{"id":"https://openalex.org/W4389546188","doi":"https://doi.org/10.1109/sp46215.2023.10351027","title":"Practically-exploitable Cryptographic Vulnerabilities in Matrix","display_name":"Practically-exploitable Cryptographic Vulnerabilities in Matrix","publication_year":2023,"publication_date":"2023-05-21","ids":{"openalex":"https://openalex.org/W4389546188","doi":"https://doi.org/10.1109/sp46215.2023.10351027"},"language":"en","primary_location":{"id":"doi:10.1109/sp46215.2023.10351027","is_oa":false,"landing_page_url":"https://doi.org/10.1109/sp46215.2023.10351027","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2023 IEEE Symposium on Security and Privacy (SP)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://kclpure.kcl.ac.uk/ws/files/265988308/2023-485.pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5066696423","display_name":"M. Albrecht","orcid":"https://orcid.org/0000-0003-1835-052X"},"institutions":[{"id":"https://openalex.org/I183935753","display_name":"King's College London","ror":"https://ror.org/0220mzb33","country_code":"GB","type":"education","lineage":["https://openalex.org/I124357947","https://openalex.org/I183935753"]}],"countries":["GB"],"is_corresponding":true,"raw_author_name":"Martin R. Albrecht","raw_affiliation_strings":["King&#x2019;s College London"],"affiliations":[{"raw_affiliation_string":"King&#x2019;s College London","institution_ids":["https://openalex.org/I183935753"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5063864752","display_name":"Sof\u00eda Celi","orcid":"https://orcid.org/0000-0002-3333-7764"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Sof\u00eda Celi","raw_affiliation_strings":["Brave Software"],"affiliations":[{"raw_affiliation_string":"Brave Software","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5015282175","display_name":"Benjamin Dowling","orcid":"https://orcid.org/0000-0003-3234-6527"},"institutions":[{"id":"https://openalex.org/I91136226","display_name":"University of Sheffield","ror":"https://ror.org/05krs5044","country_code":"GB","type":"education","lineage":["https://openalex.org/I91136226"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Benjamin Dowling","raw_affiliation_strings":["University of Sheffield,Security of Advanced Systems Group","Security of Advanced Systems Group, University of Sheffield"],"affiliations":[{"raw_affiliation_string":"University of Sheffield,Security of Advanced Systems Group","institution_ids":["https://openalex.org/I91136226"]},{"raw_affiliation_string":"Security of Advanced Systems Group, University of Sheffield","institution_ids":["https://openalex.org/I91136226"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5103223044","display_name":"Daniel L. Jones","orcid":"https://orcid.org/0000-0003-3749-2443"},"institutions":[{"id":"https://openalex.org/I184558857","display_name":"Royal Holloway University of London","ror":"https://ror.org/04g2vpn86","country_code":"GB","type":"education","lineage":["https://openalex.org/I124357947","https://openalex.org/I184558857"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Daniel Jones","raw_affiliation_strings":["University of London,Information Security Group, Royal Holloway","Information Security Group, Royal Holloway, University of London"],"affiliations":[{"raw_affiliation_string":"University of London,Information Security Group, Royal Holloway","institution_ids":["https://openalex.org/I184558857"]},{"raw_affiliation_string":"Information Security Group, Royal Holloway, University of London","institution_ids":["https://openalex.org/I184558857"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5066696423"],"corresponding_institution_ids":["https://openalex.org/I183935753"],"apc_list":null,"apc_paid":null,"fwci":3.4743,"has_fulltext":true,"cited_by_count":20,"citation_normalized_percentile":{"value":0.94150777,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":96,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"164","last_page":"181"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11017","display_name":"Chaos-based Image/Signal Encryption","score":0.9977999925613403,"subfield":{"id":"https://openalex.org/subfields/1707","display_name":"Computer Vision and Pattern Recognition"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10951","display_name":"Cryptographic Implementations and Security","score":0.9952999949455261,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7224575877189636},{"id":"https://openalex.org/keywords/cryptography","display_name":"Cryptography","score":0.555442750453949},{"id":"https://openalex.org/keywords/cryptographic-primitive","display_name":"Cryptographic primitive","score":0.43067342042922974},{"id":"https://openalex.org/keywords/matrix","display_name":"Matrix (chemical analysis)","score":0.4150373041629791},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.34654131531715393},{"id":"https://openalex.org/keywords/cryptographic-protocol","display_name":"Cryptographic protocol","score":0.33438313007354736},{"id":"https://openalex.org/keywords/chemistry","display_name":"Chemistry","score":0.07618683576583862}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7224575877189636},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.555442750453949},{"id":"https://openalex.org/C15927051","wikidata":"https://www.wikidata.org/wiki/Q246593","display_name":"Cryptographic primitive","level":4,"score":0.43067342042922974},{"id":"https://openalex.org/C106487976","wikidata":"https://www.wikidata.org/wiki/Q685816","display_name":"Matrix (chemical