Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revisionBoth sides next revision | ||
public:papers:acsac2017 [2017-12-04 20:14] – [Q&A section] xnemec1 | public:papers:acsac2017 [2017-12-08 16:27] – [Measuring Popularity of Cryptographic Libraries in Internet-Wide Scans [ACSAC 2017]] xnemec1 | ||
---|---|---|---|
Line 13: | Line 13: | ||
* Conference page: [[https:// | * Conference page: [[https:// | ||
* Download author pre-print of the paper: {{ : | * Download author pre-print of the paper: {{ : | ||
- | * Download presentation: | + | * Download presentation: |
**Bibtex (regular paper)** | **Bibtex (regular paper)** | ||
@inproceedings{2017-acsac-nemec, | @inproceedings{2017-acsac-nemec, | ||
- | | + | |
- | | + | |
- | | + | |
- | | + | series = {ACSAC 2017}, |
- | | + | |
- | | + | |
- | | + | pages = {162--175}, |
+ | url = {http:// | ||
+ | | ||
+ | | ||
} | } | ||
Line 56: | Line 59: | ||
{{: | {{: | ||
+ | |||
+ | ==Q: Does popularity of libraries change in time?== | ||
+ | A: Yes, for one, the number of OpenSSL keys increases significantly. | ||
+ | {{: | ||
==Q: I want to know the popularity of library X, why wasn't it included? == | ==Q: I want to know the popularity of library X, why wasn't it included? == | ||
Line 63: | Line 70: | ||
A: The features extracted from the keys are not unique. Different (groups of) libraries can produce keys with the same features. Only the distribution of the features differs, as illustrated here: | A: The features extracted from the keys are not unique. Different (groups of) libraries can produce keys with the same features. Only the distribution of the features differs, as illustrated here: | ||
+ | {{: | ||
==Q: What is the accuracy of the measurement? | ==Q: What is the accuracy of the measurement? | ||
A: We performed simulations to determine the accuracy. The expected error of the measurement was within 1 percentage point of the estimation (e.g., OpenSSL being estimated at 70% means that we expect it to be between 69% and 71%). The error might be larger in some cases, however the ground truth is not always known. Our estimation of ROCA vulnerable keys in a PGP dataset was at 0.10%, that is within 0.02 percentage points from the correct proportion found by a much more reliable method specific to the ROCA keys. | A: We performed simulations to determine the accuracy. The expected error of the measurement was within 1 percentage point of the estimation (e.g., OpenSSL being estimated at 70% means that we expect it to be between 69% and 71%). The error might be larger in some cases, however the ground truth is not always known. Our estimation of ROCA vulnerable keys in a PGP dataset was at 0.10%, that is within 0.02 percentage points from the correct proportion found by a much more reliable method specific to the ROCA keys. | ||