Security and Cryptography Publications
2017 │ 2016 │ 2015 │ 2014 │ 2013 │ 2012 │ 2011
2010 │ 2009 │ 2008 │ 2007 │ 2006 │ 2005 │ 2004
2017

Prime+Abort: A Timer-Free High-Precision L3 Cache Attack using Intel TSX, Craig Disselkoen, David Kohlbrenner, Leo Porter, and Dean Tullsen, Proceedings of the USENIX Security Symposium, Vancouver, BC, Canada, August 2017.

The buoyancy of castles: Examining the effectiveness of mitigations against floating-point timing channels, David Kohlbrenner and Hovav Shacham, Proceedings of the USENIX Security Symposium, Vancouver, BC, Canada, August 2017.

Dead Store Elimination (Stil) Considered Harmful, Zhaomo Yang, Brian Johannesmeyer, Anders Trier Olesen, Sorin Lerner, and Kirill Levchenko, Proceedings of the USENIX Security Symposium, Vancouver, BC, Canada, August 2017.

Malicious Browser Extensions at Scale: Bridging the Observability Gap between Web Site and Browser, Louis F. DeKoven, Stefan Savage, Goeffrey M. Voelker, and Nektarios Lentiadis, Proceedings of Workshop on Cyber Security Experimentation and Test (CSET), August 2017.

How They Did It: An Analysis of Emission Defeat Devices in Modern Automobiles, Mortiz Contag, Guo Li, Andre Pawlowski, Flexi Domke, Stefan Savage, Kirill Levchenko, and Thorsten Holz, Proceedings of the IEEE Symposium on Security and Privacy, San Jose, CA, May 2017.

To Catch a Ratter: Monitoring the Behavior of Amateur DarkComet RAT Operators in the Wild, Brown Farinholt, Mohammad Rezaeirad, Paul Pearce, Hitesh Dharamdasani, Haikuo Yin, Stevens LeBlond, Damon McCoy, and Kirill Levchenko, Proceedings of the IEEE Symposium on Security and Privacy, San Jose, CA, May 2017.

Finding and Preventing Bugs in JavaScript Bindings, Fraser Brown, Shravan Narayan, Riad S. Wahby, Dawson Engler, Ranjit Jhala, and Deian Stefan, Proceedings of the IEEE Symposium on Security and Privacy, San Jose, CA, May 2017.

How Do System Administrators Resolve Access-Denied Issues in the Real World?, Tianyin Xu, Han Min Naing, Le Lu, and Yuanyuan Zhou, Proceedings of the 35th Annual CHI Conference on Human Factors in Computing Systems (CHI'17), Denver, CO, USA, May 2017.

Pinning Down Abuse on Google Maps, Danny Yuxing Huang, Doug Grundman, Kurt Thomas, Elie Bursztein, Abhishek Kumar, Kirill Levchenko, and Alex C. Snoeren, Proceedings of the International World Wide Web Conference (WWW), Perth, Australia, April 2017.

Automated Analysis of Cybercriminal Markets, Rebecca S Portnoff, Sadia Afroz, Greg Durrett, Jonathan K Kummerfeld, Taylor Berg-Kirkpatrick, Damon McCoy, Kirill Levchenko, and Vern Paxson, Proceedings of the International World Wide Web Conference (WWW), Perth, Australia, April 2017.

A Call to ARMs: Understanding the Costs and Benefits of JIT Spraying Mitigations, Wilson Lian, Hovav Shacham, and Stefan Savage, Proceedings of the Network and Distributed System Security Symposium (NDSS), San Diego, CA, February 2017.

2016

NIZKs with an Untrusted CRS: Security in the Face of Parameter Subversion, Mihir Bellare, Georg Fuchsbauer, and Alessandra Scafuro, Proceedings of Asiacrypt 2016, Hanoi, Vietnam, December 2016.

From Identification to Signatures, Tightly: A Framework and Generic Transforms, Mihir Bellare, Bertram Poettering, and Douglas Stebila, Proceedings of Asiacrypt 2016, Hanoi, Vietnam, December 2016.

Simultaneous Secrecy and Reliability Amplification for a General Channel Model, Russell Impagliazzo, Ragesh Jaiswal, Valentine Kabanets, Bruce M. Kapron, Valerie King, and Stefano Tessaro, Proceedings of TCC 2016-B, Beijing, October 2016.

Compactness vs Collusion Resistance in Functional Encryption, Baiyu Li and Daniele Micciancio, Proceedings of TCC 2016-B, Beijing, October 2016.

Message-Recovery Attacks on Feistel-Based Format Preserving Encryption, Mihir Bellare, Viet Tung Hoang, and Stefano Tessaro, Proceedings of the ACM Conference on Computer and Communications Security, Vienna, October 2016.

Superhacks: Exploring and Preventing Vulnerabilities in Browser Binding Code, Fraser Brown and Deian Stefan, Proceedings of the Workshop on Programming Languages and Analysis for Security (PLAS), Vienna, October 2016.

A Systematic Analysis of the Juniper Dual EC Incident, Stephen Checkoway, Jake Maskiewicz, Christina Garman, Josh Fried, Shaanan Cohney, Matthew Green, Nadia Heninger, Ralf-Philipp Weinmann, Eric Rescorla, and Hovav Shacham, Proceedings of the ACM Conference on Computer and Communications Security, Vienna, October 2016.

The Multi-User Security of Authenticated Encryption: AES-GCM in TLS 1.3, Mihir Bellare and Björn Tackmann, Proceedings of Crypto 2016, Santa Barbara, CA, August 2016.

Resisting Key Exfiltration: Big-Key Symmetric Encryption, Mihir Bellare, Daniel Kane, and Phillip Rogaway, Proceedings of Crypto 2016, Santa Barbara, CA, August 2016.

You’ve Got Vulnerability: Exploring Effective Vulnerability Notifications, Frank Li, Zakir Durumeric, Jakub Czyz, Damon McCoy, Stefan Savage, Michael Bailey, and Vern Paxson, Proceedings of the USENIX Security Symposium, Austin, TX, August 2016.

