducible way to quantify that gap. **🔑 Key Findings:** - Converts verified text benchmark instances into speech-based tool-calling tests without re-annotating schemas or gold labels. - Across 7 omni-modal models, performance varied strongly by benchmark, with Gemini-3.1-Flash-Live leading on Confetti and GPT-Realtime-1.5 on When2Call. - Measured text-to-voice degradation ranged from 1.8 points for Qwen3-Omni to 4.8 points for GPT-Realtime-1.5 on Confetti. - Failure analysis found that the main regressions came from misunderstanding spoken argument values. - Open-source Qwen3 judge models at 8B+ parameters exceeded 80% agreement with proprietary judges, supporting privacy-preserving evaluation workflows. --- 🔗 [Read paper](https://arxiv.org/abs/2605.15104v1) 📎 [PDF](https://arxiv.org/pdf/2605.15104v1) #ai-security #cs.CL ⏱️ 2026-05-15 18:00 UTC

## 📄 Threshold PRISM Signature Schemes via Graph-Based Threshold Access Structures ✍️ Hyeonhak Kim, Won Kim, Changmin Lee 🏛️ IACR ePrint · 📅 2026-05-13 --- The paper introduces an isogeny-based threshold signature construction that keeps both public keys and signatures small enough to fit into a single unfragmented network packet. That is a meaningful systems result for post-quantum threshold deployments, where packet fragmentation and oversized artifacts are a recurring operational problem. **🔑 Key Findings:** - Presents Threshold PRISM, an isogeny-based post-quantum threshold signature scheme for arbitrary numbers of parties. - Introduces a graph-based threshold access structure tailored to the algebraic constraints of isogeny signatures. - Keeps both public keys and signatures within one unfragmented packet across NIST security levels I, III, and V. - Claims the smallest signature sizes among NIST MPTC round-1 submissions whose public keys fit in a single packet. --- 🔗 [Read paper](https://eprint.iacr.org/2026/945) 📎 [PDF](https://eprint.iacr.org/2026/945.pdf) #cryptography #post-quantum #signatures #isogenies ⏱️ 2026-05-16 14:47 UTC

## 📄 Anamorphic Construction For The Winternitz OTS Scheme Family ✍️ Lucas Mayr, João Gabriel Feres, Bruno Bianchi Pagani, Ricardo Custódio 🏛️ IACR ePrint · 📅 2026-05-13 --- This paper brings anamorphic cryptography to Winternitz one-time signatures, showing how WOTS-family schemes can carry covert channels while remaining indistinguishable from standard deployments. It extends coercion-resistant cryptographic thinking into a hash-based signature family that underpins XMSS, LMS, and SPHINCS. **🔑 Key Findings:** - Presents the first anamorphic constructions for the WOTS family of signature schemes. - Proves the modified schemes are indistinguishable from traditional WOTS-style signatures under standard anamorphic assumptions. - Builds a game-based security framework for analyzing anamorphic indistinguishability in this setting. - Shows WOTS variants can support covert channels resilient to strong surveillance and key-disclosure pressure. --- 🔗 [Read paper](https://eprint.iacr.org/2026/948) 📎 [PDF](https://eprint.iacr.org/2026/948.pdf) #cryptography #post-quantum #privacy #signatures ⏱️ 2026-05-16 14:47 UTC

## 📄 Formalizing Blockchain PQC Signature Transition: How to Outpace Quantum Adversaries ✍️ Kigen Fukuda, Shin’ichiro Matsuo 🏛️ IACR ePrint · 📅 2026-05-13 --- The authors formalize how a blockchain can migrate transaction signatures to post-quantum schemes before a quantum attacker can forge valid transitions. Their model derives a concrete threshold for tolerable adversary capability, giving protocol designers a way to reason about migration timing instead of relying on vague urgency. **🔑 Key Findings:** - Models signature migration and quantum adversaries inside the Bitcoin backbone framework. - Proves migration liveness holds if and only if the attacker needs at least a threshold number of rounds after a migration transaction is broadcast. - Expresses the threshold as a function of honest mining success probability and concentration quality. - Generalizes the framework to connect transition-process design with tolerable quantum attack capability. --- 🔗 [Read paper](https://eprint.iacr.org/2026/952) 📎 [PDF](https://eprint.iacr.org/2026/952.pdf) #cryptography #post-quantum #blockchain #crypto ⏱️ 2026-05-16 14:47 UTC

## 📄 Tight Lattice-Based Signatures without Trapdoors from Search LWE ✍️ Rutchathon Chairattana-Apirom, Nico Döttling, Julian Loss, Stefano Tessaro, Benedikt Wagner 🏛️ IACR ePrint · 📅 2026-05-13 --- This work gives the first efficient trapdoor-free lattice signature scheme with a tight reduction to search LWE rather than decisional LWE. That matters because it narrows the concrete-security gap in post-quantum signatures while avoiding the implementation fragility that often comes with trapdoor-based constructions. **🔑 Key Findings:** - Achieves a tight reduction to the hardness of search LWE in a Fiat-Shamir-style signature scheme. - Avoids using trapdoors in the scheme itself, relying on a trapdoor only inside the proof. - Can be seen as a lattice analogue of Chevallier-Mames signatures. - Introduces proof techniques to handle weak soundness in lattice-based interactive proofs. --- 🔗 [Read paper](https://eprint.iacr.org/2026/953) 📎 [PDF](https://eprint.iacr.org/2026/953.pdf) #cryptography #post-quantum #lattices #signatures ⏱️ 2026-05-16 14:47 UTC

## 📄 Efficient SIMD Implementation of the BLS Signature Scheme Using Intel AVX-512 ✍️ Ganqin Liu, Hao Cheng, Georgios Fotiadis, Jipeng Zhang, Johann Großschädl 🏛️ IACR ePrint · 📅 2026-05-13 --- The authors present a heavily vectorized AVX-512 implementation of BLS signatures on BLS12-381, extending SIMD optimization beyond pairings into the rest of the signing stack. For blockchain systems that rely on BLS aggregation, the result is a practical performance gain over the widely used blst library. **🔑 Key Findings:** - Uses AVX-512 and AVX-512IFMA to optimize finite-field arithmetic, scalar multiplication, and hash-to-curve. - Applies multiple vectorization granularities and formula choices across the BLS pipeline instead of optimizing pairings alone. - Benchmarks on Intel Ice Lake show at least 1.57× speedup over an x64 assembly implementation in blst. - Targets BLS12-381, the curve used by Ethereum Proof-of-Stake and other aggregation-heavy protocols. --- 🔗 [Read paper](https://eprint.iacr.org/2026/947) 📎 [PDF](https://eprint.iacr.org/2026/947.pdf) #cryptography #crypto #blockchain #implementation ⏱️ 2026-05-16 14:47 UTC

## 📄 Quantum Circuit Realization and Grover Cryptanalysis of the Hybrid ARX-SPN Cipher GFSPX ✍️ Ibrahim Ulgen, Hasan Ozgur Cildiroglu, Oğuz Yayla 🏛️ IACR ePrint · 📅 2026-05-13 --- This paper builds a full quantum implementation of the lightweight block cipher GFSPX and uses a parallelized Grover oracle to estimate the cost of key recovery. It gives a concrete post-quantum security picture for a hybrid ARX-SPN design, showing better resistance than some lightweight peers but still below the NIST Level 1 quantum threshold. **🔑 Key Findings:** - Implements GFSPX as a reversible quantum circuit using 209 qubits, quantum cost 32,498, and depth 7,617. - Constructs a Grover attack oracle using three plaintext-ciphertext pairs to suppress false positives. - Estimates total key-recovery cost at 1.12 × 2^159 quantum gates. - Finds the design falls below the NIST Level 1 target of 2^170 while still outperforming several lightweight alternatives in quantum resistance. --- 🔗 [Read paper](https://eprint.iacr.org/2026/949) 📎 [PDF](https://eprint.iacr.org/2026/949.pdf) #cryptography #crypto #post-quantum #lightweight-crypto ⏱️ 2026-05-16 14:47 UTC

## 📄 On MPC-friendly Softmax ✍️ Marcel Keller, Ke Sun 🏛️ IACR ePrint · 📅 2026-05-13 --- This paper tests the common shortcut of replacing softmax with cheaper ReLU-style alternatives in secure multi-party computation and finds the tradeoff is usually worse than hoped. It also introduces a more efficient secure exponentiation protocol, making accurate softmax more viable in MPC workloads. **🔑 Key Findings:** - Compares ReLU-based softmax replacements against true softmax for both inference outputs and backpropagation gradients in MPC settings. - Finds the replacement yields meaningful speedup only for a one-layer network while consistently reducing accuracy, sometimes sharply. - Argues that original softmax is often the better choice in secure computation despite its higher nominal cost. - Presents a new secure exponentiation protocol that cuts communication by up to 4× while preserving softmax accuracy. --- 🔗 [Read paper](https://eprint.iacr.org/2026/944) 📎 [PDF](https://eprint.iacr.org/2026/944.pdf) #cryptography #privacy #mpc #ai-security ⏱️ 2026-05-16 14:47 UTC

## 📄 State of Iowa v. Marqwane Smtih ✍️ Unknown 🏛️ CourtListener · 📅 2026-05-13 --- Published Iowa appellate opinion newly surfaced via the CourtListener monitor. State criminal appeals can be useful early signals for shifts in local doctrine, appellate standards, or recurring issues in trial practice. **🔑 Key Findings:** - Published opinion from the Iowa Court of Appeals. - CourtListener indexed the case on 2026-05-13. - Adds to the current stream of newly available state appellate criminal decisions. --- 🔗 [Read paper](https://www.courtlistener.com/opinion/10858114/state-of-iowa-v-marqwane-smtih/) #law #CourtOpinion #IowaCourtOfAppeals #Published ⏱️ 2026-05-13 23:30 UTC

## 📄 Fairstead Capital Management LLC v. Blodgett ✍️ Unknown 🏛️ CourtListener · 📅 2026-05-13 --- New Delaware Chancery opinion detected by the CourtListener monitor. Chancery rulings often matter beyond the parties because they can influence corporate governance, fiduciary-duty disputes, deal litigation, and broader business-law doctrine. **🔑 Key Findings:** - Published opinion from the Delaware Court of Chancery. - Indexed by CourtListener on 2026-05-13. - Likely relevant for corporate-law and governance researchers because of the issuing court. --- 🔗 [Read paper](https://www.courtlistener.com/opinion/10858231/fairstead-capital-management-llc-v-blodgett/) #law #CourtOpinion #DelawareChancery #Published ⏱️ 2026-05-13 23:30 UTC

## 📄 Speedy Mart, Inc., Etc. v. Florida Office of Financial Regulation ✍️ Unknown 🏛️ CourtListener · 📅 2026-05-13 --- Fresh Florida appellate opinion involving the state Office of Financial Regulation. The agency party makes this especially relevant for researchers watching financial regulation, licensing, compliance enforcement, or administrative law at the state level. **🔑 Key Findings:** - Published opinion from a Florida District Court of Appeal. - Names the Florida Office of Financial Regulation as a party. - Potentially relevant to fincrime, financial-services compliance, or state administrative enforcement watchers. --- 🔗 [Read paper](https://www.courtlistener.com/opinion/10858019/speedy-mart-inc-etc-v-florida-office-of-financial-regulation/) #law #fincrime #CourtOpinion #FloridaDCA #Published ⏱️ 2026-05-13 23:30 UTC

## 📄 United States v. Christopher Agbaje ✍️ Unknown 🏛️ CourtListener · 📅 2026-05-13 --- New published federal appellate opinion from the Eighth Circuit surfaced through the CourtListener monitor. Even without extracted opinion text, the case is worth flagging because fresh circuit-level criminal decisions can shape charging, sentencing, or evidentiary practice across the circuit. **🔑 Key Findings:** - Published opinion from the U.S. Court of Appeals for the Eighth Circuit. - Indexed by CourtListener on 2026-05-13. - Federal appellate criminal cases can have immediate precedential value for district courts and litigants in the circuit. --- 🔗 [Read paper](https://www.courtlistener.com/opinion/10858160/united-states-v-christopher-agbaje/) #law #CourtOpinion #EighthCircuit #Published ⏱️ 2026-05-13 23:30 UTC

## 📄 In re M.P. ✍️ Flagg Lanzinger 🏛️ CourtListener · 📅 2026-05-13 --- Published Ohio appellate opinion flagged from the CourtListener law monitor. The docket metadata indicates a state appellate decision with a public opinion now available for review, which may matter for practitioners tracking fresh state case law or procedural developments. **🔑 Key Findings:** - New published opinion from the Ohio Court of Appeals. - CourtListener indexed it on 2026-05-13. - Public opinion page is available for downstream legal review and citation tracking. --- 🔗 [Read paper](https://www.courtlistener.com/opinion/10858053/in-re-mp/) #law #CourtOpinion #OhioCourtOfAppeals #Published ⏱️ 2026-05-13 23:30 UTC

## 📄 Efficient and Privacy-preserving Outsourced Training of Decision Tree Models Based on (Leveled) Fully Homomorphic Encryption ✍️ Tongyu Xu, Jun Wang, Honglian Liang, Shiwei Xu 🏛️ IACR ePrint · 📅 2026-05-12 --- This paper proposes an outsourced decision-tree training scheme that keeps both training data and the resulting model private under homomorphic encryption. It is notable because it aims at a more usable privacy-performance tradeoff than prior MPC- or lattice-HE-heavy approaches. **🔑 Key Findings:** - Uses symmetric homomorphic encryption to reduce training cost relative to heavier privacy-preserving approaches. - Introduces a Modified Gini Impurity Index so the training procedure works within integer-only homomorphic operations. - Applies SIMD packing to accelerate encrypted computation during tree construction. - Reports substantially lower execution time than related work while maintaining comparable, and for deeper trees sometimes better, accuracy. --- 🔗 [Read paper](https://eprint.iacr.org/2026/936) 📎 [PDF](https://eprint.iacr.org/2026/936.pdf) #cryptography #privacy #ai-security ⏱️ 2026-05-14 14:46 UTC

## 📄 SoK: Private LLM Inference using Approximate Homomorphic Encryption ✍️ Ahmad Al Badawi, Andreea Alexandru, Yuriy Polyakov, Vinod Vaikuntanathan 🏛️ IACR ePrint · 📅 2026-05-12 --- This systematization maps the fast-growing literature on CKKS-based private LLM inference and introduces a reporting framework plus an open reference implementation. The key takeaway is that encrypted LLM inference is now technically feasible, but still far too slow for most human-facing deployments. **🔑 Key Findings:** - Surveys about 20 CKKS-based private LLM inference frameworks and organizes them across model-level and system-level design choices. - Finds only about 20% of surveyed systems are model-preserving, meaning they evaluate standard models without retraining or architectural substitutions. - Introduces the Private LLM Card System to normalize how researchers report configurations and results. - Presents POLARIS, an open-source reference framework supporting encrypted inference for BERT-Tiny and BERT-Mini with GPU acceleration. - Estimates an efficiency gap of roughly four orders of magnitude versus plaintext inference. --- 🔗 [Read paper](https://eprint.iacr.org/2026/935) 📎 [PDF](https://eprint.iacr.org/2026/935.pdf) #cryptography #privacy #ai-security #hardware-security #crypto ⏱️ 2026-05-14 14:46 UTC

## 📄 Williams v. National Aeronautics and Space Administration ✍️ Judge Christopher R. Cooper 🏛️ CourtListener · 📅 2026-05-12 --- This published District of Columbia opinion appears to address a dispute involving NASA in federal court, but the CourtListener search result did not return an abstract or summary text. The item is still notable as a newly published court opinion tied to a federal agency, and the linked opinion is the primary source for anyone tracking law and government litigation. **🔑 Key Findings:** - Newly published federal district court opinion from the U.S. District Court for the District of Columbia. - Involves the National Aeronautics and Space Administration as a named party. - Authored by Judge Christopher R. Cooper. - Available as a primary-source court opinion via CourtListener. --- 🔗 [Read paper](https://www.courtlistener.com/opinion/10857536/williams-v-national-aeronautics-and-space-administration/) #law #court-opinion #district-court #published ⏱️ 2026-05-12 23:31 UTC

## 📄 RUBEN: Rule-Based Explanations for Retrieval-Augmented LLM Systems ✍️ Joel Rorseth, Parke Godfrey, Lukasz Golab, Divesh Srivastava, Jarek Szlichta 🏛️ arXiv · 📅 2026-05-11 --- RUBEN is an interactive system for extracting minimal rules that explain the behavior of retrieval-augmented LLM applications. Beyond explainability, the paper positions those rules as a practical security tool for probing safety training resilience and testing adversarial prompt injection defenses. **🔑 Key Findings:** - Finds minimal subsuming rule sets that explain outputs of retrieval-augmented LLM pipelines more efficiently through new pruning strategies. - Treats rule extraction as a usable interface for understanding why a RAG system produced a given answer. - Demonstrates security-oriented uses, including testing robustness of safety tuning. - Uses the generated rules to examine effectiveness of adversarial prompt injection attacks against RAG systems. - Suggests interpretable rule mining can double as both an observability layer and a red-team aid for LLM deployments. --- 🔗 [Read paper](https://arxiv.org/abs/2605.10862v1) 📎 [PDF](https://arxiv.org/pdf/2605.10862v1) #ai-security #cybersecurity #cs.CL ⏱️ 2026-05-12 18:00 UTC

## 📄 RIC: Randomize Invalid Coefficients to Mitigate Side-Channel Assisted Chosen-Ciphertext Attacks on ML-KEM ✍️ Junichi Sakamoto, Kentaro Imafuku 🏛️ IACR ePrint · 📅 2026-05-11 --- This work proposes a lightweight countermeasure against side-channel-assisted chosen-ciphertext attacks on ML-KEM by randomizing invalid coefficients during decapsulation. It is practical because it targets a serious post-quantum deployment risk while adding only modest overhead. **🔑 Key Findings:** - Introduces RandInvalidCoeff, which injects probabilistic noise into side-channel observations during decapsulation. - Targets both plaintext-checking and decryption-failure oracle attack settings against ML-KEM implementations. - Argues strong resistance is achievable while keeping decryption failure around 2^-80. - Shows successful key recovery needs more than eight times as many observations, with only a few percent performance overhead. --- 🔗 [Read paper](https://eprint.iacr.org/2026/924) 📎 [PDF](https://eprint.iacr.org/2026/924.pdf) #cryptography #hardware-security ⏱️ 2026-05-14 14:46 UTC

## 📄 LogVOLE: Succinct and Efficient Chosen-Input VOLE for ZK and Beyond ✍️ Lucien K. L. Ng, Peter Rindal, Akash Shah 🏛️ IACR ePrint · 📅 2026-05-11 --- LogVOLE gives a chosen-input VOLE protocol with polylogarithmic communication, directly targeting a persistent bottleneck in VOLE-backed zero-knowledge systems. That matters because it opens a path to concretely efficient VOLE-based ZK for arbitrary circuits with much smaller communication costs. **🔑 Key Findings:** - Builds chosen-input VOLE using a recursive shrink-expand construction under Ring-LWE. - Achieves polylogarithmic one-time setup and query communication instead of sending a linear-size derandomization vector. - Supports a public-key non-interactive mode for fixed Δ, enabling compact receiver messages. - Uses the construction to obtain a VOLE-based ZK protocol with polylogarithmic communication for arbitrary circuits. - Reports proving a 1024×1024 matrix multiplication in about 4 seconds with 226 KB communication. --- 🔗 [Read paper](https://eprint.iacr.org/2026/925) 📎 [PDF](https://eprint.iacr.org/2026/925.pdf) #cryptography #crypto ⏱️ 2026-05-14 14:46 UTC

## 📄 Zephyr: GPU-Efficient Homomorphic Encryption for Privacy-Preserving Transformer Inference ✍️ Sieun Seo, Chohong Min 🏛️ IACR ePrint · 📅 2026-05-11 --- Zephyr redesigns CKKS execution around 32-bit GPU arithmetic, aiming to make privacy-preserving transformer inference materially more practical on modern accelerators. The core idea is a grafting-based representation that decouples scale management from the modulus chain. **🔑 Key Findings:** - Replaces the usual 64-bit-oriented CKKS assumptions with a 32-bit-prime design better matched to GPU hardware. - Introduces grafting structures to handle scale management while preserving flexible rescaling. - Optimizes ciphertext-ciphertext matrix multiplication by removing redundant linear transforms and merging overlapping rotations. - Positions the design as a more practical GPU-oriented point in the CKKS performance-flexibility trade space. --- 🔗 [Read paper](https://eprint.iacr.org/2026/932) 📎 [PDF](https://eprint.iacr.org/2026/932.pdf) #cryptography #privacy #ai-security #hardware-security ⏱️ 2026-05-14 14:46 UTC

## 📄 Fully Homomorphic Encryption on the Ring of Gaussian Periods ✍️ Yimeng He, San Ling, Yimin Shi, Benjamin Hong Meng Tan, Huaxiong Wang et al. 🏛️ IACR ePrint · 📅 2026-05-11 --- This paper extends subring-based fully homomorphic encryption by moving to decomposition subrings built from rings of Gaussian periods. The payoff is better parameter flexibility and materially lower latency while still preserving enough structure for useful SIMD-style computation. **🔑 Key Findings:** - Generalizes prior GBFV-style subring approaches beyond the large-prime restrictions needed for degree-1 slots. - Builds encoding and decoding methods for decomposition subrings inside the larger decomposition ring. - Reduces the effective plaintext-ring dimension, improving efficiency while retaining security. - Reports up to a 5.06× latency improvement in proof-of-concept experiments. --- 🔗 [Read paper](https://eprint.iacr.org/2026/927) 📎 [PDF](https://eprint.iacr.org/2026/927.pdf) #cryptography #privacy #crypto ⏱️ 2026-05-14 14:45 UTC

## 📄 RUBEN: Rule-Based Explanations for Retrieval-Augmented LLM Systems ✍️ Joel Rorseth, Parke Godfrey, Lukasz Golab, Divesh Srivastava, Jarek Szlichta 🏛️ arXiv · 📅 2026-05-11 --- RUBEN is an interactive system for extracting minimal rules that explain the behavior of retrieval-augmented LLM applications. Beyond explainability, the paper positions those rules as a practical security tool for probing safety training resilience and testing adversarial prompt injection defenses. **🔑 Key Findings:** - Finds minimal subsuming rule sets that explain outputs of retrieval-augmented LLM pipelines more efficiently through new pruning strategies. - Treats rule extraction as a usable interface for understanding why a RAG system produced a given answer. - Demonstrates security-oriented uses, including testing robustness of safety tuning. - Uses the generated rules to examine effectiveness of adversarial prompt injection attacks against RAG systems. - Suggests interpretable rule mining can double as both an observability layer and a red-team aid for LLM deployments. --- 🔗 [Read paper](https://arxiv.org/abs/2605.10862v1) 📎 [PDF](https://arxiv.org/pdf/2605.10862v1) #ai-security #cybersecurity #cs.CL ⏱️ 2026-05-12 18:00 UTC

## 📄 BEACON: A Multimodal Dataset for Learning Behavioral Fingerprints from Gameplay Data ✍️ Ishpuneet Singh, Gursmeep Kaur, Uday Pratap Singh Atwal, Guramrit Singh, Gurjot Singh, et al. 🏛️ arXiv · 📅 2026-05-11 --- BEACON introduces a large multimodal dataset for continuous authentication and behavioral biometrics built from competitive Valorant gameplay. The dataset is interesting for security work because it captures synchronized input, network, screen, and hardware signals under realistic stress, giving researchers a much harder benchmark than small or single-modality behavioral datasets. **🔑 Key Findings:** - Releases roughly 430 GB of synchronized gameplay telemetry across 79 sessions from 28 players, totaling about 102.5 hours of activity. - Includes mouse dynamics, keystrokes, packet captures, screen recordings, hardware metadata, and in-game configuration context. - Uses high-cognitive-load tactical shooter play as a realistic stress test for continuous authentication systems. - Supports research on behavioral profiling, user drift, multimodal representation learning, and robustness of biometric models. - Publishes dataset artifacts and code, which should help reproducible comparison of next-generation behavioral fingerprinting methods. --- 🔗 [Read paper](https://arxiv.org/abs/2605.10867v1) 📎 [PDF](https://arxiv.org/pdf/2605.10867v1) #cybersecurity #privacy #cs.CR #cs.AI #cs.CV #cs.LG #cs.NI ⏱️ 2026-05-12 18:00 UTC

## 📄 Local Private Information Retrieval: A New Privacy Perspective for Graph-Based Replicated Systems ✍️ Shreya Meel, Mohamed Nomeir, Sennur Ulukus 🏛️ arXiv · 📅 2026-05-11 --- This paper revisits private information retrieval for replicated graph-based storage systems and introduces a weaker but practically meaningful privacy notion called local user privacy. Instead of hiding the requested index from every server, the scheme only requires secrecy from servers that actually store the requested message, which opens up notably better communication efficiency. **🔑 Key Findings:** - Defines local PIR on graphs, where privacy requirements depend on the storage graph rather than applying uniformly to all servers. - Shows multiplicative communication-efficiency gains over canonical PIR for disjoint unions of identical component graphs. - Derives capacity lower bounds for connected edge-transitive and bipartite graphs that beat prior PIR bounds. - Provides exact local PIR capacity results for cyclic graphs and odd-length path graphs. - Frames privacy as a topology-aware systems property, which could matter for distributed storage and replicated infrastructure design. --- 🔗 [Read paper](https://arxiv.org/abs/2605.10872v1) 📎 [PDF](https://arxiv.org/pdf/2605.10872v1) #privacy #cryptography #cs.IT #cs.CR #cs.NI #eess.SP ⏱️ 2026-05-12 18:00 UTC

## 📄 From Controlled to the Wild: Evaluation of Pentesting Agents for the Real-World ✍️ Pedro Conde, Henrique Branquinho, Valerio Mazzone, Bruno Mendes, André Baptista, et al. 🏛️ arXiv · 📅 2026-05-11 --- This paper argues that current benchmarks for AI pentesting agents overfit to constrained tasks like CTFs and exploit replay, which makes them a poor proxy for messy real-world security work. The authors introduce an evaluation protocol centered on validated vulnerability discovery across realistic targets, aiming to measure whether agents can actually find meaningful bugs under open-ended conditions. **🔑 Key Findings:** - Shifts evaluation away from synthetic task completion toward confirmed vulnerability discovery in multi-surface targets. - Combines expert ground truth with LLM-based semantic matching to score findings despite naming ambiguity and partial overlap. - Uses bipartite resolution and cumulative repeated testing to better reflect stochastic agent behavior and real operator concerns. - Adds efficiency metrics and reduced-suite selection so experiments stay reproducible and affordable over time. - Releases annotated ground truth and code alongside the protocol, which should make cross-agent comparison more credible. --- 🔗 [Read paper](https://arxiv.org/abs/2605.10834v1) 📎 [PDF](https://arxiv.org/pdf/2605.10834v1) #cybersecurity #ai-security #cs.AI #cs.CR ⏱️ 2026-05-12 18:00 UTC

## 📄 General Motors LLC v. Alphons Iacobelli ✍️ Unknown 🏛️ CourtListener · 📅 2026-05-11 --- A newly published Michigan Court of Appeals opinion in a dispute between General Motors LLC and Alphons Iacobelli. CourtListener surfaced the case as a published appellate decision, but the opinion text was not retrievable from the public page during this run, so the summary here is limited to the available metadata. **🔑 Key Findings:** - Published decision from the Michigan Court of Appeals. - Case title: General Motors LLC v. Alphons Iacobelli. - Opinion date listed as 2026-05-11. - Public CourtListener endpoint returned no readable opinion text during automated collection. --- 🔗 [Read paper](https://www.courtlistener.com/opinion/10857258/general-motors-llc-v-alphons-iacobelli/) #law #CourtOpinion #MichiganCourtOfAppeals #Published ⏱️ 2026-05-12 11:30 UTC

## 📄 BPS Direct LLC v. ✍️ No authors listed 🏛️ CourtListener · 📅 2026-05-11 --- CourtListener surfaced a newly published opinion from the U.S. Court of Appeals for the Third Circuit in BPS Direct LLC v. The feed entry is truncated and does not include a case summary, but it is a new appellate opinion worth flagging for legal researchers following federal appeals activity. **🔑 Key Findings:** - Newly published court opinion identified via CourtListener on 2026-05-11 - Issued by the Court of Appeals for the Third Circuit - Case title appears truncated in the source feed - No abstract, syllabus, or author metadata was provided in the source feed --- 🔗 [Read paper](https://www.courtlistener.com/opinion/10857025/bps-direct-llc-v/) #law #CourtOpinion #CourtofAppealsfortheThirdCircuit #Published ⏱️ 2026-05-11 23:31 UTC

## 📄 CUBE: Partially Blind BBS Signatures for Unlinkable Decentralized Identity ✍️ Guohao Lai 🏛️ IACR ePrint · 📅 2026-05-10 --- CUBE combines partially blind BBS signatures with NIZK proofs to support unlinkable decentralized identity flows. The design is interesting because it tries to preserve auditability while reducing the on-chain privacy leakage and gas cost common in blockchain identity systems. **🔑 Key Findings:** - Moves heavier identity validation work off-chain while blinding identity-binding elements used on-chain. - Uses partially blind BBS signatures to support unlinkable credential presentations. - Adds a deterministic nullifier tied to soulbound tokens to resist Sybil attacks and credential transfer. - Analyzes existential unforgeability, signer-blindness, and zero-knowledge, then reports low on-chain gas usage. --- 🔗 [Read paper](https://eprint.iacr.org/2026/920) 📎 [PDF](https://eprint.iacr.org/2026/920.pdf) #cryptography #privacy #crypto ⏱️ 2026-05-14 14:46 UTC

## 📄 Improved TensorPIR: Single-Server PIR with Lower Communication Cost ✍️ Yingchu Lv, Yanbin Pan, Huaxiong Wang 🏛️ IACR ePrint · 📅 2026-05-09 --- This paper revisits TensorPIR's index-encryption design to cut the real communication overhead of single-server lattice-based PIR, not just its asymptotic complexity. The result is a more practical PIR construction that materially lowers both query and answer sizes on very large databases while also reducing online runtime. **🔑 Key Findings:** - Reworks the encryption framework so the protocol needs fewer CRT moduli, reducing both communication and computation costs. - On 16 GB to 128 GB databases, total communication falls to as low as 45.5% of TensorPIR's practical cost. - The authors report theoretical reductions to 36.9% of TensorPIR's query size and 22.2% of its answer size as database size grows. - The scheme also outperforms HintlessPIR in large-database communication while cutting total online time to 28.9% to 56.1% of HintlessPIR's. --- 🔗 [Read paper](https://eprint.iacr.org/2026/912) 📎 [PDF](https://eprint.iacr.org/2026/912.pdf) #crypto #cryptography #privacy ⏱️ 2026-05-11 02:45 UTC

## 📄 Parallel Spooky Pebbling Makes Regev Factoring More Practical ✍️ Gregory D. Kahanamoku-Meyer, Seyoon Ragavan, Katherine Van Kirk 🏛️ DTIC · 📅 2026-05-08 --- This paper improves the practicality of quantum attacks based on Regev-style factoring by refining the pebbling strategy used to schedule sequential quantum computations. The result is a more parallelizable construction that lowers resource costs for a cryptanalytic workload that matters to post-quantum security planning. **🔑 Key Findings:** - Introduces a parallel “spooky pebbling” approach for sequential quantum subroutines used in Regev factoring. - Shows better time-space tradeoffs than earlier pebbling strategies for this attack family. - Makes concrete resource estimates for quantum factoring attacks more realistic and operationally relevant. - Matters for evaluating how much safety margin candidate post-quantum schemes really have against future fault-tolerant quantum machines. --- 🔗 [Read paper](https://arxiv.org/pdf/2510.08432) #cryptography #crypto #post-quantum #dtic ⏱️ 2026-05-16 22:30 UTC

## 📄 On Succinct Non-Interactive Secure Computation with Malicious Security ✍️ Maya Farber Brodsky, Arka Rai Choudhuri, Abhishek Jain, Omer Paneth 🏛️ IACR ePrint · 📅 2026-05-08 --- This work gives maliciously secure succinct non-interactive secure computation for several practical lookup-style tasks from standard assumptions, narrowing a gap that previously needed stronger primitives like NP SNARKs. It matters because it shows compact one-round secure computation can be made robust against malicious behavior for natural server-held data problems using FHE and batch arguments. **🔑 Key Findings:** - Constructs maliciously secure succinct NISC protocols from standard assumptions for private set membership, dictionary lookup, verifiable dictionary lookup, and certain UP search tasks. - Achieves succinct server responses whose size depends on output length rather than the size of the server's dataset. - Provides split-simulation security against malicious servers and standard security against malicious clients. - Introduces a new simulation method that extracts a large server input incrementally and reconstructs it coherently. - Uses a new monotone coupling argument based on Strassen's theorem to enable the reconstruction step. --- 🔗 [Read paper](https://eprint.iacr.org/2026/909) 📎 [PDF](https://eprint.iacr.org/2026/909.pdf) #crypto #cryptography #privacy ⏱️ 2026-05-11 02:45 UTC

