{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,5]],"date-time":"2025-10-05T16:55:14Z","timestamp":1759683314675,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":41,"publisher":"ACM","license":[{"start":{"date-parts":[[2018,5,29]],"date-time":"2018-05-29T00:00:00Z","timestamp":1527552000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2018,5,29]]},"DOI":"10.1145\/3196494.3196547","type":"proceedings-article","created":{"date-parts":[[2018,5,31]],"date-time":"2018-05-31T13:18:28Z","timestamp":1527772708000},"page":"343-355","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":4,"title":["Can You Trust Your Encrypted Cloud?"],"prefix":"10.1145","author":[{"given":"Anders P. K.","family":"Dalskov","sequence":"first","affiliation":[{"name":"Aarhus University, Aarhus, Denmark"}]},{"given":"Claudio","family":"Orlandi","sequence":"additional","affiliation":[{"name":"Aarhus University, Aarhus, Denmark"}]}],"member":"320","published-online":{"date-parts":[[2018,5,29]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Modular crypt format: A explanation about a standard that isn't. http:\/\/passlib.readthedocs.io\/en\/stable\/modular_crypt_format.html.  Modular crypt format: A explanation about a standard that isn't. http:\/\/passlib.readthedocs.io\/en\/stable\/modular_crypt_format.html."},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-36830-1_7"},{"key":"e_1_3_2_1_3_1","volume-title":"Oh, really\" Blackhat Europe","author":"Belenko Andrey","year":"2012","unstructured":"Andrey Belenko and Dmitry Sklyarov . \"secure password managers\" and \"military-grade encryption\" on smartphones : Oh, really\" Blackhat Europe , 2012 . Andrey Belenko and Dmitry Sklyarov. \"secure password managers\" and \"military-grade encryption\" on smartphones: Oh, really\" Blackhat Europe, 2012."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-32009-5_19"},{"key":"e_1_3_2_1_6_1","volume-title":"6th USENIX Workshop on Offensive Technologies, WOOT'12","author":"Bhargavan Karthikeyan","year":"2012","unstructured":"Karthikeyan Bhargavan and Antoine Delignat-Lavaud . Web-based attacks on host-proof encrypted storage . In 6th USENIX Workshop on Offensive Technologies, WOOT'12 , August 6 --7 , 2012 , Bellevue, WA, USA, Proceedings, pages 97--104, 2012. Karthikeyan Bhargavan and Antoine Delignat-Lavaud. Web-based attacks on host-proof encrypted storage. In 6th USENIX Workshop on Offensive Technologies, WOOT'12, August 6--7, 2012, Bellevue, WA, USA, Proceedings, pages 97--104, 2012."},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.49"},{"key":"e_1_3_2_1_8_1","volume-title":"On the security of cloud storage services","author":"Borgmann Moritz","year":"2012","unstructured":"Moritz Borgmann , Tobias Hahn , Michael Herfert , Thomas Kunz , Marcel Richter , Ursula Viebeg , and Sven Vowe . On the security of cloud storage services . 2012 . Moritz Borgmann, Tobias Hahn, Michael Herfert, Thomas Kunz, Marcel Richter, Ursula Viebeg, and Sven Vowe. On the security of cloud storage services. 2012."},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/2636328"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978395"},{"key":"e_1_3_2_1_11_1","volume-title":"Why banker bob (still) can't get tls right: A security analysis of tls in leading uk banking apps","author":"Chothia Tom","year":"2017","unstructured":"Tom Chothia , Flavio D Garcia , Chris Heppel , and Chris McMahon Stone . Why banker bob (still) can't get tls right: A security analysis of tls in leading uk banking apps . 2017 . Tom Chothia, Flavio D Garcia, Chris Heppel, and Chris McMahon Stone. Why banker bob (still) can't get tls right: A security analysis of tls in leading uk banking apps. 2017."},{"key":"e_1_3_2_1_12_1","first-page":"12","article-title":"A convention for human-readable 128-bit keys","volume":"1751","author":"McDonald","year":"1994","unstructured":"McDonald D . A convention for human-readable 128-bit keys . RFC 1751 , RFC Editor, 12 1994 . McDonald D. A convention for human-readable 128-bit keys. RFC 1751, RFC Editor, 12 1994.","journal-title":"RFC"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.5555\/850928.851884"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.6028\/NIST.SP.800-38a"},{"key":"e_1_3_2_1_15_1","volume-title":"https:\/\/www.eff.org\/who-has-your-back-2014#spideroak","author":"EFF.","year":"2014","unstructured":"EFF. Who has your back? government data requests 2014. https:\/\/www.eff.org\/who-has-your-back-2014#spideroak , 2014 . EFF. Who has your back? government data requests 2014. https:\/\/www.eff.org\/who-has-your-back-2014#spideroak, 2014."