On the (In)effectiveness of Mosaicing and Blurring as Tools for Document Redaction, Steven Hill, Zhimin Zhou, Lawrence Saul, and Hovav Shacham, Privacy Enhancing Technologies Symposium, Darmstadt, Germany, July 2016.

Automobile Driver Fingerprinting, Miro Enev, Alex Takakuwa, Karl Koscher, and Tadayoshi Kohno, Privacy Enhancing Technologies Symposium, Darmstadt, Germany, July 2016.

Creating Cryptographic Challenges Using Multi-Party Computation: The LWE Challenge, Johannes Buchmann, Niklas Büscher, Florian Goepfert, Stefan Katzenbeisser, Juliane Krämer, Daniele Micciancio, Sander Siim, Christine van Vredendaal, and Michael Walter, The 3rd ACM ASIA Public-Key Cryptography Workshop (AsiaPKC 2016), Xi'an, China, May 2016.

New Negative Results on Differing-Inputs Obfuscation, Mihir Bellare, Igors Stepanovs, and Brent Waters, Proceedings of Eurocrypt 2016, Vienna, May 2016.

Nonce-Based Cryptography: Retaining Security when Randomness Fails, Mihir Bellare and Björn Tackmann, Proceedings of Eurocrypt 2016, Vienna, May 2016.

Honey Encryption beyond Message Recovery Security, Joseph Jaeger, Thomas Ristenpart, and Qiang Tang, Proceedings of Eurocrypt 2016, Vienna, May 2016.

Hash-Function based PRFs: AMAC and its Multi-User Security, Mihir Bellare, Daniel J. Bernstein, and Stefano Tessaro, Proceedings of Eurocrypt 2016, Vienna, May 2016.

Practical, Predictable Lattice Basis Reduction, Daniele Micciancio and Michael Walter, Proceedings of Eurocrypt 2016, Vienna, May 2016.

HIPStR---Heterogeneous-ISA Program State Relocation, Ashish Venkat, Sriskanda Shamasunder, Dean Tullsen, and Hovav Shacham, Proceedings of the 21th ACM International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), Atlanta, GA, April 2016.

Quantifying Hardware Security Using Joint Information Flow Analysis, Ryan Kastner, Wei Hu, and Alric Althoff, Proceedings of the Conference on Design, Automation, and Test in Europe (DATE), Dresden, Germany, March 2016.

Stressing Out: Bitcoin "Stress Testing", Khaled Baqer, Danny Yuxing Huang, Nicholas Weaver, and Damon McCoy, BITCOIN '16: The Third Workshop on Bitcoin and Blockchain Research, Christ Church, Barbados, February 2016.

Protecting C++ Dynamic Dispatch Through VTable Interleaving, Dimitar Bounov, Rami Gökhan Kici, and Sorin Lerner, Proceedings of the Network and Distributed System Security Symposium (NDSS), San Diego, CA, February 2016.

Contention in Cryptoland: Obfuscation, Leakage and UCE, Mihir Bellare, Igors Stepanovs, and Stefano Tessaro, Proceedings of TCC 2016-A, Tel Aviv, January 2016.

Non-Malleable Encryption: Simpler, Shorter, Stronger, Sandro Coretti, Yevgeniy Dodis, Björn Tackmann, and Daniele Venturi, Proceedings of TCC 2016-A, Tel Aviv, January 2016.

Point-Function Obfuscation: A Framework and Generic Constructions, Mihir Bellare and Igors Stepanovs, Proceedings of TCC 2016-A, Tel Aviv, January 2016.

2015

Exploring Controller Area Networks, Ian Foster and Karl Koscher, USENIX ;login: 40(6), December 2015.

Robust Authenticated Encryption and the Limits of Symmetric Cryptography, Christian Badertscher, Christian Matt, Ueli Maurer, Phillip Rogaway, and Björn Tackmann, Proceedings of the 15th IMA International Conference on Cryptography and Coding, Oxford, December 2015.

(De-)Constructing TLS 1.3, Markulf Kohlweiss, Ueli Maurer, Cristina Onete, Björn Tackmann, and Daniele Venturi, Proceedings of Indocrypt 2015, Bangalore, India, December 2015.

Augmented Secure Channels and the Goal of the TLS 1.3 Record Layer, Christian Badertscher, Christian Matt, Ueli Maurer, Phillip Rogaway, and Björn Tackmann, Proceedings of the 9th International Conference on Provable Security (ProvSec), Kanazawa, Japan, November 2015.

Quantifying Timing-Based Information Flow in Cryptographic Hardware, Baolei Mao, Wei Hu, Alric Althoff, Janarbek Matai, Jason Oberg, Dejun Mu, Timothy Sherwood, and Ryan Kastner, Proceedings of the 2015 International Conference on Computer Aided Design (ICCAD), Austin, TX, November 2015.

Security by Any Other Name: On the Effectiveness of Provider Based Email Security, Ian Foster, Jon Larson, Max Masich, Alex C. Snoeren, Stefan Savage, and Kirill Levchenko, Proceedings of the ACM Conference on Computer and Communications Security, Denver, Colorado, October 2015.

Mass-surveillance without the State: Strongly Undetectable Algorithm-Substitution Attacks, Mihir Bellare, Joseph Jaeger, and Daniel Kane, Proceedings of the ACM Conference on Computer and Communications Security, Denver, Colorado, October 2015.

Affiliate Crookies: Characterizing Affiliate Marketing Abuse, Neha Chachra, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the ACM Internet Measurement Conference, Tokyo, Japan, October 2015.

Fair Distributed Computation of Reactive Functions, Juan A. Garay, Björn Tackmann, and Vassilis Zikas, Proceedings of the 29th International Symposium on Distributed Computing (DISC), Tokyo, October 2015.

Fast and Vulnerable: A Story of Telematic Failures, Ian Foster, Andrew Prudhomme, Karl Koscher, and Stefan Savage, Proceedings of the USENIX Workshop On Offensive Technologies (WOOT), Washington D.C., August 2015.

SURROGATES: Enabling Near-Real-Time Dynamic Analyses of Embedded Systems, Karl Koscher, Tadayoshi Kohno, and David Molnar, Proceedings of the USENIX Workshop On Offensive Technologies (WOOT), Washington D.C., August 2015.