## 📄 Magic Pot: Cryptanalysis of full AIM2 in the standard and related-/reused-key settings using new elimination framework ✍️ Alex Biryukov, Pablo García Fernández, Aleksei Udovenko 🏛️ IACR ePrint · 📅 2026-05-08 --- This paper attacks AIM2, the core primitive inside the AIMer post-quantum signature scheme, using a new algebraic elimination framework over univariate polynomial rings. The results argue that AIM2 falls short of its claimed security level, especially in related-key and reused-key misuse settings where attacks become practical enough to benchmark experimentally. **🔑 Key Findings:** - Develops a new algebraic cryptanalysis framework based on extended linearization over a univariate polynomial ring plus a new null-vector algorithm for polynomial matrices. - Uses that framework to break the full AIM2 primitive underlying AIMer v2.1, a winner of the Korean PQC competition. - Shows that in reused-key and related-key scenarios the attacks become practically feasible, not just asymptotic. - Provides experimental verification and benchmarking for those misuse-setting attacks. - Applies the same method to the RAIN block cipher used in Rainier, improving prior attacks there as well, though without yet undermining Rainier’s claimed security. --- 🔗 [Read paper](https://eprint.iacr.org/2026/903) 📎 [PDF](https://eprint.iacr.org/2026/903.pdf) #cryptography #crypto #cybersecurity #post-quantum ⏱️ 2026-05-10 14:45 UTC

## 📄 Threshold (T)FHE without smudging by means of correct threshold additive HE ✍️ Antonina Bondarchuk, Renaud Sirdey, Aymen Boudguiga, Olive Chakraborty 🏛️ IACR ePrint · 📅 2026-05-07 --- This paper proposes a way to build threshold LWE-based FHE, including TFHE-style systems, without the usual smudging or noise-flooding tricks used to hide decryption leakage. Instead, it hides the sensitive LWE b-term inside a correct threshold additive homomorphic scheme such as Paillier, aiming to preserve security while avoiding the large-parameter penalty of flooding. **🔑 Key Findings:** - Argues that threshold decryption for LWE-based FHE can avoid smudging entirely if the post-computation LWE b-term is encrypted under a correct linear homomorphic scheme. - Instantiates the approach using TFHE together with the Tiresias threshold Paillier construction. - Proves the resulting thPLWE construction IND-CPA secure against static corruption with adaptive queries, assuming the underlying Tiresias scheme satisfies the same notion. - Uses sanitization to maintain independence between message content and residual noise before distributed decryption. - Provides experimental results and compares practicality against recent threshold-FHE alternatives. --- 🔗 [Read paper](https://eprint.iacr.org/2026/901) 📎 [PDF](https://eprint.iacr.org/2026/901.pdf) #cryptography #crypto #privacy ⏱️ 2026-05-10 14:45 UTC

## 📄 VCVio: Verified Cryptography in Lean via Oracle Effects and Handlers ✍️ Devon Tuma, Quang Dao, James Waters, Alexander Hicks, Nicholas Hopper 🏛️ IACR ePrint · 📅 2026-05-07 --- VCVio is a new foundational framework in Lean 4 for mechanized cryptographic proofs, aimed at closing the usual gap between high assurance and the flexible oracle reasoning modern cryptography needs. It models oracle interactions with algebraic effects and handlers, then layers reusable probabilistic proof tactics on top to support both unary and relational arguments. **🔑 Key Findings:** - Represents oracle access as a free monad over the oracle specification, making transcripts explicit and enabling caching, logging, reprogramming, and replay as handler combinators. - Reduces rewinding arguments to deterministic transcript replay, avoiding the rewindability axioms used in some prior formalizations. - Extends the Loom framework to relational probabilistic reasoning, so one tactic framework can handle both unary and relational proofs. - Demonstrates the system on a random-oracle commitment scheme, the Bellare-Neven forking lemma, and a full EUF-CMA proof for Schnorr signatures. - Reports practical experience using LLM coding agents and automated proof search inside the development workflow, including successes and failure modes. --- 🔗 [Read paper](https://eprint.iacr.org/2026/899) 📎 [PDF](https://eprint.iacr.org/2026/899.pdf) #cryptography #crypto #ai-security ⏱️ 2026-05-10 14:45 UTC

## 📄 Smartmatic USA Corp. v. Fox Corp. ✍️ Unknown 🏛️ CourtListener · 📅 2026-05-07 --- CourtListener surfaced a newly published New York appellate opinion in *Smartmatic USA Corp. v. Fox Corp.*, but the underlying text was not retrievable during this automated run because the public page was still returning an empty 202-processing response. From the caption and court metadata, the case appears to be part of the high-profile defamation litigation arising from false 2020 election-fraud allegations, but the specific ruling and its procedural significance could not be confirmed from primary text yet. **🔑 Key Findings:** - CourtListener indexed the case as a published 2026-05-07 opinion from the Appellate Division of the Supreme Court of the State of New York. - The caption indicates the opinion concerns the Smartmatic defamation case against Fox entities. - The public opinion page was still returning a 202 response with no opinion body during retrieval, preventing verification of the court’s holding. - Without the text, the run could not confirm whether the decision addresses pleading sufficiency, appellate procedure, discovery, or damages-related issues. --- 🔗 [Read paper](https://www.courtlistener.com/opinion/10855819/smartmatic-usa-corp-v-fox-corp/) #law #court-opinion #defamation #election-litigation ⏱️ 2026-05-07 23:30 UTC

## 📄 Client-Server Homomorphic Secret Sharing in the CRS Model ✍️ Damiano Abram, Geoffroy Couteau, Lalita Devadas, Aditya Hegde, Abhishek Jain, et al. 🏛️ DTIC · 📅 2026-05-06 --- This work advances homomorphic secret sharing in the common reference string model, a setting that is important for outsourced private computation without giving any one server the full input. It pushes distributed cryptographic computation closer to practical deployment for privacy-preserving analytics and secure delegation. **🔑 Key Findings:** - Develops a client-server HSS construction in the CRS model for non-interactive distributed computation. - Targets the gap between theoretical HSS feasibility and more deployable trust assumptions. - Improves the toolbox for private outsourced computation where inputs remain secret-shared across servers. - Relevant to secure computation architectures that want some of FHE’s functionality with different efficiency and trust tradeoffs. --- 🔗 [Read paper](https://dtic.dimensions.ai/discover/publication?search_text=homomorphic+encryption) #cryptography #privacy #secure-computation #dtic ⏱️ 2026-05-16 22:30 UTC

## 📄 RingSLIP: Ring Signatures from the Lattice Isomorphism Problem ✍️ Callum London, Daniel Gardham, Constantin Catalin Dragan 🏛️ IACR ePrint · 📅 2026-05-06 --- RingSLIP introduces a post-quantum linkable ring signature built from the Lattice Isomorphism Problem and the HAWK signature line, rather than the usual LWE/SIS foundations. The design matters because it aims to keep ring signatures practical at large ring sizes while preserving linkability and correctness, two places prior LIP-based work fell short. **🔑 Key Findings:** - Proposes a secure linkable ring signature based on LIP, leveraging HAWK as the underlying signature primitive. - Achieves logarithmic growth in ring size, with a concrete 46KB signature at 128-bit security for 4096 ring members. - Positions the scheme as competitive with other lattice-based ring signatures on size. - Highlights online/offline computation splits that reduce online signing to 8.54 × 10^4 CPU cycles and verification to 1.48 × 10^5 cycles. - Claims the construction avoids the linkability and correctness failures identified in the prior LIP-based ring signature approach. --- 🔗 [Read paper](https://eprint.iacr.org/2026/889) 📎 [PDF](https://eprint.iacr.org/2026/889.pdf) #cryptography #crypto #privacy ⏱️ 2026-05-09 08:45 UTC

## 📄 United States v. McCarthy ✍️ Unknown 🏛️ CourtListener · 📅 2026-05-06 --- This newly published Tenth Circuit decision is a fresh federal appellate opinion in a U.S. criminal case, flagged through the CourtListener monitoring pipeline. Even without full text in the feed, new circuit-level criminal rulings can matter for digital evidence, sentencing, procedural rights, or investigative authorities, especially when later cited across the region. **🔑 Key Findings:** - New published opinion from the U.S. Court of Appeals for the Tenth Circuit. - Federal criminal case with precedential or persuasive value within the circuit. - Appellate rulings often clarify evidentiary, procedural, or sentencing standards for district courts. - Worth follow-up review once the full opinion text is easily accessible. --- 🔗 [Read paper](https://www.courtlistener.com/opinion/10854231/united-states-v-mccarthy/) #law ⏱️ 2026-05-06 23:32 UTC

## 📄 Lee v. Iran ✍️ Judge Amit P. Mehta 🏛️ CourtListener · 📅 2026-05-06 --- This published District of Columbia opinion appears to be a new federal court decision involving Iran, surfaced through CourtListener's law-focused monitoring feed. The available metadata is sparse, but the case is likely relevant to sanctions, sovereign immunity, terrorism-related claims, or other cross-border legal questions where litigation against a foreign state can shape U.S. law and policy. **🔑 Key Findings:** - New published opinion from the U.S. District Court for the District of Columbia. - Case caption indicates litigation directly involving Iran as a party. - D.D.C. foreign-state cases often intersect with FSIA, sanctions, terrorism exceptions, or judgment enforcement issues. - Published district court opinions can influence future briefing in adjacent national security and cross-border civil litigation. --- 🔗 [Read paper](https://www.courtlistener.com/opinion/10854303/lee-v-iran/) #law #intelligence ⏱️ 2026-05-06 23:32 UTC

## 📄 Post-Quantum Public-Key Pseudorandom Correlation Functions for OT ✍️ Shweta Agrawal, Kaartik Bhushan, Geoffroy Couteau, Mahshid Riahinia 🏛️ IACR ePrint · 📅 2026-05-05 --- This work fills an important gap in post-quantum secure computation by introducing what the authors describe as the first efficient lattice-based public-key pseudorandom correlation function for string oblivious transfer. It pushes a previously impractical primitive closer to usable territory, with much better throughput than prior lattice-based approaches and a clear roadmap for future optimization. **🔑 Key Findings:** - Constructs an efficient post-quantum PK-PCF for standard string OT using lattice techniques. - Achieves throughput of a few hundred OTs per second, versus about 9 OT/s for the recent non-public-key lattice-based comparison point cited by the authors. - Requires large but manageable public keys in the few-hundred-megabyte range, rather than multi-gigabyte keys. - Introduces efficient lattice-based constrained PRFs for low-degree polynomials from a new secret-power variant of ring-LWE. - Adds a new packing mechanism compatible with local rounding of noisy shares to further improve efficiency. --- 🔗 [Read paper](https://eprint.iacr.org/2026/877) 📎 [PDF](https://eprint.iacr.org/2026/877.pdf) #cryptography #crypto #post-quantum #privacy #secure-computation ⏱️ 2026-05-08 14:45 UTC

## 📄 Optimized Final Exponentiation for Optimal Ate Pairings Using Cyclotomic Cubing ✍️ Leila Ben Abdelghani, Walid Haddaji 🏛️ IACR ePrint · 📅 2026-05-05 --- This paper targets one of the most expensive steps in pairing-based cryptography, the final exponentiation, and shows how cyclotomic cubing can make it materially faster on several pairing-friendly curves. The result is a concrete implementation win for systems that rely on optimal Ate pairings, especially where pairing throughput or verifier cost matters. **🔑 Key Findings:** - Describes an efficient cubing operation in the cyclotomic subgroup of Fq^6 for q ≡ 1 mod 6. - Uses this construction plus optimized Frobenius-map computations to reduce the cost of final exponentiation on the SG54 curve. - Introduces a new decomposition of the hard part of the final exponentiation for SG54. - Extends the acceleration approach to BLS15 and BLS27 curves using established cyclotomic cubing methods. - Reports efficiency gains of 24% for SG54 and 22% for BLS15 and BLS27 versus prior work. --- 🔗 [Read paper](https://eprint.iacr.org/2026/885) 📎 [PDF](https://eprint.iacr.org/2026/885.pdf) #cryptography #crypto #pairings #performance ⏱️ 2026-05-08 14:45 UTC

## 📄 An AI-Driven Post-Quantum Cryptographically Secure Workflow for Collaborative Credit Scoring ✍️ Daniel Aronoff, Nut Chukamphaeng, Phoochit Witchutanon, Samiran Chanseewong, Koravich Sangkaew, et al. 🏛️ IACR ePrint · 📅 2026-05-05 --- This paper sketches a collaborative credit-scoring workflow that combines AI-driven model building with post-quantum cryptography, aiming to let multiple parties contribute sensitive financial data without exposing raw records. The contribution is practical in spirit: a toy end-to-end design meant to show how privacy regulation, multi-party analytics, and quantum-resilient protection could fit together in a real lending pipeline. **🔑 Key Findings:** - Proposes a collaborative credit-scoring workflow where multiple stakeholders can contribute data to model training without directly sharing plaintext financial records. - Uses post-quantum cryptographic protections to address long-term confidentiality risks from future quantum attacks. - Frames AI-based credit modeling and privacy regulation as a joint systems problem rather than treating security as an add-on. - Delivers a toy implementation and linked codebase intended as a foundation for more realistic production deployments. --- 🔗 [Read paper](https://eprint.iacr.org/2026/876) 📎 [PDF](https://eprint.iacr.org/2026/876.pdf) #crypto #cryptography #privacy #fincrime #post-quantum ⏱️ 2026-05-08 14:45 UTC

## 📄 Matter of Bifulco v. City of New York ✍️ Unknown 🏛️ CourtListener · 📅 2026-05-05 --- A New York appellate decision touching digital-rights and surveillance-law themes surfaced in the CourtListener feed. The available metadata is sparse, so this post is a cautious pointer to the opinion itself rather than a strong substantive claim about its holdings. **🔑 Key Findings:** - Newly surfaced CourtListener opinion matched the monitor's law-topic search terms. - Source metadata does not expose a useful abstract or judge list in this result. - The opinion is published and available directly on CourtListener for review. - This is best treated as a legal-watchlist item pending closer reading of the full text. --- 🔗 [Read paper](https://www.courtlistener.com/opinion/10853716/matter-of-bifulco-v-city-of-new-york/) #law #digital-rights #surveillance-law #court-opinion ⏱️ 2026-05-05 23:30 UTC

## 📄 Differentially Private Functional Encryption ✍️ Jasmin Zalonis, Frederik Armknecht, Linda Scheu-Hachtel 🏛️ IACR ePrint · 📅 2026-05-04 --- This paper connects differential privacy and functional encryption by introducing noisy multi-input functional encryption, or NMIFE, as a primitive for protecting both raw inputs and released outputs in one mechanism. Beyond the definition work, it also presents a more efficient inner-product construction, DiffPIPE, aimed at privacy-preserving counting queries over datasets. **🔑 Key Findings:** - Introduces NMIFE, extending multi-input functional encryption so decryption keys can encode noisy functions with secret noise values. - Develops correctness and security definitions tailored specifically to differential-privacy use cases. - Shows a generic transformation from any full-hiding MIFE scheme into a secure NMIFE scheme with nearly unchanged performance. - Presents DiffPIPE, a new concrete NMIFE scheme for inner-product evaluation. - Reports that DiffPIPE outperforms NMIFE constructions obtained indirectly from existing full-hiding MIFE schemes and demonstrates usefulness for privacy-preserving counting queries. --- 🔗 [Read paper](https://eprint.iacr.org/2026/868) 📎 [PDF](https://eprint.iacr.org/2026/868.pdf) #cryptography #privacy #crypto #differential-privacy #secure-computation ⏱️ 2026-05-08 14:45 UTC

## 📄 Anomalous Cryptocurrency Transaction Detection: A Systematic Review of Techniques, Datasets, and Future Directions ✍️ Md Saidul Islam, Syed Mohammed Shamsul Islam, Md Zakir Hossain, Mohiuddin Ahmed, Iqbal H. Sarker 🏛️ IACR ePrint · 📅 2026-05-04 --- This systematic review maps how cryptocurrency anomaly detection has evolved from feature-engineered classifiers toward graph-based and temporal deep learning methods. It is especially useful for practitioners because it does not just summarize model performance, it also highlights dataset bias, benchmarking gaps, explainability limits, and the mismatch between academic accuracy claims and deployable anti-money-laundering systems. **🔑 Key Findings:** - Reviews 32 empirical studies selected from an initial 450-record search using a PRISMA-guided screening process. - Finds a clear methodological shift from Random Forest, XGBoost, and SVM pipelines toward GNNs, temporal graph models, and hybrid GNN-transformer systems. - Identifies privacy-preserving federated learning and cross-chain detection as emerging directions for operational monitoring. - Notes that some studies report >90% accuracy, but these results are weakened by dataset bias, inconsistent metrics, and weak adversarial robustness evaluation. - Highlights major deployment blockers including scalability, poor explainability, lack of multi-chain benchmarks, and compliance-oriented interpretability requirements. --- 🔗 [Read paper](https://eprint.iacr.org/2026/871) 📎 [PDF](https://eprint.iacr.org/2026/871.pdf) #crypto #fincrime #cybersecurity #privacy #blockchain ⏱️ 2026-05-08 14:45 UTC

## 📄 Observability for Post-Quantum TLS Readiness: A Multi-Surface Evidence Framework ✍️ José Luis Delgado 🏛️ IACR ePrint · 📅 2026-05-04 --- This paper argues that post-quantum TLS readiness cannot be measured from a single vantage point, especially under TLS 1.3 where negotiation details are often hidden. It introduces a multi-surface evidence framework that combines passive traces, active probing, certificate-chain analysis, and registry knowledge to produce auditable readiness assessments with explicit uncertainty handling. **🔑 Key Findings:** - Separates PQ-TLS measurement into distinct evidence surfaces: passive session behavior, active endpoint probing, certificate-chain evidence, and external registry knowledge. - Evaluates the framework across 29 controlled scenarios covering TLS 1.2/1.3, hybrid key exchange, mTLS, resumption, HelloRetryRequest, truncation, fragmentation, IPv6, and temporal drift. - Shows a baseline inherited analyzer detected only 2 of 29 runs overall and none of 23 TLS 1.3 runs, underscoring the weakness of naive approaches. - In a 1000-target public campaign, completed 1,971 handshakes, gathered 1,368 chain artifacts, and confirmed hybrid capability for 310 targets. - Preserves unknowns, ambiguity, and contradictions as first-class outcomes instead of overclaiming confidence from incomplete evidence. --- 🔗 [Read paper](https://eprint.iacr.org/2026/866) 📎 [PDF](https://eprint.iacr.org/2026/866.pdf) #cryptography #cybersecurity #post-quantum #tls #measurement ⏱️ 2026-05-08 14:45 UTC

## 📄 Threats and protection of on-chip test features throughout the lifetime of Integrated Circuits ✍️ Joel Åhlund 🏛️ OpenAlex · 📅 2026-05-04 --- This thesis looks at how integrated-circuit test and debug features become attack surfaces across the full chip lifecycle, especially when design, tooling, manufacturing, and validation are spread across partially untrusted parties. It proposes practical defenses for reconfigurable scan networks and other DfT infrastructure, while also demonstrating how those same features can be abused to leak secrets from on-chip crypto. **🔑 Key Findings:** - Models lifecycle threats against embedded Design-for-Test features in globally distributed IC development and manufacturing. - Proposes modified segment insertion components to harden reconfigurable scan networks against hardware-Trojan abuse. - Introduces controlled sharing of on-chip instruments across external actors, with hidden or restricted access outside each user's scope. - Demonstrates a hardware-Trojan attack that abuses common DfT instrumentation to extract an AES secret key. - Proposes a dedicated monitoring and defense network to detect or constrain attacks that misuse embedded test resources. --- 🔗 [Read paper](https://openalex.org/W7153676524) 📎 [PDF](https://lup.lub.lu.se/search/files/246969143/Threats_and_Protection_of_On-Chip_Test_Features_Throughout_the_Lifetime_of_Integrated_Circuits.pdf) #hardware-security #cybersecurity #cryptography ⏱️ 2026-04-27 21:00 UTC

## 📄 Sender-Efficient Identity-Based Encryption with Reduced Server Trust in the Key Curator Model ✍️ Yuan Liang, Giovanni Di Crescenzo, Haining Wang 🏛️ DTIC · 📅 2026-05-01 --- This paper revisits identity-based encryption with a focus on reducing server trust while keeping encryption efficient for senders. That combination is useful for real-world systems that want simpler public-key management without handing too much power to a central key service. **🔑 Key Findings:** - Proposes an IBE construction in the key curator model with reduced trust in the assisting server. - Optimizes sender-side efficiency, which is often a deployment bottleneck for usable IBE systems. - Explores a middle ground between classic fully trusted PKGs and more distributed trust arrangements. - Useful for secure messaging and enterprise identity-linked encryption workflows where operational trust minimization matters. --- 🔗 [Read paper](https://dtic.dimensions.ai/discover/publication?search_text=decentralized+identity) #cryptography #privacy #identity #dtic ⏱️ 2026-05-16 22:30 UTC

## 📄 gTower: Securely Enforcing Fine-Grained Access Control over Outsourced Graph Data ✍️ Yuyang Li, Xiaokui Shu, Rongxing Lu 🏛️ IACR ePrint · 📅 2026-05-01 --- This paper introduces gTower, a cryptographic system for enforcing fine-grained access control over encrypted outsourced graph data without revealing sensitive graph structure to the hosting server. It matters because graph workloads are increasingly pushed to untrusted infrastructure, and access policies need to survive that move without collapsing privacy or usability. **🔑 Key Findings:** - Proposes a secure graph data outsourcing scheme that supports fine-grained access control on encrypted graph structures. - Targets graph-specific privacy leakage, not just record-level confidentiality, which is a harder problem in outsourced analytics. - Combines access enforcement with practical outsourced storage so authorized users can query graph data while the server learns limited information. - Frames graph access control as a first-class cryptographic systems problem rather than a generic cloud storage policy layer. --- 🔗 [Read paper](https://eprint.iacr.org/2026/852) 📎 [PDF](https://eprint.iacr.org/2026/852.pdf) #cryptography #privacy #cybersecurity ⏱️ 2026-05-05 08:46 UTC

## 📄 Thomas v. State ✍️ Tang 🏛️ CourtListener · 📅 2026-05-01 --- Maryland’s Appellate Court held that exigent circumstances justified police use of both real-time CSLI from Verizon and a cell-site simulator to locate a murder suspect without first getting a fresh warrant for the newly discovered phone number. The opinion is a notable surveillance-law decision because it treats an active manhunt for an armed fugitive as enough to overcome the normal warrant requirement for highly sensitive location tracking tools. **🔑 Key Findings:** - The court upheld warrantless acquisition of real-time CSLI under an emergency disclosure request because police were pursuing a suspect in a fatal shooting who had already eluded them. - It also upheld warrantless use of a Stingray-style cell-site simulator to pinpoint the suspect’s motel room, emphasizing the ongoing public-safety risk. - The court stressed that officers had earlier obtained tracking orders for other phone numbers, but the operative number changed during the manhunt, tightening the timeline. - Beyond the surveillance issue, the panel also affirmed admission of an accusatory text as an adoptive admission and upheld a transferred-intent jury instruction. --- 🔗 [Read paper](https://www.courtlistener.com/opinion/10851851/thomas-v-state/) 📎 [PDF](https://www.mdcourts.gov/data/opinions/cosa/2026/1530s23.pdf) #law #privacy #surveillance #CourtOpinion ⏱️ 2026-05-02 23:30 UTC

## 📄 Towards a standardized secure MPC outsourcing and management framework ✍️ Oscar G. Bautista, Kemal Akkaya, Soamar Homsi 🏛️ DTIC · 📅 2026-05-01 --- This paper tackles the awkward operational gap between secure multiparty computation theory and actually running MPC jobs across parties that do not already trust each other. It proposes an end-to-end management framework for outsourced MPC, covering job orchestration, Kerberos-like authentication, and result verification that can catch cheating without exposing plaintext outputs to untrusted servers. **🔑 Key Findings:** - Proposes a full MPC management stack, not just a cryptographic primitive, including request handling, orchestration, authentication, and output verification. - Uses a Kerberos-like protocol so clients and MPC servers can establish secure communication without prior mutual identity knowledge. - Adds separate verification servers so correctness can be checked while keeping outputs hidden from untrusted MPC operators. - Targets a malicious setting with dishonest majority assumptions, aiming to detect cheating during outsourced execution. - Implements the design with SPDZ and reports proof-of-concept results showing practical setup and execution across multiple participants. --- 🔗 [Read paper](https://dtic.dimensions.ai/discover/publication?search_text=cryptography) #crypto #cryptography #privacy #cybersecurity ⏱️ 2026-05-02 10:30 UTC

## 📄 United States v. Anthony Blair ✍️ Unknown 🏛️ CourtListener · 📅 2026-05-01 --- New published Eleventh Circuit criminal case flagged via CourtListener. Based on the currently available metadata, this is a federal appellate opinion worth reviewing for practitioners tracking criminal law, federal procedure, or circuit-level developments. **🔑 Key Findings:** - Published opinion from the U.S. Court of Appeals for the Eleventh Circuit surfaced in this monitoring run. - The case caption identifies the matter as United States v. Anthony Blair. - The available metadata confirms appellate publication status, suggesting precedential or at least citable significance in the circuit. - Full reasoning, holdings, and procedural posture should be verified in the opinion text. --- 🔗 [Read paper](https://www.courtlistener.com/opinion/10851603/united-states-v-anthony-blair/) #law #CourtOpinion #CourtofAppealsfortheEleventhCircuit #Published ⏱️ 2026-05-01 23:31 UTC

## 📄 Office of Lawyer Regulation v. Michael Seung-Hyock Yang ✍️ Unknown 🏛️ CourtListener · 📅 2026-05-01 --- New Wisconsin Supreme Court disciplinary matter flagged via CourtListener. The available metadata identifies this as a published court opinion in an attorney regulation case, which makes it potentially relevant for legal ethics, professional responsibility, and court oversight watchers. **🔑 Key Findings:** - Published Wisconsin Supreme Court opinion surfaced in the latest CourtListener monitor run. - The caption indicates a proceeding brought by the Office of Lawyer Regulation against Michael Seung-Hyock Yang. - This appears relevant to legal ethics and attorney discipline tracking. - Full opinion details should be reviewed directly from the court record for holdings and sanctions. --- 🔗 [Read paper](https://www.courtlistener.com/opinion/10851662/office-of-lawyer-regulation-v-michael-seung-hyock-yang/) #law #CourtOpinion #WisconsinSupremeCourt #Published ⏱️ 2026-05-01 23:31 UTC

## 📄 Towards a standardized secure MPC outsourcing and management framework ✍️ Oscar G. Bautista, Kemal Akkaya, Soamar Homsi 🏛️ DTIC · 📅 2026-05-01 --- This paper proposes a standardized framework for outsourcing and managing secure multiparty computation workloads, aimed at making MPC usable in real operational settings instead of bespoke one-off deployments. The practical value is in turning privacy-preserving computation into something organizations can provision, orchestrate, and govern with less specialized effort. **🔑 Key Findings:** - Frames secure MPC as an operational management problem, not just a cryptographic protocol design problem. - Proposes a standardized outsourcing and lifecycle-management approach for privacy-sensitive multi-party workloads. - Targets deployment contexts like health, finance, agriculture, and smart-city systems where data cannot be freely pooled. - Emphasizes interoperability and service management as barriers to broader MPC adoption. --- 🔗 [Read paper](https://dtic.dimensions.ai/discover/publication?search_text=cryptography) #cryptography #privacy #crypto #dtic ⏱️ 2026-04-26 22:30 UTC

## 📄 Compressed FHE: Accelerating Encrypted Matrix Multiplication in CKKS with Precision-Balanced Low-Rank Factor Chains ✍️ Dimitrios Schoinianakis, Maryam Sabzevari 🏛️ IACR ePrint · 📅 2026-04-30 --- This paper presents cFHE, a framework for speeding up encrypted matrix multiplication in CKKS by combining low-rank factorization with precision-aware parameter selection. It matters because matrix multiplication dominates many homomorphic workloads, and reducing depth, runtime, and ciphertext size is central to making FHE practical. **🔑 Key Findings:** - Derives analytical bounds for relative error accumulation across chains of low-rank factorized matrices under CKKS evaluation. - Introduces a precision-balancing model that jointly tunes low-rank approximation quality and CKKS cryptographic parameters for a target accuracy. - Extends the framework to tree-based evaluation structures, enabling logarithmic depth growth in the number of factors. - Experiments show faster encrypted matrix multiplication and smaller ciphertexts than direct or tree-based encrypted multiplication while preserving accuracy. --- 🔗 [Read paper](https://eprint.iacr.org/2026/845) 📎 [PDF](https://eprint.iacr.org/2026/845.pdf) #cryptography #privacy #crypto ⏱️ 2026-05-05 08:46 UTC

## 📄 United States v. Andre Williamson ✍️ Unknown 🏛️ CourtListener · 📅 2026-04-30 --- New published Fourth Circuit criminal case flagged via CourtListener. The metadata indicates a federal appellate opinion, making it potentially useful for monitoring criminal appeals, sentencing issues, or procedural developments in the Fourth Circuit. **🔑 Key Findings:** - Published opinion from the U.S. Court of Appeals for the Fourth Circuit surfaced in the latest run. - The case caption identifies the matter as United States v. Andre Williamson. - CourtListener metadata marks the decision as published, which usually signals heightened research value. - Researchers should review the full text for the court's reasoning, holdings, and factual posture. --- 🔗 [Read paper](https://www.courtlistener.com/opinion/10851877/united-states-v-andre-williamson/) #law #CourtOpinion #CourtofAppealsfortheFourthCircuit #Published ⏱️ 2026-05-01 23:31 UTC

## 📄 All You Need Is Addition ✍️ Dimitrios Schoinianakis 🏛️ IACR ePrint · 📅 2026-04-29 --- This work proposes a practical CKKS acceleration framework that replaces multiplication-heavy encrypted computation with addition over encrypted log-magnitudes. By avoiding multiplicative depth growth and bootstrapping, it drastically shrinks context size and improves end-to-end performance for deep multiplication chains and attention-like workloads. **🔑 Key Findings:** - Introduces an LNS-style representation for CKKS that evaluates multiplication-heavy subcircuits using additions instead of ciphertext multiplications. - Uses a lightweight interactive refresh to move back into the linear CKKS domain without bootstrapping. - Implements three execution strategies in an OpenFHE-based runtime under 128-bit classical security. - On an attention-style pipeline, reduces ring degree from 65,536 to 8,192 and public context from about 2.9 GB to 50 MB. - Delivers roughly 22 to 36x end-to-end speedups there, and up to 35x speedup plus 98x payload reduction on deeper multiplication chains. --- 🔗 [Read paper](https://eprint.iacr.org/2026/840) 📎 [PDF](https://eprint.iacr.org/2026/840.pdf) #cryptography #crypto #privacy #homomorphic-encryption #fhe ⏱️ 2026-05-03 02:45 UTC

## 📄 Edge AI for Automotive Vulnerable Road User Safety: Deployable Detection via Knowledge Distillation ✍️ Akshay Karjol, Darrin M. Hanna 🏛️ arXiv · 📅 2026-04-29 --- This paper studies how to deploy vulnerable-road-user detection models on edge automotive hardware without losing safety-critical accuracy under INT8 quantization. The core result is that knowledge distillation is not just helpful but practically necessary, because the compact distilled model remains robust after quantization while the larger teacher model collapses. **🔑 Key Findings:** - Trains a YOLOv8-S student to mimic a YOLOv8-L teacher, compressing the model by about 3.9x. - Shows the large teacher suffers severe accuracy loss under INT8 post-training quantization, with a 23% mAP drop. - Finds the distilled student retains much more performance under INT8, with only a 5.6% mAP drop. - Reports INT8 precision of 0.748 for the distilled student versus 0.653 for direct training at similar recall. - Argues distillation transfers quantization-robust calibration, cutting false alarms by 44% versus the quantized teacher. --- 🔗 [Read paper](https://arxiv.org/abs/2604.26857v1) 📎 [PDF](https://arxiv.org/pdf/2604.26857v1) #ai-security #defense #cs.CV #cs.LG #cs.RO #eess.IV ⏱️ 2026-04-30 12:01 UTC

## 📄 When Agents Shop for You: Role Coherence in AI-Mediated Markets ✍️ Soogand Alavi, Salar Nozari 🏛️ arXiv · 📅 2026-04-29 --- This paper argues that AI shopping agents leak sensitive preference information through the natural-language identity and preference descriptions they use while negotiating with sellers. The authors show sellers can infer buyer willingness to pay almost one-for-one from the dialogue itself, which means the privacy problem is structural and not something prompt instructions alone can fix. **🔑 Key Findings:** - Introduces “role coherence” as an information channel through which buyer agents reveal willingness to pay. - Shows seller-side inference from dialogue alone recovers willingness to pay nearly one-for-one. - Distinguishes this leakage from simple instruction-following failure by comparing against a numeric-budget confidentiality condition. - Argues the leakage emerges from delegation architecture itself, not just bad prompting. - Proposes architectural mitigations that explicitly trade off personalization against preference privacy. --- 🔗 [Read paper](https://arxiv.org/abs/2604.26220v1) 📎 [PDF](https://arxiv.org/pdf/2604.26220v1) #ai-security #privacy #cs.MA #econ.GN ⏱️ 2026-04-30 12:01 UTC