},{"key":"e_1_3_2_1_16_1","unstructured":"Gemalto. 2016 mining for database gold. http:\/\/breachlevelindex.com\/assets\/Breach-Level-Index-Report-2016-Gemalto.pdf 2016.  Gemalto. 2016 mining for database gold. http:\/\/breachlevelindex.com\/assets\/Breach-Level-Index-Report-2016-Gemalto.pdf 2016."},{"key":"e_1_3_2_1_17_1","first-page":"1069","volume-title":"25th USENIX Security Symposium, USENIX Security 16","author":"Giacomelli Irene","year":"2016","unstructured":"Irene Giacomelli , Jesper Madsen , and Claudio Orlandi . Zkboo : Faster zero-knowledge for boolean circuits . In 25th USENIX Security Symposium, USENIX Security 16 , Austin, TX, USA, August 10--12 , 2016 ., pages 1069 -- 1083 , 2016. Irene Giacomelli, Jesper Madsen, and Claudio Orlandi. Zkboo: Faster zero-knowledge for boolean circuits. In 25th USENIX Security Symposium, USENIX Security 16, Austin, TX, USA, August 10--12, 2016., pages 1069--1083, 2016."},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/233551.233553"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/2046707.2046765"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2010.187"},{"key":"e_1_3_2_1_21_1","unstructured":"X ITU-T. 690: Itu-t recommendation x. 690 (1997) information technology-asn. 1 encoding rules: Specification of basic encoding rules (ber) canonical encoding rules (cer) and distinguished encoding rules (der). http:\/\/handle.itu.int\/11.1002\/1000\/12483.  X ITU-T. 690: Itu-t recommendation x. 690 (1997) information technology-asn. 1 encoding rules: Specification of basic encoding rules (ber) canonical encoding rules (cer) and distinguished encoding rules (der). http:\/\/handle.itu.int\/11.1002\/1000\/12483."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/1315245.1315317"},{"key":"e_1_3_2_1_23_1","volume-title":"Password-based cryptography specification version 2.0","author":"Kaliski Burt","year":"2000","unstructured":"Burt Kaliski . Pkcs# 5 : Password-based cryptography specification version 2.0 . 2000 . Burt Kaliski. Pkcs# 5: Password-based cryptography specification version 2.0. 2000."},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.5555\/1894863.1894876"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.5555\/2700550"},{"key":"e_1_3_2_1_26_1","first-page":"179","volume-title":"Proceedings of the 22th USENIX Security Symposium","author":"Keelveedhi Sriram","year":"2013","unstructured":"Sriram Keelveedhi , Mihir Bellare , and Thomas Ristenpart . Dupless : Server-aided encryption for deduplicated storage . In Proceedings of the 22th USENIX Security Symposium , Washington, DC, USA, August 14--16 , 2013 , pages 179 -- 194 , 2013. Sriram Keelveedhi, Mihir Bellare, and Thomas Ristenpart. Dupless: Server-aided encryption for deduplicated storage. In Proceedings of the 22th USENIX Security Symposium, Washington, DC, USA, August 14--16, 2013, pages 179--194, 2013."},{"key":"e_1_3_2_1_27_1","volume-title":"Presented as part of the 7th USENIX Workshop on Offensive Technologies","author":"Kholia Dhiru","year":"2013","unstructured":"Dhiru Kholia and Przemys\u0142aw Wk egrzyn. Looking inside the (drop) box . In Presented as part of the 7th USENIX Workshop on Offensive Technologies , Washington, D.C. , 2013 . USENIX. Dhiru Kholia and Przemys\u0142aw Wk egrzyn. Looking inside the (drop) box. In Presented as part of the 7th USENIX Workshop on Offensive Technologies, Washington, D.C., 2013. USENIX."},{"key":"e_1_3_2_1_28_1","volume-title":"Snowden: Dropbox is hostile to privacy, unlike 'zero knowledge' spideroak. https:\/\/www.theguardian.com\/technology\/2014\/jul\/17\/edward-snowden-dropbox-privacy-spideroak, 07","author":"Kiss Jemima","year":"2014","unstructured":"Jemima Kiss . Snowden: Dropbox is hostile to privacy, unlike 'zero knowledge' spideroak. https:\/\/www.theguardian.com\/technology\/2014\/jul\/17\/edward-snowden-dropbox-privacy-spideroak, 07 2014 . Jemima Kiss. Snowden: Dropbox is hostile to privacy, unlike 'zero knowledge' spideroak. https:\/\/www.theguardian.com\/technology\/2014\/jul\/17\/edward-snowden-dropbox-privacy-spideroak, 07 2014."},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.5555\/2671225.2671255"},{"key":"e_1_3_2_1_30_1","volume-title":"20th USENIX Security Symposium","author":"Mulazzani Martin","year":"2011","unstructured":"Martin Mulazzani , Sebastian Schrittwieser , Manuel Leithner , Markus Huber , and Edgar R. Weippl . Dark clouds on the horizon: Using cloud storage as attack vector and online slack space . In 20th USENIX Security Symposium , San Francisco, CA, USA, August 8--12 , 2011 , Proceedings, 2011. Martin Mulazzani, Sebastian Schrittwieser, Manuel Leithner, Markus Huber, and Edgar R. Weippl. Dark clouds on the horizon: Using cloud storage as attack vector and online slack space. In 20th USENIX Security Symposium, San Francisco, CA, USA, August 8--12, 2011, Proceedings, 2011."