How Fair is Your Protocol? A Utility-based Approach to Protocol Optimality, Juan A. Garay, Jonathan Katz, Björn Tackmann, and Vassilis Zikas, 34th Annual ACM Symposium on Principles of Distributed Computing (PODC 2015), Donostia-San Sebastián, Spain, July 2015.

Framing Dependencies Introduced by Underground Commoditization, Kurt Thomas, Danny Yuxing Huang, David Wang, Elie Bursztein, Chris Grier, Tom Holt, Christopher Kruegel, Damon McCoy, Stefan Savage, and Giovanni Vigna, Proceedings of the Workshop on the Economics of Information Security (WEIS), Delft, The Netherlands, June 2015.

On Subnormal Floating Point and Abnormal Timing, Marc Andrysco, David Kohlbrenner, Keaton Mowery, Ranjit Jhala, Sorin Lerner, and Hovav Shacham, Proceedings of the IEEE Symposium on Security and Privacy, San Jose, CA, May 2015.

Lattice Point Enumeration on Block Reduced Bases, Michael Walter, Proceedings of the 8th International Conference on Information-Theoretic Security (ICITS), Lugano, Switzerland, May 2015.

Query-Complexity Amplification for Random Oracles, Grégory Demay, Peter Gazi, Ueli Maurer, and Björn Tackmann, Proceedings of the 8th International Conference on Information-Theoretic Security (ICITS), Lugano, Switzerland, May 2015.

Analyis of a ``/0'' Stealth Scan from a Botnet, Alberto Dainotti, Alistair King, Kimberly Claffy, Ferdinando Papale, and Antonio Pescapè, IEEE/ACM Transactions on Networking 23(2), April 2015.

FHEW: Bootstrapping in less than a Second, Léo Ducas and Daniele Micciancio, Proceedings of Eurocrypt 2015, Sofia, Bulgaria, April 2015.

Resisting randomness subversion: Fast deterministic and hedged public-key encryption in the standard model, Mihir Bellare and Viet Tung Hoang, Proceedings of Eurocrypt 2015, Sofia, Bulgaria, April 2015.

How Secure is Deterministic Encryption?, Mihir Bellare, Rafael Dowsley, and Sriram Keelveedhi, Proceedings of PKC 2015, Gaithersburg, Maryland, March 2015.

Adaptive Witness Encryption and Asymmetric Password-Based Cryptography, Mihir Bellare and Viet Tung Hoang, Proceedings of PKC 2015, Gaithersburg, Maryland, March 2015.

Interactive Message-Locked Encryption and Secure Deduplication, Mihir Bellare and Sriram Keelveedhi, Proceedings of PKC 2015, Gaithersburg, Maryland, March 2015.

From Single-Bit to Multi-Bit Public-Key Encryption via Non-Malleable Codes, Sandro Coretti, Ueli Maurer, Björn Tackmann, and Daniele Venturi, Proceedings of TCC 2015, Warsaw, Poland, March 2015.

Too LeJIT to Quit: Extending JIT Spraying to ARM, Wilson Lian, Hovav Shacham, and Stefan Savage, Proceedings of the Network and Distributed System Security Symposium (NDSS), San Diego, CA, February 2015.

Fast Lattice Point Enumeration with Minimal Overhead, Daniele Micciancio and Michael Walter, ACM-SIAM Symposium on Discrete Algorithms, San Diego, January 2015.

Subtleties in the Definition of IND-CCA: When and How Should Challenge Decryption Be Disallowed?, Mihir Bellare, Dennis Hofheinz, and Eike Kiltz, Journal of Cryptology 28(1):29-48, January 2015.

2014

Analysis of Country-wide Internet Outages Caused by Censorship, Alberto Dainotti, Claudio Squarcella, Emile Aben, kc claffy, Marco Chiesa, Michele Russo, and Antonio Pescapè, , December 2014.

Efficient Identity-Based Encryption over NTRU Lattices, Leo Ducas, Vadim Lyubashevsky, and Thomas Prest, Proceedings of Asiacrypt 2014, Kaohsiung, Taiwan, December 2014.

Poly-Many Hardcore Bits for Any One-Way Function and a Framework for Differing-Inputs Obfuscation, Mihir Bellare, Igors Stepanovs, and Stefano Tessaro, Proceedings of Asiacrypt 2014, Kaohsiung, Taiwan, December 2014.

Leveraging Gate-Level Properties to Identify Hardware Timing Channels, Jason Oberg, Sarah Meiklejohn, Timothy Sherwood, and Ryan Kastner, ACM Transactions on Design Automation of Electronic Systems (TODAES) 20(1), November 2014.

Characterizing Large-Scale Click Fraud in ZeroAccess, Paul Pearce, Vacha Dave, Chris Grier, Kirill Levchenko, Saikat Guha, Damon McCoy, Vern Paxson, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the ACM Conference on Computer and Communications Security, Scottsdale, Arizona, November 2014.

On The Security of Mobile Cockpit Information Systems, Devin Lundberg, Brown Farinholt, Edward Sullivan, Ryan Mast, Stephen Checkoway, Stefan Savage, Alex C. Snoeren, and Kirill Levchenko, Proceedings of the ACM Conference on Computer and Communications Security, Scottsdale, Arizona, November 2014.

Deniable Liaisons, Abhinav Narain, Nick Feamster, and Alex C. Snoeren, Proceedings of the ACM Conference on Computer and Communications Security, Scottsdale, Arizona, November 2014.

Algebraic MACs and Keyed-Verification Anonymous Credentials, Melissa Chase, Sarah Meiklejohn, and Greg Zaverucha, Proceedings of the ACM Conference on Computer and Communications Security, Scottsdale, Arizona, November 2014.

Search + Seizure: The Effectiveness of Interventions on SEO Campaigns, David Wang, Matthew Der, Mohammad Karami, Lawrence Saul, Damon McCoy, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the ACM Internet Measurement Conference, Vancouver, BC, Canada, November 2014.

Handcrafted Fraud and Extortion: Manual Account Hijacking in the Wild, Borbala Benko, Elie Bursztein, Daniel Margolis, Tadek Pietraszek, Andy Archer, Allan Aquino, Andreas Pitsillidis, and Stefan Savage, Proceedings of the ACM Internet Measurement Conference, Vancouver, BC, Canada, November 2014.

