These security and cryptography papers are among the most cited between the years 2008 and 2013. Source data is from Google Scholar Metrics and Microsoft Academic Search. The papers are roughly in the order of citations per year:

  1. A Fully Homomorphic Encryption Scheme
    C Gentry
    PhD Thesis, 2009

    Craig Gentry presented the first fully homomorphic encryption scheme, which allows both multiplication and addiition operations between encrypted data. Partially homomorphic encryption schemes that exclusively allowed one operation or the other were well known, but it was a long outstanding problem whether a cryptosystem could support both operations.

  2. Hey, you, get off of my cloud: exploring information leakage in third-party compute cloud
    T Ristenpart, E Tromer, H Shacham, S Savage
    CCS, 2009

    This paper discusses how to target a VM running on an infrastructure as a service provider (namely EC2), and place another VM on the same host. It then shows how a co-tenant VM can then be used to mount cross-VM side-channel attacks, which extract information from the target VM.

  3. Android Permissions Demystified
    AP Felt, E Chin, S Hanna, D Song, D Wagner
    CCS, 2011

    This paper presents a tool, Stowaway, which can analyze Android apps and determine which API calls they are using. Stowaway then determines whether apps are overprivileged. The paper found that was the case for a third out of a sample of 940 apps.

  4. Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization
    B Waters
    Public Key Cryptography, 2011

    This paper presents a more efficient construction of an Attribute-Based Encryption (ABE) scheme. ABE schemes essentially allow an encryptor to specify how to share data by expressing an access control policy in the algorithm itself.

  5. A Study of Android Application Security
    W Enck, D Octeau, P McDaniel, S Chaudhuri
    Usenix Security 2011

    This paper presents the ded decompiler, which recovers Android app source code from the installation image. They performed static analysis on 21 million lines of recovered code, yet found no evidence of malware or exploitable vulnerabilities.

  6. Fully homomorphic encryption over the integers
    M van Dijk, C Gentry, S Halevi, V Vaikuntanathan
    Eurocrypt 2010

    This paper presents a "somewhat homomorphic" encryption scheme using basic modular arithmetic, then uses Craig Gentry's techniques to convert it to a fully homomorphic scheme. This is conceptually simpler than Gentry's original fully homomorphic scheme.

  7. Lest We Remember: Cold Boot Attacks on Encryption Keys
    JA Halderman, SD Schoen, N Heninger, W Clarkson, W Paul, JA Calandrino, AJ Feldman, J Applebaum, E Felton
    Usenix Security, 2008

    The "cold boot" paper: The authors demonstrate how to recover data remnants from frozen DRAM modules. They then analyze the recovered contents to extract encryption keys and circumvent popular disk encryption systems.

  8. BotMiner: Clustering Analysis of Network Traffic for Protocol-and Structure-Independent Botnet Detection.
    G Gu, R Perdisci, J Zhang, W Lee
    Usenix Security, 2008

    This paper presents a botnet detection framework that is independent of a specific botnet command & control protocol or structure. The authors implemented BotMinder and were able to successfully detect traces of live botnets.

  9. Robust De-anonymization of Large Sparse Datasets and De-anonymizing Social Networks
    A Narayanan, V Shmatikov
    IEEE Security & Privacy 2008 and 2009

    Both of these papers cover de-anonymizing large sets of supposedly anonymized data. The first paper de-anonymizes the the Netflix Prize data set while the second paper links accounts between Twitter and Flickr.

  10. Fully Secure Functional Encryption: Attribute-based Encryption and (Hierarchical) Inner Product Encryption
    A Lewko, T Okamoto, A Sahai, K Takashima, B Waters
    Eurocrypt, 2010

    This paper gives two constructions of secure functional encryption schemes: one is an attribute-based encryption scheme and the other is a predicate encryption scheme.

  11. HAIL: a high-availability and integrity layer for cloud storage
    KD Bowers, A Juels, A Oprea
    CCS, 2009

    This paper presents a distributed cryptographic system that allows a set of servers to prove to a client that a stored file is intact and retrievable.

  12. Controlling Data in the Cloud: Outsourcing Computation without Outsourcing Control
    R Chow, P Golle, M Jakobsson, E Shi, J Staddon, R Masuoka, J Molina
    CCSW, 2009

    This paper reviews the state of data security when outsourcing computation in the cloud. The authors proposes a security model based Trusted Computing and suggest the use of some technologies like searchable encryption.

  13. Trapdoors for Hard Lattices and New Cryptographic Constructions
    C Gentry, C Peikert, V Vaikuntanathan
    STOC, 2008

    This paper discusses how to use standard lattice problems as an underlying building block to construct cryptographic trapdoor functions.

  14. Your Botnet is My Botnet: Analysis of a Botnet Takeover
    B Stone-Gross, M Cova, L Cavallaro, B Gilbert, M Szydlowski, R Kemmerer, C Kruegel, G Vigna
    CCS, 2009

    This paper describes the authors attempt to takeover the Torpig botnet and observe its operations for a 10 day period.

  15. Fully homomorphic encryption with relatively small key and ciphertext sizes
    NP Smart, F Vercauteren
    Public Key Crypto, 2010

    This paper presents a version of Gentry's fully homomorphic encryption scheme with a smaller message expansion and key size.