{"id":"https://openalex.org/W3211936867","doi":"https://doi.org/10.1145/3460120.3485382","title":"Morpheus: Bringing The (PKCS) One To Meet the Oracle","display_name":"Morpheus: Bringing The (PKCS) One To Meet the Oracle","publication_year":2021,"publication_date":"2021-11-12","ids":{"openalex":"https://openalex.org/W3211936867","doi":"https://doi.org/10.1145/3460120.3485382","mag":"3211936867"},"language":"en","primary_location":{"id":"doi:10.1145/3460120.3485382","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3460120.3485382","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3460120.3485382","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3460120.3485382","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5077699614","display_name":"Moosa Yahyazadeh","orcid":null},"institutions":[{"id":"https://openalex.org/I126307644","display_name":"University of Iowa","ror":"https://ror.org/036jqmy94","country_code":"US","type":"education","lineage":["https://openalex.org/I126307644"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Moosa Yahyazadeh","raw_affiliation_strings":["The University of Iowa, Iowa City, IA, USA"],"affiliations":[{"raw_affiliation_string":"The University of Iowa, Iowa City, IA, USA","institution_ids":["https://openalex.org/I126307644"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5062969921","display_name":"Sze Yiu Chau","orcid":"https://orcid.org/0000-0001-9300-0808"},"institutions":[{"id":"https://openalex.org/I177725633","display_name":"Chinese University of Hong Kong","ror":"https://ror.org/00t33hh48","country_code":"CN","type":"education","lineage":["https://openalex.org/I177725633"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Sze Yiu Chau","raw_affiliation_strings":["The Chinese University of Hong Kong, Hong Kong, Hong Kong"],"affiliations":[{"raw_affiliation_string":"The Chinese University of Hong Kong, Hong Kong, Hong Kong","institution_ids":["https://openalex.org/I177725633"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100361421","display_name":"Li Li","orcid":"https://orcid.org/0009-0000-0437-6193"},"institutions":[{"id":"https://openalex.org/I70983195","display_name":"Syracuse University","ror":"https://ror.org/025r5qe02","country_code":"US","type":"education","lineage":["https://openalex.org/I70983195"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Li Li","raw_affiliation_strings":["Syracuse University, Syracuse, NY, USA"],"affiliations":[{"raw_affiliation_string":"Syracuse University, Syracuse, NY, USA","institution_ids":["https://openalex.org/I70983195"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5084136941","display_name":"Man Hong Hue","orcid":"https://orcid.org/0009-0008-1953-7007"},"institutions":[{"id":"https://openalex.org/I177725633","display_name":"Chinese University of Hong Kong","ror":"https://ror.org/00t33hh48","country_code":"CN","type":"education","lineage":["https://openalex.org/I177725633"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Man Hong Hue","raw_affiliation_strings":["The Chinese University of Hong Kong, Hong Kong, Hong Kong"],"affiliations":[{"raw_affiliation_string":"The Chinese University of Hong Kong, Hong Kong, Hong Kong","institution_ids":["https://openalex.org/I177725633"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5076448159","display_name":"Joyanta Debnath","orcid":"https://orcid.org/0000-0001-5817-2786"},"institutions":[{"id":"https://openalex.org/I126307644","display_name":"University of Iowa","ror":"https://ror.org/036jqmy94","country_code":"US","type":"education","lineage":["https://openalex.org/I126307644"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Joyanta Debnath","raw_affiliation_strings":["The University of Iowa, Iowa City, IA, USA"],"affiliations":[{"raw_affiliation_string":"The University of Iowa, Iowa City, IA, USA","institution_ids":["https://openalex.org/I126307644"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5037254084","display_name":"Sheung Chiu Ip","orcid":null},"institutions":[{"id":"https://openalex.org/I177725633","display_name":"Chinese University of Hong Kong","ror":"https://ror.org/00t33hh48","country_code":"CN","type":"education","lineage":["https://openalex.org/I177725633"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Sheung Chiu Ip","raw_affiliation_strings":["The Chinese University of Hong Kong, Hong Kong, Hong Kong"],"affiliations":[{"raw_affiliation_string":"The Chinese University of Hong Kong, Hong Kong, Hong Kong","institution_ids":["https://openalex.org/I177725633"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5064692717","display_name":"Chun Ngai Li","orcid":null},"institutions":[{"id":"https://openalex.org/I177725633","display_name":"Chinese University of Hong Kong","ror":"https://ror.org/00t33hh48","country_code":"CN","type":"education","lineage":["https://openalex.org/I177725633"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Chun