A Characterization of Chameleon Hash Functions and New, Efficient Designs, Mihir Bellare and Todor Ristov, Journal of Cryptology 27(4):799-823, October 2014.

Leveraging Gate-Level Properties to Identify Hardware Timing Channels, Jason Oberg, Sarah Meiklejohn, Timothy Sherwood, and Ryan Kastner, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems (TCAD) 33(9):1288-1301, September 2014.

Enhanced Lattice-Based Signatures on Reconfigurable Hardware, Thomas Pöppelmann, Léo Ducas, and Tim Güneysu, Proceedings of CHES 2014, Busan, Korea, September 2014.

On the Practical Exploitability of Dual-EC in TLS Implementations, Stephen Checkoway, Matthew Fredrikson, Ruben Niederhagen, Adam Everspaugh, Matthew Green, Tanja Lange, Thomas Ristenpart, Daniel J. Bernstein, Jake Maskiewicz, and Hovav Shacham, Proceedings of the USENIX Security Symposium, San Diego, CA, August 2014.

Hulk: Eliciting Malicious Behavior in Browser Extensions, Alexandros Kapravelos, Chris Grier, Neha Chachra, Chris Kruegel, Giovanni Vigna, and Vern Paxson, Proceedings of the USENIX Security Symposium, San Diego, CA, August 2014.

Security Analysis of a Full-Body Scanner, Keaton Mowery, Eric Wustrow, Tom Wypych, Corey Singleton, Chris Comfort, Eric Rescorla, Stephen Checkoway, J. Alex Halderman, and Hovav Shacham, Proceedings of the USENIX Security Symposium, San Diego, CA, August 2014.

Mouse Trap: Exploiting Firmware Updates in USB Peripherals, Jacob Maskiewicz, Benjamin Ellis, James Mouradian, and Hovav Shacham, Proceedings of Workshop On Offensive Technologies (WOOT), August 2014.

Knock It Off: Profiling the Online Storefronts of Counterfeit Merchandise, Matthew Der, Lawrence K. Saul, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the ACM SIGKDD Conference, Washington D.C., August 2014.

Security of Symmetric Encryption against Mass Surveillance, Mihir Bellare, Kenneth G. Paterson, and Philip Rogaway, Proceedings of Crypto 2014, Santa Barbara, CA, August 2014.

Cryptography from Compression Functions: The UCE Bridge to the ROM, Mihir Bellare, Viet Tung Hoang, and Sriram Keelveedhi, Proceedings of Crypto 2014, Santa Barbara, CA, August 2014.

Improved Short Lattice Sigantures in the Standard Model, Leo Ducas and Daniele Micciancio, Proceedings of Crypto 2014, Santa Barbara, CA, August 2014.

Empirically Characterizing Domain Abuse and the Revenue Impact of Blacklisting, Neha Chachra, Damon McCoy, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the Workshop on the Economics of Information Security (WEIS), State College, PA, June 2014.

Locally Dense Codes, Daniele Micciancio, 29th Annual IEEE Conference on Computational Complexity (CCC 2014), Vancouver, BC, Canada, June 2014.

Automating formal proofs for reactive systems, Daniel Ricketts, Valentin Robert, Dongseok Jang, Zachary Tatlock, and Sorin Lerner, Proceedings of the ACM SIGPLAN 2014 Conference on Programming Language Design and Implementation (PLDI), Edinburgh, United Kingdom, June 2014.

Key-Versatile Signatures and Applications: RKA, KDM, and Joint Enc/Sig, Mihir Bellare, Sarah Meiklejohn, and Susan Thomson, Proceedings of Eurocrypt 2014, Copenhagen, Denmark, May 2014.

Deja Q: Using Dual Systems to Revisit q-Type Assumptions, Melissa Chase and Sarah Meiklejohn, Proceedings of Eurocrypt 2014, Copenhagen, Denmark, May 2014.

A Gaussian Latent Variable Model for Large Margin Classification of Labeled and Unlabeled Data, Do-kyum Kim, Matthew Der, and Lawrence K. Saul, Proceedings of the 17th International Conference on Artificial Intelligence and Statistics (AISTATS), Reykjavik, Iceland, April 2014.

XXXtortion? Inferring Registration Intent in the .XXX TLD, Tristan Halvorson, Kirill Levchenko, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the International World Wide Web Conference (WWW), Seoul, Korea, April 2014.

Policy-Based Signatures, Mihir Bellare and Georg Fuchsbauer, Proceedings of PKC 2014, Buenos Aires, Argentina, March 2014.

Sapper: A Language for Hardware-Level Security Policy Enforcement, Xun Li, Vineeth Kashyap, Jason Oberg, Mohit Tiwari, Vasanth Rajarathinam, Ryan Kastner, Timothy Sherwood, Ben Hardekopf, and Frederic T. Chong, Proceedings of the 18th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), Salt Lake City, UT, March 2014.

Botcoin: Monetizing Stolen Cycles, Danny Yuxing Huang, Hitesh Dharmdasani, Sarah Meiklejohn, Vacha Dave, Kirill Levchenko, Alex C. Snoeren, Stefan Savage, Nicholas Weaver, Chris Grier, and Damon McCoy, Proceedings of the Network and Distributed System Security Symposium (NDSS), San Diego, CA, February 2014.

DSpin: Detecting Automatically Spun Content on the Web, Qing Zhang, David Wang, and Geoffrey M. Voelker, Proceedings of the Network and Distributed System Security Symposium (NDSS), San Diego, CA, February 2014.

SafeDispatch: Security C++ Virtual Calls, Dongseok Jang, Zachary Tatlock, and Sorin Lerner, Proceedings of the Network and Distributed System Security Symposium (NDSS), San Diego, CA, February 2014.

Rethinking Verifiably Encrypted Signatures: A Gap in Functionality and Potential Solutions, Theresa Calderon, Sarah Meiklejohn, Hovav Shacham, and Brent Waters, The Cryptographers' Track at the RSA Conference 2014, San Francisco, February 2014.