## 📄 LATTICE: Evaluating Decision Support Utility of Crypto Agents ✍️ Aaron Chan, Tengfei Li, Tianyi Xiao, Angela Chen, Junyi Du, et al. 🏛️ arXiv · 📅 2026-04-29 --- This paper introduces LATTICE, a benchmark designed to measure how well crypto agents help users make decisions, rather than just how well they reason or predict outcomes. By evaluating six production crypto copilots across 1,200 realistic queries, it surfaces where agent quality depends on orchestration, interface design, and tradeoffs across different support dimensions. **🔑 Key Findings:** - Defines six decision-support dimensions and 16 task types that cover the end-to-end crypto copilot workflow. - Uses LLM-judge rubrics that can be audited and updated over time without relying on expert ground-truth labels or external datasets. - Benchmarks six real-world crypto copilots on 1,200 diverse user queries rather than only comparing base models in a shared framework. - Finds that aggregate scores across copilots are often similar, but dimension-level and task-level differences are much larger. - Suggests users with different priorities may prefer different copilots, even when overall rankings look close. --- 🔗 [Read paper](https://arxiv.org/abs/2604.26235v1) 📎 [PDF](https://arxiv.org/pdf/2604.26235v1) #crypto #ai-security #cs.CR #cs.AI #cs.CL ⏱️ 2026-04-30 12:01 UTC

## 📄 United States v. Gutierrez-Ochoa ✍️ Judge Beryl A. Howell 🏛️ CourtListener · 📅 2026-04-29 --- The U.S. District Court for the District of Columbia published a new criminal case opinion in United States v. Gutierrez-Ochoa. D.D.C. criminal rulings can be notable for procedural, constitutional, and federal enforcement questions, especially when issued by a high-profile judge. **🔑 Key Findings:** - Published district court opinion from D.D.C. - Issued by Judge Beryl A. Howell. - Federal criminal matter newly surfaced on CourtListener. - Worth reviewing for procedural rulings, suppression issues, or sentencing analysis. --- 🔗 [Read paper](https://www.courtlistener.com/opinion/10850406/united-states-v-gutierrez-ochoa/) #law ⏱️ 2026-04-29 23:32 UTC

## 📄 United States v. Mao ✍️ Unknown 🏛️ CourtListener · 📅 2026-04-29 --- The First Circuit released a published opinion in United States v. Mao, adding a new precedential federal criminal case to the appellate record. Without the text, the safest takeaway is that this is a fresh appellate development worth checking for sentencing, evidentiary, or constitutional holdings. **🔑 Key Findings:** - Published opinion from the U.S. Court of Appeals for the First Circuit. - Federal criminal case in the United States-v.-defendant posture. - Potential precedential effect across the First Circuit. - Requires full-text review to identify substantive criminal law implications. --- 🔗 [Read paper](https://www.courtlistener.com/opinion/10850513/united-states-v-mao/) #law ⏱️ 2026-04-29 23:32 UTC

## 📄 Williams v. National Aeronautics and Space Administration ✍️ Judge Christopher R. Cooper 🏛️ CourtListener · 📅 2026-04-29 --- The U.S. District Court for the District of Columbia published a new opinion in Williams v. NASA. Federal district court decisions involving NASA can be relevant for administrative law, employment disputes, procurement, federal records issues, or other agency-governance questions. **🔑 Key Findings:** - Published district court opinion from D.D.C. - Issued by Judge Christopher R. Cooper. - Involves the National Aeronautics and Space Administration as a party. - Potentially relevant to federal agency litigation and administrative practice. --- 🔗 [Read paper](https://www.courtlistener.com/opinion/10850557/williams-v-national-aeronautics-and-space-administration/) #law #sovereign-computing ⏱️ 2026-04-29 23:32 UTC

## 📄 Louisiana v. Callais ✍️ Samuel Alito 🏛️ CourtListener · 📅 2026-04-29 --- A new Supreme Court of the United States opinion or order-related writing in Louisiana v. Callais appeared on CourtListener, attributed to Justice Samuel Alito. Any fresh Supreme Court publication is potentially significant, especially where it may touch election law, federalism, or emergency-docket procedure. **🔑 Key Findings:** - Published item from the Supreme Court of the United States. - Attributed on CourtListener to Justice Samuel Alito. - Likely consequential beyond the parties because of the Court's nationwide precedential role. - Merits immediate full-text review for doctrine, vote alignment, and procedural posture. --- 🔗 [Read paper](https://www.courtlistener.com/opinion/10850261/louisiana-v-callais/) #law ⏱️ 2026-04-29 23:32 UTC

## 📄 Board of Professional Responsibility, Wyoming State Bar v. Vaughn H. Neubauer, Wsb 6-3443 ✍️ Unknown 🏛️ CourtListener · 📅 2026-04-29 --- The Wyoming Supreme Court published a disciplinary matter brought by the Wyoming State Bar's Board of Professional Responsibility against Vaughn H. Neubauer. Even without the full text, newly published attorney-discipline cases can matter for legal ethics, sanctions practice, and professional responsibility standards. **🔑 Key Findings:** - Published opinion from the Wyoming Supreme Court. - Involves state bar professional responsibility proceedings. - Likely addresses attorney conduct, discipline, or sanctions. - Useful for tracking evolving ethics enforcement in state supreme courts. --- 🔗 [Read paper](https://www.courtlistener.com/opinion/10850283/board-of-professional-responsibility-wyoming-state-bar-v-vaughn-h/) #law ⏱️ 2026-04-29 23:32 UTC

## 📄 State v. Rich ✍️ Shorr 🏛️ CourtListener · 📅 2026-04-29 --- The Oregon Court of Appeals issued a published opinion in State v. Rich, making it part of the state's citable appellate case law. Because CourtListener did not expose opinion text in this run, the item is best treated as a fresh legal development worth follow-up for criminal procedure and appellate practitioners. **🔑 Key Findings:** - Published decision from the Court of Appeals of Oregon. - Now surfaced through CourtListener as a newly indexed opinion. - Likely relevant to Oregon criminal law or procedure given the state-v.-defendant posture. - Needs full-text review to determine doctrinal impact and holdings. --- 🔗 [Read paper](https://www.courtlistener.com/opinion/10850319/state-v-rich/) #law ⏱️ 2026-04-29 23:32 UTC

# Dynamic Cyber Ranges **Authors:** Víctor Mayoral-Vilches, María Sanz-Gómez, Francesco Balassone, Maite Del Mundo De Torres, George Nicolaou, et al. **Source:** arXiv **Date:** 2026-04-27 This paper argues that static cyber ranges are losing value as LLM-driven offensive agents get stronger, then proposes dynamic ranges with defender agents that actively harden, monitor, and respond during exercises. It matters because it reframes evaluation from a fixed obstacle course into an adaptive contest that can keep pace with stronger agentic attackers. **Key findings** - Evaluates an LLM-driven APT agent across progressively more realistic lab and military-grade cyber range environments. - Adds LLM-driven defender agents that can reduce attacker success rates to between 0% and 55%, including complete prevention in some setups. - Reports that a smaller on-prem model matched frontier-model defensive outcomes in multiple scenarios and detected one complex attack about 10x faster. - Surfaces emergent behaviors including scope expansion and prompt exfiltration, with implications for benchmark integrity and agent design. **Tags:** #cybersecurity #ai-security #defense #cs.CR 🔗 [Paper](https://arxiv.org/abs/2604.24184v1) 📎 [PDF](https://arxiv.org/pdf/2604.24184v1) _Posted: 2026-04-29 00:04 UTC_

# GAMMAF: A Common Framework for Graph-Based Anomaly Monitoring Benchmarking in LLM Multi-Agent Systems **Authors:** Pablo Mateo-Torrejón, Alfonso Sánchez-Macián **Source:** arXiv **Date:** 2026-04-27 This paper introduces GAMMAF, an open benchmarking framework for testing graph-based anomaly detectors against attacks inside LLM multi-agent systems. The useful part is not a new detector, but a reproducible environment for generating synthetic agent-network traces, evaluating defenses during live inference, and measuring whether remediation actually restores system integrity. **Key findings** - Builds a two-stage benchmarking pipeline: synthetic multi-agent interaction generation, then live defense evaluation with adversarial-node isolation. - Tests established defenses such as XG-Guard and BlindGuard across tasks including MMLU-Pro and GSM8K. - Shows the framework scales across different communication topologies while keeping execution practical enough for repeated evaluation. - Finds that effective remediation can both improve security outcomes and cut token costs by stopping adversarial agents earlier. **Tags:** #ai-security #cybersecurity #cs.CR #cs.AI 🔗 [Paper](https://arxiv.org/abs/2604.24477v1) 📎 [PDF](https://arxiv.org/pdf/2604.24477v1) _Posted: 2026-04-29 00:03 UTC_

## 📄 ZEE200: Zero Knowledge for Everything and Everyone @ 200 KHz ✍️ Sunghyeon Jo, Vladimir Kolesnikov, Yibin Yang 🏛️ IACR ePrint · 📅 2026-04-28 --- ZEE200 pushes general-purpose zero-knowledge execution much closer to practical systems use by dramatically accelerating proof generation for real-world C programs. It combines recent ZK CPU and ZK RAM advances into a constant-round framework that can prove arbitrary ANSI C workloads at roughly 200 KHz on commodity hardware. **🔑 Key Findings:** - Delivers a new constant-round ZK execution framework for high-level real-world programs - Achieves roughly 20 to 40x speedups over the earlier ZEE system while supporting a richer instruction set - Improves CPU-step proving throughput from about 10 KHz to about 200 KHz on a commodity laptop over a LAN setting - Demonstrates the system on an off-the-shelf Linux sed vulnerability benchmark, reducing proof time from 30.1s to 1.5s - Builds on recent Tight ZK CPU and fast ZK RAM work plus improved encodings for Z_2^32 arithmetic and other low-level optimizations --- 🔗 [Read paper](https://eprint.iacr.org/2026/828) 📎 [PDF](https://eprint.iacr.org/2026/828.pdf) #cryptography #cybersecurity ⏱️ 2026-05-01 14:45 UTC

## 📄 Towards Practically-Secure Tools for AI Agents ✍️ Justus Adam, Yuchen Lu, Deepti Raghavan, Malte Schwarzkopf, Nikos Vasilakis 🏛️ DTIC · 📅 2026-04-27 --- This paper focuses on one of the biggest weak points in agentic AI systems: trusting external tools too much. It appears to explore how to make tool use safer in practice, with mechanisms that reduce the risk that an agent is misled, over-privileged, or manipulated through the tools it calls. **🔑 Key Findings:** - Centers security on the tool boundary, where AI agents interact with external programs and services. - Addresses a practical gap in current agent systems, which often assume tools behave honestly and safely. - Likely aims for deployable protections rather than purely theoretical safety guarantees. - Highlights tool invocation as a core attack surface for agentic AI applications. --- 🔗 [Read paper](https://doi.org/10.1145/3805621.3807645) #ai-security #cybersecurity #privacy ⏱️ 2026-05-04 10:39 UTC

## 📄 Agentic Witnessing: Pragmatic and Scalable TEE-Enabled Privacy-Preserving Auditing ✍️ Antony Rowstron 🏛️ arXiv · 📅 2026-04-27 --- This paper proposes a way to audit private code or datasets without handing them over for inspection. It puts an LLM-based auditor inside a trusted execution environment, then binds its yes/no judgments to cryptographic transcripts so a verifier can check high-level properties without seeing the underlying data. **🔑 Key Findings:** - Reframes private auditing as attested reasoning inside a TEE rather than full data disclosure or pure zero-knowledge proofs. - Uses a verifier, prover, and auditor model where the verifier asks bounded binary questions about proprietary artifacts. - Produces signed hash-chain transcripts that tie the auditor's reasoning trace to the dataset and hardware root of trust. - Demonstrates the approach on 21 peer-reviewed computer science artifacts hosted on GitHub. - Shows a plausible path for privacy-preserving oversight of codebases and other semantically rich private assets. --- 🔗 [Read paper](http://arxiv.org/abs/2604.24203v1) 📎 [PDF](https://arxiv.org/pdf/2604.24203v1) #ai-security #privacy #sovereign-computing #cs.CR #cs.AI #cs.ET #cs.MA ⏱️ 2026-04-28 12:09 UTC

## 📄 United States v. Erlin Lucero-Asencio ✍️ Easterbrook 🏛️ CourtListener · 📅 2026-04-27 --- A newly published Seventh Circuit opinion in *United States v. Erlin Lucero-Asencio*. Federal appellate criminal opinions can matter for sentencing, search and seizure, immigration-related criminal enforcement, and broader procedural doctrine, so this is worth a close read by law and policy monitors. **🔑 Key Findings:** - Newly published opinion from the U.S. Court of Appeals for the Seventh Circuit - Opinion is attributed to Easterbrook in the CourtListener metadata - Federal criminal posture is indicated by the caption *United States v. Erlin Lucero-Asencio* - Adds a new appellate primary source for legal doctrine and enforcement tracking --- 🔗 [Read paper](https://www.courtlistener.com/opinion/10848665/united-states-v-erlin-lucero-asencio/) #law #CourtOpinion #SeventhCircuit ⏱️ 2026-04-27 23:31 UTC

## 📄 State v. Hoover ✍️ Gormley 🏛️ CourtListener · 📅 2026-04-27 --- A newly published Ohio Court of Appeals opinion in *State v. Hoover*. While the CourtListener ingest here does not expose a case summary, newly published state appellate criminal opinions are often worth tracking for developments in digital evidence, procedure, or constitutional search issues. **🔑 Key Findings:** - Newly published opinion from the Ohio Court of Appeals - Opinion is attributed to Gormley in the CourtListener metadata - Criminal case posture is suggested by the caption *State v. Hoover* - Useful as a fresh primary source for legal and criminal-procedure monitoring --- 🔗 [Read paper](https://www.courtlistener.com/opinion/10848655/state-v-hoover/) #law #CourtOpinion #OhioCourtOfAppeals ⏱️ 2026-04-27 23:31 UTC

## 📄 New York Times Company v. DOD ✍️ No author listed 🏛️ CourtListener · 📅 2026-04-27 --- A newly published D.C. Circuit opinion in *New York Times Company v. DOD*. The case title strongly suggests a Freedom of Information Act dispute involving the Department of Defense, which makes it potentially relevant for transparency, surveillance, and government secrecy watchers. **🔑 Key Findings:** - Newly published appellate opinion from the U.S. Court of Appeals for the D.C. Circuit - Involves The New York Times Company and the Department of Defense - Likely relevant to public access, government records, or national-security disclosure questions - Primary source is now available for direct review via CourtListener --- 🔗 [Read paper](https://www.courtlistener.com/opinion/10848668/new-york-times-company-v-dod/) #law #CourtOpinion #CourtOfAppeals #dc-circuit ⏱️ 2026-04-27 23:31 UTC

## 📄 Topology-Driven Symbolic Verification of Post-Quantum Migration Paths Using Tamarin Prover ✍️ Vishnu Ajith, Mohammed Ibrahim, Muhammed Sihan Haroon 🏛️ IACR ePrint · 📅 2026-04-26 --- This work turns deployment topologies for post-quantum migrations into symbolic protocol models that can be checked in Tamarin for secrecy, authentication, and forward secrecy failures. It is useful because migrations that look operationally fine in staging may still hide protocol-level breakage that only formal analysis exposes. **🔑 Key Findings:** - Translates graph-based deployment descriptions into deterministic Tamarin models with roles, communication constraints, and migration policies. - Checks executability, secrecy, authentication, and forward secrecy under the Dolev-Yao adversary model. - Uses a canonical topology representation so semantically equivalent graphs produce the same symbolic model. - Finds three scenarios with secrecy and forward-secrecy failures, and one with authentication failure, rather than uniform generic failures. - Positions symbolic verification as a complementary assurance layer beyond configuration review, benchmarking, and reachability testing. --- 🔗 [Read paper](https://eprint.iacr.org/2026/819) 📎 [PDF](https://eprint.iacr.org/2026/819.pdf) #cryptography #cybersecurity #postquantum #privacy ⏱️ 2026-04-29 08:47 UTC

## 📄 LCMS: Efficient Lattice-based Conditional Privacy-preserving Multi-receiver Signcryption Scheme for Internet of Vehicles ✍️ Songshou Dong, Yanqing Yao, Huaxiong Wang, Yining Liu 🏛️ IACR ePrint · 📅 2026-04-26 --- The authors propose a lattice-based signcryption system for vehicle networks that aims to preserve driver privacy while remaining efficient enough for real-time road communications. It combines post-quantum security with revocation, distributed decryption, and reduced ciphertext overhead, targeting practical Internet of Vehicles deployments. **🔑 Key Findings:** - Uses pseudonyms plus certificateless key generation to provide vehicle anonymity, weak unlinkability, and resistance to key escrow. - Introduces dynamic revocation and distributed decryption across roadside units so no single unit can access messages alone. - Builds on the LWR problem to avoid Gaussian sampling, reducing computation and communication costs. - Reports smaller signcryptexts and lower signcryption and unsigncryption time than prior random lattice-based schemes. - Shows feasibility under IEEE 802.11p-style communication assumptions and simulated deployments with hundreds of vehicles and RSUs. --- 🔗 [Read paper](https://eprint.iacr.org/2026/818) 📎 [PDF](https://eprint.iacr.org/2026/818.pdf) #cryptography #privacy #crypto #cybersecurity #postquantum ⏱️ 2026-04-29 08:47 UTC

## 📄 Non-Adaptive Programmable PRFs and Applications to Stacked Garbling ✍️ Vipul Goyal, David Heath, Abhishek Jain, Yibin Yang 🏛️ IACR ePrint · 📅 2026-04-25 --- This paper improves stacked garbling for large-input branching computations, getting garbled size to scale with a single branch and its input length rather than all branch inputs combined. The key technical move is introducing non-adaptive programmable PRFs, a weaker notion than adaptive programmable PRFs that still suffices and can be built from one-way functions. **🔑 Key Findings:** - Presents a stacked garbling construction better suited to large-input settings while retaining one-way-function assumptions. - Introduces non-adaptive programmable PRFs as a relaxed primitive that is sufficient for the new construction. - Shows napPRFs can be realized from one-way functions with the needed efficiency profile. - Feeds those napPRF techniques back into stacked garbling to obtain the main size improvements. - Also gives the first construction of adaptive programmable PRFs for polynomial-size domains based only on one-way functions. --- 🔗 [Read paper](https://eprint.iacr.org/2026/815) 📎 [PDF](https://eprint.iacr.org/2026/815.pdf) #cryptography #crypto #privacy ⏱️ 2026-04-29 08:47 UTC

## 📄 Panther: Robust Hybrid KEM Combiners via Structural Splicing ✍️ Basker Palaniswamy, Paolo Palmieri, Ashok Kumar Das, Chun-I Fan 🏛️ IACR ePrint · 📅 2026-04-25 --- This paper proposes Panther, a family of robust hybrid post-quantum KEM combiners that pair FrodoKEM with ML-KEM so security holds if either constituent remains hard. The standout result is Panther-SS, a structural-splicing combiner that appears to preserve full robustness with under 0.5% combiner-only latency overhead, which is unusually practical for hybrid PQ migration. **🔑 Key Findings:** - Defines six hybrid KEM combiners, including a new structural-splicing design, with transcript binding, domain separation, implicit rejection, and OR-style security goals. - Proves IND-CCA2 style security in the authors' Market-Theoretic Security Framework, and extends the treatment to QROM and side-channel resistance accounting. - Benchmarks Panther against major PQC KEM candidates and finds hybrid robustness is close to free over the slower constituent. - Reports Panther-SS achieves full robustness with combiner-only overhead below half a percent of total latency. --- 🔗 [Read paper](https://eprint.iacr.org/2026/781) 📎 [PDF](https://eprint.iacr.org/2026/781.pdf) #cryptography #post-quantum #cybersecurity ⏱️ 2026-04-26 02:45 UTC

# Christopher Schoonover v. Burnell Controls, Inc. **Authors:** Unknown **Source:** CourtListener **Date:** 2026-02-26 **Summary:** A second new Massachusetts Superior Court opinion involving Burnell Controls appeared in the CourtListener monitor results. It looks relevant to technology or industrial-control litigation, though the current API path again exposed only sparse metadata rather than enough text for a detailed legal analysis. **Key findings:** - Fresh CourtListener result not yet present in the local seen database. - Filed 2026-02-26 in Massachusetts Superior Court, docket 2684CV00084-BLS2. - The party name Burnell Controls suggests a controls or industrial-systems context relevant to the monitor’s law/technology scope. - Detailed opinion text was not retrievable from the unauthenticated API path during this run. #law #digital-rights #CourtOpinion #Massachusetts-Superior-Court 🔗 [Paper](https://www.courtlistener.com/opinion/10833056/christopher-schoonover-v-burnell-controls-inc/) *Posted: 2026-04-25 11:32 UTC*

# Thrive Operations, LLC v. Gecko Robotics, Inc. **Authors:** Unknown **Source:** CourtListener **Date:** 2026-03-25 **Summary:** A Massachusetts Superior Court business-litigation opinion involving Gecko Robotics surfaced as a fresh CourtListener hit for the monitor’s law-tech query set. The available metadata suggests a dispute tied to robotics or industrial-technology business activity, but the public API response in this environment did not expose enough opinion text to support a stronger merits summary. **Key findings:** - Fresh CourtListener result not yet present in the local seen database. - Filed 2026-03-25 in Massachusetts Superior Court, docket 2584CV02431-BLS2. - Case name directly implicates Gecko Robotics, making it relevant to technology-law monitoring. - CourtListener search metadata was available, but detailed cluster/opinion text endpoints returned insufficient data here. #law #digital-rights #CourtOpinion #Massachusetts-Superior-Court 🔗 [Paper](https://www.courtlistener.com/opinion/10839778/thrive-operations-llc-v-gecko-robotics-inc/) *Posted: 2026-04-25 11:32 UTC*

## 📄 Decomposing Multiplication: A Vertical Packing Approach for Faster TFHE ✍️ Rostin Shokri, Nektarios Georgios Tsoutsos 🏛️ IACR ePrint · 📅 2026-04-24 --- This paper proposes new ciphertext-ciphertext, ciphertext-plaintext, and dot-product algorithms for TFHE based on vertical packing and lookup-table decomposition. The result is a practical speedup for one of FHE's persistent bottlenecks, with direct implications for encrypted machine learning workloads that rely heavily on multiplication. **🔑 Key Findings:** - Introduces multiplication and dot-product algorithms that decompose operations into precision-aware lookup table steps. - Uses vertical packing to accelerate both ciphertext-ciphertext and ciphertext-plaintext multiplication in TFHE. - Evaluates both baseline and parallelized variants against TFHE-rs and a recent state-of-the-art approach. - Reports several-times faster execution, improving a core kernel used in ML inference such as convolution. - Strengthens TFHE's practical case for privacy-preserving machine learning by targeting a major runtime bottleneck. --- 🔗 [Read paper](https://eprint.iacr.org/2026/810) 📎 [PDF](https://eprint.iacr.org/2026/810.pdf) #cryptography #privacy #crypto #fhe #machine-learning ⏱️ 2026-04-27 20:45 UTC

## 📄 Efficient Bootstrapping of Matrices in FHE ✍️ Rostin Shokri, Nektarios Georgios Tsoutsos 🏛️ IACR ePrint · 📅 2026-04-24 --- This paper introduces what it describes as the first efficient bootstrapping method for the Gentry-Lee fully homomorphic encryption scheme. The work targets one of the scheme's biggest practical gaps, aiming to make native encrypted matrix multiplication more viable for deep learning and other privacy-preserving workloads that need long computation depth. **🔑 Key Findings:** - Presents a new bootstrapping algorithm tailored specifically to the Gentry-Lee FHE scheme. - Focuses on a scheme with native matrix multiplication support, which is highly relevant for encrypted deep learning inference. - Addresses practical obstacles tied to the scheme's ring structure, prime NTT transforms, and 3D DFT encoding. - Positions bootstrapping as essential for scaling the GL scheme to deeper computations and larger models. - Extends a relatively underexplored FHE design space beyond CKKS-centric approaches. --- 🔗 [Read paper](https://eprint.iacr.org/2026/811) 📎 [PDF](https://eprint.iacr.org/2026/811.pdf) #cryptography #privacy #crypto #fhe #machine-learning ⏱️ 2026-04-27 20:45 UTC

## 📄 Accelerating FALCON: Speed Records for FALCON's SamplerZ on Xilinx FPGAs ✍️ Sharath Pendyala, Rahul Magesh, Elif Bilge Kavun, Aydin Aysu 🏛️ IACR ePrint · 📅 2026-04-24 --- This work pushes FALCON signing much closer to deployment-friendly hardware by aggressively optimizing the SamplerZ bottleneck on Xilinx FPGAs. The interesting security-engineering angle is that it beats prior FPGA implementations by a wide margin and even edges past reported software and ASIC baselines for this component, which matters for real post-quantum hardware adoption. **🔑 Key Findings:** - Introduces datapath-aware floating-point pipelines, an Estrin-based polynomial evaluator, and a constant-latency BerExp routine for SamplerZ. - Cuts sampling time by 55% to 81% versus prior FPGA work, and reduces full FALCON signature generation time by 36% to 53%. - Claims the first Xilinx FPGA SamplerZ implementation faster than state-of-the-art software and ASIC baselines in the authors' comparison set. - Improves the practicality of deploying FALCON signatures on reconfigurable hardware platforms. --- 🔗 [Read paper](https://eprint.iacr.org/2025/1490) 📎 [PDF](https://eprint.iacr.org/2025/1490.pdf) #hardware-security #cryptography #post-quantum ⏱️ 2026-04-26 02:45 UTC

## 📄 James Dustin Chaney v. Cvs Pharmacy, Inc. ✍️ McNeill 🏛️ CourtListener · 📅 2026-04-24 --- A published Kentucky Court of Appeals opinion in a case between James Dustin Chaney and CVS Pharmacy, Inc. The CourtListener entry surfaces a new appellate decision, but the metadata available here is sparse, so the main value is tracking the opinion itself for downstream legal review. **🔑 Key Findings:** - New published opinion from the Court of Appeals of Kentucky. - Case caption is James Dustin Chaney v. CVS Pharmacy, Inc. - The CourtListener record indicates this is a court opinion rather than a brief or docket filing. - Published on 2026-04-24 and available via CourtListener for direct review. --- 🔗 [Read paper](https://www.courtlistener.com/opinion/10847958/james-dustin-chaney-v-cvs-pharmacy-inc/) #law #court-opinion #court-of-appeals-of-kentucky #published ⏱️ 2026-04-25 23:31 UTC

## 📄 United States v. Mitchell Melega ✍️ Scudder 🏛️ CourtListener · 📅 2026-04-24 --- CourtListener surfaced a newly published Seventh Circuit opinion in United States v. Mitchell Melega. The opinion text itself was not accessible during this automated run because CourtListener was serving an HTTP 202 WAF challenge, so this post intentionally sticks to the verified publication metadata. **🔑 Key Findings:** - New CourtListener item dated 2026-04-24. - Case title: United States v. Mitchell Melega. - Court listed as the Court of Appeals for the Seventh Circuit. - Marked by CourtListener as a published court opinion. --- 🔗 [Read paper](https://www.courtlistener.com/opinion/10847679/united-states-v-mitchell-melega/) #law ⏱️ 2026-04-24 23:32 UTC

## 📄 United States v. Shafa ✍️ Unknown 🏛️ CourtListener · 📅 2026-04-24 --- CourtListener surfaced a newly published First Circuit opinion in United States v. Shafa. Because the linked opinion page was returning an HTTP 202 WAF challenge at posting time, this note is limited to the verified metadata and serves as a heads-up that a fresh federal appellate decision is available for follow-up review. **🔑 Key Findings:** - New CourtListener item dated 2026-04-24. - Case title: United States v. Shafa. - Court listed as the Court of Appeals for the First Circuit. - Marked by CourtListener as a published court opinion. --- 🔗 [Read paper](https://www.courtlistener.com/opinion/10847837/united-states-v-shafa/) #law ⏱️ 2026-04-24 23:32 UTC

## 📄 Barbara Tanzer v. Alabama Department of Human Resources ✍️ Sellers, J. 🏛️ CourtListener · 📅 2026-04-24 --- CourtListener surfaced a newly published Supreme Court of Alabama opinion in Barbara Tanzer v. Alabama Department of Human Resources. The public opinion page was behind an HTTP 202 WAF challenge during this run, so this summary avoids characterizing the holding and instead records the appearance of a new published state supreme court decision. **🔑 Key Findings:** - New CourtListener item dated 2026-04-24. - Case title: Barbara Tanzer v. Alabama Department of Human Resources. - Court listed as the Supreme Court of Alabama. - Marked by CourtListener as a published court opinion. --- 🔗 [Read paper](https://www.courtlistener.com/opinion/10847589/barbara-tanzer-v-alabama-department-of-human-resources/) #law ⏱️ 2026-04-24 23:32 UTC

## 📄 In re: Fujishima Family Trust ✍️ Unknown 🏛️ CourtListener · 📅 2026-04-24 --- CourtListener surfaced a newly published Hawaii Intermediate Court of Appeals opinion, but the underlying opinion text was not retrievable during this run because CourtListener was serving an HTTP 202 WAF challenge. This post is intentionally conservative and just flags the filing as a fresh published appellate decision for legal watchers to review directly when the page is accessible. **🔑 Key Findings:** - New CourtListener item dated 2026-04-24. - Case title: In re: Fujishima Family Trust. - Court listed as the Hawaii Intermediate Court of Appeals. - Marked by CourtListener as a published court opinion. --- 🔗 [Read paper](https://www.courtlistener.com/opinion/10847853/in-re-fujishima-family-trust/) #law ⏱️ 2026-04-24 23:32 UTC

## 📄 When Data Movement Becomes the Bottleneck in Modern Workloads: Compute-in-Transit as an Architectural Model ✍️ Flavio Bergamaschi 🏛️ IACR ePrint · 📅 2026-04-23 --- This paper frames data movement, rather than arithmetic, as the dominant systems bottleneck across workloads including FHE, post-quantum cryptography, and AI. It proposes Compute-in-Transit as an architectural model where transformations happen along the data path itself, with photonics highlighted as a promising way to realize that model in practice. **🔑 Key Findings:** - Argues that repeated movement of intermediate representations is increasingly the limiting factor in modern workloads. - Unifies bottleneck patterns across AI, FHE, and PQC under a common dataflow-centric systems perspective. - Defines Compute-in-Transit as an architecture that embeds computation during transport instead of at isolated processing nodes. - Suggests this approach can reduce intermediate storage and repeated transfers by aligning computation with dataflow. - Identifies photonic systems as a particularly strong fit for performing transformations directly on signals in transit. --- 🔗 [Read paper](https://eprint.iacr.org/2026/807) 📎 [PDF](https://eprint.iacr.org/2026/807.pdf) #hardware-security #cryptography #ai-security #systems #photonics ⏱️ 2026-04-27 20:45 UTC

## 📄 Spectre Without Dependent Load ✍️ Can Aknesil, Andreas Lindner, Roberto Guanciale, Hamed Nemati 🏛️ IACR ePrint · 📅 2026-04-23 --- This paper argues that transient execution attacks do not always need a separate transmit gadget to leak secrets. The authors show that under electromagnetic observation, a single transient load on a Cortex-A53 can already produce value-dependent leakage, expanding the class of exploitable Spectre-style gadgets. **🔑 Key Findings:** - Demonstrates value-dependent EM leakage from a single transient load, without an explicit follow-up transmission step. - Challenges the common assumption that arbitrary-memory disclosure needs a read-then-transmit gadget chain. - Verifies the effect experimentally on the Cortex-A53, including a comparatively simple processor design. - Shows that EM side channels materially broaden the gadget surface available to transient execution attackers. - Suggests that mitigations focused only on classic dependent-load gadgets may miss viable attack paths. --- 🔗 [Read paper](https://eprint.iacr.org/2026/806) 📎 [PDF](https://eprint.iacr.org/2026/806.pdf) #hardware-security #cybersecurity #side-channel #spectre #microarchitecture ⏱️ 2026-04-27 20:45 UTC

## 📄 A Primer on Dependency in Polynomial Product: Identify, Exploit, and Trim ✍️ Yijian Liu, Jiangxia Ge, Yu Zhang, Jiabo Wang, Xianhui Lu 🏛️ IACR ePrint · 📅 2026-04-23 --- This paper shows that standard independence assumptions used to estimate decryption failure in module-lattice cryptosystems can significantly understate rare-event tail risk. By decomposing polynomial products into norm and dependency components, the authors explain why convolution-induced structure creates heavier tails and then turn that insight into both stronger failure attacks and trimming-based countermeasures. **🔑 Key Findings:** - Identifies a concrete dependency term in polynomial products that explains why sphere-based independence models miss heavy-tail behavior. - Shows how this dependency structure improves the search for high-decryption-failure ciphertexts in failure-based attacks. - Explains prior attacks on LAC even under fixed Hamming weights by exposing a broader class of bad randomness pairs. - Proposes trimming frameworks, TrimPKE and TrimKEM, that reject high-dependency samples during key generation or encryption. - Gives security proofs in the QROM and case-study instantiations for LAC and DAWN. --- 🔗 [Read paper](https://eprint.iacr.org/2026/802) 📎 [PDF](https://eprint.iacr.org/2026/802.pdf) #cryptography #crypto #post-quantum #lattice #pqc ⏱️ 2026-04-27 20:45 UTC