analysis)","level":2,"score":0.4150373041629791},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.34654131531715393},{"id":"https://openalex.org/C33884865","wikidata":"https://www.wikidata.org/wiki/Q1254335","display_name":"Cryptographic protocol","level":3,"score":0.33438313007354736},{"id":"https://openalex.org/C185592680","wikidata":"https://www.wikidata.org/wiki/Q2329","display_name":"Chemistry","level":0,"score":0.07618683576583862},{"id":"https://openalex.org/C43617362","wikidata":"https://www.wikidata.org/wiki/Q170050","display_name":"Chromatography","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/sp46215.2023.10351027","is_oa":false,"landing_page_url":"https://doi.org/10.1109/sp46215.2023.10351027","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2023 IEEE Symposium on Security and Privacy (SP)","raw_type":"proceedings-article"},{"id":"pmh:oai:kclpure.kcl.ac.uk:publications/e0cad6ed-4868-45d4-bb9b-3984c912914c","is_oa":true,"landing_page_url":"https://kclpure.kcl.ac.uk/portal/en/publications/e0cad6ed-4868-45d4-bb9b-3984c912914c","pdf_url":"https://kclpure.kcl.ac.uk/ws/files/265988308/2023-485.pdf","source":{"id":"https://openalex.org/S4306400216","display_name":"Research Portal (King's College London)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I183935753","host_organization_name":"King's College London","host_organization_lineage":["https://openalex.org/I183935753"],"host_organization_lineage_names":[],"type":"repository"},"license":"public-domain","license_id":"https://openalex.org/licenses/public-domain","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Albrecht , M , Celi , S , Dowling , B & Jones , D 2023 , Practically-exploitable Cryptographic Vulnerabilities in Matrix . in IEEE Security & Privacy 2023 . https://doi.org/https://www.computer.org/csdl/proceedings-article/sp/2023/10351027/1SN6Err3BC0","raw_type":"contributionToPeriodical"}],"best_oa_location":{"id":"pmh:oai:kclpure.kcl.ac.uk:publications/e0cad6ed-4868-45d4-bb9b-3984c912914c","is_oa":true,"landing_page_url":"https://kclpure.kcl.ac.uk/portal/en/publications/e0cad6ed-4868-45d4-bb9b-3984c912914c","pdf_url":"https://kclpure.kcl.ac.uk/ws/files/265988308/2023-485.pdf","source":{"id":"https://openalex.org/S4306400216","display_name":"Research Portal (King's College London)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I183935753","host_organization_name":"King's College London","host_organization_lineage":["https://openalex.org/I183935753"],"host_organization_lineage_names":[],"type":"repository"},"license":"public-domain","license_id":"https://openalex.org/licenses/public-domain","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Albrecht , M , Celi , S , Dowling , B & Jones , D 2023 , Practically-exploitable Cryptographic Vulnerabilities in Matrix . in IEEE Security & Privacy 2023 . https://doi.org/https://www.computer.org/csdl/proceedings-article/sp/2023/10351027/1SN6Err3BC0","raw_type":"contributionToPeriodical"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":true,"grobid_xml":false},"content_urls":{"pdf":"https://content.openalex.org/works/W4389546188.pdf"},"referenced_works_count":13,"referenced_works":["https://openalex.org/W112964067","https://openalex.org/W1618185284","https://openalex.org/W1656678770","https://openalex.org/W1910751411","https://openalex.org/W2037107113","https://openalex.org/W2164090669","https://openalex.org/W2295827614","https://openalex.org/W2854550545","https://openalex.org/W2903043053","https://openalex.org/W3087873898","https://openalex.org/W3109364115","https://openalex.org/W4238341678","https://openalex.org/W4244562965"],"related_works":["https://openalex.org/W2904818008","https://openalex.org/W2904314268","https://openalex.org/W57958781","https://openalex.org/W1554274402","https://openalex.org/W1982325601","https://openalex.org/W4240432851","https://openalex.org/W2289378658","https://openalex.org/W1531360494","https://openalex.org/W1988007309","https://openalex.org/W154233216"],"abstract_inverted_index":{"We":[0],"report":[1],"several":[2],"practically-exploitable":[3],"cryptographic":[4,41,49,85],"vulnerabilities":[5,53,93],"in":[6,57,106],"the":[7,25,76,84,95,104,107],"Matrix":[8,32,88,108],"standard":[9],"for":[10,97],"federated":[11],"real-time":[12],"communication":[13],"and":[14,18,27,47,71,79,89,100],"its":[15],"flagship":[16],"client":[17],"prototype":[19],"implementation,":[20],"Element.":[21,90],"These,":[22],"together,":[23],"invalidate":[24],"confidentiality":[26],"authentication":[28],"guarantees":[29],"claimed":[30],"by":[31,61],"against":[33],"a":[34,98],"malicious":[35],"server.":[36],"This":[37],"is":[38],"despite":[39],"Matrix\u2019":[40],"routines":[42],"being":[43],"constructed":[44],"from":[45],"well-known":[46],"-studied":[48],"building":[50],"blocks.":[51],"The":[52],"we":[54],"exploit":[55],"differ":[56],"their":[58],"nature":[59],"(insecure":[60],"design,":[62],"protocol":[63],"confusion,":[64],"lack":[65],"of":[66,87,103],"domain":[67],"separation,":[68],"implementation":[69],"bugs)":[70],"are":[72],"distributed":[73],"broadly":[74],"across":[75],"different":[77],"subprotocols":[78],"libraries":[80],"that":[81],"make":[82],"up":[83],"core":[86],"Together,":[91],"these":[92],"highlight":[94],"need":[96],"systematic":[99],"formal":[101],"analysis":[102],"cryptography":[105],"standard.":[109]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":7},{"year":2024,"cited_by_count":6},{"year":2023,"cited_by_count":6}],"updated_date":"2026-04-04T16:13:02.066488","created_date":"2025-10-10T00:00:00"}