2013

A Deterministic Single Exponential Time Algorithm for Most Lattice Problems based on Voronoi Cell Computations, Russell Impagliazzo, Ragesh Jaiswal, Valentine Kabanets, and Avi Wigderson, SIAM Journal on Computing 42(3):1364-91, 2013.

A Fistful of Bitcoins: Characterizing Payments Among Men with No Names, Sarah Meiklejohn, Marjori Pomarole, Grant Jordan, Kirill Levchenko, Damon McCoy, Geoffrey M. Voelker, and Stefan Savage, USENIX ;login: 38(6), December 2013.

ViceROI: Catching Click-Spam in Search Ad Networks, Vacha Dave, Saikat Guha, and Yin Zhang, Proceedings of the ACM Conference on Computer and Communications Security, Berlin, Germany, November 2013.

A Fistful of Bitcoins: Characterizing Payments Among Men with No Names, Sarah Meiklejohn, Marjori Pomarole, Grant Jordan, Kirill Levchenko, Damon McCoy, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the ACM Internet Measurement Conference, Barcelona, Spain, October 2013.

Encryption for Deduplicated Storage with DupLESS, Sriram Keelveedhi, Mihir Bellare, and Thomas Ristenpart, Proceedings of the USENIX Security Symposium, Washington D.C., August 2013.

Take This Personally: Pollution Attacks on Personalized Services, Xinyu Xing, Wei Ming, Dan Doozan, Alex C. Snoeren, Nick Feamster, and Wenke Lee, Proceedings of the USENIX Security Symposium, Washington D.C., August 2013.

D(N,o)SSec: Measuring the Practical Impact of DNSSEC Deployment, Wilson Lian, Eric Rescorla, Hovav Shacham, and Stefan Savage, Proceedings of the USENIX Security Symposium, Washington D.C., August 2013.

Practical Comprehensive Bounds on Surreptitious Communication over DNS, Vern Paxson, Mihai Christodorescu, Mobin Javed, Josyula Rao, Reiner Sailer, Doug Shales, Mark Stoecklin, Kurt Thomas, Wietse Venema, and Nicholas Weaver, Proceedings of the USENIX Security Symposium, Washington D.C., August 2013.

ProtectMyPrivacy: Detecting and Mitigating Privacy Leaks on iOS Devices Using Crowsourcing, Yuvraj Agarwal and Malcom Hall, Proceedings of the ACM Conference on Mobile Systems, Appliations and Services (MobiSys), Taipei, Taiwan, June 2013.

Sapper: A Language for Provable Hardware Policy Enforcement, Xun Li, Vineeth Kashyap, Jason Oberg, Mohit Tiwari, Vasanth Rajarathinam, Ryan Kastner, Timothy Sherwood, Ben Hardekopf, and Frederic T. Chong, Proceedings of the Workshop on Programming Languages and Analysis for Security (PLAS), Seattle, WA, June 2013.

A Variational Approximation for Topic Modeling of Hierarchical Corpora, Do-kyum Kim, Geoffrey M. Voelker, and Lawrence K. Saul, Proceedings of the International Conference on Machine Learning, Atlanta, GA, June 2013.

Message-Locked Encryption and Secure Deduplication, Mihir Bellare, Sriram Keelveedhi, and Thomas Ristenpart, Proceedings of Eurocrypt 2013, Athens, Greece, May 2013.

Efficient Garbling from a Fixed-Key Blockcipher, Mihir Bellare, Viet Tung Hoang, Sriram Keelveedhi, and Phillip Rogaway, Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, May 2013.

Welcome to the Entropics: Boot-Time Entropy in Embedded Devices, Keaton Mowery, Michael Wei, David Kohlbrenner, Hovav Shacham, and Steven Swanson, Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, May 2013.

Iago Attacks: Why The System Call API Is a Bad Untrusted RPC Interface, Stephen Checkoway and Hovav Shacham, Proceedings of the 17th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), Houston, TX, March 2013.

A Practical Testing Framework for Isolating Hardware Timing Channels, Jason Oberg, Sarah Meiklejohn, Timothy Sherwood, and Ryan Kastner, Proceedings of the Conference on Design, Automation, and Test in Europe (DATE), Grenoble, France, March 2013.

The Day After Patch Tuesday: Effects Observable in IP Darkspace Traffic, Tanja Zseby, Alistair King, Nevil Borwnlee, and kc claffy, Proceedings of the Passive and Active Measurement Workshop, Hong Kong, China, March 2013.

A Coordinated View of the Temporal Evolution of Large-scale Internet Events, Alistair King, Bradley Huffaker, Alberto Dainotti, and kc claffy, Proceedings of the Passive and Active Measurement Workshop, Hong Kong, China, March 2013.

Succinct Malleable NIZKs and an Application to Compact Shuffles, Melissa Chase, Markulf Kohlweiss, Anna Lysyanskaya, and Sarah Meiklejohn, Proceedings of TCC 2013, Tokyo, Japan, March 2013.

Verifiable Elections That Scale for Free, Melissa Chase, Markulf Kohlweiss, Anna Lysyanskaya, and Sarah Meiklejohn, Proceedings of PKC 2013, Nara, Japan, February 2013.

The k-BDH Assumption Family: Bilinear Map Cryptography from Progressively Weaker Assumptions, Karyn Benson, Hovav Shacham, and Brent Waters, The Cryptographers' Track at the RSA Conference 2013, San Francisco, February 2013.

Juice: A Longitudinal Study of an SEO Campaign, David Wang, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the Network and Distributed System Security Symposium (NDSS), San Diego, CA, February 2013.

Risk-Limiting Audits and the Margin of Victory in Nonplurality Elections, Anand Sarwate, Stephen Checkoway, and Hovav Shacham, Statistics, Politics, and Policy 3(3):29-64, January 2013.

Algorithms for the Densest Sub-Lattice Problem, Daniel Dadush and Daniele Micciancio, ACM-SIAM Symposium on Discrete Algorithms, New Orleans, January 2013, pages 1103-22.

An equational approach to secure multi-party computation, Daniele Micciancio and Stefano Tessaro, ITCS 2013: Innovations in Theoretical Computer Science, Berkeley, January 2013.