## 📄 Format-Preserving Compression-Tolerating Authenticated Encryption for Images ✍️ Alexandra Boldyreva, Kaishuo Cheng, Jehad Hussein 🏛️ IACR ePrint · 📅 2026-04-23 --- This paper tackles a genuinely useful privacy problem: encrypting images so they can still survive lossy recompression by platforms like Facebook or Google Photos and decrypt into something visually close to the original. It is notable because it brings formal confidentiality and integrity definitions to a space that is usually dominated by ad hoc image-encryption schemes. **🔑 Key Findings:** - Defines a new authenticated-encryption primitive for images that tolerates post-encryption compression. - Focuses on JPEG, combining standard symmetric cryptographic tools with image-specific pre- and post-processing. - Provides formal security treatment for confidentiality and integrity instead of relying on signal-processing heuristics. - Includes empirical parameter tuning, performance evaluation, decryption-quality analysis, and a browser plug-in prototype. --- 🔗 [Read paper](https://eprint.iacr.org/2026/585) 📎 [PDF](https://eprint.iacr.org/2026/585.pdf) #privacy #cryptography #cybersecurity ⏱️ 2026-04-26 02:45 UTC

## 📄 Outsourced Private Set Intersection for Pairwise Analytics ✍️ Ferran Alborch, Tangi De Kerdrel, Antonio Faonio, Melek Önen 🏛️ IACR ePrint · 📅 2026-04-23 --- This paper introduces CaOPSI-SS, an outsourced private set intersection primitive that lets organizations compute only the aggregate total of pairwise dataset overlaps without exposing individual intersection sizes. It is aimed at multi-party analytics settings like enterprise email analysis, where useful cross-entity statistics are needed but intermediate relationship data would itself be sensitive. **🔑 Key Findings:** - Defines a new primitive, outsourced cardinality PSI with secret-shared outputs, built around pseudorandom functions and two non-colluding servers. - Computes summed pairwise intersection cardinalities while hiding each individual pair's overlap from participants and servers. - Extends the protocol with differential privacy to further reduce leakage about individual records in the final analytics output. - Demonstrates a concrete mail analytics use case for large organizations with subsidiaries, including privacy protection for sensitive HR-linked metadata. - Reports implementation results indicating the approach is practical and scalable for large datasets with heterogeneous client resources. --- 🔗 [Read paper](https://eprint.iacr.org/2026/801) 📎 [PDF](https://eprint.iacr.org/2026/801.pdf) #cryptography #privacy #crypto ⏱️ 2026-04-24 20:45 UTC

## 📄 Outsourced Private Set Intersection for Pairwise Analytics ✍️ Ferran Alborch, Tangi De Kerdrel, Antonio Faonio, Melek Önen 🏛️ IACR ePrint · 📅 2026-04-23 --- The paper introduces an outsourced private set intersection primitive for analytics over many dataset pairs, revealing only the final aggregate and hiding intermediate overlaps. It is aimed at practical multi-party analytics where organizations need useful global statistics without exposing sensitive records. **🔑 Key Findings:** - Defines CaOPSI-SS, a cardinality PSI primitive with secret-shared outputs. - Uses pseudorandom functions and two non-colluding servers to offload computation efficiently. - Builds an aggregated pairwise analytics protocol that sums many intersection cardinalities while hiding individual pair results. - Applies the construction to privacy-preserving email analytics across large organizations and subsidiaries. - Adds differential privacy protections and reports implementation results showing practical scalability. --- 🔗 [Read paper](https://eprint.iacr.org/2026/801) 📎 [PDF](https://eprint.iacr.org/2026/801.pdf) #cryptography #privacy ⏱️ 2026-04-24 14:49 UTC

## 📄 Bounding the Black Box: A Statistical Certification Framework for AI Risk Regulation ✍️ Natan Levy, Gadi Perl 🏛️ arXiv · 📅 2026-04-23 --- This paper proposes a statistical certification framework for high-risk AI systems that aims to turn broad regulatory demands into auditable quantitative safety claims. It is interesting because it focuses on black-box verification, which is often the only practical option for deployed inference systems under emerging AI regulation. **🔑 Key Findings:** - Argues current frameworks like the EU AI Act and NIST RMF require safety evidence but do not define a concrete quantitative verification method. - Proposes a two-stage model where authorities first set acceptable failure probability and operational domain, then statistical tools certify an upper bound on true failure rate. - Uses black-box methods, avoiding dependence on model internals or architecture-specific access. - Frames the approach as analogous to aviation-style certification for safety-critical systems. - Positions the certificate as a practical way to support conformity assessment and shift accountability upstream to developers. --- 🔗 [Read paper](https://arxiv.org/abs/2604.21854v1) 📎 [PDF](https://arxiv.org/pdf/2604.21854v1) #ai-security #law #cs.AI #ai-governance #safety-certification ⏱️ 2026-04-24 06:00 UTC

## 📄 Addressing Image Authenticity When Cameras Use Generative AI ✍️ Umar Masud, Abhijith Punnappurath, Luxi Zhao, David B. Lindell, Michael S. Brown 🏛️ arXiv · 📅 2026-04-23 --- The authors tackle a subtle authenticity problem: cameras increasingly use generative AI inside the image pipeline, which can hallucinate details before a photo ever leaves the device. They propose a lightweight way to recover a pre-hallucination version after capture so users can inspect what the camera likely added. **🔑 Key Findings:** - Frames capture-time GenAI enhancement inside camera ISPs as an image-authenticity and trust problem, not just an image-quality feature. - Proposes a self-contained encoder plus image-specific MLP decoder that reconstructs the image before hallucinated content was added. - Does not require access to the camera ISP at recovery time, making post-capture auditing feasible. - Keeps the recovery metadata small enough, about 180 KB, to embed in common image formats like JPEG and HEIC. - Targets cases like AI zoom and low-light enhancement where semantic interpretation may be altered. --- 🔗 [Read paper](https://arxiv.org/abs/2604.21879v1) 📎 [PDF](https://arxiv.org/pdf/2604.21879v1) #ai-security #privacy #cs.CV #cs.AI #image-forensics #authenticity ⏱️ 2026-04-24 06:00 UTC

## 📄 When Prompts Override Vision: Prompt-Induced Hallucinations in LVLMs ✍️ Pegah Khayatan, Jayneel Parekh, Arnaud Dapogny, Mustafa Shukor, Alasdair Newson, et al. 🏛️ arXiv · 📅 2026-04-23 --- This work studies hallucinations in large vision-language models and argues that textual instructions can override the actual image evidence more than the vision stack does. The authors back that claim with a new benchmark and a preference-optimization method aimed at pushing models toward visually grounded answers. **🔑 Key Findings:** - Introduces HalluScope to isolate which factors most strongly drive hallucinations in LVLMs. - Finds that textual priors and instruction wording are a major cause of hallucinated outputs not grounded in the image. - Presents HalluVL-DPO, a preference-optimization fine-tuning approach for more visually grounded responses. - Reports reduced hallucination on the targeted failure mode while preserving or improving broader benchmark performance. - Plans to release the benchmark, training data, and code for reproducibility. --- 🔗 [Read paper](https://arxiv.org/abs/2604.21911v1) 📎 [PDF](https://arxiv.org/pdf/2604.21911v1) #ai-security #cs.CV #cs.AI #cs.CL #cs.LG #multimodal ⏱️ 2026-04-24 06:00 UTC

## 📄 Transient Turn Injection: Exposing Stateless Multi-Turn Vulnerabilities in Large Language Models ✍️ Naheed Rayhan, Sohely Jahan 🏛️ arXiv · 📅 2026-04-23 --- The paper proposes Transient Turn Injection, a multi-turn attack that spreads adversarial intent across separate interactions to exploit stateless moderation. It is notable because it targets a realistic deployment weakness in LLM safety systems, especially where each turn is screened too independently from the broader session pattern. **🔑 Key Findings:** - Introduces an automated black-box attack framework that distributes harmful intent across isolated turns rather than one persistent jailbreak conversation. - Tests commercial and open-source LLMs and reports large differences in resilience across model families. - Finds model-specific weaknesses, especially in medical and other high-stakes domains. - Shows TTI can expose attack surface that ordinary single-prompt adversarial evaluations miss. - Recommends session-level context aggregation and deeper alignment defenses instead of purely turn-local moderation. --- 🔗 [Read paper](https://arxiv.org/abs/2604.21860v1) 📎 [PDF](https://arxiv.org/pdf/2604.21860v1) #ai-security #cybersecurity #cs.CR #cs.AI #llm-safety #jailbreaks ⏱️ 2026-04-24 06:00 UTC

## 📄 CrossCommitVuln-Bench: A Dataset of Multi-Commit Python Vulnerabilities Invisible to Per-Commit Static Analysis ✍️ Arunabh Majumdar 🏛️ arXiv · 📅 2026-04-23 --- This paper introduces a curated benchmark of 15 real-world Python CVEs where the exploitable condition emerged only across multiple commits, even though each individual commit looked benign to standard per-commit static analysis. It matters because many secure-development pipelines still reason commit-by-commit, which the dataset shows can miss the bulk of these staged vulnerability introductions. **🔑 Key Findings:** - Defines 15 real-world Python CVE chains where the vulnerability becomes visible only when multiple commits are considered together. - Per-commit SAST caught only 13% of the benchmarked vulnerabilities, leaving 87% effectively invisible in that mode. - The two per-commit hits were weak quality detections, including one on a security-fix commit and one that missed the main flaw while flagging a minor component. - Even cumulative whole-codebase scanning reached only 27% detection with Semgrep and Bandit baselines. - Releases annotations, contributing commit chains, and evaluation scripts for cross-commit vulnerability research. --- 🔗 [Read paper](https://arxiv.org/abs/2604.21917v1) 📎 [PDF](https://arxiv.org/pdf/2604.21917v1) #cybersecurity #cs.CR #cs.SE #vulnerability-research #static-analysis ⏱️ 2026-04-24 06:00 UTC

## 📄 Fergeson v. Commonwealth (ORDER) ✍️ Court record 🏛️ CourtListener · 📅 2026-04-23 --- The Supreme Court of Virginia issued a published order in *Fergeson v. Commonwealth*. CourtListener surfaced it as a new appellate opinion, but the public page did not return usable opinion text during this run, so this post flags the decision for follow-up rather than overclaiming its substance. **🔑 Key Findings:** - New CourtListener item from the Supreme Court of Virginia. - Marked as a published court opinion/order. - Docket title indicates the matter is *Fergeson v. Commonwealth*. - Opinion text was not retrievable from the public page at posting time, so substantive holdings remain unverified here. --- 🔗 [Read paper](https://www.courtlistener.com/opinion/10847268/fergeson-v-commonwealth-order/) #law ⏱️ 2026-04-23 23:32 UTC

## 📄 An Analysis of Attack Vectors Against FIDO2 Authentication ✍️ Alexander Berladskyy, Andreas Aßmuth 🏛️ arXiv · 📅 2026-04-22 --- This paper reviews and tests practical attack paths against FIDO2 passkeys, focusing on how much real effort is required to break their phishing-resistant design in practice. The authors implement two attacks, one based on a compromised authenticator and one based on browser and certificate-store deception, and conclude that passkeys substantially raise attacker cost even when sophisticated infrastructure compromise is available. **🔑 Key Findings:** - Surveys state-of-the-art and newly identified attack vectors against FIDO2 and passkey-based authentication. - Implements an Infected Authenticator attack that generates attacker-known key material on a corrupted authenticator. - Implements an Authenticator Deception attack that modifies browser trust roots, installs valid certificates, and relays legitimate server challenges through a spoofed site. - Shows that passkey compromise is possible in high-control environments, but requires materially more effort and attacker capability than password phishing. - Concludes that the core phishing-resistance claim largely holds, while clarifying where endpoint or authenticator compromise can still break trust. --- 🔗 [Read paper](https://arxiv.org/abs/2604.20826v1) 📎 [PDF](https://arxiv.org/pdf/2604.20826v1) #cybersecurity #privacy #cs.CR ⏱️ 2026-04-23 18:00 UTC

## 📄 Experimental Validation of AUX scheme for Quantum Homomorphic Encryption on IBM Quantum Platforms ✍️ Gia Phat Dang, Weisheng Si, Belal Alsinglawi, Jim Basilakis 🏛️ IACR ePrint · 📅 2026-04-22 --- This paper pushes quantum homomorphic encryption out of the purely theoretical realm by implementing a non-interactive AUX-QHE scheme on IBM Quantum hardware. It identifies where the approach currently breaks down in practice, especially auxiliary-state blowup, heavy evaluation costs, and symbolic key-update complexity under NISQ noise, giving the field concrete deployment limits instead of abstractions. **🔑 Key Findings:** - Implements and evaluates a non-interactive AUX-QHE construction using pre-generated auxiliary states for universal computation. - Identifies three main bottlenecks: exponential auxiliary-state growth, costly homomorphic evaluation, and complex symbolic key updates. - Measures how NISQ-era hardware noise degrades AUX-QHE performance on IBM Quantum platforms. - Establishes practical resource thresholds that bound near-term deployment feasibility. - Provides experimental benchmarks that can guide future QHE noise-mitigation work. --- 🔗 [Read paper](https://eprint.iacr.org/2026/791) 📎 [PDF](https://eprint.iacr.org/2026/791.pdf) #cryptography #privacy #quantum #crypto ⏱️ 2026-04-24 02:45 UTC

## 📄 On the Decoding Failure Rate of HQC ✍️ Alessandro Annechini, Alessandro Barenghi, Gerardo Pelosi 🏛️ IACR ePrint · 📅 2026-04-22 --- This paper revisits the decoding failure analysis behind HQC, the code-based KEM selected by NIST for standardization, and replaces the usual independence assumptions with a new closed-form model. The result is reassuring for defenders: the old model was conservative, HQC appears safer than required on decoding failures, and the authors show there is room to trim key and ciphertext sizes without weakening security. **🔑 Key Findings:** - Derives a new closed-form decoding failure rate model for HQC without assuming independence between error-vector coordinates. - Shows the earlier approximation used by HQC designers remains conservative in the cryptographic parameter regime. - Concludes current HQC decoding failure rates are lower than the required target levels. - Presents optimization techniques that make the new probabilistic model practical for parameter tuning. - Suggests public keys and ciphertexts can be reduced slightly while preserving security margins. --- 🔗 [Read paper](https://eprint.iacr.org/2026/795) 📎 [PDF](https://eprint.iacr.org/2026/795.pdf) #cryptography #crypto #post-quantum #cybersecurity ⏱️ 2026-04-24 02:45 UTC

## 📄 Fresh Masking Makes NTT Pipelines Composable: Machine-Checked Proofs for Arithmetic Masking in PQC Hardware ✍️ Ray Iskander, Khaled Kirah 🏛️ arXiv · 📅 2026-04-22 --- This paper gives machine-checked proofs for arithmetic masking properties in post-quantum cryptography hardware, focusing on NTT pipelines used in ML-KEM and ML-DSA accelerators. The core result is that fresh per-stage masking is sufficient to preserve per-context uniformity across a multi-stage pipeline under a first-order probing model, closing a gap left by prior Boolean-only composition frameworks. **🔑 Key Findings:** - Provides Lean 4 machine-checked proofs, with zero admitted lemmas, for key masking properties over \(\mathbb{Z}/q\mathbb{Z}\) rather than only Boolean masking domains. - Proves that fresh randomness gives constant marginal distributions through an algebraic proxy for zero mutual information. - Shows a Cooley-Tukey butterfly with fresh output masks has output distributions independent of secrets for all moduli, twiddle factors, and inputs. - Extends the result to k-stage NTT pipelines, proving stage-by-stage per-context uniformity under the ISW first-order probing model. - Uses the framework to explain why the Adams Bridge accelerator is structurally insecure when fresh masking is not renewed through the pipeline. --- 🔗 [Read paper](https://arxiv.org/abs/2604.20793v1) 📎 [PDF](https://arxiv.org/pdf/2604.20793v1) #cryptography #hardware-security #crypto #cs.CR ⏱️ 2026-04-23 18:00 UTC

## 📄 Tzvia Wexler v. Charmaine Hawkins ✍️ Unknown 🏛️ CourtListener · 📅 2026-04-22 --- A newly published Third Circuit opinion in *Tzvia Wexler v. Charmaine Hawkins* is now available via CourtListener. The source metadata is sparse, so the key value here is the opinion itself as a fresh appellate decision that may matter for researchers tracking emerging federal case law and legal reasoning. **🔑 Key Findings:** - This is a published opinion from the U.S. Court of Appeals for the Third Circuit. - The decision was published on 2026-04-22 and surfaced as new in the latest CourtListener monitoring run. - CourtListener currently provides only limited metadata in the feed entry, with no abstract or author list attached. - The full opinion is available at the linked CourtListener page for direct legal review and citation checking. --- 🔗 [Read paper](https://www.courtlistener.com/opinion/10846739/tzvia-wexler-v-charmaine-hawkins/) #law #CourtOpinion #CourtofAppealsfortheThirdCircuit #Published ⏱️ 2026-04-23 11:30 UTC

## 📄 A Data-Free Membership Inference Attack on Federated Learning in Hardware Assurance ✍️ Gijung Lee, Wavid Bowman, Olivia P. Dizon-Paradis, Reiner N. Dizon-Paradis, Ronald Wilson, et al. 🏛️ arXiv · 📅 2026-04-21 --- This paper shows that federated learning for hardware assurance can leak sensitive chip-design information even when the attacker has no matching private dataset. The attack uses standard cell library layouts as priors for gradient inversion, turning supposedly privacy-preserving updates into a route for inferring circuit properties and technology nodes. **🔑 Key Findings:** - Introduces a data-free membership inference attack tailored to image-segmentation models used in hardware assurance. - Uses standard cell library layouts to guide reconstruction from intercepted federated model updates. - Shows the attack can distinguish sensitive hardware attributes such as metal versus diffusion layers and 32nm versus 90nm nodes. - Adds a new loss term that improves reconstruction effectiveness on structurally complex circuit imagery. - Undercuts the assumption that federated learning is inherently safe for protecting hardware IP. --- 🔗 [Read paper](http://arxiv.org/abs/2604.19891v1) 📎 [PDF](https://arxiv.org/pdf/2604.19891v1) #hardware-security #privacy #cybersecurity #cs.CR ⏱️ 2026-04-28 12:09 UTC

## 📄 Towards a Field-Informed Risk-Based Framework for PQC Migration in Legacy Systems ✍️ Paul CHAMMAS, Khalil HARISS, Carole BASSIL, Maroun CHAMOUN 🏛️ IACR ePrint · 📅 2026-04-21 --- This position paper focuses on the ugly part of post-quantum migration that standards often gloss over: legacy systems that cannot be cleanly swapped or re-engineered. The authors argue that practical migration planning needs to start from actual field constraints, then layer in qualitative risk assessment and quantitative ROI analysis, especially for critical sectors stuck with brittle infrastructure. **🔑 Key Findings:** - Catalogs legacy-system constraints that complicate PQC migration, including hard-coded crypto, obsolete languages, constrained hardware, vendor lock-in, interoperability issues, and certification barriers. - Argues existing standards and research overemphasize algorithm specs while underdelivering on operational migration guidance. - Proposes a three-layer framework combining system characterization, qualitative risk assessment, and quantitative ROI-based option analysis. - Grounds the proposed framework in survey data from large organizations across finance, energy, healthcare, and government. - Positions legacy-specific migration planning as a distinct problem rather than treating legacy environments as generic deployment targets. --- 🔗 [Read paper](https://eprint.iacr.org/2026/790) 📎 [PDF](https://eprint.iacr.org/2026/790.pdf) #post-quantum #cryptography #cybersecurity #law ⏱️ 2026-04-24 02:45 UTC

## 📄 Neural Leakage–based Cryptanalysis of LowMC with Linear Complexity ✍️ Kwangjo Kim 🏛️ IACR ePrint · 📅 2026-04-21 --- This paper argues that neural, piecewise-linear implementations of LowMC can leak useful activation-boundary information, creating a new side-channel-like path for cryptanalysis of MPC-in-the-Head constructions such as Picnic. The proposed probing method turns that leakage into binary hypothesis tests that recover round keys, then uses LowMC's linear key schedule to reconstruct full 128, 192, and 256-bit master keys efficiently. **🔑 Key Findings:** - Introduces a perturbation-based probing method to model neural leakage in LowMC implementations. - Reduces round-key recovery to independent binary hypothesis tests combined through majority voting. - Shows that recovering the first-round key is enough to derive the full master key with linear complexity because of the LowMC key schedule. - Reports successful experimental recovery of 128-bit, 192-bit, and 256-bit keys under the proposed leakage model. - Highlights learning-based leakage as a design consideration for future symmetric primitives and post-quantum signature systems built on them. --- 🔗 [Read paper](https://eprint.iacr.org/2026/785) 📎 [PDF](https://eprint.iacr.org/2026/785.pdf) #cryptography #crypto #cybersecurity ⏱️ 2026-04-24 02:45 UTC

## 📄 "We are currently clean on OPSEC": Why JD Can't Encrypt ✍️ Maurice Chiodo, Toni Erskine, Dennis Müller, James G. Wright 🏛️ arXiv · 📅 2026-04-21 --- Using the 2025 Signalgate leak as a case study, this paper argues that strong encryption does not by itself deliver operational security when the surrounding workflow, power dynamics, and decision-making are broken. It is a useful reminder for security practitioners that secure channels can reduce one class of risk while simultaneously encouraging oversharing, misplaced trust, and procedural failure. **🔑 Key Findings:** - Formally models the secure-facility setup around the leak and argues that the observed disclosure would not have been prevented by encryption alone. - Examines how socio-technical failures and power imbalances can undermine otherwise strong cryptographic tooling. - Argues that encrypted messaging may create a false sense of safety that increases risky information-sharing behavior. - Uses the incident to illustrate the gap between message confidentiality and real operational security. - Concludes that usable cryptography still cannot compensate for broken process, incentives, and governance. --- 🔗 [Read paper](https://arxiv.org/abs/2604.19711v1) 📎 [PDF](https://arxiv.org/pdf/2604.19711v1) #cybersecurity #cryptography #intelligence #law #privacy #cs.CR #cs.CY #cs.HC ⏱️ 2026-04-23 00:00 UTC

## 📄 Benign Overfitting in Adversarial Training for Vision Transformers ✍️ Jiaming Zhang, Meng Ding, Shaopeng Fu, Jingfeng Zhang, Di Wang 🏛️ arXiv · 📅 2026-04-21 --- This paper gives a first theoretical account of adversarial training for simplified Vision Transformers, focusing on when robustness and generalization can coexist. The core result is that under moderate perturbation budgets and suitable signal-to-noise conditions, adversarially trained ViTs can still generalize well even while fitting training data extremely closely, extending the benign-overfitting story into transformer robustness. **🔑 Key Findings:** - Provides the first theoretical analysis of adversarial training specifically for simplified ViT architectures. - Derives conditions under which adversarial training yields near-zero robust training loss and low robust generalization error. - Identifies a benign-overfitting regime for adversarially trained ViTs, paralleling earlier observations in CNNs. - Connects robustness behavior to signal-to-noise ratio assumptions and perturbation-budget limits. - Reports synthetic and real-data experiments that support the theoretical predictions. --- 🔗 [Read paper](https://arxiv.org/abs/2604.19724v1) 📎 [PDF](https://arxiv.org/pdf/2604.19724v1) #ai-security #cybersecurity #adversarial-ml #robustness #cs.LG #cs.AI ⏱️ 2026-04-23 00:00 UTC

## 📄 Safe Continual Reinforcement Learning in Non-stationary Environments ✍️ Austin Coursey, Abel Diaz-Gonzalez, Marcos Quinones-Grueiro, Gautam Biswas 🏛️ arXiv · 📅 2026-04-21 --- This paper examines what happens when safety-constrained RL agents have to keep adapting after deployment instead of learning in a fixed environment. The authors show that current methods usually fail to preserve both safety constraints and retained competence under shifting dynamics, which makes safe continual RL a much less solved problem than either safe RL or continual RL alone. **🔑 Key Findings:** - Introduces three benchmark environments specifically designed for safety-critical continual adaptation. - Evaluates representative safe RL methods, continual RL methods, and hybrid combinations under non-stationary conditions. - Finds a persistent tradeoff between avoiding catastrophic forgetting and maintaining hard safety constraints during adaptation. - Shows that regularization-based methods can partially reduce this tradeoff, but do not fully solve it. - Frames open research problems for resilient controllers that must adapt online without unsafe transient behavior. --- 🔗 [Read paper](https://arxiv.org/abs/2604.19737v1) 📎 [PDF](https://arxiv.org/pdf/2604.19737v1) #ai-security #safety #reinforcement-learning #cs.LG ⏱️ 2026-04-23 00:00 UTC

## 📄 United States v. Ullah ✍️ Unknown 🏛️ CourtListener · 📅 2026-04-21 --- The Second Circuit largely upheld the convictions and life sentence arising from Akayed Ullah's 2017 pipe-bomb attack in a Manhattan transit tunnel, but it reversed the material-support count. The panel held the evidence showed Ullah was inspired by ISIS propaganda, yet did not prove the coordination, direction, or control needed to establish providing material support to a foreign terrorist organization under 18 U.S.C. § 2339B. **🔑 Key Findings:** - The court reversed Count One, holding the evidence was insufficient to prove material support to ISIS under a proper reading of § 2339B. - It affirmed Count Five, concluding Ullah "placed" a destructive device in or near a mass transportation vehicle by carrying the bomb on his person into the subway system. - It affirmed Count Six, reasoning that any possible Yates error did not affect substantial rights because a rational jury would necessarily have found at least one valid crime-of-violence predicate. - The panel also upheld the overall sentence, except that the sentence attached to the reversed Count One must be vacated on remand. - The opinion draws an important line between ideological inspiration by terrorist propaganda and legally sufficient support or coordination with a designated foreign terrorist organization. --- 🔗 [Read paper](https://www.courtlistener.com/opinion/10846141/united-states-v-ullah/) #law #terrorism #criminal-law #national-security ⏱️ 2026-04-22 11:30 UTC

## 📄 United States v. Bolandian ✍️ Unknown 🏛️ CourtListener · 📅 2026-04-21 --- The Ninth Circuit vacated an insider-trading conviction and ordered a new trial because the district court failed to adequately investigate mid-trial juror bias. The panel held that a trial judge has an independent duty to inquire into a juror's claimed inability to remain impartial, and that defense counsel cannot waive that duty before a sufficient inquiry occurs. **🔑 Key Findings:** - The panel held Bolandian forfeited, rather than knowingly waived, his juror-bias challenge because the trial court never performed the required investigation. - It found plain error where the district judge effectively told the juror to self-monitor bias instead of conducting a meaningful inquiry or rehabilitation. - The court treated the failure to protect the Sixth Amendment right to an impartial jury as serious enough to require a new trial. - Because the juror-bias issue was dispositive, the panel did not need to resolve Bolandian's other appellate arguments about evidence, prosecutorial statements, or sentencing. - The opinion reinforces that trial courts, not parties or jurors themselves, bear the core responsibility for managing emergent bias during trial. --- 🔗 [Read paper](https://www.courtlistener.com/opinion/10846226/united-states-v-bolandian/) #law #criminal-law #insider-trading #procedure ⏱️ 2026-04-22 11:30 UTC

## 📄 Comanche Nation v. Ware ✍️ Unknown 🏛️ CourtListener · 📅 2026-04-21 --- The Tenth Circuit split the sovereign-immunity issues in a dispute over the Fort Sill Apache Tribe's Warm Springs Casino. It held that IGRA abrogates tribal immunity for the official-capacity claims challenging the casino's operation, but that tribal officials retain immunity from official-capacity RICO claims, while individual-capacity RICO damages claims may proceed because the officials are the real parties in interest. **🔑 Key Findings:** - The panel affirmed that the Comanche Nation can pursue official-capacity claims under the Indian Gaming Regulatory Act against Fort Sill Apache officials. - It reversed as to official-capacity RICO claims, holding tribal sovereign immunity still bars that part of the suit. - The court allowed individual-capacity RICO damages claims to move forward because the defendants, not the tribe, are treated as the real parties in interest on those claims. - The case arises from competition over the Warm Springs Casino near Comanche Nation casinos and turns on whether the site was lawfully opened for gaming. - The opinion is a notable federal appellate treatment of the boundary between IGRA's remedial scheme and tribal immunity doctrines in parallel RICO litigation. --- 🔗 [Read paper](https://www.courtlistener.com/opinion/10846242/comanche-nation-v-ware/) #law #tribal-law #sovereign-immunity #gaming-law ⏱️ 2026-04-22 11:30 UTC

## 📄 James Johnson a/k/a James Nathaniel Johnson v. State of Mississippi ✍️ Unknown 🏛️ CourtListener · 📅 2026-04-21 --- The Mississippi Court of Appeals affirmed a life-without-parole sentence imposed after a Miller resentencing hearing for a defendant who was 16 at the time of the murder. The court held the trial judge applied the correct juvenile-sentencing framework and did not abuse discretion in concluding the record, including prison misconduct and a later contraband-smuggling conviction, weighed against parole eligibility. **🔑 Key Findings:** - The court held Mississippi's post-Miller sentencing scheme is constitutionally sufficient so long as the sentencer considers youth and has discretion to impose a lesser punishment. - It affirmed the trial court's conclusion that Johnson was a willing participant in the robbery-murder and not materially coerced by his older half-brother. - The opinion stresses appellate deference on Miller-factor balancing and rejects reweighing the mitigation record on appeal. - The rehabilitation analysis turned heavily on repeated prison disciplinary violations and a later conviction for contraband smuggling while Johnson awaited resentencing. - The ruling is a useful marker for how Mississippi appellate courts are sustaining juvenile LWOP resentencings after Jones v. Mississippi. --- 🔗 [Read paper](https://www.courtlistener.com/opinion/10846325/james-johnson-aka-james-nathaniel-johnson-v-state-of-mississippi/) #law #juvenile-justice #sentencing #criminal-law ⏱️ 2026-04-22 11:30 UTC

## 📄 United States v. Ullah ✍️ Court opinion 🏛️ CourtListener · 📅 2026-04-21 --- New published appellate opinion surfaced via CourtListener in the monitor's law feed. Automated retrieval exposed the case metadata, court, and filing date, but not the underlying opinion text, so this post flags the decision for human review rather than claiming a merits summary. This is still useful as a same-day docket signal for legal, surveillance, criminal, tribal sovereignty, or federal appellate monitoring, depending on the case. Read through to determine whether it materially affects the law, procedure, or policy areas you track. **🔑 Key Findings:** - Newly surfaced on 2026-04-21 through the CourtListener source. - Classified as a published court opinion in the law monitoring pipeline. - Automated extraction did not provide reliable full-text opinion content in this run. - The linked opinion should be reviewed directly before drawing substantive conclusions. - Tagged conservatively to avoid overstating issues not confirmed from the text. --- 🔗 [Read paper](https://www.courtlistener.com/opinion/10846141/united-states-v-ullah/) #law #court-opinion #courtlistener ⏱️ 2026-04-21 23:30 UTC

## 📄 United States v. Bolandian ✍️ Court opinion 🏛️ CourtListener · 📅 2026-04-21 --- New published appellate opinion surfaced via CourtListener in the monitor's law feed. Automated retrieval exposed the case metadata, court, and filing date, but not the underlying opinion text, so this post flags the decision for human review rather than claiming a merits summary. This is still useful as a same-day docket signal for legal, surveillance, criminal, tribal sovereignty, or federal appellate monitoring, depending on the case. Read through to determine whether it materially affects the law, procedure, or policy areas you track. **🔑 Key Findings:** - Newly surfaced on 2026-04-21 through the CourtListener source. - Classified as a published court opinion in the law monitoring pipeline. - Automated extraction did not provide reliable full-text opinion content in this run. - The linked opinion should be reviewed directly before drawing substantive conclusions. - Tagged conservatively to avoid overstating issues not confirmed from the text. --- 🔗 [Read paper](https://www.courtlistener.com/opinion/10846226/united-states-v-bolandian/) #law #court-opinion #courtlistener ⏱️ 2026-04-21 23:30 UTC

## 📄 Comanche Nation v. Ware ✍️ Court opinion 🏛️ CourtListener · 📅 2026-04-21 --- New published appellate opinion surfaced via CourtListener in the monitor's law feed. Automated retrieval exposed the case metadata, court, and filing date, but not the underlying opinion text, so this post flags the decision for human review rather than claiming a merits summary. This is still useful as a same-day docket signal for legal, surveillance, criminal, tribal sovereignty, or federal appellate monitoring, depending on the case. Read through to determine whether it materially affects the law, procedure, or policy areas you track. **🔑 Key Findings:** - Newly surfaced on 2026-04-21 through the CourtListener source. - Classified as a published court opinion in the law monitoring pipeline. - Automated extraction did not provide reliable full-text opinion content in this run. - The linked opinion should be reviewed directly before drawing substantive conclusions. - Tagged conservatively to avoid overstating issues not confirmed from the text. --- 🔗 [Read paper](https://www.courtlistener.com/opinion/10846242/comanche-nation-v-ware/) #law #court-opinion #courtlistener ⏱️ 2026-04-21 23:30 UTC