Ngai Li","raw_affiliation_strings":["The Chinese University of Hong Kong, Hong Kong, Hong Kong"],"affiliations":[{"raw_affiliation_string":"The Chinese University of Hong Kong, Hong Kong, Hong Kong","institution_ids":["https://openalex.org/I177725633"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5081564551","display_name":"Endadul Hoque","orcid":"https://orcid.org/0000-0002-6682-9618"},"institutions":[{"id":"https://openalex.org/I70983195","display_name":"Syracuse University","ror":"https://ror.org/025r5qe02","country_code":"US","type":"education","lineage":["https://openalex.org/I70983195"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Endadul Hoque","raw_affiliation_strings":["Syracuse University, Syracuse, NY, USA"],"affiliations":[{"raw_affiliation_string":"Syracuse University, Syracuse, NY, USA","institution_ids":["https://openalex.org/I70983195"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5070136662","display_name":"Omar Chowdhury","orcid":"https://orcid.org/0000-0002-1356-6279"},"institutions":[{"id":"https://openalex.org/I126307644","display_name":"University of Iowa","ror":"https://ror.org/036jqmy94","country_code":"US","type":"education","lineage":["https://openalex.org/I126307644"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Omar Chowdhury","raw_affiliation_strings":["The University of Iowa, Iowa City, IA, USA"],"affiliations":[{"raw_affiliation_string":"The University of Iowa, Iowa City, IA, USA","institution_ids":["https://openalex.org/I126307644"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":9,"corresponding_author_ids":["https://openalex.org/A5077699614"],"corresponding_institution_ids":["https://openalex.org/I126307644"],"apc_list":null,"apc_paid":null,"fwci":0.5692,"has_fulltext":true,"cited_by_count":5,"citation_normalized_percentile":{"value":0.75006279,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":94,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"2474","last_page":"2496"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9993000030517578,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9993000030517578,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9962999820709229,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/implementation","display_name":"Implementation","score":0.7756085991859436},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6917641758918762},{"id":"https://openalex.org/keywords/oracle","display_name":"Oracle","score":0.6901751756668091},{"id":"https://openalex.org/keywords/signature","display_name":"Signature (topology)","score":0.5951844453811646},{"id":"https://openalex.org/keywords/interoperability","display_name":"Interoperability","score":0.5484113097190857},{"id":"https://openalex.org/keywords/public-key-cryptography","display_name":"Public-key cryptography","score":0.4508993327617645},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3967497646808624},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.17892798781394958},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.17122229933738708},{"id":"https://openalex.org/keywords/encryption","display_name":"Encryption","score":0.1406286060810089},{"id":"https://openalex.org/keywords/mathematics","display_name":"Mathematics","score":0.10920894145965576}],"concepts":[{"id":"https://openalex.org/C26713055","wikidata":"https://www.wikidata.org/wiki/Q245962","display_name":"Implementation","level":2,"score":0.7756085991859436},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6917641758918762},{"id":"https://openalex.org/C55166926","wikidata":"https://www.wikidata.org/wiki/Q2892946","display_name":"Oracle","level":2,"score":0.6901751756668091},{"id":"https://openalex.org/C2779696439","wikidata":"https://www.wikidata.org/wiki/Q7512811","display_name":"Signature (topology)","level":2,"score":0.5951844453811646},{"id":"https://openalex.org/C20136886","wikidata":"https://www.wikidata.org/wiki/Q749647","display_name":"Interoperability","level":2,"score":0.5484113097190857},{"id":"https://openalex.org/C203062551","wikidata":"https://www.wikidata.org/wiki/Q201339","display_name":"Public-key