Eliminating Timing Information Flows in a Mix-trusted System-on-Chip, Jason Oberg, Timothy Sherwood, and Ryan Kastner, IEEE Design and Test of Computers, 2013.

Compact Proofs of Retrievability, Hovav Shacham and Brent Waters, Journal of Cryptology, 2013.

Sequential Aggregate Signatures and Multisignatures without Random Oracles, Steve Lu, Rafail Ostrovsky, Amit Sahai, Hovav Shacham, and Brent Waters, Journal of Cryptology 26(2):340-73, April 2013.

2012

Adaptively Secure Garbling with Applications to One-Time Programs and Secure Outsourcing, Mihir Bellare, Viet Tung Hoang, and Phillip Rogaway, Proceedings of Asiacrypt 2012, Beijing, China, December 2012.

RKA Security beyond the Linear Barrier: IBE, Encryption and Signatures, Mihir Bellare, Kenneth G. Paterson, and Susan Thomson, Proceedings of Asiacrypt 2012, Beijing, China, December 2012.

Simultaneous Information Flow Security and Circuit Redundancy in Boolean Gates, Wei Hu, Jason Oberg, Dejun Mu, and Ryan Kastner, Proceedings of the 2012 International Conference on Computer Aided Design (ICCAD), San Jose, CA, November 2012.

Taster's Choice: A Comparative Analysis of Spam Feeds, Andreas Pitsillidis, Chris Kanich, Geoffrey M. Voelker, Kirill Levchenko, and Stefan Savage, Proceedings of the ACM Internet Measurement Conference, Boston, MA, November 2012.

Analyis of a '/0' Stealth Scan from a Botnet, Alberto Dainotti, Alistair King, kc claffy, Ferdinando Papale, and Antonio Pescapé, Proceedings of the ACM Internet Measurement Conference, Boston, MA, November 2012.

Achieving Oblivious Transfer Capacity of Generalized Erasure Channel in the Malicious Model, Nico Döttling, Rafael Dowsley, Jörn Müller-Quade, and Anderson C. A. Nascimento, IEEE Transactions on Information Theory 58(10):6672-80, October 2012.

On-Line Ciphers and the Hash-CBC Constructions, Mihir Bellare, Alexandra Boldyreva, Lars Knudsen, and Chanathip Namprempre, Journal of Cryptology 25(4):640-79, October 2012.

Are AES x86 Cache Timing Attacks Still Feasible? (short paper), Keaton Mowery, Sriram Keelveedhi, and Hovav Shacham, Proceedings of the Cloud Computing Security Workshop (CCSW), October 2012.

Torchestra: Reducing Interactive Traffic Delays over Tor, Deepika Gopal and Nadia Heninger, Proceedings of the Workshop on Privacy in the Electronic Society (WPES), Raleigh, NC, October 2012.

Priceless: The Role of Payments in Abuse-advertised Goods, Damon McCoy, Hitesch Dharmdasani, Christian Kreibich, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the ACM Conference on Computer and Communications Security, Raleigh, NC, October 2012.

Manufacturing Compromise: The Emergence of Exploit-as-a-Service, Chris Grier, Lucas Ballard, Juan Caballero, Neha Chachra, Christian J. Dietrich, Kirill Levchenko, Panayiotis Mavrommatis, Damon McCoy, Antonio Nappa, Andreas Pitsillidis, Niels Provos, Zubair Rafique, Moheeb Abu Rajab, Christian Rossow, Kurt Thomas, Vern Paxson, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the ACM Conference on Computer and Communications Security, Raleigh, NC, October 2012.

Foundations of Garbled Circuits, Mihir Bellare, Viet Tung Hoang, and Philip Rogaway, Proceedings of the ACM Conference on Computer and Communications Security, Raleigh, NC, October 2012.

Inapproximability of the Shortest Vector Problem: Toward a Deterministic Reduction, Daniele Micciancio, Theory of Computing 8(22):487-512, October 2012.

Multi-Instance Security and its Application to Password-Based Cryptography, Mihir Bellare, Thomas Ristenpart, and Stefano Tessaro, Proceedings of Crypto 2012, Santa Barbara, CA, August 2012.

Semantic Security for the Wiretap Channel, Mihir Bellare, Stefano Tessaro and Alexander Vardy, Proceedings of Crypto 2012, Santa Barbara, CA, August 2012.

PharmaLeaks: Understanding the Business of Online Pharmaceutical Affiliate Programs, Damon McCoy, Andreas Pitsillidis, Grant Jordan, Nicholas Weaver, Christian Kreibich, Brian Krebs, Geoffrey M. Voelker, Stefan Savage, and Kirill Levchenko, Proceedings of the USENIX Security Symposium, Bellevue, WA, August 2012.

Mining Your Ps and Qs: Detection of Widespread Weak Keys in Network Devices, Nadia Heninger, Zaikr Durumeric, Eric Wustrow, and J. Alex Halderman, Proceedings of the USENIX Security Symposium, Bellevue, WA, August 2012.

Optimally Robust Private Information Retrieval, Casey Devet, Ian Goldberg, and Nadia Heninger, Proceedings of the USENIX Security Symposium, Bellevue, WA, August 2012.

Establishing Browser Security Guarantees through Formal Shim Verification, Dongseok Jang, Zachary Tatlock, and Sorin Lerner, Proceedings of the USENIX Security Symposium, Bellevue, WA, August 2012.

Operator-Assisted Tabulation of Optical Scan Ballots, Kai Wang, Eric Kim, Nicholas Carlini, Ivan Motyashov, Daniel Nguyen, and David Wagner, Proceedings of EVT/WOTE 2012, Seattle, WA, August 2012.

When Good Services Go Wild: Reassembling Web Services for Unintended Purposes, Feng Lu, Jiaqi Zhang, and Stefan Savage, Proceedings of the USENIX Workshop on Hot Topics in Security, Bellevue, WA, August 2012.

Approximate Common Divisors via Lattices, Henry Cohn and Nadia Heninger, ANTS-X: The 10th Algorithmic Number Theory Symposium, San Diego, CA, July 2012.