},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.5555\/1268708.1268740"},{"key":"e_1_3_2_1_32_1","volume-title":"Why we will no longer use the phrase zero knowledge to describe our software. https:\/\/spideroak.com\/articles\/why-we-will-no-longer-use-the-phrase-zero-knowledge-to-describe-our-software, 02","author":"Risner Erin","year":"2017","unstructured":"Erin Risner . Why we will no longer use the phrase zero knowledge to describe our software. https:\/\/spideroak.com\/articles\/why-we-will-no-longer-use-the-phrase-zero-knowledge-to-describe-our-software, 02 2017 . Erin Risner. Why we will no longer use the phrase zero knowledge to describe our software. https:\/\/spideroak.com\/articles\/why-we-will-no-longer-use-the-phrase-zero-knowledge-to-describe-our-software, 02 2017."},{"key":"e_1_3_2_1_33_1","volume-title":"Advances in Cryptology--EUROCRYPT","volume":"6","author":"Rogaway P","year":"2007","unstructured":"P Rogaway and T Shrimpton . Deterministic authenticated-encryption . In Advances in Cryptology--EUROCRYPT , volume 6 , 2007 . P Rogaway and T Shrimpton. Deterministic authenticated-encryption. In Advances in Cryptology--EUROCRYPT, volume 6, 2007."},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.5555\/882494.884426"},{"key":"e_1_3_2_1_35_1","unstructured":"SpiderOak. Encryption white paper. https:\/\/spideroak.com\/resources\/encryption-white-paper.  SpiderOak. Encryption white paper. https:\/\/spideroak.com\/resources\/encryption-white-paper."},{"volume-title":"Building for new threat models in a post-snowden era. https:\/\/spideroak.com\/articles\/building-for-new-threat-models-in-a-postsnowden-era, 6","year":"2017","key":"e_1_3_2_1_36_1","unstructured":"SpiderOak. Building for new threat models in a post-snowden era. https:\/\/spideroak.com\/articles\/building-for-new-threat-models-in-a-postsnowden-era, 6 2017 . SpiderOak. Building for new threat models in a post-snowden era. https:\/\/spideroak.com\/articles\/building-for-new-threat-models-in-a-postsnowden-era, 6 2017."},{"volume-title":"security update for spideroak groups & one","year":"2017","key":"e_1_3_2_1_37_1","unstructured":"SpiderOak. security update for spideroak groups & one ; bugs reported & resolved. https:\/\/spideroak.com\/articles\/security-update-for-spideroak-groups-one-bugs-reported-resolved\/, 9 2017 . SpiderOak. security update for spideroak groups & one; bugs reported & resolved. https:\/\/spideroak.com\/articles\/security-update-for-spideroak-groups-one-bugs-reported-resolved\/, 9 2017."},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1145\/2508859.2516660"},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1145\/1456469.1456471"},{"key":"e_1_3_2_1_40_1","first-page":"74","volume-title":"Secure Cloud Storage: Available Infrastructures and Architectures Review and Evaluation","author":"Virvilis Nikos","year":"2011","unstructured":"Nikos Virvilis , Stelios Dritsas , and Dimitris Gritzalis . Secure Cloud Storage: Available Infrastructures and Architectures Review and Evaluation , pages 74 -- 85 . Springer Berlin Heidelberg , Berlin, Heidelberg , 2011 . Nikos Virvilis, Stelios Dritsas, and Dimitris Gritzalis. Secure Cloud Storage: Available Infrastructures and Architectures Review and Evaluation, pages 74--85. Springer Berlin Heidelberg, Berlin, Heidelberg, 2011."},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-13257-0_24"},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIT.2005.853307"}],"event":{"name":"ASIA CCS '18: ACM Asia Conference on Computer and Communications Security","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"location":"Incheon Republic of Korea","acronym":"ASIA CCS '18"},"container-title":["Proceedings of the 2018 on Asia Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3196494.3196547","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3196494.3196547","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T01:08:39Z","timestamp":1750208919000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3196494.3196547"}},"subtitle":["An Assessment of SpiderOakONE's Security"],"short-title":[],"issued":{"date-parts":[[2018,5,29]]},"references-count":41,"alternative-id":["10.1145\/3196494.3196547","10.1145\/3196494"],"URL":"https:\/\/doi.org\/10.1145\/3196494.3196547","relation":{},"subject":[],"published":{"date-parts":[[2018,5,29]]},"assertion":[{"value":"2018-05-29","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}