cryptography","level":3,"score":0.4508993327617645},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3967497646808624},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.17892798781394958},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.17122229933738708},{"id":"https://openalex.org/C148730421","wikidata":"https://www.wikidata.org/wiki/Q141090","display_name":"Encryption","level":2,"score":0.1406286060810089},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.10920894145965576},{"id":"https://openalex.org/C2524010","wikidata":"https://www.wikidata.org/wiki/Q8087","display_name":"Geometry","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3460120.3485382","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3460120.3485382","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3460120.3485382","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/3460120.3485382","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3460120.3485382","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3460120.3485382","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"sustainable_development_goals":[{"score":0.4699999988079071,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[{"id":"https://openalex.org/G4546156968","display_name":null,"funder_award_id":"D19AP0003","funder_id":"https://openalex.org/F4320332180","funder_display_name":"Defense Advanced Research Projects Agency"},{"id":"https://openalex.org/G4861921790","display_name":"Collaborative Research: CNS Core: Small: Retrofitting IoT Ecosystems with a Software-defined Overlay to Enforce Safety, Security, and Privacy Policies","funder_award_id":"2006556","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G8092975161","display_name":null,"funder_award_id":"CNS-2007512","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"},{"id":"https://openalex.org/F4320306078","display_name":"U.S. Department of Defense","ror":"https://ror.org/0447fe631"},{"id":"https://openalex.org/F4320322942","display_name":"Chinese University of Hong Kong","ror":"https://ror.org/00t33hh48"},{"id":"https://openalex.org/F4320332180","display_name":"Defense Advanced Research Projects Agency","ror":"https://ror.org/02caytj08"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W3211936867.pdf","grobid_xml":"https://content.openalex.org/works/W3211936867.grobid-xml"},"referenced_works_count":27,"referenced_works":["https://openalex.org/W185864230","https://openalex.org/W1495444061","https://openalex.org/W1525567332","https://openalex.org/W1595428342","https://openalex.org/W1623551255","https://openalex.org/W1681309784","https://openalex.org/W1788164537","https://openalex.org/W1976767421","https://openalex.org/W1976919795","https://openalex.org/W2042676624","https://openalex.org/W2074554604","https://openalex.org/W2166093784","https://openalex.org/W2166614386","https://openalex.org/W2619380141","https://openalex.org/W2650293344","https://openalex.org/W2701082322","https://openalex.org/W2782130228","https://openalex.org/W2891162082","https://openalex.org/W2907549405","https://openalex.org/W2946925508","https://openalex.org/W2949034369","https://openalex.org/W2964241064","https://openalex.org/W3093568213","https://openalex.org/W3136127207","https://openalex.org/W3140880198","https://openalex.org/W4213366580","https://openalex.org/W4230238643"],"related_works":["https://openalex.org/W2093262417","https://openalex.org/W2123131699","https://openalex.org/W650116260","https://openalex.org/W2378329187","https://openalex.org/W4390790060","https://openalex.org/W2134191509","https://openalex.org/W3209454962","https://openalex.org/W79697243","https://openalex.org/W4377091993","https://openalex.org/W1974314423"],"abstract_inverted_index":{"This":[0],"paper":[1],"focuses":[2],"on":[3],"developing":[4],"an":[5,59,74],"automatic,":[6],"black-box":[7],"testing":[8],"approach":[9],"called":[10],"Morpheus":[11,48,81],"to":[12,33,70,82,98],"check":[13],"the":[14,23,101,137],"non-compliance":[15,72],"of":[16,58,66,86,94,100],"libraries":[17],"implementing":[18],"PKCS#1-v1.5":[19,24,67,87],"signature":[20,36,68,88,107],"verification":[21,89],"with":[22],"standard.":[25],"Non-compliance":[26],"can":[27,41],"not":[28],"only":[29],"make":[30],"implementations":[31,85,117,123],"vulnerable":[32],"Bleichenbacher-style":[34,102],"RSA":[35,106],"forgery":[37,108],"attacks":[38],"but":[39],"also":[40],"induce":[42],"interoperability":[43],"issues.":[44],"For":[45],"checking":[46],"non-compliance,":[47],"adaptively":[49],"generates":[50],"interesting":[51],"test":[52,83],"cases":[53],"and":[54,90,121,133],"then":[55],"takes":[56],"advantage":[57],"oracle,":[60],"a":[61,113],"formally":[62],"proven":[63],"correct":[64],"implementation":[65,75,111],"standard,":[69],"detect":[71],"in":[73],"under":[76],"test.":[77],"We":[78],"have":[79,118,124,129],"used":[80],"45":[84],"discovered":[91],"that":[92],"6":[93],"them":[95],"are":[96],"susceptible":[97],"variants":[99],"low":[103],"public":[104],"exponent":[105],"attack,":[109],"1":[110],"has":[112],"buffer":[114],"overflow,":[115],"33":[116],"incompatibility":[119],"issues,":[120],"8":[122],"minor":[125],"leniencies.":[126],"Our":[127],"findings":[128],"been":[130],"responsibly":[131],"disclosed":[132],"positively":[134],"acknowledged":[135],"by":[136],"developers.":[138]},"counts_by_year":[{"year":2025,"cited_by_count":3},{"year":2024,"cited_by_count":2}],"updated_date":"2026-04-21T08:09:41.155169","created_date":"2025-10-10T00:00:00"}