CSolve: Verifying C With Liquid Types, Patrick Rondon, Alexander Bakst, Ming Kawaguchi, and Ranjit Jhala, Proceedings of the 24th Conference on Computer-Aided Verification (CAV), Berkeley, CA, July 2012.

On the Complexity of Generating Gate Level Information Flow Tracking Logic, Wei Hu, Jason Oberg, Ali Irturk, Mohit Tiwari, Timothy Sherwood, Dejun Mu, and Ryan Kastner, IEEE Transactions on Information Forensics and Security (TIFS) 7(3):1067-80, June 2012.

Measuring the Cost of Cybercrime, Ross Anderson, Chris Barton, Rainer Boehme, Richard Clayton, Michel J.G. van Eeten, Michael Levi, Tyler Moore, and Stefan Savage, Proceedings of the Workshop on the Economics of Information Security (WEIS), Berlin, Germany, June 2012.

Economic Analysis of Cybercrime in Crowdsourced Labor Markets, Vaibhav Garg, Chris Kanich, and L. Jean Camp, Proceedings of the Workshop on the Economics of Information Security (WEIS), Berlin, Germany, June 2012.

Software Abstractions for Trusted Sensors, He Liu, Stefan Saroiu, Alex Wolman, and Humanshu Raj, Proceedings of the ACM Conference on Mobile Systems, Appliations and Services (MobiSys), Low Wood Bay, Lake District, UK, June 2012.

Pixel Perfect: Fingerprinting Canvas in HTML5, Keaton Mowery and Hovav Shacham, Proceedings of Web 2.0 Security and Privacy 2012 (W2SP), San Franciso, May 2012.

On the (Im)possibility of Obfuscating Programs, Boaz Barak, Oded Goldreich, Russell Impagliazzo, Steven Rudich, Amit Sahai, Salil Vadhan, and Ke Yang, Journal of ACM 59(2), April 2012.

Standard Security Does Not Imply Security Against Selective-Opening, Mihir Bellare, Rafael Dowsley, Brent Waters, and Scott Yilek, Proceedings of Eurocrypt 2012, Cambridge, England, April 2012.

Identity-Based (Lossy) Trapdoor Functions and Applications, Mihir Bellare, Eike Kiltz, Chris Peikert, and Brent Waters, Proceedings of Eurocrypt 2012, Cambridge, England, April 2012.

Malleable Proof Systems and Applications, Melissa Chase, Markulf Kohlweiss, Anna Lysyanskaya, and Sarah Meiklejohn, Proceedings of Eurocrypt 2012, Cambridge, England, April 2012.

Efficient and Optimally Secure Key-Length Extension for Block Ciphers via Randomized Cascading, Peter Gazi and Stefano Tessaro, Proceedings of Eurocrypt 2012, Cambridge, England, April 2012.

Trapdoors for Lattices: Simpler, Tighter, Faster, Smaller, Daniele Micciancio and Chris Peikert, Proceedings of Eurocrypt 2012, Cambridge, England, April 2012.

Return-Oriented Programming: Systems, Languages and Applications, Ryan Roemer, Erik Buchanan, Hovav Shacham, and Stefan Savage, ACM Transactions on Information and System Security 15(1), March 2012.

Providing Safe, User Space Access to Fast, Solid State Disks, Adrian Caulfield, Todor Mollov, Louis Eisner, Arup De, Joel Coburn, and Steven Swanson, Proceedings of the 17th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), London, March 2012.

The BIZ Top-Level Domain: Ten Years Later, Tristan Halvorson, Janos Szurdi, Gregor Maier, Mark Felegyhazi, Christian Kreibich, Nicholas Weaver, Kirill Levchenko, and Vern Paxson, Proceedings of the Passive and Active Measurement Workshop, Vienna, Austria, March 2012.

Oblivious Transfer Based on the McEliece Assumptions, Rafael Dowsley, Jeroen van de Graaf, Jörn Müller-Quade, and Anderson C. A. Nascimento, IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences E95-A(2):567-575, February 2012.

Extracting benefit from harm: using malware pollution to analyze the impac of political and geophysical events on the Internet, Alberto Dainotti, Roman Amman, Emil Aben, and kc claffy, ACM SIGCOMM Computer Communication Review 42(1), January 2012.

2011

In Planning Digital Defenses, the Biggest Obstacle is Human Ingenuity, Stefan Savage, New York Times, Dec 6 2011.

Cryptography Secure Against Related-Key Attack, Mihir Bellare, David Cash, and Rachel Miller, Proceedings of Asiacrypt 2011, Seoul, Korea, December 2011.

Practical Containment for Measuring Modern Malware Systems, Christian Kreibich, Nicholas Weaver, Chris Kanich, Wedong Cui, and Vern Paxson, Proceedings of the ACM Internet Measurement Conference, Berlin, CA, November 2011.

An Analysis of Underground Forums, Marti Motoyama, Damon McCoy, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the ACM Internet Measurement Conference, Berlin, CA, November 2011.

Analysis of Country-wide Internet Outages Caused by Censorship, Alberto Dainotti, Claudio Squarcella, Emile Aben, kc claffy, Marco Chiesa, Michele Russo, and Antonio Pescapé, Proceedings of the ACM Internet Measurement Conference, Berlin, CA, November 2011.

Do You Know Where Your Cloud Files Are?, Karyn Benson, Rafael Dowsley, and Hovav Shacham, Proceedings of the Cloud Computing Security Workshop (CCSW), October 2011.

Eliminating Fine Grained Timers in Xen, Bhanu C. Vattikonda, Sambit Das, and Hovav Shacham, Proceedings of the Cloud Computing Security Workshop (CCSW), October 2011.

Judging a site by its content: learning the textual, structural, and visual features of malicious Web pages, Sushma Nagesh Bannur, Lawrence K. Saul, and Stefan Savage, Proceedings of the ACM Workshop on Artificial Intelligence and Security (AISEC), Chicago, IL, October 2011.

Topic Modeling of Freelance Job Postings to Monitor Web Service Abuse, Do-kyum Kim, Marti Motoyama, Geoffrey M. Voelker, and Lawrence K. Saul, Proceedings of the ACM Workshop on Artificial Intelligence and Security (AISEC), Chicago, IL, October 2011.