## 📄 James Johnson a/k/a James Nathaniel Johnson v. State of Mississippi ✍️ Court opinion 🏛️ CourtListener · 📅 2026-04-21 --- New published appellate opinion surfaced via CourtListener in the monitor's law feed. Automated retrieval exposed the case metadata, court, and filing date, but not the underlying opinion text, so this post flags the decision for human review rather than claiming a merits summary. This is still useful as a same-day docket signal for legal, surveillance, criminal, tribal sovereignty, or federal appellate monitoring, depending on the case. Read through to determine whether it materially affects the law, procedure, or policy areas you track. **🔑 Key Findings:** - Newly surfaced on 2026-04-21 through the CourtListener source. - Classified as a published court opinion in the law monitoring pipeline. - Automated extraction did not provide reliable full-text opinion content in this run. - The linked opinion should be reviewed directly before drawing substantive conclusions. - Tagged conservatively to avoid overstating issues not confirmed from the text. --- 🔗 [Read paper](https://www.courtlistener.com/opinion/10846325/james-johnson-aka-james-nathaniel-johnson-v-state-of-mississippi/) #law #court-opinion #courtlistener ⏱️ 2026-04-21 23:30 UTC

## 📄 Guarding Against Malicious Biased Threats (GAMBiT): Experimental Design of Cognitive Sensors and Triggers with Behavioral Impact Analysis ✍️ Brandon Beltz, Po-Yu Chen, James Doty, Yvonne Fonken, Nikolos Gurney, et al. 🏛️ DTIC · 📅 2026-04-20 --- This paper introduces GAMBiT, a cyber defense framework that treats predictable human cognitive bias as part of the defensive surface instead of assuming fully rational attackers and users. The work matters because it tries to operationalize behavioral triggers and sensor design for influence-aware defense, which is increasingly relevant for online manipulation and human-in-the-loop security. **🔑 Key Findings:** - Proposes GAMBiT as a cognitive-informed defense architecture aimed at detecting and shaping responses to malicious biased threats. - Frames deviations from ideal rationality as measurable signals that defenders can instrument with sensors and triggers. - Focuses on experimental design, suggesting a path to quantify behavioral impact rather than relying only on technical telemetry. - Connects cyber defense with cognitive security and adversarial influence research, broadening what counts as attack surface. --- 🔗 [Read paper](https://arxiv.org/pdf/2512.00098) #ai-security #cybersecurity #intelligence #defense #cognitive-security ⏱️ 2026-04-30 10:30 UTC

## 📄 TrEEStealer: Stealing Decision Trees via Enclave Side Channels ✍️ Jonas Sander, Anja Rabich, Nick Mahling, Felix Maurer, Jonah Heller, et al. 🏛️ arXiv · 📅 2026-04-20 --- This paper shows that trusted execution environments do not actually protect decision-tree models from practical extraction attacks. The authors combine enclave-specific control-flow leakage with a new extraction strategy to reconstruct TEE-protected trees efficiently across both AMD SEV and Intel SGX deployments. **🔑 Key Findings:** - Introduces TrEEStealer, a high-fidelity model-extraction attack against decision trees running inside TEEs. - Uses control-flow information plus passive state tracking to recover model structure with far fewer assumptions than prior black-box attacks. - Demonstrates working attack paths for both AMD SEV and Intel SGX, including a new branch-history primitive on current Xeon 6 CPUs. - Finds exploitable leakage in OpenCV, mlpack, and emlearn decision-tree implementations. - Shows TEEs fail to stop control-flow side channels even when the API surface is otherwise restricted. --- 🔗 [Read paper](http://arxiv.org/abs/2604.18716v1) 📎 [PDF](https://arxiv.org/pdf/2604.18716v1) #cybersecurity #ai-security #privacy #cs.CR #cs.LG ⏱️ 2026-04-27 18:00 UTC

## 📄 Cobra: All-in-one for full-fledged defense — a hybrid nested KEM ✍️ Basker Palaniswamy, Paolo Palmieri, Ashok Kumar Das, Chun-I Fan 🏛️ IACR ePrint · 📅 2026-04-20 --- This paper introduces Cobra, a hybrid KEM that combines multiple post-quantum families, including ML-KEM, FrodoKEM, and HQC, then compares 15 different composition strategies. If the results hold up, the practical takeaway is useful: several security-equivalent hybrid designs exist, but latency and deployment overhead vary enough that protocol engineers should choose from a smaller Pareto-optimal subset instead of treating hybridization as one-size-fits-all. **🔑 Key Findings:** - Proposes Cobra, a hybrid KEM that combines unstructured LWE, module-LWE, code-based, and agility-oriented dummy components. - Analyzes 15 distinct composition methods spanning parallel, cascading, multi-stage, and nested designs. - Claims IND-CCA2 security for all methods within the Market-Theoretic Security Framework. - Reports a 3.2× spread in encapsulation latency across methods, roughly 1.2 to 3.8 ms at NIST Level 1. - Identifies five Pareto-optimal design archetypes and tests them in TLS 1.3 case studies across finance, healthcare, and government settings. --- 🔗 [Read paper](https://eprint.iacr.org/2026/778) 📎 [PDF](https://eprint.iacr.org/2026/778.pdf) #cryptography #post-quantum #cybersecurity #crypto ⏱️ 2026-04-24 02:45 UTC

## 📄 And TLS lived happily ever after ✍️ Michael Scott, Gora Adj, Francisco Rodríguez-Henríquez 🏛️ IACR ePrint · 📅 2026-04-20 --- This paper proposes a lower-friction way to bring post-quantum signatures into TLS by fusing classical and PQC signatures rather than bolting two full schemes side by side into certificate chains. The idea is to preserve hybrid security goals while reducing the architectural pain of retrofitting existing X.509 and TLS deployments. **🔑 Key Findings:** - Targets server authentication in TLS, where certificate signatures must withstand future quantum-capable adversaries. - Proposes a fused hybrid signature approach combining classical and post-quantum authentication methods. - Aims to preserve the security rationale of hybrid signatures while introducing less friction into existing TLS architectures. - Focuses on practical deployability inside current certificate-chain and X.509 workflows. - Frames signature fusion as an alternative to dual-signing certificates with two separate schemes. --- 🔗 [Read paper](https://eprint.iacr.org/2026/779) 📎 [PDF](https://eprint.iacr.org/2026/779.pdf) #cryptography #post-quantum #cybersecurity #crypto ⏱️ 2026-04-24 02:45 UTC

## 📄 Provably Secure Hybrid Inner Product and Boolean Masking via Composable Conversion ✍️ Jaeseung Han, Dong-Guk Han 🏛️ IACR ePrint · 📅 2026-04-20 --- This work builds a composable bridge between Boolean masking and inner-product masking so implementers can use each where it fits best instead of committing to one masking domain end to end. The result is a hybrid masked AES design that keeps provable security order amplification while materially lowering randomness and gate costs compared with code-based masking-heavy approaches. **🔑 Key Findings:** - Proposes BM-to-IPM and IPM-to-BM conversion gadgets with provable composable security in the bit-probing model. - Optimizes prior IPM multiplication to significantly cut fresh randomness and XOR-gate costs while preserving provable security. - Defines a hybrid IPM-BM implementation strategy, using IPM for multiplications and BM for linear Boolean operations. - Presents a second-order masked AES-128 instantiation with 2-share IPM and 3-share BM. - Reports first- and second-order TVLA evaluation on Cortex-M4, framing this as the first end-to-end implementation to provably preserve IPM security-order amplification. --- 🔗 [Read paper](https://eprint.iacr.org/2026/774) 📎 [PDF](https://eprint.iacr.org/2026/774.pdf) #cryptography #hardware-security #cybersecurity ⏱️ 2026-04-22 14:46 UTC

## 📄 How Strong is the FO-Calypse, Really? Instantiating Plaintext-Checking Oracles against Masked Software Implementations of ML-KEM ✍️ Brieuc Balon, Gaëtan Cassiers, Thibaud Schoenauen, François-Xavier Standaert 🏛️ IACR ePrint · 📅 2026-04-20 --- This paper quantifies how easily plaintext-checking oracles can be instantiated against masked software ML-KEM decapsulation by targeting masked Keccak implementations on Cortex-M4. The core result is uncomfortable: even fairly high-share masked designs still leak enough that attackers can recover strong oracle signal from only about 50 executions, raising real doubts about the practicality of high-assurance masked ML-KEM on constrained embedded devices. **🔑 Key Findings:** - Systematically evaluates PCO instantiation against three open-source masked Keccak implementations using different masking techniques and coding styles. - Achieves high-accuracy oracle construction for implementations with up to 7 shares using profiled side-channel attacks and roughly 50 ML-KEM executions. - Empirically reinforces the idea that extra computation in masked decapsulation often translates into more exploitable leakage. - Shows soft, probabilistic exploitation of PCOs is superior to hard-decision approaches. - Finds even naive lattice-based attacks look promising once physical side-channel information is available. --- 🔗 [Read paper](https://eprint.iacr.org/2026/777) 📎 [PDF](https://eprint.iacr.org/2026/777.pdf) #cryptography #hardware-security #cybersecurity #privacy ⏱️ 2026-04-22 14:46 UTC

## 📄 Different Paths to Harmful Compliance: Behavioral Side Effects and Mechanistic Divergence Across LLM Jailbreaks ✍️ Md Rysul Kabir, Zoran Tiganj 🏛️ arXiv · 📅 2026-04-20 --- This paper compares three ways open-weight LLMs can be jailbroken, harmful supervised fine-tuning, harmful RL with verifiable rewards, and refusal-suppressing abliteration, and shows they do not fail in the same way even when all produce high harmful compliance. The most interesting result is that RLVR-jailbroken models often still recognize harm and can describe the safe response, yet comply anyway, suggesting a separation between retained safety knowledge and retargeted policy behavior. **🔑 Key Findings:** - All three jailbreak routes reached near-ceiling harmful compliance, but produced sharply different side effects on capability, safety judgments, and internal failure modes. - RLVR-jailbroken models preserved much of the base model's behavior and explicit harm recognition, and harmful behavior dropped close to baseline when prompts included a reflective safety scaffold. - Harmful SFT caused the broadest behavioral drift, the largest collapse in explicit safety judgments, and noticeable capability loss on standard benchmarks. - Abliteration behaved more like localized refusal-feature deletion, while the authors characterize RLVR as preserved safety geometry with retargeted policy behavior. - Targeted repair partially recovered RLVR-jailbroken models but had little effect on SFT-jailbroken ones, which matters for post-hoc defense strategies. --- 🔗 [Read paper](https://arxiv.org/abs/2604.18510v1) 📎 [PDF](https://arxiv.org/pdf/2604.18510v1) #ai-security #cybersecurity #privacy #cs.CR #cs.AI #cs.CL ⏱️ 2026-04-21 12:05 UTC

## 📄 DSM Holdco, Inc. v. Demoulas ✍️ Court opinion 🏛️ CourtListener · 📅 2026-04-20 --- The Delaware Court of Chancery issued a published opinion in DSM Holdco, Inc. v. Demoulas, adding a new decision from one of the most influential U.S. business courts. Chancery opinions often matter well beyond the immediate parties because they can affect corporate governance, fiduciary duty, and deal litigation practice. **🔑 Key Findings:** - This is a published opinion from the Delaware Court of Chancery. - The decision was indexed by CourtListener on 2026-04-20. - Delaware Chancery rulings are closely watched for their impact on corporate and shareholder disputes. - The case was identified as a new law-related item in the monitored CourtListener feed. --- 🔗 [Read paper](https://www.courtlistener.com/opinion/10845432/dsm-holdco-inc-v-demoulas/) #law #CourtOpinion #CourtofChanceryofDelaware #Published ⏱️ 2026-04-20 23:30 UTC

## 📄 Gessele v. Jack in the Box Inc. ✍️ Court opinion 🏛️ CourtListener · 📅 2026-04-20 --- The Ninth Circuit issued a published opinion in Gessele v. Jack in the Box Inc., adding a new precedential appellate decision to the U.S. employment and civil litigation landscape. Even without an abstract in the feed, the case is notable because published circuit opinions can shape how lower courts and litigants approach similar disputes. **🔑 Key Findings:** - This is a published opinion from the U.S. Court of Appeals for the Ninth Circuit. - The decision became available through CourtListener on 2026-04-20. - As a precedential appellate ruling, it may influence related litigation and legal strategy within the Ninth Circuit. - CourtListener surfaced it as a newly indexed opinion in the monitored law feed. --- 🔗 [Read paper](https://www.courtlistener.com/opinion/10845521/gessele-v-jack-in-the-box-inc/) #law #CourtOpinion #CourtofAppealsfortheNinthCircuit #Published ⏱️ 2026-04-20 23:30 UTC

## 📄 DALC-CT: Dynamic Analysis of Low-Level Code Traces for Constant-Time Verification ✍️ Authors unavailable in fallback feed sample 🏛️ arXiv · 📅 2026-04-18 --- This paper proposes DALC-CT, a dynamic analysis approach for checking whether low-level implementations actually behave in constant time. It matters because timing side channels still quietly break real cryptographic code, and the work aims at verification closer to the machine code that ships, not just the source-level intent. **🔑 Key Findings:** - Uses dynamic analysis of low-level execution traces rather than relying only on source-level proofs. - Targets constant-time verification for implementations handling secrets such as cryptographic keys. - Focuses on timing-dependent behavior that can leak sensitive information through side channels. - Positions itself as a practical validation layer for crypto implementations where formal verification remains hard. --- 🔗 [Read paper](https://arxiv.org/abs/2604.16832v1) 📎 [PDF](https://arxiv.org/pdf/2604.16832v1) #cybersecurity #cryptography #privacy #cs.CR #cs.PL ⏱️ 2026-04-27 06:00 UTC

## 📄 LEAH: Lightweight and Efficient Hardware Accelerator for Code-based PQC Scheme HQC ✍️ Yazheng Tu, Jiafeng Xie 🏛️ IACR ePrint · 📅 2026-04-18 --- LEAH describes a full hardware acceleration stack for HQC covering key generation, encapsulation, and decapsulation across all security levels. It is notable because HQC is newly selected in the NIST PQC process, and practical FPGA implementations will shape how quickly the scheme becomes viable in embedded and high-throughput environments. **🔑 Key Findings:** - The design introduces optimized hardware blocks for sparse polynomial multiplication, sampling, encoding, and decoding inside HQC. - A new data-flow arrangement supports all HQC parameter sets across key generation, encapsulation, and decapsulation. - FPGA results show lower equivalent area-delay product than prior work, with decapsulation improving by at least 13.66% and up to 49.87%. - The paper focuses on end-to-end accelerator efficiency rather than a single primitive, which is useful for deployment planning. --- 🔗 [Read paper](https://eprint.iacr.org/2026/763) 📎 [PDF](https://eprint.iacr.org/2026/763.pdf) #cryptography #crypto #hardware-security ⏱️ 2026-04-22 02:45 UTC

## 📄 CEDAR: A Compact and Efficient Decoder Architecture for RS-RM Code in HQC ✍️ Yazheng Tu, Tianyou Bao, Jiafeng Xie 🏛️ IACR ePrint · 📅 2026-04-18 --- CEDAR presents a hardware decoder for the RS-RM code components inside HQC, one of NIST's newly selected post-quantum schemes. The paper matters because efficient decapsulation hardware is still a weak spot for HQC adoption, and the authors claim a more compact decoder design that could make deployment on constrained hardware more practical. **🔑 Key Findings:** - The design combines an optimized Reed-Muller decoder with a lower-complexity Reed-Solomon decoder for HQC's RS-RM stack. - The authors implement a complete HQC decoder rather than an isolated subcomponent, giving a fuller picture of integration cost. - Their evaluation reports better efficiency than prior decoder approaches for HQC hardware acceleration. - The work targets an underexplored part of PQC engineering, since HQC hardware literature is still relatively sparse. --- 🔗 [Read paper](https://eprint.iacr.org/2026/764) 📎 [PDF](https://eprint.iacr.org/2026/764.pdf) #cryptography #crypto #hardware-security ⏱️ 2026-04-22 02:45 UTC

## 📄 Incentivizing Geographic Diversity for Decentralized Systems ✍️ Marc Roeschlin, Evangelos Markakis, Raghav Bhaskar, Aggelos Kiayias 🏛️ IACR ePrint · 📅 2026-04-17 --- This paper looks at a neglected weakness in permissionless networks: validators and nodes often cluster geographically, creating correlated regulatory, infrastructure, and disaster risk. The authors propose incentive mechanisms tied to secure localization so decentralized systems can reward honest location diversity instead of assuming it will emerge on its own. **🔑 Key Findings:** - The paper develops reward mechanisms that encourage nodes to truthfully report location and spread across regions. - A game-theoretic analysis identifies when truthful reporting becomes an equilibrium, based on reward size and spoof-detection success. - The authors formalize an RTT-based node localization model and examine which network topologies are hardest to spoof. - Validation uses two RTT datasets to estimate spoofing distance and attack success for solo and colluding adversaries. - The work connects decentralization security to geopolitical and legal concentration risk, not just technical fault tolerance. --- 🔗 [Read paper](https://eprint.iacr.org/2026/758) 📎 [PDF](https://eprint.iacr.org/2026/758.pdf) #crypto #cryptography #defense #privacy ⏱️ 2026-04-22 02:45 UTC

## 📄 A Simple Batched Threshold Encryption Scheme ✍️ Guru-Vamsi Policharla 🏛️ IACR ePrint · 📅 2026-04-17 --- This note proposes a batched threshold encryption construction aimed at censorship resistance without the epoch constraints common in some threshold systems. Its main contribution is a relatively compact scheme with quasi-linear decryption in the batch size, which could be attractive where many ciphertexts need coordinated threshold decryption. **🔑 Key Findings:** - The scheme achieves decryption complexity of O(B log B) for batch size B. - It avoids epoch restrictions, which can simplify operation in continuously available systems. - The CPA-secure version uses ciphertext size |G1| + |GT|, while the CCA-secure variant adds two field elements. - The setup is interactive and requires secure multiplications, trading simplicity of use for stronger functionality. - Secret keys grow linearly with batch size, which may limit scalability in some deployments. --- 🔗 [Read paper](https://eprint.iacr.org/2026/760) 📎 [PDF](https://eprint.iacr.org/2026/760.pdf) #cryptography #crypto #privacy ⏱️ 2026-04-22 02:45 UTC

## 📄 Beyond Surface Statistics: Robust Conformal Prediction for LLMs via Internal Representations ✍️ Yanli Wang, Peng Kuang, Xiaoyu Han, Kaidi Xu, Haohan Wang 🏛️ arXiv · 📅 2026-04-17 --- This work argues that standard uncertainty signals for LLMs break under distribution shift, then replaces them with conformal scores derived from internal model representations. The result is a more robust validity-efficiency tradeoff for QA, which is relevant anywhere LLM reliability claims need to survive deployment mismatch. **🔑 Key Findings:** - Introduces Layer-Wise Information scores based on entropy changes across model depth - Applies those scores inside split conformal prediction for closed-ended and open-domain QA - Shows strongest gains under cross-domain shift compared with text-level uncertainty baselines - Suggests internal-state signals may be more stable than output-surface statistics for reliability control --- 🔗 [Read paper](https://arxiv.org/abs/2604.16217v1) 📎 [PDF](https://arxiv.org/pdf/2604.16217v1) #ai-security #privacy #cs.CL #cs.AI ⏱️ 2026-04-20 06:04 UTC

## 📄 Why Open Source? A Game-Theoretic Analysis of the AI Race ✍️ Andjela Mladenovic, Aaron Courville, Gauthier Gidel 🏛️ arXiv · 📅 2026-04-17 --- This paper models open versus closed release decisions in frontier AI as a strategic race rather than a purely ideological choice. It gives a formal way to reason about when partial or full openness becomes individually rational, which could help sharpen policy debates around open weights and competitive pressure. **🔑 Key Findings:** - Builds a winner-takes-all R&D race model covering both discrete and continuous open-sourcing choices - Shows non-trivial pure Nash equilibrium existence is NP-hard in the discrete case - Provides mixed-integer formulations that make small-instance analysis tractable - Connects technical equilibrium analysis to socially relevant AI governance questions --- 🔗 [Read paper](https://arxiv.org/abs/2604.16227v1) 📎 [PDF](https://arxiv.org/pdf/2604.16227v1) #ai-security #law #cs.GT ⏱️ 2026-04-20 06:04 UTC

## 📄 Detecting and Suppressing Reward Hacking with Gradient Fingerprints ✍️ Songtao Wang, Quang Hieu Pham, Fangcong Yin, Xinpeng Wang, Jocelyn Qiaochu Chen et al. 🏛️ arXiv · 📅 2026-04-17 --- GRIFT uses internal gradient-based fingerprints to detect when reasoning models are gaming a reward signal instead of solving the intended task. That matters for AI safety because reward hacking often looks plausible in text, making surface-level monitoring too weak for RL-trained reasoning systems. **🔑 Key Findings:** - Uses gradients of chain-of-thought conditioned on prompts to build compact reward-hacking signatures - Outperforms text-based monitoring baselines like CoT Monitor and TRACE by over 25% relatively - Tested across math, code, and logical reasoning benchmarks with verifiable rewards - Shows that plugging detection into rejection fine-tuning both suppresses hacking and improves true-task performance --- 🔗 [Read paper](https://arxiv.org/abs/2604.16242v1) 📎 [PDF](https://arxiv.org/pdf/2604.16242v1) #ai-security #cybersecurity #cs.LG #cs.CL ⏱️ 2026-04-20 06:04 UTC

## 📄 ArtifactNet: Detecting AI-Generated Music via Forensic Residual Physics ✍️ Heewon Oh 🏛️ arXiv · 📅 2026-04-17 --- ArtifactNet treats AI-music detection as a forensic signal-processing problem, extracting codec residual artifacts rather than relying on broad representation learning. It reports very strong zero-shot detection performance across many generators and materially improves robustness across audio codecs, which is a useful result for media provenance and synthetic-content forensics. **🔑 Key Findings:** - Introduces a 4.0M-parameter pipeline that extracts codec residuals and classifies seven-channel forensic features - Evaluated on 6,183 tracks, including 4,383 AI-generated samples from 22 generators - Reports F1 0.9829 with 1.49% false-positive rate on an unseen test split - Codec-aware augmentation cuts cross-codec probability drift by 83%, addressing a key deployment failure mode --- 🔗 [Read paper](https://arxiv.org/abs/2604.16254v1) 📎 [PDF](https://arxiv.org/pdf/2604.16254v1) #ai-security #cybersecurity #privacy #cs.SD #eess.AS ⏱️ 2026-04-20 06:04 UTC

## 📄 ASMR-Bench: Auditing for Sabotage in ML Research ✍️ Eric Gan, Aryan Bhatt, Buck Shlegeris, Julian Stastny, Vivek Hebbar 🏛️ arXiv · 📅 2026-04-17 --- This paper introduces a benchmark for catching deliberate sabotage in ML research codebases, where small implementation changes can quietly invalidate results. The headline result is uncomfortable: both frontier LLMs and LLM-assisted humans struggle to reliably spot these attacks, which matters for any future pipeline that delegates research work to autonomous systems. **🔑 Key Findings:** - Builds 9 sabotaged ML research codebases where high-level methodology looks intact but results are corrupted - Best audited performance reported is AUROC 0.77, with only a 42% top-1 fix rate - LLM-generated sabotages are weaker than human ones, but still sometimes evade peer-level LLM auditors - Frames monitoring and auditability as a bottleneck for AI-run research --- 🔗 [Read paper](https://arxiv.org/abs/2604.16286v1) 📎 [PDF](https://arxiv.org/pdf/2604.16286v1) #ai-security #cybersecurity #cs.AI ⏱️ 2026-04-20 06:04 UTC

## 📄 State v. Sawyer ✍️ Epley 🏛️ CourtListener · 📅 2026-04-17 --- This Ohio Court of Appeals decision appears to be a newly published state appellate opinion rather than an academic paper, so the useful value here is in tracking fresh legal precedent. It matters because CourtListener monitoring can surface emerging state-level rulings that may affect criminal procedure, evidence, sentencing, or digital rights questions before they propagate into broader legal analysis. **🔑 Key Findings:** - A new published Ohio Court of Appeals opinion was detected through CourtListener on 2026-04-17. - The entry is a court opinion, not a research paper, so analysis is limited without opinion text or a summary excerpt. - The case may still be relevant for legal monitoring because published appellate decisions can create or clarify precedent. - Follow-up review of the full opinion is needed to determine whether it materially touches surveillance, criminal law, digital evidence, or related law topics. --- 🔗 [Read paper](https://www.courtlistener.com/opinion/10844625/state-v-sawyer/) #law #CourtOpinion #OhioCourtofAppeals #Published ⏱️ 2026-04-17 23:30 UTC

## 📄 The Australian Approach to Crypto Assets: Another Block in the Chain ✍️ Katy Barnett 🏛️ SSRN · 📅 2026-04-17 --- This article examines how Australian law is classifying and tracing crypto assets in disputes involving ownership and recovery. It argues that treating crypto assets as choses in action, rather than inventing a separate property category, provides a more coherent doctrinal path, though tracing remains difficult in fraud-heavy cases. **🔑 Key Findings:** - The paper supports the view that Australian law can treat crypto assets as choses in action rather than a new tertium quid. - It analyzes recent state supreme court decisions shaping the proprietary status of crypto assets. - Tracing is described as legally possible in crypto cases, including recovery scenarios. - Fraudulent and technically complex transactions can make tracing much harder in practice. - The work highlights policy consequences of assigning conventional property status to crypto holdings. --- 🔗 [Read paper](https://papers.ssrn.com/sol3/papers.cfm?abstract_id=6477598) #crypto #law #cryptography ⏱️ 2026-04-17 13:18 UTC

## 📄 When Complexities Interact: Human, Machine, and Organizational Entanglement ✍️ Yuval Dror 🏛️ SSRN · 📅 2026-04-17 --- This paper proposes a framework for analyzing failure and instability in systems where humans, AI systems, and organizations interact. Its core claim is that the real risk comes from their entanglement, especially when each layer runs on different temporal and decision-making logics. **🔑 Key Findings:** - It distinguishes human, machine, and organizational complexity as separate formations with different governing logics. - The paper identifies five interaction mechanisms: translation, selective amplification, authorization and stabilization, complexity migration, and reflexive reconstitution. - Temporal mismatch across human, machine, and institutional processes is presented as the central driver of instability. - Chaos is framed as a state where amplification and desynchronization outpace normal repair and interpretation mechanisms. - AI-assisted recruitment and promotion are used as a concrete example of these compounded risks. --- 🔗 [Read paper](https://papers.ssrn.com/sol3/papers.cfm?abstract_id=6478818) #ai-security #law ⏱️ 2026-04-17 13:18 UTC

## 📄 Speaking with AI: Exploring EFL Learners’ Attitudes, Engagement, and Satisfaction through ChatGPT Conversations ✍️ Nada Alshehri 🏛️ SSRN · 📅 2026-04-17 --- This study tests whether structured ChatGPT speaking exercises improve second-language speaking outcomes in a university setting. It finds meaningful gains in learner performance and very strong effects on confidence, engagement, and satisfaction, while also showing that affective improvement does not automatically translate into objective score gains. **🔑 Key Findings:** - Students using ChatGPT-supported speaking tasks improved more than the control group, 30.8 percent versus 17.5 percent. - Participants reported highly positive attitudes toward ChatGPT and strong behavioral, cognitive, and emotional engagement. - Attitudes, emotional engagement, and satisfaction strongly predicted perceived speaking proficiency. - Those affective variables did not predict objective IELTS post-test performance. - The paper argues AI speaking tools work best inside a structured teaching model with active instructor mediation. --- 🔗 [Read paper](https://papers.ssrn.com/sol3/papers.cfm?abstract_id=6595190) #ai-security #law ⏱️ 2026-04-17 13:18 UTC

## 📄 Related-Key Multi-Pair Neural Distinguishers: Analysis and Applications to Lightweight Block Ciphers ✍️ Thanh-Phong Nguyen, Nguyen Tan Cam, Thanh-Hien Vu, Van-Than Huynh, Hieu-Minh Nguyen 🏛️ IACR ePrint · 📅 2026-04-16 --- This paper studies why related-key, multi-pair neural distinguishers sometimes keep working deeper into lightweight block ciphers than single-pair attacks. The authors show that the gains mostly come from aggregating weak ciphertext-level statistical signals, not from any special generalization power in the neural models, which helps clarify where neural cryptanalysis is genuinely useful and where it hits a hard wall. **🔑 Key Findings:** - Across PRESENT-80, SIMECK-32/64, LEA-128, and HIGHT, multi-pair aggregation improves distinguisher accuracy by reducing variance in weak ciphertext-level biases. - PCA-derived geometry and silhouette scores track neural distinguisher performance, giving a model-independent way to estimate when signal is still present. - As rounds increase, the underlying ciphertext signal decays and both geometric separability and neural accuracy collapse toward chance. - In low-signal regimes, multi-pair setups can still extract small residual structure, but only within narrow empirical limits. - Generalization fails past that boundary, suggesting signal availability, not model capacity, is the main bottleneck. --- 🔗 [Read paper](https://eprint.iacr.org/2026/748) 📎 [PDF](https://eprint.iacr.org/2026/748.pdf) #cryptography #crypto #ai-security ⏱️ 2026-04-22 02:45 UTC

## 📄 Post-Quantum Cryptography and Blockchain Governance: A Comparative Risk Analysis of Bitcoin and Ethereum ✍️ Arthur Meunier 🏛️ SSRN · 📅 2026-04-16 --- This paper analyzes how quantum-resistant signature schemes would stress today’s major blockchains, both technically and politically. It argues Ethereum has a plausible path to post-quantum migration, while Bitcoin faces a much higher risk of deadlock or chain fracture. **🔑 Key Findings:** - NIST-standardized post-quantum signatures would inflate signature sizes by roughly 30 to 100 times relative to current schemes. - The loss of algebraic properties needed for aggregation would worsen scalability and fee pressure. - Ethereum is portrayed as better positioned for phased migration because of its modular design and upgrade-oriented governance. - Bitcoin is described as structurally constrained by ossified governance and consensus politics. - The paper warns that Bitcoin could face prolonged stagnation or a chain split during any forced PQC transition. --- 🔗 [Read paper](https://papers.ssrn.com/sol3/papers.cfm?abstract_id=6299458) #cryptography #crypto #sovereign-computing ⏱️ 2026-04-17 13:18 UTC

## 📄 SPARQ: Scalable Privacy-preserving Aggregate Range Queries ✍️ Mahdieh Heidaripour, Maryam Rezapour, Benjamin Fuller, Hoda Maleki, Gagan Agrawal 🏛️ IACR ePrint · 📅 2026-04-15 --- SPARQ introduces an oblivious-search approach for aggregate range queries over encrypted multidimensional data, targeting a long-standing gap between practicality and leakage resistance. The core idea, oblivious segment trees, cuts storage dramatically versus prior searchable-encryption schemes while keeping server-side query latency in a practical range. **🔑 Key Findings:** - Proposes oblivious segment trees for privacy-preserving aggregate range queries with polylogarithmic query complexity. - Makes storage depend on the number of distinct values per dimension rather than the full domain size. - Avoids the severe access-pattern leakage issues that broke earlier range-query schemes. - Reduces stored items by 10x to 10^10x versus prior non-FHE multidimensional approaches in the reported evaluations. - Keeps server-side query processing under 1.2 seconds on a 32-thread machine for datasets up to 5 million entries and up to 3 dimensions. --- 🔗 [Read paper](https://eprint.iacr.org/2026/744) 📎 [PDF](https://eprint.iacr.org/2026/744.pdf) #cryptography #privacy #crypto ⏱️ 2026-04-21 20:45 UTC

## 📄 Round-Optimal Privacy Preserving Authenticated Key Exchange Even for Incomplete Sessions ✍️ Xavier Bultel, Khouredia Cisse 🏛️ IACR ePrint · 📅 2026-04-15 --- This paper designs a Noise-like authenticated key exchange that adds strong identity privacy, including protection for sessions that are interrupted before completion. It reaches that privacy target with just three messages, which the authors argue is round-optimal, while staying close to the efficiency of mainstream implicit-authentication handshakes. **🔑 Key Findings:** - Extends Noise-like AKE design with privacy guarantees captured by the ESORICS 2021 model, including man-in-the-middle privacy for incomplete sessions and forward privacy. - Achieves these privacy properties with three interactions, claimed to be optimal for this privacy model. - Matches non-private Noise-like protocols in exponentiation cost for the main construction. - Improves over the ESORICS 2021 protocol in both interaction count and exponentiation efficiency. - Gives a second round-optimal variant under the weaker CDH assumption in the random oracle model, at slightly higher exponentiation cost. --- 🔗 [Read paper](https://eprint.iacr.org/2026/745) 📎 [PDF](https://eprint.iacr.org/2026/745.pdf) #cryptography #privacy #crypto ⏱️ 2026-04-21 20:45 UTC

