These security and crytography papers are among the most cited between the years 2008 and 2013. Source data is from Google Scholar Metrics and Microsoft Academic Search. The papers are roughly in the order of citations per year:
Craig Gentry presented the first fully homomorphic encryption scheme, which allows both multiplication and addiition operations between encrypted data. Partially homomorphic encryption schemes that exclusively allowed one operation or the other were well known, but it was a long outstanding problem whether a cryptosystem could support both operations.
This paper discusses how to target a VM running on an infrastructure as a service provider (namely EC2), and place another VM on the same host. It then shows how a co-tenant VM can then be used to mount cross-VM side-channel attacks, which extract information from the target VM.
This paper presents a tool, Stowaway, which can analyze Android apps and determine which API calls they are using. Stowaway then determines whether apps are overprivileged. The paper found that was the case for a third out of a sample of 940 apps.
This paper presents a more efficient construction of an Attribute-Based Encryption (ABE) scheme. ABE schemes essentially allow an encryptor to specify how to share data by expressing an access control policy in the algorithm itself.
This paper presents the ded decompiler, which recovers Android app source code from the installation image. They performed static analysis on 21 million lines of recovered code, yet found no evidence of malware or exploitable vulnerabilities.
This paper presents a "somewhat homomorphic" encryption scheme using basic modular arithmetic, then uses Craig Gentry's techniques to convert it to a fully homomorphic scheme. This is conceptually simpler than Gentry's original fully homomorphic scheme.
The "cold boot" paper: The authors demonstrate how to recover data remnants from frozen DRAM modules. They then analyze the recovered contents to extract encryption keys and circumvent popular disk encryption systems.
This paper presents a botnet detection framework that is independent of a specific botnet command & control protocol or structure. The authors implemented BotMinder and were able to successfully detect traces of live botnets.
Both of these papers cover de-anonymizing large sets of supposedly anonymized data. The first paper de-anonymizes the the Netflix Prize data set while the second paper links accounts between Twitter and Flickr.
This paper gives two constructions of secure functional encryption schemes: one is an attribute-based encryption scheme and the other is a predicate encryption scheme.
This paper presents a distributed cryptographic system that allows a set of servers to prove to a client that a stored file is intact and retrievable.
This paper reviews the state of data security when outsourcing computation in the cloud. The authors proposes a security model based Trusted Computing and suggest the use of some technologies like searchable encryption.
This paper discusses how to use standard lattice problems as an underlying building block to construct cryptographic trapdoor functions.
This paper describes the authors attempt to takeover the Torpig botnet and observe its operations for a 10 day period.
This paper presents a version of Gentry's fully homomorphic encryption scheme with a smaller message expansion and key size.