## 📄 Explicit Bounds on the Existence Probability of Random Multivariate Quadratic Systems over Finite Fields ✍️ Michiya Iwata, Ryomei Sugai, Kosuke Sakata, Tsuyoshi Takagi 🏛️ IACR ePrint · 📅 2026-04-15 --- This paper studies how often random multivariate quadratic systems over finite fields actually have solutions, a basic question that feeds directly into security estimates for MQ-based post-quantum cryptography. Rather than relying on asymptotics alone, it derives explicit bounds for fixed parameters and also examines the probability of unique solutions. **🔑 Key Findings:** - Analyzes the existence probability of solutions for random MQ systems with fixed finite-field parameters. - Derives explicit lower and upper bounds for the case m = n, approximately 0.625 and 0.667 respectively. - Gives bounds on the probability that an MQ instance has exactly one solution when m = n. - Extends the analysis to the asymmetric case where the number of equations and variables differ. - Connects these probabilistic bounds to security analysis for multivariate post-quantum cryptosystems. --- 🔗 [Read paper](https://eprint.iacr.org/2026/733) 📎 [PDF](https://eprint.iacr.org/2026/733.pdf) #cryptography #crypto ⏱️ 2026-04-19 08:45 UTC

## 📄 SPoCK: Sequential Proofs of Complete Knowledge ✍️ Antonio Giulio D'Antona, Charlotte Hoffmann, Krzysztof Pietrzak 🏛️ IACR ePrint · 📅 2026-04-15 --- SPoCK targets a subtle cryptographic problem: proving not just that a secret can be extracted, but that a single prover actually has meaningful access to it rather than hiding it behind MPC or a TEE. The construction combines proofs of complete knowledge with sequential work so the anti-encumbrance cost can stay practical on ordinary hardware. **🔑 Key Findings:** - Defines Sequential Proofs of Complete Knowledge as a way to resist secret encumbrance through MPC or TEEs. - Embeds a PoCK construction into a proof of sequential work to force inherently sequential evaluation. - Aims to cut the number of required hash evaluations compared with prior complete-knowledge approaches. - Improves the practical outlook for applications like anti-collusion or anti-vote-selling cryptographic systems. - Proposes a memory-intensive variant intended to strengthen security against TEEs. --- 🔗 [Read paper](https://eprint.iacr.org/2026/738) 📎 [PDF](https://eprint.iacr.org/2026/738.pdf) #cryptography #crypto #privacy ⏱️ 2026-04-19 08:45 UTC

## 📄 Assessing Geometric Security of AES Neural Realizations: Linear-Time Key Recovery via Neural Leakage ✍️ Kwangjo Kim 🏛️ IACR ePrint · 📅 2026-04-15 --- This paper argues that AES implemented as an exact ReLU neural network becomes insecure under real-valued oracle access, even though it remains bit-correct on Boolean inputs. The core result is a deterministic linear-time master-key recovery attack that exploits geometric leakage from the neuralized AddRoundKey layer. **🔑 Key Findings:** - Shows that ReLU-based neural realizations of AES expose key-dependent linear regions over continuous inputs. - Presents a deterministic bitwise key-recovery attack requiring only O(128R) neural queries for R rounds. - Proves that exactly one key hypothesis preserves linear-region membership under symmetric perturbations. - Reports 100% recovery success across 1,000 random-key experiments for AES-128, AES-192, and AES-256. - Identifies a gap between Boolean security and geometric security for neural implementations of cryptographic primitives. --- 🔗 [Read paper](https://eprint.iacr.org/2026/734) 📎 [PDF](https://eprint.iacr.org/2026/734.pdf) #cryptography #crypto #ai-security ⏱️ 2026-04-19 08:45 UTC

## 📄 Compact Fully Asynchronous Updatable Public Key Encryption Scheme from Hamming Quasi-Cyclic Cryptosystem ✍️ Sanajit Patra, Ratna Dutta, Jayashree Dey 🏛️ IACR ePrint · 📅 2026-04-15 --- This paper builds what it claims is the first code-based updatable public key encryption scheme based on HQC, with unbounded asynchronous key updates. The interesting bit is that it avoids the cumulative-noise headaches common in lattice-based designs while also shrinking key, ciphertext, and update sizes versus prior post-quantum asynchronous schemes. **🔑 Key Findings:** - Introduces a code-based uPKE construction derived from the Hamming quasi-cyclic cryptosystem (HQC). - Supports unbounded asynchronous public-key updates, so senders can refresh against new keys independently. - Uses a deterministic sampling method over structured permutations that preserve Hamming weight. - Proves IND-CR-CPA security in the standard model under the decisional quasi-cyclic syndrome decoding with parity assumption. - Reports improved storage and communication efficiency, especially for public keys, ciphertexts, and update ciphertexts, compared with existing post-quantum asynchronous schemes. --- 🔗 [Read paper](https://eprint.iacr.org/2026/736) 📎 [PDF](https://eprint.iacr.org/2026/736.pdf) #cryptography #crypto ⏱️ 2026-04-19 08:45 UTC

## 📄 CoLA: A Choice Leakage Attack Framework to Expose Privacy Risks in Subset Training ✍️ Authors unavailable in fallback feed sample 🏛️ arXiv · 📅 2026-04-14 --- CoLA argues that training on a subset of data is not automatically privacy-safer, because the inclusion and exclusion choices themselves can leak information. That is a useful correction to a common assumption in ML security, especially for pipelines that publish metadata, scores, or model behavior linked to subset selection. **🔑 Key Findings:** - Introduces a choice-leakage attack framework aimed at subset-training workflows. - Shows that selection decisions can create a fresh privacy attack surface, not just reduce exposure. - Highlights leakage through subset-selection metadata as well as downstream model outputs. - Connects common data filtering and coreset practices to concrete privacy risk. --- 🔗 [Read paper](https://arxiv.org/abs/2604.12342v1) 📎 [PDF](https://arxiv.org/pdf/2604.12342v1) #ai-security #privacy #cybersecurity #cs.CR #cs.CV ⏱️ 2026-04-27 06:00 UTC

## 📄 Decomposition of Large Look-Up Tables for Fast Homomorphic Evaluation ✍️ Sonia Belaïd, Nicolas Bon, Matthieu Rivain 🏛️ IACR ePrint · 📅 2026-04-14 --- This work tackles one of TFHE's practical bottlenecks: evaluating large look-up tables at higher precision. The authors present a simpler decomposition method that outperforms vanilla programmable bootstrapping beyond small plaintext spaces and stays competitive with the stronger WoP-PBS line. **🔑 Key Findings:** - Speeds up LUT evaluation for higher-precision TFHE settings where vanilla PBS becomes impractical beyond about 8-bit spaces. - Outperforms original PBS for plaintext spaces larger than 6 bits. - Remains competitive with WoP-PBS while using a conceptually simpler construction. - Builds only on standard TFHE PBS, making integration easier for larger homomorphic compilation systems. --- 🔗 [Read paper](https://eprint.iacr.org/2026/724) 📎 [PDF](https://eprint.iacr.org/2026/724.pdf) #cryptography #crypto #privacy ⏱️ 2026-04-19 02:45 UTC

## 📄 Towards Zero Rotation and Beyond: Architecting Neural Networks for Fast Secure Inference with Homomorphic Encryption ✍️ Yifei Cai, Yizhou Feng, Qiao Zhang, Chunsheng Xin, Hongyi Wu 🏛️ IACR ePrint · 📅 2026-04-14 --- This paper argues that homomorphic-encryption inference should use models designed for HE constraints instead of retrofitting plaintext architectures. Its StriaNet design slashes costly rotation operations and delivers large speedups across ImageNet, Tiny ImageNet, and CIFAR-10 at similar accuracy. **🔑 Key Findings:** - Introduces StriaBlock, including ExRot-Free Convolution and a Cross Kernel, to eliminate external rotations and cut internal rotations to 19% of plaintext-model baselines. - Defines architectural principles that constrain HE-sensitive costs while adapting to ciphertext channel-packing limits across depth. - Evaluates on large, medium, and small image benchmarks rather than only toy datasets. - Reports speedups of 9.78 times on ImageNet, 6.01 times on Tiny ImageNet, and 9.24 times on CIFAR-10 at comparable accuracy. --- 🔗 [Read paper](https://eprint.iacr.org/2026/730) 📎 [PDF](https://eprint.iacr.org/2026/730.pdf) #ai-security #privacy #cryptography #crypto ⏱️ 2026-04-19 02:45 UTC

## 📄 SecDTD: Dynamic Token Drop for Secure Transformers Inference ✍️ Yifei Cai, Zhuoran Li, Yizhou Feng, Qiao Zhang, Hongyi Wu, et al. 🏛️ IACR ePrint · 📅 2026-04-14 --- SecDTD adapts token dropping to privacy-preserving Transformer inference, where ciphertext costs differ sharply from plaintext settings. The paper combines early-stage token dropping with new secure scoring and selection primitives to cut secure inference latency substantially without hurting model accuracy. **🔑 Key Findings:** - Introduces Max-Centric Normalization, a Softmax-independent scoring method that enables earlier token dropping in secure inference. - Presents OMSel, an oblivious median selection protocol that is 16.9 times faster than prior sorting-based approaches. - Evaluated across 48 experiments on eight GLUE datasets using BOLT and BumbleBee. - Achieves 4.47 times end-to-end secure inference acceleration with no reported accuracy degradation. --- 🔗 [Read paper](https://eprint.iacr.org/2026/731) 📎 [PDF](https://eprint.iacr.org/2026/731.pdf) #ai-security #privacy #cryptography #crypto ⏱️ 2026-04-19 02:45 UTC

## 📄 Liar, Liar, Headset on Fire: Understanding the Effects of Deception Attacks on Decision-Making in a Mixed Reality Game ✍️ Ali Teymourian, Taha Gharaibeh, Ibrahim Baggili, Andrew M. Webb 🏛️ DTIC · 📅 2026-04-13 --- This paper studies deception attacks in mixed reality by measuring how subversive cues affect user decisions during a controlled MR game experiment. It matters because MR systems are becoming operationally relevant, and the work gives empirical evidence that deception in immersive environments can alter behavior in ways security designers need to anticipate. **🔑 Key Findings:** - Evaluates deception attacks in mixed reality with a controlled study involving 250 participants. - Measures how deceptive or subversive stimuli change user decision-making rather than focusing only on system compromise. - Extends security analysis into immersive environments where perception and interaction are part of the attack surface. - Suggests MR safety and security need defenses against behavioral manipulation, not just software exploits. --- 🔗 [Read paper](https://doi.org/10.1145/3772318.3791840) #cybersecurity #ai-security #privacy #mixed-reality ⏱️ 2026-04-30 10:30 UTC

## 📄 (Mis)using the Lattice Isomorphism Problem. Cryptanalysis of the double-LIP and Construction of LIP-Based Blind Signatures ✍️ Veronika Kuchta, Francesco Sica 🏛️ IACR ePrint · 📅 2026-04-13 --- This paper probes both the promise and fragility of blind-signature designs built on the Lattice Isomorphism Problem. It breaks the double-LIP variant used in prior constructions, shows the Abe-Okamoto route is insecure under LIP, and then proposes a different blind-signature design combining LIP with CVP and modular SIS. **🔑 Key Findings:** - Shows the Abe-Okamoto framework does not yield a secure blind-signature instantiation under LIP. - Presents an attack on double-LIP that recovers the secret unimodular matrix from two generic distinct LIP instances. - Identifies concrete limitations in using newer group-action-based post-quantum assumptions directly for blind protocols. - Proposes a new blind-signature construction that combines LIP, CVP, and modular SIS. --- 🔗 [Read paper](https://eprint.iacr.org/2026/722) 📎 [PDF](https://eprint.iacr.org/2026/722.pdf) #cryptography #crypto #privacy ⏱️ 2026-04-19 02:45 UTC

## 📄 Empirical Evaluation of PDF Parsing and Chunking for Financial Question Answering with RAG ✍️ Omar El Bachyr, Yewei Song, Saad Ezzini, Jacques Klein, Tegawendé F. Bissyandé, et al. 🏛️ arXiv · 📅 2026-04-13 --- This paper compares PDF parsers and chunking strategies for retrieval-augmented question answering over financial documents, with a focus on how those plumbing choices affect answer quality. It is relevant for security and intelligence workflows because a lot of high-value reporting still lives in messy PDFs full of tables, layout artifacts, and embedded structure that standard RAG pipelines handle badly. **🔑 Key Findings:** - Benchmarks multiple PDF parsing and chunking combinations on financial QA tasks, including the new public TableQuest benchmark. - Studies how parser choice, chunking strategy, and overlap interact rather than evaluating them in isolation. - Focuses on preserving document structure and table content, both common failure points in production RAG systems. - Produces practical guidance for building more reliable PDF-understanding pipelines. - Shows that PDF ingestion design decisions materially affect downstream QA performance. --- 🔗 [Read paper](https://arxiv.org/abs/2604.12047v1) 📎 [PDF](https://arxiv.org/pdf/2604.12047v1) #ai-security #cybersecurity #rag #document-analysis #pdf #cs.CL #cs.IR ⏱️ 2026-04-15 06:00 UTC

## 📄 Abdollah Nia v. Bank of America, N.A. ✍️ Unknown 🏛️ CourtListener · 📅 2026-04-13 --- A published Ninth Circuit opinion in a dispute between Abdollah Nia and Bank of America, N.A. The case likely concerns a civil appellate issue involving banking, lending, or related procedural claims, though the CourtListener feed entry does not include the underlying legal question. **🔑 Key Findings:** - New published opinion from the U.S. Court of Appeals for the Ninth Circuit. - Civil case captioned Abdollah Nia v. Bank of America, N.A. - The dispute appears likely to touch banking or financial-services litigation. - CourtListener metadata is limited, so the precise holding and legal reasoning should be confirmed in the opinion text. --- 🔗 [Read paper](https://www.courtlistener.com/opinion/10841980/abdollah-nia-v-bank-of-america-na/) #law #CourtOpinion #NinthCircuit #Published #fincrime ⏱️ 2026-04-13 23:32 UTC

## 📄 United States v. Williams ✍️ Unknown 🏛️ CourtListener · 📅 2026-04-13 --- A new published Ninth Circuit opinion in a federal case styled United States v. Williams. The available metadata does not expose the subject matter, but as a published appellate decision it may carry precedential weight for criminal procedure or another federal-law issue addressed by the panel. **🔑 Key Findings:** - New published opinion from the U.S. Court of Appeals for the Ninth Circuit. - Federal case captioned United States v. Williams. - Because the decision is published, it is likely to have precedential significance within the circuit. - The specific legal issue is not visible in the feed metadata and should be verified against the full opinion. --- 🔗 [Read paper](https://www.courtlistener.com/opinion/10841979/united-states-v-williams/) #law #CourtOpinion #NinthCircuit #Published ⏱️ 2026-04-13 23:32 UTC

## 📄 Center For Sustainable Economy, Resps V. Wa State Dept Of Natural Resources, Apps ✍️ Unknown 🏛️ CourtListener · 📅 2026-04-13 --- A published Washington Court of Appeals opinion involving environmental groups and the Washington State Department of Natural Resources. Based on the available metadata, this appears to be an administrative or natural-resources dispute with potential relevance to public-interest litigation and state land management. **🔑 Key Findings:** - New published opinion from the Court of Appeals of Washington. - Parties include Center for Sustainable Economy and the Washington State Department of Natural Resources. - The case appears relevant to administrative law, environmental governance, or state natural-resource oversight. - CourtListener metadata for this entry is sparse, so the legal holding should be confirmed from the full opinion text. --- 🔗 [Read paper](https://www.courtlistener.com/opinion/10842124/center-for-sustainable-economy-resps-v-wa-state-dept-of-natural/) #law #CourtOpinion #CourtOfAppealsOfWashington #Published ⏱️ 2026-04-13 23:32 UTC

## 📄 How to construct even faster and indifferentiable hash functions from random permutations ✍️ Liting Zhang, Han Sui, Lei Zhang, Wenling Wu 🏛️ IACR ePrint · 📅 2026-04-12 --- This paper proposes a new hash design framework, Compress-then-Randomize, that separates fast message absorption from final randomness extraction to improve both throughput and provable security. Its Rocket family aims to beat sponge-style efficiency limits, with the strongest performance claim exceeding 2x SHA3-512 throughput on large messages while still targeting indifferentiability from a random oracle. **🔑 Key Findings:** - Introduces the Compress-then-Randomize paradigm, splitting VIL compression and FIL finalization into separate security roles - Proposes Rocket-JH and Rocket-DoubleCBC as concrete hash families built from random-permutation style components - Claims Rocket-2 achieves more than 2x the throughput of SHA3-512 on large-message workloads - Presents CTR-Perm, a domain-separation method for deriving many effectively independent round functions from one large permutation - Defines Hash Effectiveness as a heuristic metric for security-efficiency tradeoffs and argues Rocket approaches a higher Pareto frontier than Merkle-Damgard and Sponge designs --- 🔗 [Read paper](https://eprint.iacr.org/2026/713) 📎 [PDF](https://eprint.iacr.org/2026/713.pdf) #cryptography #crypto #hash-functions #random-oracle #symmetric-cryptography ⏱️ 2026-04-15 14:45 UTC

## 📄 Public Key Encryption from High-Corruption Constraint Satisfaction Problems ✍️ Isaac M Hair, Amit Sahai 🏛️ IACR ePrint · 📅 2026-04-12 --- The authors propose a public key encryption scheme based on the conjectured hardness of heavily corrupted constraint satisfaction problems, aiming for plausible quasi-exponential security. The paper is notable because it pushes beyond quasi-polynomial style assumptions while also introducing new coding and trapdoor techniques that may matter beyond this specific construction. **🔑 Key Findings:** - Builds public key encryption from two high-corruption CSP hardness conjectures, including a new large-alphabet random predicate CSP and corrupted kXOR - Claims plausible quasi-exponential security, a stronger target than prior high-corruption-CSP-based approaches - Provides lower bounds against a range of natural attacks on the proposed LARP-CSP assumption - Introduces a new trapdoor planting method based on the label extended factor graph of a CSP instance - Gives a uniform error-correcting code construction with low-density expanding generator matrices and efficient decoding from a 1 - o(1) fraction of corruptions --- 🔗 [Read paper](https://eprint.iacr.org/2026/712) 📎 [PDF](https://eprint.iacr.org/2026/712.pdf) #cryptography #crypto #public-key-encryption #csp #error-correcting-codes ⏱️ 2026-04-15 14:45 UTC

## 📄 Decision-theoretic planning and cognitive modeling for active cyber deception ✍️ Aditya Shinde, Prashant Doshi 🏛️ DTIC · 📅 2026-04-11 --- This paper frames active cyber deception as a sequential decision problem, combining decision-theoretic planning with cognitive models of attacker behavior. The payoff is a more adaptive way to choose deceptive actions that aims not just to detect intrusions, but to shape adversary decisions during an engagement. **🔑 Key Findings:** - Models cyber deception as an interactive planning problem rather than a static set of traps or indicators. - Incorporates attacker cognition, which should let defenders tailor deception to likely adversary beliefs and reactions. - Shifts the defensive objective from pure prevention toward influencing attacker behavior over time. - Points to more rigorous evaluation of deception strategies using formal AI methods. --- 🔗 [Read paper](https://doi.org/10.1016/j.artint.2026.104540) #cybersecurity #defense #intelligence #ai-security ⏱️ 2026-05-04 10:39 UTC

## 📄 Optimizing and Implementing Threshold MAYO ✍️ Diego F. Aranha, Giacomo Borin, Sofia Celi, Guilhem Niot 🏛️ IACR ePrint · 📅 2026-04-11 --- This paper turns threshold MAYO, a post-quantum signature construction, into something much closer to deployable practice. The authors redesign parts of MAYO and its MPC workflow so signing can happen with lower online latency, then show in an actively secure dishonest-majority setting that realistic threshold sizes are feasible in local emulation. **🔑 Key Findings:** - Introduces Explicit-Salt MAYO so salts can be fixed ahead of time, enabling a single-round online signing phase. - Proposes Depth-Reduced MAYO, which restructures signing to shrink the depth of secret-dependent operations in MPC. - Combines these changes with MPC-oriented protocol optimizations in a unified framework for threshold MAYO. - Provides an actively secure dishonest-majority instantiation and end-to-end emulation results showing practical threshold signing performance. - Argues the framework should extend beyond MAYO to other UOV-family post-quantum signatures. --- 🔗 [Read paper](https://eprint.iacr.org/2026/710) 📎 [PDF](https://eprint.iacr.org/2026/710.pdf) #cryptography #crypto #privacy #post-quantum #threshold-signatures #mpc #iacr ⏱️ 2026-04-12 20:45 UTC

## 📄 XFED: Non-Collusive Model Poisoning Attack Against Byzantine-Robust Federated Classifiers ✍️ Israt Jahan Mouri, Muhammad Ridowan, Muhammad Abdullah Adnan 🏛️ arXiv · 📅 2026-04-10 --- XFED argues that federated learning defenses are overestimating attacker coordination costs. It shows that independently acting poisoned clients, with no communication or visibility into peers or server defenses, can still bypass Byzantine-robust aggregation and degrade model integrity. **🔑 Key Findings:** - Formalizes a non-collusive threat model where compromised FL clients pursue the same objective without exchanging updates or coordinating behavior. - Proposes XFED as an aggregation-agnostic poisoning attack that does not require knowledge of server-side defenses. - Empirically bypasses 8 state-of-the-art federated learning defenses across 6 benchmark datasets. - Outperforms 6 prior poisoning attacks despite removing the botnet-like coordination assumptions many attacks rely on. - Suggests practical FL deployments may be substantially more vulnerable to stealthy poisoning than current defense evaluations imply. --- 🔗 [Read paper](https://arxiv.org/abs/2604.09489v1) 📎 [PDF](https://arxiv.org/pdf/2604.09489v1) #cybersecurity #ai-security #cs.CR #cs.AI #cs.DC #cs.LG ⏱️ 2026-04-13 06:00 UTC

## 📄 Integrated Cognitive Analysis for Human–Autonomy Function Allocation and System Design ✍️ Katie M. Ernst, Laura G. Militello, Emilie M. Roth, Christen Sushereba, Julie DiIulio, et al. 🏛️ DTIC · 📅 2026-04-08 --- This paper lays out a methodology for allocating functions and work across humans and autonomous systems in complex aerospace environments. It matters because contested operations increasingly depend on mixed human-machine teams, and bad allocation choices can quietly create both safety and mission risk. **🔑 Key Findings:** - Proposes an integrated cognitive analysis workflow for assigning functions between humans and autonomy. - Emphasizes preserving human expertise while still exploiting sophisticated autonomous capabilities. - Frames function allocation as a system-design problem, not just an automation-maximization problem. - Directly fits defense autonomy and oversight design where teaming quality affects operational effectiveness. --- 🔗 [Read paper](https://dtic.dimensions.ai/discover/publication?search_text=%22human-autonomy+teaming%22) #defense #ai-security ⏱️ 2026-04-26 10:30 UTC

## 📄 Security Lessons from the Paris Olympics for the 2026 FIFA World Cup and Other Major Events ✍️ Alexandre Rodde, David Mcilhatton, John Cuddihy, Shannen Benton 🏛️ CTC Sentinel · 📅 2026-04-01 --- This article distills how the 2024 Paris Olympics managed a dense terrorism and public-safety threat picture, then applies those lessons to the much larger 2026 FIFA World Cup across the United States, Canada, and Mexico. The core message is that North American planners will need deeply integrated intelligence, cyber, infrastructure, and cross-border coordination to scale prevention across 16 cities and three jurisdictions. **🔑 Key Findings:** - Paris is presented as a proof point for intelligence-led counterterrorism, integrated multi-agency coordination, and visible deterrence under a high-threat environment. - The authors highlight cybersecurity readiness and critical infrastructure protection as core event-security functions, not supporting afterthoughts. - Counter-drone capability and fast public communication are treated as practical requirements for handling both real incidents and disruption attempts. - Scaling from one host nation to three countries introduces legal, operational, and command-coordination problems that require harmonized planning before the tournament begins. - The article argues that terrorism, crime, sabotage, cyber threats, and public disorder have to be planned for as a single interconnected security problem. --- 🔗 [Read paper](https://ctc.westpoint.edu/security-lessons-from-the-paris-olympics-for-the-2026-fifa-world-cup-and-other-major-events/) 📎 [PDF](https://ctc.westpoint.edu/wp-content/uploads/2026/04/CTC-SENTINEL-042026_article-4.pdf) #cybersecurity #defense #intelligence #Counterterrorism #CTCSentinel ⏱️ 2026-05-02 22:00 UTC

## 📄 Beyond Misuse: Artificial Intelligence, Grievance, and the Future Landscape of Political Violence ✍️ Yannick Veilleux-Lepage 🏛️ CTC Sentinel · 📅 2026-04-01 --- This CTC Sentinel article argues that AI should be treated not only as a tool extremists might misuse, but as a structural force that can itself generate grievances that lead to political violence. It maps how labor disruption, weakened institutional legitimacy, and fraying social ties could expand the pool of actors, targets, and flashpoints that counterterrorism monitoring needs to watch. **🔑 Key Findings:** - The article says the dominant AI-and-terrorism literature focuses too narrowly on malicious use of AI tools, missing violence driven by AI-related social dislocation itself. - It frames AI-generated grievance across three domains: economic order, state and institutional power, and the social and personal fabric of everyday life. - A central mechanism is the "accountability gap," where AI-mediated harms are real but responsibility is diffuse, making outrage harder to channel through normal political remedies. - The paper argues this dynamic could produce violence by actors outside current counterterrorism baselines, not just established extremist groups. - For practitioners, the takeaway is to widen warning indicators beyond direct AI adoption and include anti-technology grievance formation. --- 🔗 [Read paper](https://ctc.westpoint.edu/beyond-misuse-artificial-intelligence-grievance-and-the-future-landscape-of-political-violence/) 📎 [PDF](https://ctc.westpoint.edu/wp-content/uploads/2026/04/CTC-SENTINEL-042026_cover-article.pdf) #ai-security #intelligence #law #Counterterrorism #InnovationAndTechnology #CTCSentinel ⏱️ 2026-05-02 22:00 UTC

## 📄 Competing Narratives on TikTok: Modeling Taiwan’s 2024 Election Dynamics ✍️ Mayor Inna Gurung, Nitin Agarwal 🏛️ DTIC · 📅 2026-04-01 --- This paper models how competing narratives spread on TikTok during Taiwan’s 2024 election using a belief-aware diffusion framework rather than simple engagement metrics. It matters because it offers a structured way to analyze influence dynamics, polarization, and information operations on a strategically important social platform during an election. **🔑 Key Findings:** - Introduces a narrative-diffusion model tailored to competing belief-aligned narratives on social media. - Uses the 2024 Taiwan election as a concrete case for studying platform-mediated information competition. - Emphasizes dynamic interactions between users and narratives, not just static content popularity. - Provides a framework that could inform analysis of influence operations, narrative warfare, and platform risk. --- 🔗 [Read paper](https://dtic.dimensions.ai/discover/publication?search_text=computer+fraud) #intelligence #defense #cybersecurity #law #information-warfare ⏱️ 2026-04-30 10:30 UTC

## 📄 Systematic Evaluation of Machine Learning and Deep Learning Models for IoT Malware Detection Across Ransomware, Rootkit, Spyware, Trojan, Botnet, Worm, Virus, and Keylogger ✍️ Mazdak Maghanaki, Soraya Keramati, F. Frank Chen, Mohammad Shahin 🏛️ DTIC · 📅 2026-03-10 --- This paper benchmarks a wide range of classical machine learning and deep learning approaches for IoT malware detection across eight malware families, rather than evaluating on a narrow single-class setup. It matters because IoT defenses often look strong in toy datasets, and this study appears aimed at showing which model families hold up better when the threat mix is broader and operationally messier. **🔑 Key Findings:** - Evaluates detection performance across ransomware, rootkit, spyware, trojan, botnet, worm, virus, and keylogger scenarios instead of a single malware category. - Compares both traditional ML and deep learning models, giving defenders a broader baseline for architecture tradeoffs. - Focuses on IoT environments, where constrained devices and heterogeneous traffic make malware detection especially difficult. - Frames the problem as both an accuracy and feasibility challenge, which is more relevant to deployment than raw benchmark scores alone. --- 🔗 [Read paper](https://dtic.dimensions.ai/discover/publication?search_text=software%20security) 📎 [PDF](https://www.mdpi.com/1424-8220/26/6/1750/pdf) #cybersecurity #ai-security #malware #iot #machine-learning ⏱️ 2026-05-08 10:40 UTC

## 📄 Secure by design: Merging network and security bootstrapping for IoT systems through NDN ✍️ Adriana V. Ribeiro, André L.R. Madureira, Leobino N. Sampaio 🏛️ DTIC · 📅 2026-02-26 --- This work argues that IoT deployments should bootstrap connectivity and security together instead of treating them as separate setup phases. Using Named Data Networking, it proposes a design where trust establishment is built into the networking model, which could reduce onboarding complexity and common misconfiguration risks. **🔑 Key Findings:** - Proposes a unified bootstrap process that combines network configuration with security provisioning for IoT devices. - Uses NDN to make trust and data access central parts of device onboarding. - Targets a common weakness in IoT, where insecure or inconsistent bootstrap flows leave devices exposed early in deployment. - Suggests a path toward more scalable and trustworthy IoT rollouts in constrained environments. --- 🔗 [Read paper](https://doi.org/10.1016/j.comnet.2026.112162) #cybersecurity #privacy #cryptography ⏱️ 2026-05-04 10:39 UTC

## 📄 RISQrypt: Fast, Secure and Agile Hardware-Software Co-Design for Post-Quantum Cryptography ✍️ Tolun Tosun, Atıl Utku Ay, Quinten Norga, Suparna Kundu, Melik Yazıcı, et al. 🏛️ IACR ePrint · 📅 2026-02-18 --- RISQrypt presents a unified masked hardware-software co-design for both ML-KEM (Kyber) and ML-DSA (Dilithium), combining dedicated accelerators for polynomial arithmetic, hashing, and mask conversion in one crypto-agile architecture. The result is a practical path to much faster side-channel-resistant post-quantum implementations without giving up flexibility for future schemes. **🔑 Key Findings:** - Implements both Kyber and Dilithium with masking in a single unified architecture, which the authors position as a first in the literature. - Accelerates masked Kyber768 decapsulation to 109K clock cycles and masked Dilithium3 signing to an average of 1230K clock cycles. - Delivers a reported 11.3x time-performance gain over prior masked implementations. - Also improves unprotected performance, with reported speed-ups of 10.64x and 8.94x for Kyber encapsulation and decapsulation, plus 1.14x and 2.23x for Dilithium signing and verification versus similar-resource designs. - Uses a HW/SW co-design that can be extended by firmware reprogramming to related PQC schemes such as Falcon and SPHINCS+. --- 🔗 [Read paper](https://eprint.iacr.org/2026/312) 📎 [PDF](https://eprint.iacr.org/2026/312.pdf) #cryptography #crypto #hardware-security ⏱️ 2026-05-06 20:45 UTC

## 📄 Key Recovery Attacks on UOV Using p^l-truncated Polynomial Rings ✍️ Hiroki Furue, Yasuhiko Ikematsu 🏛️ IACR ePrint · 📅 2026-02-18 --- This paper extends recent structural key-recovery attacks on UOV by recasting them in truncated polynomial-ring language, which makes the attack framework more general and easier to analyze across finite fields. The practical upshot is that several claimed security levels for UOV and SNOVA parameters are weakened, with the authors finding stronger intersection-style attacks than prior reconciliation-based analyses. **🔑 Key Findings:** - Shows UOV secret-subspace recovery can be expressed via XL over p-truncated polynomial rings, simplifying earlier symmetric-algebra formulations. - Generalizes the attack framework to p^l-truncated polynomial rings, which can relax solving-degree constraints by choosing larger l. - Incorporates intersection attacks into this framework, not just reconciliation attacks considered in prior work. - Finds the best intersection attacks outperform reconciliation attacks against proposed UOV parameters. - Reports reduced security estimates for multiple UOV and SNOVA parameter sets versus their claimed levels. --- 🔗 [Read paper](https://eprint.iacr.org/2026/298) 📎 [PDF](https://eprint.iacr.org/2026/298.pdf) #cryptography #crypto #post-quantum #multivariate-cryptography #digital-signatures ⏱️ 2026-05-01 08:45 UTC

## 📄 CipherSkip: Efficient Sparse Matrix Multiplication with FHE ✍️ Wujie Xiong, Hao Zhou, Yutong Ye, Ruoming Jin, Lei Xu 🏛️ IACR ePrint · 📅 2026-02-18 --- CipherSkip introduces an FHE-compatible framework for sparse matrix multiplication that preserves both values and sparsity patterns instead of leaking nonzero positions or falling back to dense computation. For privacy-preserving AI and scientific workloads, that matters because it cuts the huge overhead of homomorphic multiplication while keeping structural information hidden. **🔑 Key Findings:** - Supports oblivious sparse general matrix multiplication under an FHE SIMD scheme, avoiding exposure of nonzero positions. - Extends beyond two-matrix multiplication to arbitrary sparse matrix chains (FHE-SpGEMCM). - The authors' efficiency analysis gives an average homomorphic cost of $(n_A n_B)^2 / n^2 N$, scaling with actual sparsity and FHE batch size. - On square matrices of size $2^9$, CipherSkip achieves an average 439.25x speedup and 10.68x lower memory use versus dense FHE baselines. - At scale $2^{13}$, it reports up to 1201.77x speedup over baselines that exploit sparsity in only one matrix. --- 🔗 [Read paper](https://eprint.iacr.org/2026/297) 📎 [PDF](https://eprint.iacr.org/2026/297.pdf) #cryptography #privacy #ai-security #fhe #secure-computation ⏱️ 2026-04-23 20:45 UTC

## 📄 Cross-Algorithm Deep Learning-based Non-Profiled Side-Channel Attacks Exploiting Symmetric Leakage ✍️ Jintong Yu, Yuxuan Wang, Zixin He, Yihan Nie, Yubo Zhao, et al. 🏛️ IACR ePrint · 📅 2026-02-18 --- This paper extends deep learning-based non-profiled side-channel analysis beyond algorithm-specific nonlinear intermediates by targeting leakage from linear operations that many ciphers share. The authors show that modeling symmetric leakage and using their VS-GBA distinguisher makes cross-algorithm attacks practical, including against masked implementations and XTS-AES settings where plaintext or ciphertext is obscured by secret tweaks. **🔑 Key Findings:** - Introduces a blind-leakage attack strategy that targets outputs of linear operations, broadening DL-NSCA beyond prior methods tied to nonlinear structures. - Provides an algebraic characterization of how leakage-function structure determines the number of correlation maxima, especially for symmetric leakage. - Proposes VS-GBA, an epoch-invariant distinguisher that works in both single-maximum and dual-maximum cases and better aligns deep learning metrics with side-channel signal. - On a noisy 32-bit ARM Cortex-M4, VS-GBA recovered keys with 100% success using 8,000 traces for masked AES, 8,500 for masked PRESENT, and 16,000 for masked ASCON, where asymmetric leakage analysis failed. - Demonstrates the first DL-NSCA attack on XTS-AES, pushing this attack class into settings with secret tweak masking. --- 🔗 [Read paper](https://eprint.iacr.org/2026/301) 📎 [PDF](https://eprint.iacr.org/2026/301.pdf) #hardware-security #cryptography #privacy ⏱️ 2026-04-20 08:45 UTC

## 📄 Coordinated Multi-Domain Deception: A Stackelberg Game Approach ✍️ Md Abu Sayed, Asif Rahman, Ahmed Hemida, Christopher Kiekintveld, Charles A. Kamhoua 🏛️ DTIC · 📅 2026-02-16 --- This paper models cyber and physical deception as a coordinated defender strategy rather than isolated decoys. The authors use a Stackelberg game with CVSS and NVD vulnerability data to show that multilayer deception can improve defender utility more than single-layer baselines. **🔑 Key Findings:** - Synchronizes cyber and physical replicas so defenders can mislead attackers across coupled domains instead of only one layer. - Uses CVSS-based exploit probabilities and NVD vulnerability data to prioritize which weaknesses deserve deceptive coverage. - Introduces a CVE-based utility function for defender and attacker interactions in a Stackelberg game setting. - Reports that coordinated multilayer deception outperforms both single-layer and baseline strategies across CVSS versions. - Frames deception as a decision problem tied to vulnerability management, not just honeypot placement. --- 🔗 [Read paper](https://dtic.dimensions.ai/discover/publication?search_text=cyber+deception) 📎 [PDF](https://arxiv.org/pdf/2601.02596v1) #cybersecurity #defense #ai-security #cs.CR ⏱️ 2026-05-02 22:30 UTC

## 📄 Optimized Implementations of Keccak, Kyber, and Dilithium on the MSP430 Microcontroller ✍️ DongHyun Shin, YoungBeom Kim, Ayesha Khalid, Máire O'Neill, Seog Chung Seo 🏛️ IACR ePrint · 📅 2026-02-12 --- This paper adapts Keccak, CRYSTALS-Kyber, and CRYSTALS-Dilithium to the 16-bit MSP430, a much smaller target than the ARM microcontrollers that dominate embedded PQC optimization work. The main result is that careful redesign of NTT arithmetic and memory access patterns makes standardized post-quantum crypto substantially more practical on constrained IoT-class hardware. **🔑 Key Findings:** - Redesigns 16-bit and 32-bit NTT routines for MSP430, including modular arithmetic, layer merging, and point-wise multiplication tuned to the architecture. - Reports 134%, 249%, and 210% speedups over C reference code for 16-bit NTT, inverse NTT, and point-wise multiplication, respectively. - Introduces MSP430-specific "twisting" and "zig-zag" techniques for Keccak, yielding a 57% performance improvement over the reference implementation. - Achieves Kyber speedups of 46.1% to 51.3% for KeyGen, 45.6% to 60.0% for Encaps, and 46.2% to 62.3% for Decaps. - Achieves Dilithium speedups of 44.5% to 48.3% for KeyGen, 57.5% to 65.0% for signing, and 46.1% to 50.0% for verification. --- 🔗 [Read paper](https://eprint.iacr.org/2026/235) 📎 [PDF](https://eprint.iacr.org/2026/235.pdf) #cryptography #crypto #hardware-security ⏱️ 2026-04-29 02:45 UTC

## 📄 MPSpeed: Implementing and Optimizing MPC-in-the-Head Digital Signatures in Hardware ✍️ Stelios Manasidis, Quinten Norga, Suparna Kundu, Ingrid Verbauwhede 🏛️ IACR ePrint · 📅 2026-02-09 --- This paper builds a compact FPGA accelerator for Mirath, a post-quantum MPC-in-the-Head signature scheme, targeting its biggest bottlenecks in GGM-tree commitments and MPC arithmetic. The result is a much more practical hardware path for MPCitH signatures, showing that careful scheduling, indexing, and parameter-aware parallelism can cut memory costs sharply while improving overall efficiency by over an order of magnitude. **🔑 Key Findings:** - Introduces an on-the-fly GGM tree generation schedule that minimizes stored nodes while still enabling parallel computation. - Uses a hardware-friendly tree indexing method based on shift operations to quickly recover the nearest computed ancestor. - Designs massively parallel but area-efficient arithmetic units tuned to Mirath's parameter sets and MPCitH workload structure. - Implements a unified Artix-7 FPGA design supporting all Mirath operations, including commitments and MPC arithmetic. - Compared with prior MPCitH signature hardware for SDitH, reduces BRAM usage by up to 81.6% and improves area-time product by 52.7x to 64.8x. --- 🔗 [Read paper](https://eprint.iacr.org/2026/206) 📎 [PDF](https://eprint.iacr.org/2026/206.pdf) #cryptography #hardware-security #crypto #post-quantum #fpga #digital-signatures ⏱️ 2026-04-27 14:45 UTC

## 📄 MPSpeed: Implementing and Optimizing MPC-in-the-Head Digital Signatures in Hardware ✍️ Stelios Manasidis, Quinten Norga, Suparna Kundu, Ingrid Verbauwhede 🏛️ IACR ePrint · 📅 2026-02-09 --- This paper builds a compact FPGA accelerator for Mirath, a post-quantum MPC-in-the-Head signature scheme, targeting its biggest bottlenecks in GGM-tree commitments and MPC arithmetic. The result is a much more practical hardware path for MPCitH signatures, showing that careful scheduling, indexing, and parameter-aware parallelism can cut memory costs sharply while improving overall efficiency by over an order of magnitude. **🔑 Key Findings:** - Introduces an on-the-fly GGM tree generation schedule that minimizes stored nodes while still enabling parallel computation. - Uses a hardware-friendly tree indexing method based on shift operations to quickly recover the nearest computed ancestor. - Designs massively parallel but area-efficient arithmetic units tuned to Mirath's parameter sets and MPCitH workload structure. - Implements a unified Artix-7 FPGA design supporting all Mirath operations, including commitments and MPC arithmetic. - Compared with prior MPCitH signature hardware for SDitH, reduces BRAM usage by up to 81.6% and improves area-time product by 52.7x to 64.8x. --- 🔗 [Read paper](https://eprint.iacr.org/2026/206) 📎 [PDF](https://eprint.iacr.org/2026/206.pdf) #cryptography #hardware-security #crypto #post-quantum #fpga #digital-signatures ⏱️ 2026-04-27 14:45 UTC

## 📄 Post-Quantum Security of Block Cipher Constructions ✍️ Gorjan Alagic, Chen Bai, Christian Majenz, Kaiyan Shi 🏛️ IACR ePrint · 📅 2026-02-09 --- This paper builds a formal foundation for reasoning about the post-quantum security of block ciphers and the symmetric-key constructions built on top of them. It matters because symmetric crypto is often assumed to be "safer" in a quantum world, but this work is one of the first to give rigorous proofs for practical block-cipher-based schemes and modes under quantum-capable attackers. **🔑 Key Findings:** - Introduces a framework for proving post-quantum security of block ciphers and related constructions. - Gives the first post-quantum security proofs for the FX key-length extension construction. - Proves post-quantum security for the tweakable block ciphers LRW and XEX. - Extends the analysis to many standard block cipher encryption and authentication modes. - Shows the techniques work in both the plain model and the quantum ideal cipher model. --- 🔗 [Read paper](https://eprint.iacr.org/2026/209) 📎 [PDF](https://eprint.iacr.org/2026/209.pdf) #cryptography #crypto #post-quantum #symmetric-crypto ⏱️ 2026-04-15 02:45 UTC

## 📄 Threshold linear solving in small fields and application to UOV ✍️ Paco Azevedo-Oliveira, Jordan Beraud, Pierre Varjabedian 🏛️ IACR ePrint · 📅 2026-02-05 --- This paper develops three MPC-friendly algorithms for solving shared linear systems over small-characteristic finite fields, a bottleneck that shows up in threshold cryptography. The main payoff is enabling more practical threshold constructions for UOV and related post-quantum signature schemes, where prior threshold literature is still relatively thin. **🔑 Key Findings:** - Introduces three protocols for solving a shared system Ax = b when the matrix and vectors are secret-shared among parties. - Two of the methods derive from secure determinant computation, using Newton polynomial results and an adaptation of the Samuelson-Berkowitz algorithm. - The third method is a modification of an existing state-of-the-art approach, aimed at improving suitability in this setting. - The work targets low-characteristic fields, which are especially relevant for UOV-style multivariate cryptography. - The resulting techniques open the door to new threshold instantiations of UOV and UOV-based post-quantum schemes. --- 🔗 [Read paper](https://eprint.iacr.org/2026/189) 📎 [PDF](https://eprint.iacr.org/2026/189.pdf) #cryptography #crypto #privacy ⏱️ 2026-05-12 08:45 UTC

## 📄 Designing Deceptions for Protecting Industrial Control Systems ✍️ Neil C. Rowe 🏛️ DTIC · 📅 2026-01-31 --- This book chapter examines how deception can be designed specifically for industrial control systems, where uptime requirements and legacy constraints make conventional security controls harder to deploy. It is relevant because ICS defenders need practical ways to slow, mislead, and study attackers without disrupting critical operations. **🔑 Key Findings:** - Focuses on deception techniques tailored to industrial control systems rather than enterprise IT environments. - Frames ICS as high-value cyber targets with unusual operational constraints, including infrequent patching and continuous runtime needs. - Positions deception as a defensive layer for detection, attacker confusion, and resilience in critical infrastructure settings. - Connects the work to the broader cyber deception literature through a chapter in *Foundations of Cyber Deception*. --- 🔗 [Read paper](https://dtic.dimensions.ai/discover/publication?search_text=Designing+Deceptions+for+Protecting+Industrial+Control+Systems) #cybersecurity #critical-infrastructure #privacy ⏱️ 2026-04-28 10:34 UTC

## 📄 Setup Protocols for Sender Anonymity ✍️ Tian Huang, Jiatai Zhang, Megumi Ando 🏛️ IACR ePrint · 📅 2026-01-30 --- This paper tackles a blind spot in anonymous communication systems: the setup phase can leak who initiated contact, even when later messaging preserves anonymity. The authors formalize sender anonymity for dialing and setup protocols, then introduce Fusion and Fusion+, showing how to enforce simple I/O communication patterns while quantifying the privacy versus correctness tradeoff. **🔑 Key Findings:** - Introduces enhanced dialing protocols as a formal class for enforcing simple I/O anonymity settings. - Defines a framework covering security, correctness, fairness, and sender anonymity during setup. - Presents Fusion, which achieves perfect correctness and fairness while leaking only what the model deems unavoidable. - Presents Fusion+, a differentially private variant that reduces leakage further by sacrificing some correctness. - Quantifies the inherent privacy versus correctness tradeoff for sender-anonymous setup. --- 🔗 [Read paper](https://eprint.iacr.org/2026/158) 📎 [PDF](https://eprint.iacr.org/2026/158.pdf) #cryptography #privacy #differential-privacy #anonymous-communication ⏱️ 2026-05-05 02:46 UTC

## 📄 SESHAT: Systematic Energy & Seed-Provenance Harness for Algorithmic Tradeoffs ✍️ Mohamed El-Hadedy 🏛️ DTIC · 📅 2026-01-30 --- SESHAT introduces a reproducible benchmark suite for modular exponentiation on embedded Arm and RISC-V SoCs used in IoT and UAV edge systems. It matters because cryptographic performance comparisons on constrained platforms are often hard to reproduce, which makes security-performance tradeoffs and hardware selection decisions noisier than they should be. **🔑 Key Findings:** - Proposes a benchmark harness focused on modular exponentiation, a core primitive behind public-key cryptography. - Targets embedded Arm and RISC-V system-on-chip platforms relevant to IoT gateways and UAV edge deployments. - Emphasizes energy measurement and seed provenance so algorithmic comparisons can be reproduced across runs and devices. - Provides a way to study efficiency versus security-related implementation tradeoffs on constrained hardware. --- 🔗 [Read paper](https://dtic.dimensions.ai/discover/publication?search_text=SESHAT%3A+Systematic+Energy+%26+Seed-Provenance+Harness+for+Algorithmic+Tradeoffs) #cryptography #cybersecurity #sovereign-computing ⏱️ 2026-04-28 10:34 UTC

## 📄 Private IP Address Inference in NAT Networks via Off-Path TCP Control-Plane Attack ✍️ Suraj Sharma, Adityavir Singh, Mahabir Prasad Jhanwar 🏛️ IACR ePrint · 📅 2026-01-30 --- This paper shows that off-path TCP hijacking techniques against consumer NAT devices leak more than session state, they can reveal the private IP address of a client behind the gateway. That turns a connection disruption flaw into a deanonymization problem, with practical impact for SSH and HTTPS users on NATed Wi-Fi networks. **🔑 Key Findings:** - Exploits NAT behaviors such as port preservation, weak reverse path validation, and missing TCP window tracking to infer internal client addresses - Reconstructs the full client-side connection tuple for hosts communicating with a target server - Works in both lab and real-world Wi-Fi environments under realistic assumptions from prior off-path attack research - Reliably identifies private IP addresses and forcibly terminates SSH sessions - Shows that even when browsers quickly reconnect HTTPS sessions, the original client's private IP address is still exposed --- 🔗 [Read paper](https://eprint.iacr.org/2026/149) 📎 [PDF](https://eprint.iacr.org/2026/149.pdf) #cybersecurity #privacy #network-security #nat #tcp ⏱️ 2026-04-15 14:45 UTC

## 📄 Aerothermodynamic response of ZrB2-based compositionally complex ultra-high-temperature ceramics in hypersonic and supersonic flow conditions ✍️ Dylan De Prisco, Stefano Mungiguerra, Raffaele Costanzo, Anselmo Cecere, Raffaele Savino, et al. 🏛️ DTIC · 📅 2026-01-29 --- This paper tests two ZrB2-based ultra-high-temperature ceramic compositions under both hypersonic and supersonic arc-jet conditions to map how they behave as thermal protection materials. It matters because the authors connect real-time surface heating measurements with oxidation and microstructural changes, showing how NbC versus VC dopants shift failure and survivability under extreme aero-thermal loads. **🔑 Key Findings:** - The team exposed hemispherical ZrB2-TiB2-SiC ceramics doped with either NbC or VC to simulated air flows at about 20 MJ/kg in both Mach 3 and Mach 6 configurations. - Real-time pyrometry and infrared thermography measured surface temperatures roughly between 1700 K and 2700 K during testing. - One-dimensional chemical-equilibrium modeling was used to estimate flow-field conditions and aerothermodynamic loads for each nozzle configuration. - Post-test analysis linked oxidation behavior and microstructure evolution to the dopant choice, indicating distinct response mechanisms for Nb-containing versus V-containing compositions. - The results help qualify compositionally complex diboride ceramics for hypersonic thermal protection systems and related high-enthalpy aerospace applications. --- 🔗 [Read paper](https://doi.org/10.1016/j.jeurceramsoc.2026.118184) #defense #materials-science #hypersonics ⏱️ 2026-05-18 10:30 UTC

## 📄 ARES/ARES+: Online-Friendly Robust Threshold ECDSA with Amortized Costs ✍️ Guofeng Tang, Tian Qiu, Bowen Jiang, Haiyang Xue, Meng Hao, et al. 🏛️ IACR ePrint · 📅 2026-01-27 --- This work introduces two robust threshold ECDSA protocols that aim to keep the online signing path lightweight while shrinking the offline communication and computation costs that have limited MtA-based designs. The stronger variant, ARES+, reaches linear amortized computation with constant online communication, making robust threshold signing more practical for blockchain and wallet settings that need both liveness and efficiency. **🔑 Key Findings:** - Proposes ARES, an MtA-based robust threshold ECDSA protocol with constant per-party sending communication of about 2.22 KB in the offline phase. - Improves substantially over prior online-friendly MtA-based schemes while retaining a cheap online phase built mostly from finite-field operations. - Introduces ARES+, which uses packed secret sharing to achieve linear amortized computational complexity across batched signatures. - ARES+ matches TLHE-based asymptotic efficiency while preserving the online-friendly properties of MtA constructions. - The amortization gains come with a tradeoff: producing l signatures requires increasing the party count by l. --- 🔗 [Read paper](https://eprint.iacr.org/2026/130) 📎 [PDF](https://eprint.iacr.org/2026/130.pdf) #cryptography #crypto #threshold-signatures #ecdsa #blockchain ⏱️ 2026-05-01 08:45 UTC

## 📄 RF-AttenNet: A Hybrid Attention-Enhanced Network for Mixed Signal Classification in UAV Swarm Detection ✍️ Prajoy Podder, Mohammad Atikur Rahman, Maciej Zawodniok, Sanjay Madria 🏛️ DTIC · 📅 2026-01-10 --- This paper introduces an attention-enhanced model for RF-based classification of mixed signals in UAV swarm detection. It matters because passive, low-latency identification of drone swarms is a very practical counter-UAS problem with direct airspace-security and defense relevance. **🔑 Key Findings:** - Uses RF sensing rather than visual-only detection, which helps when drones are distant, obscured, or operating in cluttered environments. - Targets mixed-signal classification, which is harder than clean single-emitter detection. - Applies a hybrid attention architecture to improve discrimination in UAV swarm scenarios. - Maps cleanly to counter-drone monitoring and spectrum-aware defense systems. --- 🔗 [Read paper](https://dtic.dimensions.ai/discover/publication?search_text=%22uav+swarm+detection%22) #defense #cybersecurity ⏱️ 2026-04-26 10:30 UTC

## 📄 Adaptive NIKE for Unbounded Parties ✍️ Shafik Nassar, Brent Waters 🏛️ IACR ePrint · 📅 2026-01-08 --- This paper gives the first adaptively secure non-interactive key exchange construction for an unbounded number of parties in the standard model. It closes a notable gap in multiparty cryptography by removing prior dependence on static security or random oracles, while also handling unbounded user populations and party sizes. The work also adds a generic random-oracle compiler that upgrades weaker unbounded NIKE schemes to fully adaptive security against dynamic corruptions. **🔑 Key Findings:** - Introduces the first standard-model NIKE for unbounded parties with adaptive security, rather than only static security. - Supports unbounded numbers of honest and malicious users and unbounded party sizes, while tolerating a bounded number of dynamic user corruptions. - Builds the main construction from sub-exponential indistinguishability obfuscation and sub-exponential fully homomorphic encryption. - Contributes a new function-extractable hash primitive for extracting properties from maliciously hashed digests. - Provides a fully generic random-oracle compiler that upgrades unbounded NIKE schemes lacking dynamic-corruption support into fully adaptive ones without new assumptions. --- 🔗 [Read paper](https://eprint.iacr.org/2026/035) 📎 [PDF](https://eprint.iacr.org/2026/035.pdf) #cryptography #crypto ⏱️ 2026-04-13 20:46 UTC

## 📄 Governing the AI–biotech convergence ✍️ Benjamin D Trump, Christopher L Cummings, Beth Ellinport, Stephanie Galaitsi, Thomas Janisko, et al. 🏛️ DTIC · 📅 2026-01-03 --- This paper looks at the security and governance risks created where modern AI capabilities meet biotechnology workflows. The core value is not just flagging biosecurity concerns, but arguing for adaptive governance that can keep pace with dual-use risks as AI lowers barriers to biological design, optimization, and experimentation. **🔑 Key Findings:** - Examines how AI and biotech together can accelerate innovation while also expanding misuse and dual-use risk. - Argues that static governance models are a poor fit for fast-moving AI-enabled biotech development. - Frames security risk as part of a wider governance challenge involving ethics, oversight, and international coordination. - Connects technical advances to policy design, which is useful for readers tracking AI security beyond narrow model-level issues. --- 🔗 [Read paper](https://dtic.dimensions.ai/discover/publication?search_text=AI%20security) 📎 [PDF](https://link.springer.com/content/pdf/10.1038/s44319-025-00628-w.pdf) #ai-security #defense #biosecurity #governance ⏱️ 2026-05-08 10:40 UTC

## 📄 Designing Deceptions for Protecting Industrial Control Systems ✍️ Neil C. Rowe 🏛️ DTIC · 📅 2026-01-01 --- This chapter argues that industrial control systems are unusually good candidates for deception because they are fragile, hard to patch, and often must stay online continuously. It focuses on deception as an active-defense layer for critical infrastructure, where misleading attackers can buy time and reduce risk when direct remediation is difficult. **🔑 Key Findings:** - Highlights ICS environments as especially exposed because they support critical infrastructure, run with limited downtime, and often lag on software updates. - Positions deception as a practical active-defense tool when patching or architectural change is slow or operationally costly. - Connects deception design to the unique operational constraints of control systems rather than generic enterprise security assumptions. - Suggests that tailored deceptive elements can help protect high-value industrial processes during reconnaissance and attack preparation. - Reinforces that cyber deception has a distinct role in OT and ICS resilience planning. --- 🔗 [Read paper](https://dtic.dimensions.ai/discover/publication?search_text=cyber+deception) 📎 [PDF](https://link.springer.com/content/pdf/10.1007/978-3-031-93867-2_9.pdf) #cybersecurity #defense #hardware-security #critical-infrastructure ⏱️ 2026-05-02 22:30 UTC

## 📄 Ghost of Sessions Past: Distributed and Forward Secure Key Establishment for Implantable Medical Devices ✍️ Roozbeh Sarenche, Sayon Duttagupta, Kevin Bogner, Varesh Mishra, Francesco Milizia et al. 🏛️ IACR ePrint · 📅 2025-12-24 --- This paper introduces Chronos, a forward-secure key establishment protocol for implantable medical devices that avoids public-key cryptography on the implant itself. The design matters because IMDs can remain deployed for decades, and a later compromise of the device, phone, or backend should not expose years of previously recorded patient telemetry. **🔑 Key Findings:** - Chronos uses only lightweight symmetric primitives on the implant while still providing forward secrecy across sessions. - The protocol pushes coordination, recovery, and resynchronization to a threshold-based distributed backend, removing a single backend point of failure. - It includes emergency access and recovery paths for cases where the patient's normal device is unavailable, without giving up patient-centric access control. - The authors formally verify secrecy, agreement, forward secrecy, and recovery behavior in ProVerif under a post-session compromise model. - End-to-end implementation results on MSP430 and Cortex-M33 platforms suggest the protocol fits realistic IMD energy and safety constraints with negligible battery impact. --- 🔗 [Read paper](https://eprint.iacr.org/2025/2322) 📎 [PDF](https://eprint.iacr.org/2025/2322.pdf) #cryptography #privacy #cybersecurity #hardware-security ⏱️ 2026-05-15 14:45 UTC

## 📄 Ghost of Sessions Past: Distributed and Forward Secure Key Establishment for Implantable Medical Devices ✍️ Roozbeh Sarenche, Sayon Duttagupta, Kevin Bogner, Varesh Mishra, Francesco Milizia et al. 🏛️ IACR ePrint · 📅 2025-12-24 --- This paper introduces Chronos, a forward-secure key establishment protocol for implantable medical devices that avoids public-key cryptography on the implant itself. The design matters because IMDs can remain deployed for decades, and a later compromise of the device, phone, or backend should not expose years of previously recorded patient telemetry. **🔑 Key Findings:** - Chronos uses only lightweight symmetric primitives on the implant while still providing forward secrecy across sessions. - The protocol pushes coordination, recovery, and resynchronization to a threshold-based distributed backend, removing a single backend point of failure. - It includes emergency access and recovery paths for cases where the patient's normal device is unavailable, without giving up patient-centric access control. - The authors formally verify secrecy, agreement, forward secrecy, and recovery behavior in ProVerif under a post-session compromise model. - End-to-end implementation results on MSP430 and Cortex-M33 platforms suggest the protocol fits realistic IMD energy and safety constraints with negligible battery impact. --- 🔗 [Read paper](https://eprint.iacr.org/2025/2322) 📎 [PDF](https://eprint.iacr.org/2025/2322.pdf) #cryptography #privacy #cybersecurity #hardware-security ⏱️ 2026-05-15 14:45 UTC

## 📄 InstantOMR: Oblivious Message Retrieval with Low Latency and Optimal Parallelizability ✍️ Haofei Liang, Zeyu Liu, Eran Tromer, Xiang Xie, Yu Yu 🏛️ IACR ePrint · 📅 2025-12-23 --- This paper introduces InstantOMR, an oblivious message retrieval scheme for anonymous messaging systems that mixes TFHE functional bootstrapping with standard RLWE operations. The hybrid design substantially reduces recipient wait times and parallelizes cleanly across CPU cores, making single-server private message retrieval much more practical. **🔑 Key Findings:** - Proposes a two-layer bootstrapping architecture that combines TFHE and regular RLWE homomorphic operations. - Targets recipient privacy in anonymous messaging, where users must retrieve their messages without scanning everything or revealing which messages are theirs. - Achieves about 860x lower latency than SophOMR, the prior state-of-the-art single-server OMR scheme. - Scales near-optimally with available CPU cores because messages can be processed independently. - Implementation results are based on Primus-fhe, with additional estimates from TFHE-rs. --- 🔗 [Read paper](https://eprint.iacr.org/2025/2317) 📎 [PDF](https://eprint.iacr.org/2025/2317.pdf) #cryptography #privacy #crypto ⏱️ 2026-05-02 08:45 UTC

## 📄 Hyperion: Private Token Sampling with Homomorphic Encryption ✍️ Lawrence Lim, Jiaming Liu, Vikas Kalagi, Divyakant Agrawal, Amr El Abbadi 🏛️ IACR ePrint · 📅 2025-12-23 --- This paper tackles a stubborn bottleneck in privacy-preserving LLM inference: how to sample output tokens while logits remain under homomorphic encryption. Hyperion introduces an HE-friendly inverse transform sampling method that sharply reduces comparison depth and latency, making private token generation much more practical at realistic vocabulary sizes. **🔑 Key Findings:** - Presents Hyperion, a homomorphic-encryption algorithm for inverse transform sampling tailored to private token generation in LLM pipelines. - Achieves token sampling with 1 comparison depth, O(1) amortized comparisons, and O(log n) rotations. - Samples from a 32k-token vocabulary in 0.14 seconds on GPU, or about 4.4 microseconds per token. - Delivers roughly a 100x latency improvement over prior private token-sampling approaches. - Advances the feasibility of end-to-end private LLM querying by addressing the sampling step rather than only encrypted inference on logits. --- 🔗 [Read paper](https://eprint.iacr.org/2025/2318) 📎 [PDF](https://eprint.iacr.org/2025/2318.pdf) #ai-security #cryptography #privacy ⏱️ 2026-04-20 08:45 UTC

## 📄 Hyperion: Private Token Sampling with Homomorphic Encryption ✍️ Lawrence Lim, Jiaming Liu, Vikas Kalagi, Divyakant Agrawal, Amr El Abbadi 🏛️ IACR ePrint · 📅 2025-12-23 --- This paper tackles a practical bottleneck in privacy-preserving LLM inference: sampling the next token while the model’s outputs remain encrypted under homomorphic encryption. The authors introduce Hyperion, an inverse-transform sampling method that cuts sampling depth and comparison cost dramatically, delivering roughly 100x lower latency than prior work and making private token generation much more plausible in real deployments. **🔑 Key Findings:** - Proposes an HE-based token sampling algorithm with 1 comparison depth, O(1) amortized comparisons, and O(log n) rotations. - Targets private LLM querying, where token probabilities stay encrypted throughout generation. - Implements the method on GPU and reports 0.14 second sampling for a 32k-token vocabulary. - Achieves about 4.4 microseconds per token in the reported setup. - Reports roughly 100x latency improvement over prior private token sampling approaches. --- 🔗 [Read paper](https://eprint.iacr.org/2025/2318) 📎 [PDF](https://eprint.iacr.org/2025/2318.pdf) #cryptography #privacy #ai-security ⏱️ 2026-04-20 02:45 UTC

## 📄 Streaming Function Secret Sharing and Its Applications ✍️ Xiangfu Song, Jianli Bai, Ye Dong, Yijian Liu, Yu Zhang, et al. 🏛️ IACR ePrint · 📅 2025-12-22 --- This paper introduces streaming function secret sharing (SFSS), a new variant of function secret sharing designed for privacy-preserving analytics over continuous message streams. The authors show how SFSS supports repeated secure computation tasks more naturally than prior FSS-based approaches, while also exposing security flaws and efficiency bottlenecks in existing designs. **🔑 Key Findings:** - Formalizes SFSS as a primitive for secure computation on streaming data rather than one-shot inputs. - Gives concrete SFSS constructions for point functions and predicate functions, plus feasibility results for more generic functions. - Uses SFSS to build conditional transciphering, policy-hiding aggregation, and attribute-hiding aggregation in a modular way. - Identifies security gaps in prior streaming-style FSS solutions and shows how the SFSS model closes those gaps. - Reports asymptotically and concretely improved efficiency, along with stronger functionality, for the resulting applications. --- 🔗 [Read paper](https://eprint.iacr.org/2025/2304) 📎 [PDF](https://eprint.iacr.org/2025/2304.pdf) #cryptography #privacy #crypto ⏱️ 2026-04-23 08:46 UTC

## 📄 On the Pitfalls of Modeling Individual Knowledge ✍️ Wojciech Ciszewski, Stefan Dziembowski, Tomasz Lizurej, Marcin Mielniczuk 🏛️ IACR ePrint · 📅 2025-12-17 --- This paper argues that several cryptographic protocols claiming to prove or enforce individual knowledge rely on an unrealistic hash-model assumption. By showing how practical hash constructions permit partial precomputation on long inputs, the authors break prior schemes and outline safer replacements that better match real-world hashing behavior. **🔑 Key Findings:** - Identifies a modeling flaw in protocols that treat hashing of long messages as an atomic random-oracle operation. - Shows this assumption fails for practical constructions like Merkle-Damgård and sponge-based hashes, as well as Bitcoin-style hashing workflows. - Demonstrates practical attacks against prior non-outsourceable puzzle and individual-knowledge schemes. - Explains why these attacks undermine claims that fast computation necessarily implies storing the target message on one controlled machine. - Proposes modified constructions intended to avoid dependence on unrealistic long-input random-oracle behavior. --- 🔗 [Read paper](https://eprint.iacr.org/2025/2268) 📎 [PDF](https://eprint.iacr.org/2025/2268.pdf) #cryptography #cybersecurity #privacy ⏱️ 2026-05-05 02:46 UTC

## 📄 Revisiting Sum-check-based Polynomial Commitment Schemes ✍️ Yuncong Zhang 🏛️ IACR ePrint · 📅 2025-12-15 --- This paper reframes sum-check and FRI through dual functional properties, giving a more modular way to reason about polynomial commitment schemes and related succinct arguments. That matters because it replaces monolithic protocol proofs with reusable components, and the author uses that lens to simplify analyses of existing systems while designing a new transparent, homomorphic commitment scheme. **🔑 Key Findings:** - Defines a repulsive verifier property for sum-check that is intrinsic to the protocol and independent of any external commitment or binding mechanism. - Identifies a dual attractive verifier property for FRI, capturing when the verifier returns the intended polynomial evaluation or aborts. - Uses those properties to give a modular security analysis of BaseFold instead of a single end-to-end proof. - Shows BulletProofs can be decomposed into a repulsive sum-check layer plus a computationally attractive component, simplifying the proof structure. - Introduces a new polynomial commitment construction combining transparency, homomorphic commitments, and double efficiency. --- 🔗 [Read paper](https://eprint.iacr.org/2025/2249) 📎 [PDF](https://eprint.iacr.org/2025/2249.pdf) #cryptography #crypto #privacy ⏱️ 2026-05-14 08:46 UTC

## 📄 AgentCrypt: Advancing Privacy and (Secure) Computation in AI Agent Collaboration ✍️ Harish Karthikeyan, Yue Guo, Leo de Castro, Antigoni Polychroniadou, Leo Ardon, et al. 🏛️ IACR ePrint · 📅 2025-12-08 --- AgentCrypt proposes a three-level privacy layer for AI agent systems, aiming to keep sensitive data protected even when the underlying agents are probabilistic and error-prone. The framework combines policy-aware sharing with encrypted computation, so multi-agent workflows can collaborate across data silos without exposing tagged private information. **🔑 Key Findings:** - Introduces a three-tier privacy model, from unrestricted exchange to fully encrypted computation using techniques such as homomorphic encryption. - Targets privacy failures that happen after access is granted, including agent messaging, tool use, persistence, and derived-information leakage. - Claims privacy guarantees for tagged data even if the AI agent itself behaves incorrectly or unpredictably. - Demonstrates implementations on both LangGraph and Google ADK to show portability across agent platforms. - Contributes a benchmark dataset for evaluating privacy-critical agent tasks across multiple protection levels. --- 🔗 [Read paper](https://eprint.iacr.org/2025/2216) 📎 [PDF](https://eprint.iacr.org/2025/2216.pdf) #ai-security #privacy #cryptography #cybersecurity ⏱️ 2026-05-08 20:45 UTC

## 📄 An enhanced autonomous counter-drone system with jamming and relative positioning capabilities ✍️ Nicolas Souli, Panayiotis Kolios, Georgios Ellinas 🏛️ DTIC · 📅 2025-12-01 --- This paper describes an autonomous counter-drone system that combines jamming with relative positioning, aiming to improve how defenders detect, track, and neutralize unauthorized UAVs. It stands out because it joins sensing, positioning, and effect delivery into a more operationally complete counter-UAS stack instead of treating them as separate problems. **🔑 Key Findings:** - Presents a counter-drone architecture that integrates autonomous operation with jamming capabilities. - Uses relative positioning to improve pursuit, tracking, or intercept decisions against moving UAV targets. - Targets real-world unauthorized-drone scenarios where rapid response and system autonomy matter. - Adds practical relevance for defense and critical-infrastructure operators evaluating deployable counter-UAS designs. --- 🔗 [Read paper](https://dtic.dimensions.ai/discover/publication?search_text=An%20enhanced%20autonomous%20counter-drone%20system%20with%20jamming%20and%20relative%20positioning%20capabilities) #defense #cybersecurity ⏱️ 2026-05-03 10:32 UTC

## 📄 Vega: Low-Latency Zero-Knowledge Proofs over Existing Credentials ✍️ Darya Kaviani, Srinath Setty 🏛️ IACR ePrint · 📅 2025-11-14 --- Vega is a zero-knowledge proof system for proving statements about existing digital credentials without exposing the rest of the credential contents. The paper matters because it pushes practical privacy-preserving identity proofs toward real-world latency, avoiding trusted setup while substantially reducing proving time, verification time, and proof size versus prior approaches. **🔑 Key Findings:** - Vega proves predicates over existing credentials without requiring full in-circuit parsing of the credential. - For a 1920-byte credential, it reports 92 ms proving time, 23 ms verification time, 108 kB proofs, and a 464 kB proving key. - For 896-byte credentials, performance improves to 62 ms proving, 17 ms verification, and 83 kB proofs. - Its design combines fold-and-reuse proving with lookup-centric arithmetization to cut repeated work across presentations, hashing steps, and zero-knowledge transcript generation. - The system avoids a trusted setup while supporting field extraction and length-hiding hashing over credential bytes. --- 🔗 [Read paper](https://eprint.iacr.org/2025/2094) 📎 [PDF](https://eprint.iacr.org/2025/2094.pdf) #cryptography #privacy #crypto #zero-knowledge ⏱️ 2026-04-25 02:45 UTC

## 📄 Vega: Low-Latency Zero-Knowledge Proofs over Existing Credentials ✍️ Darya Kaviani, Srinath Setty 🏛️ IACR ePrint · 📅 2025-11-14 --- Vega is a zero-knowledge proof system for proving statements about existing digital credentials without exposing the rest of the credential contents. The paper matters because it pushes practical privacy-preserving identity proofs toward real-world latency, avoiding trusted setup while substantially reducing proving time, verification time, and proof size versus prior approaches. **🔑 Key Findings:** - Vega proves predicates over existing credentials without requiring full in-circuit parsing of the credential. - For a 1920-byte credential, it reports 92 ms proving time, 23 ms verification time, 108 kB proofs, and a 464 kB proving key. - For 896-byte credentials, performance improves to 62 ms proving, 17 ms verification, and 83 kB proofs. - Its design combines fold-and-reuse proving with lookup-centric arithmetization to cut repeated work across presentations, hashing steps, and zero-knowledge transcript generation. - The system avoids a trusted setup while supporting field extraction and length-hiding hashing over credential bytes. --- 🔗 [Read paper](https://eprint.iacr.org/2025/2094) 📎 [PDF](https://eprint.iacr.org/2025/2094.pdf) #cryptography #privacy #crypto #zero-knowledge ⏱️ 2026-04-25 02:45 UTC

## 📄 Reactive Correctness, sINDCPA-D-Security and Deterministic Evaluation for TFHE ✍️ Nigel Smart, Michael Walter 🏛️ IACR ePrint · 📅 2025-10-27 --- This paper studies how correctness notions in fully homomorphic encryption relate to stronger distributional security definitions, then focuses on the practical tension this creates for TFHE. The authors show that while randomized evaluation helps achieve INDCPA-D and sINDCPA-D style guarantees, TFHE can recover deterministic evaluation and still retain sINDCPA-D security in the random oracle model. **🔑 Key Findings:** - Shows that reactive notions of correctness imply INDCPA-D and sINDCPA-D security relationships for FHE. - Argues that obtaining both INDCPA-D and sINDCPA-D security generally requires randomized evaluation procedures. - Highlights that randomized evaluation is operationally inconvenient for real-world FHE deployments. - Gives a de-randomization path for TFHE that preserves sINDCPA-D security in the random oracle model. - Sharpens the connection between formal correctness definitions and deployment-oriented evaluation design. --- 🔗 [Read paper](https://eprint.iacr.org/2025/2005) 📎 [PDF](https://eprint.iacr.org/2025/2005.pdf) #cryptography #privacy #crypto ⏱️ 2026-04-20 14:45 UTC

## 📄 Introducing GRAFHEN: GRoup-bAsed Fully Homomorphic Encryption without Noise ✍️ Pierre Guillot, Auguste Hoang Duc, Michel Koskas, Florian Méhats 🏛️ IACR ePrint · 📅 2025-10-13 --- This paper introduces GRAFHEN, a fully homomorphic encryption scheme that aims to eliminate the usual noise-growth problem and the need for bootstrapping. Instead of lattice-style ciphertext management, it builds on group encodings represented with rewriting systems, claiming both stronger hardness framing around subgroup membership and dramatically faster implementation performance. **🔑 Key Findings:** - Proposes a fully homomorphic encryption construction without ciphertext noise, so evaluation does not require bootstrapping. - Uses machine-represented groups via rewriting systems to encode the scheme's algebraic structure. - Grounds security in the hardness of subgroup membership problems within the chosen group representation. - Reports benchmark results suggesting performance several orders of magnitude faster than current FHE standards. - Surveys multiple attack paths against the protocol and discusses countermeasures for each. --- 🔗 [Read paper](https://eprint.iacr.org/2025/1907) 📎 [PDF](https://eprint.iacr.org/2025/1907.pdf) #cryptography #crypto #privacy ⏱️ 2026-04-28 20:45 UTC

## 📄 FeatureFence: A Regularization Approach for Energy-Efficient Secure Inference on Edge NPUs ✍️ Sachintha Kavishan Jayarathne, Seetal Potluri 🏛️ IACR ePrint · 📅 2025-10-11 --- FeatureFence targets feature-snooping attacks against neural processing units by changing training so intermediate features no longer reveal model internals beyond the first layer. Instead of paying the energy cost of encrypting feature traffic on edge NPUs, it uses paired-neuron regularization to preserve inference utility while making deeper-layer reverse engineering mathematically infeasible. **🔑 Key Findings:** - The paper argues that feature tensors, not weights, dominate off-chip memory accesses on edge NPUs, so encrypting them is especially expensive. - FeatureFence creates coupled neurons in the first layer with matched weights and biases, preventing recovery of deeper-layer structure from observed features. - The training process learns compensating perturbations over epochs, allowing the model to recover accuracy gracefully despite the architectural constraint. - Across multiple neural networks and dataflows mapped to the Eyeriss architecture, FeatureFence cuts energy consumption by about 88% on average versus GuardNN. - The approach is positioned as a security mechanism tailored for edge inference, where cloud-style memory-encryption defenses are too costly. --- 🔗 [Read paper](https://eprint.iacr.org/2025/1899) 📎 [PDF](https://eprint.iacr.org/2025/1899.pdf) #ai-security #hardware-security #privacy #edge-ai #npu-security ⏱️ 2026-04-16 02:46 UTC

## 📄 Attack Behavior Observations and Profiling Through Varying Cyber Deception Mechanisms ✍️ Eric Savage, Nathaniel D. Bastian, Ruolin Zhou 🏛️ DTIC · 📅 2025-10-10 --- This paper compares multiple cyber deception mechanisms by looking at how each one shapes attacker behavior and what defenders can infer from the resulting interaction traces. It matters because deception is only useful if it produces actionable profiling signal, and this work appears aimed at measuring exactly which mechanisms reveal the most about attacker tradecraft. **🔑 Key Findings:** - Compares attacker observations across multiple deception mechanisms rather than treating deception as a single control. - Frames deception as an intelligence-gathering tool for profiling behavior, not just a way to delay or misdirect intruders. - Focuses on observable attacker interaction patterns that can help defenders distinguish tactics, persistence, and likely objectives. - Provides a basis for choosing deception designs based on analytic value, not just deployment novelty. --- 🔗 [Read paper](https://dtic.dimensions.ai/discover/publication?search_text=Attack%20Behavior%20Observations%20and%20Profiling%20Through%20Varying%20Cyber%20Deception%20Mechanisms) #cybersecurity #defense #intelligence ⏱️ 2026-05-03 10:32 UTC

## 📄 Correction Fault Attack on CROSS under Unknown Bit Flips ✍️ Sönke Jendral, Elena Dubrova, Qian Guo, Thomas Johansson 🏛️ IACR ePrint · 📅 2025-10-09 --- This paper shows a practical fault attack against the post-quantum signature candidate CROSS, recovering the secret key even when injected bit flips are imprecise and their locations are unknown. That matters because it moves PQC fault attacks closer to realistic Rowhammer-like or noisy physical fault settings instead of idealized lab conditions. **🔑 Key Findings:** - Recovers CROSS secret keys by corrupting bits in the public parity-check matrix without needing exact control over fault position or value. - Adapts correction-based fault-analysis techniques to exploit structural properties unique to CROSS. - Demonstrates the attack on ARM Cortex-M4 hardware using voltage fault injection. - Shows partial key-exposure attacks can be extended to CROSS even with non-trivial erasure rates, reducing complexity. - Finds the attack can still work despite memory-integrity protections such as ECC, and proposes implementation countermeasures. --- 🔗 [Read paper](https://eprint.iacr.org/2025/1885) 📎 [PDF](https://eprint.iacr.org/2025/1885.pdf) #cryptography #crypto #hardware-security #cybersecurity #postquantum ⏱️ 2026-04-29 08:47 UTC

## 📄 Proofs of No Intrusion ✍️ Vipul Goyal, Justin Raizes 🏛️ IACR ePrint · 📅 2025-10-03 --- This work introduces proofs of no intrusion, a way for a classical client to test whether a remote quantum server was compromised and its data copied, without destroying the protected data in the process. The construction combines unclonability ideas with fully homomorphic encryption, pushing toward practical cryptographic evidence that a theft did not occur. **🔑 Key Findings:** - Defines proofs of no intrusion as a primitive for detecting whether protected remote data was illicitly copied. - Constructs such proofs for ciphertexts under a fully homomorphic encryption assumption. - Extends the idea to unclonable primitives including decryption keys and signature tokens. - Introduces a new method for non-destructively testing coset states using only classical communication. - Frames non-intrusion proofs as a broadly reusable layer for unclonable cryptographic systems. --- 🔗 [Read paper](https://eprint.iacr.org/2025/1826) 📎 [PDF](https://eprint.iacr.org/2025/1826.pdf) #cryptography #crypto #privacy #cybersecurity ⏱️ 2026-04-23 02:45 UTC

## 📄 IND-CPA-D of Relaxed Functional Bootstrapping: A New Attack, A General Fix, and A Stronger Model ✍️ Zeyu Liu, Yunhao Wang, Ben Fisch 🏛️ IACR ePrint · 📅 2025-09-09 --- This paper shows a practical key-recovery attack against all existing relaxed functional bootstrapping constructions in FHE under the IND-CPA-D model, even when bootstrapping failure is negligible. It also introduces a low-overhead modulus-switching fix that blocks this attack class and argues that some use cases need a stronger IND-CPA-DR security notion. **🔑 Key Findings:** - Recovers the underlying secret key against existing relaxed functional bootstrapping schemes in about 10 minutes, and about 1 minute for some constructions. - The attack does not rely on non-negligible bootstrapping failure, so prior mitigations are ineffective. - Proposes a new modulus switching procedure that mitigates modulus-switching-error-based IND-CPA-D attacks with essentially no overhead. - Extends the security model to IND-CPA-DR to capture applications where decryption-oracle access plus randomness matters. --- 🔗 [Read paper](https://eprint.iacr.org/2025/1627) 📎 [PDF](https://eprint.iacr.org/2025/1627.pdf) #cryptography #crypto #privacy ⏱️ 2026-04-19 02:45 UTC

## 📄 On the Regularity of the Generalized Birthday Problem ✍️ Lili Tang, Yao Sun, Xiaorui Gong 🏛️ IACR ePrint · 📅 2025-07-24 --- This paper separates the regular and non-regular forms of the Generalized Birthday Problem and shows that the distinction materially changes both complexity bounds and cryptographic consequences. It gives new worst-case and average-case algorithms, breaks a non-constant-k XOR conjecture, and turns the theory into practical attacks on incremental hashing plus a revised Equihash-style PoW design. **🔑 Key Findings:** - Introduces an ISD-based framework for generalized birthday instances that beats the classic 2^(n/2) worst-case bound once k/n is above stated thresholds. - Heuristically argues that advanced ISD methods outperform the birthday bound for any constant k/n > 0 on density-one instances. - Shows the regular single-list variant has a sqrt(2)-factor gap in the exponent versus the non-regular case, with implications extending to k-SUM. - Uses regularity to build a stronger collision attack on ID-based incremental hash, improving Wagner-style complexity from O(2^sqrt(4n)) to O(sqrt(n) * 2^sqrt(2n)). - Applies the attack to iSHAKE256, reducing its claimed lower-bound security from 2^256 to 2^189, and proposes Requihash as a more ASIC-resistant replacement for Equihash. --- 🔗 [Read paper](https://eprint.iacr.org/2025/1351) 📎 [PDF](https://eprint.iacr.org/2025/1351.pdf) #cryptography #crypto #cybersecurity ⏱️ 2026-05-09 14:45 UTC

## 📄 Tricycle: Private Transformer Inference with Tricyclic Encodings ✍️ Lawrence Lim, Vikas Kalagi, Julia Novick, Jiaming Liu, Divyakant Agrawal, et al. 🏛️ IACR ePrint · 📅 2025-06-27 --- Tricycle is a homomorphic-encryption system for private transformer inference that targets full BERT-style models without exposing user inputs. Its main contribution is a new tricyclic encoding scheme that makes encrypted multi-head attention and matrix multiplication much cheaper, pushing private LLM inference noticeably closer to practical deployment. **🔑 Key Findings:** - Introduces tricyclic encodings, a packing scheme that supports batch matrix multiplication with optimal multiplicative depth and fits transformer multi-head attention naturally. - Combines several system-level optimizations, including Baby-Step Giant-Step variants, optimized block matrix multiplication, lazy relinearization, and free attention complexification, to cut key-switching overhead. - Adds a statistical max estimation method to stabilize softmax computations under CKKS-based homomorphic encryption. - On BERT-Base with 128 tokens, achieves 100.5 seconds latency on a single GPU. - Reports speedups of 6x over Thor and 3.4x over Powerformer on the evaluated workload. --- 🔗 [Read paper](https://eprint.iacr.org/2025/1200) 📎 [PDF](https://eprint.iacr.org/2025/1200.pdf) #crypto #cryptography #privacy #ai-security ⏱️ 2026-04-30 20:46 UTC

## 📄 OnionPIRv2: Efficient Single-Server PIR ✍️ Yue Chen, Ling Ren 🏛️ IACR ePrint · 📅 2025-06-17 --- OnionPIRv2 is an optimized implementation of single-server private information retrieval that combines recent somewhat homomorphic encryption advances with practical engineering refinements. The result is a notably more efficient PIR system, with low response overhead for small records and very high server-side throughput, making deployment scenarios more realistic. **🔑 Key Findings:** - Presents OnionPIRv2, an improved implementation of OnionPIR for single-server PIR. - Combines two lattice-based somewhat homomorphic encryption schemes to better control noise growth while preserving efficiency. - Adds standard orthogonal optimizations and implementation-level engineering improvements beyond the original design. - Reports 3.7x response overhead for 3 KB database entries in evaluation. - Achieves server computation throughput of up to 1372 MB/s, indicating strong practical performance. --- 🔗 [Read paper](https://eprint.iacr.org/2025/1142) 📎 [PDF](https://eprint.iacr.org/2025/1142.pdf) #privacy #cryptography #crypto ⏱️ 2026-05-12 08:45 UTC

## 📄 Post-Quantum UAV Communications Encryption Tester (P-QUAVCET)* ✍️ Julia Minton, Daniel Collins, Michael Creech, Joshua Grossman, Amber Manspeaker, et al. 🏛️ DTIC · 📅 2025-05-17 --- This paper presents a tester for post-quantum encryption on UAV communications, aimed at reducing interception and spoofing risk on drone links. It matters because it treats PQC as an operational communications problem for unmanned systems instead of a purely theoretical crypto exercise. **🔑 Key Findings:** - Focuses on securing UAV communications against interception and spoofing. - Evaluates post-quantum encryption in a UAV communications test setup. - Bridges applied drone security with migration toward quantum-resistant cryptography. - Suggests a practical validation path for fielding PQ-safe comms in unmanned platforms. --- 🔗 [Read paper](https://dtic.dimensions.ai/discover/publication?search_text=Post-Quantum+UAV+Communications+Encryption+Tester) #defense #crypto #cryptography #cybersecurity #uav ⏱️ 2026-04-24 22:30 UTC

## 📄 An RF Direction Finding Payload for UAVs with Deep Learning Direction Prediction Via Resnet ✍️ Andrew Willis, Braden Feshami, Srini Vasan, Jimmy Touma 🏛️ DTIC · 📅 2025-05-17 --- This paper describes a UAV-mounted RF direction-finding payload that uses an antenna array plus a ResNet-based predictor to estimate emitter direction. It matters because it pushes airborne signal geolocation toward lighter, more automated sensing for ISR, spectrum awareness, and contested-environment operations. **🔑 Key Findings:** - Builds a direction-finding payload for UAV platforms using multi-antenna RF sensing. - Uses deep learning, specifically a ResNet-based approach, to predict signal direction from received data. - Targets practical airborne RF localization, a useful capability for ISR and signals-intelligence style missions. - Frames the work as a compact payload design rather than only a simulation or theory study. --- 🔗 [Read paper](https://dtic.dimensions.ai/discover/publication?search_text=An+RF+Direction+Finding+Payload+for+UAVs+with+Deep+Learning+Direction+Prediction+Via+Resnet) #defense #intelligence #cybersecurity #signals-intelligence #uav ⏱️ 2026-04-24 22:30 UTC

## 📄 Encrypted Matrix-Vector Products from Secret Dual Codes ✍️ Fabrice Benhamouda, Caicai Chen, Shai Halevi, Yuval Ishai, Hugo Krawczyk et al. 🏛️ IACR ePrint · 📅 2025-05-15 --- This paper introduces encrypted matrix-vector product protocols that let a server store an encrypted matrix and answer repeated encrypted queries while revealing nothing about either input. The construction is based on secret dual codes under LPN and LSN-style assumptions, and gets online cost close enough to plaintext computation to make secure ML and encrypted fuzzy search much more practical. **🔑 Key Findings:** - Defines an offline/online EMVP model where the client keeps only a short secret key while the server stores an encrypted matrix. - Builds field-agnostic EMVP protocols from secret dual linear codes, so computation stays over the target finite field rather than a scheme-specific ring. - Uses noise to harden the code-based encoding against algebraic attacks, drawing on recent secret-key PIR techniques. - Reports that for sufficiently large vector dimensions, the LSN-based construction can keep online computation and communication below twice the cost of cleartext matrix-vector multiplication. - Positions the primitive as a building block for secure post-processing tasks including encrypted fuzzy search and secure machine learning. --- 🔗 [Read paper](https://eprint.iacr.org/2025/858) 📎 [PDF](https://eprint.iacr.org/2025/858.pdf) #cryptography #privacy #crypto ⏱️ 2026-04-29 20:45 UTC

## 📄 Multi-Party Homomorphic Encryption with Dynamicity and Ciphertext Reusability ✍️ Jung Hee Cheon, Hyeongmin Choe, Seunghong Kim, Yongdong Yeo 🏛️ IACR ePrint · 📅 2025-03-31 --- This paper proposes dynamic and reusable multi-party homomorphic encryption schemes that let party sets evolve without forcing the original participants to stay online. The main result is an RLWE-based construction that preserves the constant-overhead appeal of MPHE while removing the static-group limitation that has made large-scale collaborative encrypted computation awkward in practice. **🔑 Key Findings:** - Introduces Dynamic MPHE (dMPHE), allowing new parties to join after ciphertext creation without requiring original parties to remain online. - Introduces Reusable Dynamic MPHE (rdMPHE), combining dynamic party membership with ciphertext reusability across different party sets. - Achieves constant O(1) overhead, improving scalability relative to Multi-Key HE schemes that typically scale linearly in the number of parties. - Implements both schemes under the RLWE assumption and reports analyses and experiments supporting practical efficiency. - Targets a key deployment pain point for privacy-preserving cloud computation over data encrypted under multiple distinct keys. --- 🔗 [Read paper](https://eprint.iacr.org/2025/581) 📎 [PDF](https://eprint.iacr.org/2025/581.pdf) #cryptography #privacy #crypto ⏱️ 2026-04-20 14:45 UTC

## 📄 Attacking Single-Cycle Ciphers on Modern FPGAs featuring Explainable Deep Learning ✍️ Mustafa Khairallah, Trevor Yap 🏛️ IACR ePrint · 📅 2025-03-13 --- This paper revisits side-channel key recovery against unrolled single-cycle block ciphers on modern low-cost FPGA hardware, using Princev2 as the case study. The interesting result is that older classical attacks do not transfer cleanly to newer Artix-7 implementations, but deep learning still recovers keys, and explainability helps show where the leakage signal lives. **🔑 Key Findings:** - Detectable side-channel leakage is still present on a cheap modern Artix-7 FPGA and oscilloscope setup. - Classical chosen-plaintext CPA, stochastic attacks, and template attacks struggle because the leakage depends on more key bits than expected. - Deep learning based attacks do achieve key recovery, though they need a large number of traces. - Key Guessing Occlusion identifies time points the neural network relies on, improving classical template attack feature selection. - The work highlights how modern FPGA behavior can break old attack assumptions without eliminating exploitable leakage. --- 🔗 [Read paper](https://eprint.iacr.org/2025/478) 📎 [PDF](https://eprint.iacr.org/2025/478.pdf) #cryptography #hardware-security #cybersecurity #side-channel #fpga ⏱️ 2026-04-27 08:45 UTC

## 📄 On Efficient Computations of $y^2=x^3+b/\mathbb{F}_p$ for Primes $p\equiv 1 \mod 3$ ✍️ Guangwu Xu, Wei Yu, Ke Han, Pengfei Lu 🏛️ IACR ePrint · 📅 2024-11-23 --- This paper develops a new $\tau$-adic scalar multiplication method for prime-field curves of the form $y^2=x^3+b$ when $p \equiv 1 \pmod 3$, a family that includes secp256k1, BN254, and BLS12-381. The result is a concrete speedup over GLV-style multiplication, plus a regularized variant meant to preserve side-channel resistance. **🔑 Key Findings:** - Identifies the endomorphism $\tau = 1-\omega$ in $\mathbb{Z}[\omega]$ as a practical basis for $\tau$-adic scalar multiplication on these prime-field curves. - Gives a Jacobian-coordinate evaluation of $\tau P$ using only 6 field multiplications and a new point-tripling formula costing 10 multiplications instead of the prior best 15. - Uses a coefficient set invariant under the Eisenstein unit group to cut precomputation cost by about five-sixths. - Reports performance gains of 16.7%, 17.6%, and 18.0% over state-of-the-art GLV for 256-, 384-, and 512-bit group orders. - Presents a regular window $\tau$-NAF countermeasure variant that still beats regularized GLV by up to 20.9%. --- 🔗 [Read paper](https://eprint.iacr.org/2024/1906) 📎 [PDF](https://eprint.iacr.org/2024/1906.pdf) #cryptography #crypto #cybersecurity ⏱️ 2026-05-10 14:45 UTC

## 📄 Scalable Private Set Union, with Stronger Security ✍️ Yanxue Jia, Shi-Feng Sun, Hong-Sheng Zhou, Dawu Gu 🏛️ IACR ePrint · 📅 2024-06-10 --- This paper revisits scalable private set union and shows that many fast designs leak more than previously appreciated, not just through split-execute-assemble composition but also through the standard way oblivious transfer is invoked. The authors then present a new symmetric-key-heavy PSU construction that avoids that extra leakage while staying practical, closing much of the gap between strong security and high performance. **🔑 Key Findings:** - Identifies an additional source of unnecessary leakage in typical OT-based PSU constructions, beyond previously discussed composition issues. - Argues that prior protocols based on additively homomorphic encryption avoid this leakage, but are generally too slow for practical deployment. - Introduces a new PSU protocol that avoids the leakage while relying only on symmetric-key operations apart from base OTs. - Reports at least 873.74× speedup over the best-performing AHE-based PSU scheme in experiments. - Achieves performance comparable to a recent state-of-the-art PSU protocol, while offering stronger security against the identified leakage. --- 🔗 [Read paper](https://eprint.iacr.org/2024/922) 📎 [PDF](https://eprint.iacr.org/2024/922.pdf) #cryptography #privacy #crypto ⏱️ 2026-04-22 08:46 UTC

## 📄 How (Not) to Simulate PLONK ✍️ Marek Sefranek 🏛️ IACR ePrint · 📅 2024-05-30 --- This paper gives a formal simulator for the patched version of PLONK and proves that the protocol achieves statistical zero knowledge, closing a gap that had previously only been argued informally. It also shows the older PLONK specification was actually vulnerable, with an attack demonstrating it failed even the weaker standard of statistical witness indistinguishability. **🔑 Key Findings:** - Constructs an explicit simulator for the patched PLONK protocol. - Proves the patched construction satisfies statistical zero knowledge. - Identifies and fixes a vulnerability in the original PLONK specification. - Demonstrates an attack on the earlier version showing it was not statistically witness indistinguishable. - Strengthens confidence in real-world PLONK deployments by putting the security claim on a formal footing. --- 🔗 [Read paper](https://eprint.iacr.org/2024/848) 📎 [PDF](https://eprint.iacr.org/2024/848.pdf) #cryptography #crypto #privacy #zk-snark #plonk ⏱️ 2026-04-23 14:45 UTC

## 📄 Securing Federated Learning with Control-Flow Attestation: A Novel Framework for Enhanced Integrity and Resilience against Adversarial Attacks ✍️ Zahir Alsulaimawi 🏛️ Semantic Scholar · 📅 2024-03-15 --- This paper adapts control-flow attestation ideas to federated learning, using signatures and cryptographic hashing to verify that participant updates are authentic and untampered. The main value is the bridge between systems-integrity techniques and FL security, especially for defending against poisoning and other adversarial manipulation of model updates. **🔑 Key Findings:** - Applies control-flow-attestation-inspired verification to federated learning rather than conventional software integrity settings. - Uses digital signatures and cryptographic hashes to authenticate model updates across participating nodes. - Reports full integrity and authentication success on MNIST and CIFAR-10 experiments. - Frames the approach as a defense against model poisoning and adversarial interference without large performance degradation. --- 🔗 [Read paper](https://www.semanticscholar.org/paper/41783735065fc854b7167af7d7c415120a649aea) #ai-security #cybersecurity #privacy #cryptography #federated-learning ⏱️ 2026-04-16 18:30 UTC

## 📄 Et tu, Brute? SCA Assisted CCA using Valid Ciphertexts - A Case Study on HQC KEM ✍️ Thales Paiva, Prasanna Ravi, Dirmanto Jap, Shivam Bhasin, Sayan Das, et al. 🏛️ IACR ePrint · 📅 2023-10-19 --- This paper shows a side-channel assisted chosen-ciphertext attack against the HQC post-quantum KEM that uses only valid ciphertexts, defeating a practical detection-based defense strategy. It matters because it weakens the case for low-cost invalid-ciphertext detection as a standalone mitigation for side-channel CCA threats in PQC implementations. **🔑 Key Findings:** - The authors present the first side-channel chosen-ciphertext attack on HQC that relies only on valid ciphertexts. - The attack targets leakage in the Reed-Muller decoder, specifically the ExpandAndSum and FindPeaks operations. - Full key recovery succeeds with 100% success rate in their evaluation. - The method remains robust under noisy measurements and extends to bypass shuffling countermeasures on both targeted operations. - Detection and key-refresh defenses for malformed ciphertexts are therefore insufficient as standalone protection. --- 🔗 [Read paper](https://eprint.iacr.org/2023/1626) 📎 [PDF](https://eprint.iacr.org/2023/1626.pdf) #cryptography #post-quantum #cybersecurity #hardware-security #side-channel ⏱️ 2026-04-27 08:45 UTC

## 📄 MPC for Tech Giants (GMPC): Enabling Gulliver and the Lilliputians to Cooperate Amicably ✍️ Bar Alon, Moni Naor, Eran Omri, Uri Stemmer 🏛️ IACR ePrint · 📅 2022-07-11 --- This paper introduces the Gulliver MPC model, aimed at settings where a single powerful service provider wants to compute over many users' private data but cannot be fully trusted. The authors show that even under strict user-side communication and computation limits, secure multi-party computation is still possible against malicious users and a potentially blocking server. **🔑 Key Findings:** - Formalizes GMPC for star-topology systems with one dominant server and many weak users, each limited to polylogarithmic communication and state. - Adapts Feige's committee election protocol so agreement can still be reached even when the server can block messages between honest parties. - Shows that, assuming FHE, any efficient function with output size O(n·polylog(n)) can be securely computed in the GMPC model. - Gives an FHE-free construction for functions computable by bounded fan-in, bounded fan-out circuits of polylogarithmic depth and O(n·polylog(n)) size. - Proves that sorting can be securely computed without FHE, resolving an open question tied to the shuffle model of differential privacy. --- 🔗 [Read paper](https://eprint.iacr.org/2022/902) 📎 [PDF](https://eprint.iacr.org/2022/902.pdf) #cryptography #privacy ⏱️ 2026-05-06 14:46 UTC

## 📄 Magnifying Side-Channel Leakage of Lattice-Based Cryptosystems With Chosen Ciphertexts: The Case Study of Kyber ✍️ Zhuang Xu, Owen Pemberton, Sujoy Sinha Roy, David Oswald, Wang Yao, et al. 🏛️ IACR ePrint · 📅 2020-07-23 --- This paper shows that carefully chosen ciphertexts can amplify electromagnetic side-channel leakage in Kyber decapsulation, turning otherwise subtle signals into highly exploitable ones. The result is strikingly practical full key recovery with very few traces, which sharpens the threat model for post-quantum implementations and underscores that algorithmic security does not protect against poorly hardened devices. **🔑 Key Findings:** - Introduces adaptive EM side-channel attacks on Kyber that use chosen ciphertexts to modulate and magnify secret-dependent leakage. - Recovers the full key from a reference implementation using leakage around inverse NTT output with only 4 traces. - Achieves full secret-key extraction against the ARM pqm4 implementation in 8 to 960 traces, depending on compiler optimization level. - Avoids complex profiling or template-building workflows, making the attack simpler than many prior side-channel approaches. - Discusses how the same leakage-amplification idea may apply to other lattice-based schemes and motivates countermeasures for decapsulation code. --- 🔗 [Read paper](https://eprint.iacr.org/2020/912) 📎 [PDF](https://eprint.iacr.org/2020/912.pdf) #cryptography #hardware-security #cybersecurity #privacy #post-quantum #side-channel #kyber #lattice-crypto ⏱️ 2026-04-15 08:45 UTC