Cloak and Dagger: Dynamics of Web Search Cloaking, David Wang, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the ACM Conference on Computer and Communications Security, Chicago, IL, October 2011.

Ciphers that Encipher their Own Keys, Mihir Bellare, David Cash, and Sriram Keelveedhi, Proceedings of the ACM Conference on Computer and Communications Security, Chicago, IL, October 2011.

Theoretical Fundamentals of Gate Level Information Flow Tracking, Wei Hu, Jason Oberg, Ali Irturk, Mohit Tiwari, Timothy Sherwood, Dejun Mu, and Ryan Kastner, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems (TCAD) 30(8):1128-40, August 2011.

Achieving Oblivious Transfer Capacity of Generalized Erasure Channel in the Malicious Model, Adriana C. B. Pinto, Rafael Dowsley, Kirill Morozov, and Anderson C. A. Nascimento, IEEE Transactions on Information Theory 57(8):5566-71, August 2011.

The Geometry of Lattice Cryptography, Daniele Micciancio, Foundations of Security Analysis and Design VI -- FOSAD Tutorial Lectures, August 2011.

Authenticated and Misuse-Resistant Encryption of Key-Dependent Data, Mihir Bellare and Sriram Keelveedhi, Proceedings of Crypto 2011, Santa Barbara, CA, August 2011.

Pseudorandom Knapsacks and the Sample Complexity of LWE Search-to-Decision Reductions, Daniele Micciancio and Petros Mol, Proceedings of Crypto 2011, Santa Barbara, CA, August 2011.

Interview with Stefan Savage: On the Spam Payment Trail, Rik Farrow and Stefan Savage, USENIX ;login: 36(4):7-20, August 2011.

Putting Out a HIT: Crowdsourcing Malware Installs, Chris Kanich, Stephen Checkoway, and Keaton Mowery, Proceedings of the USENIX Workshop On Offensive Technologies (WOOT), San Francisco, CA, August 2011.

Heat of the Moment: Characterizing the Efficacy of Thermal Camera-Based Attacks, Keaton Mowery, Sarah Meiklejohn, and Stefan Savage, Proceedings of the USENIX Workshop On Offensive Technologies (WOOT), San Francisco, CA, August 2011.

No Plan Survives Contact: Experience with Cybercrime Measurement, Chris Kanich, Neha Chachra, Damon McCoy, Chris Grier, David Wang, Marti Motoyama, Kirill Levchenko, Stefan Savage, and Geoffrey M. Voelker, Proceedings of Workshop on Cyber Security Experimentation and Test (CSET), August 2011.

ExperimenTor: A Testbed for Safe Realistic Tor Experimentation, Kevin Bauer, Micah Sherr, Damon McCoy, and Dirk Grunwald, Proceedings of Workshop on Cyber Security Experimentation and Test (CSET), August 2011.

Show Me the Money: Characterizing Spam-advertised Revenue, Chris Kanich, Nicholas Weaver, Damon McCoy, Tristan Halvorson, Christian Kreibich, Kirill Levchenko, Vern Paxson, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the USENIX Security Symposium, San Francisco, CA, August 2011.

Dirty Jobs: The Role of Freelance Labor in Web Service Abuse, Marti Motoyama, Damon McCoy, Kirill Levchenko, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the USENIX Security Symposium, San Francisco, CA, August 2011.

Comprehensive Experimental Analyses of Automotive Attack Surfaces, Stephen Checkoway, Damon McCoy, Danny Anderson, Brian Kantor, Hovav Shacham, Stefan Savage, Karl Koscher, Alexei Czeskis, Franziska Roesner, and Tadayoshi Kohno, Proceedings of the USENIX Security Symposium, San Francisco, CA, August 2011.

The Phantom Tollbooth: Privacy-preserving Electronic Toll Collection in the Presence of Driver Collusion, Sarah Meiklejohn, Keaton Mowery, Stephen Checkoway, and Hovav Shacham, Proceedings of the USENIX Security Symposium, San Francisco, CA, August 2011.

DefenestraTor: Throwing out Windows in Tor, Mashael AlSabah, Kevin Bauer, Ian Goldberg, Dirk Grunwald, Damon McCoy, Stefan Savage, and Geoffrey M. Voelker, Privacy Enhancing Technologies Symposium, Waterloo, Canada, July 2011.

3-D Extensions for Trustworthy Systems (invited paper), Ted Huffmire, Timothy Levin, Cynthia Irvine, Ryan Kastner, and Timothy Sherwood, Proceedings of the International Conference on Engineering of Reconfigurable Systems and Algorithms (ERSA), Las Vegas, Nevada, July 2011.

Enforcing Information Flow Guarantees in Reconfigurable Systems with Mix-Trusted IP (invited paper), Ryan Kastner, Jason Oberg, Wei Hu, and Ali Irturk, Proceedings of the International Conference on Engineering of Reconfigurable Systems and Algorithms (ERSA), Las Vegas, Nevada, July 2011.

The Equivalence of the Random Oracle Model and the Ideal Cipher Model, Revisited, Thomas Holenstein, Robin Künzler, and Stefano Tessaro, 43rd Annual ACM Symposium on Theory of Computing, San Jose, CA, June 2011.

An Improved Encoding Technique for Gate Level Information Flow Tracking, Wei Hu, Jason Oberg, Ali Irturk, Mohit Tiwari, Timothy Sherwood, Dejun Mu, and Ryan Kastner, Proceedings of the 20th International Workshop on Logic and Synthesis (IWLS), San Diego, CA, June 2011.

Information Flow Isolation in I2C and USB, Jason Oberg, Wei Hu, Ali Irturk, Mohit Tiwari, Timothy Sherwood, and Ryan Kastner, Proceedings of the 48th Design Automation Conference (DAC), San Diego, June 2011.

Crafting a Usable Microkernel, Processor, and I/O System with Strict and Provable Information Flow Security, Mohit Tiwari, Jason Oberg, Xun Li, Jonathan K. Valamehr, Timothy Levin, Ben Hardekopf, Ryan Kastner, Frederic T. Chong, and Timothy Sherwood, Proceedings of the 38th International Symposium of Computer Architecture (ISCA), San Jose, CA, June 2011.

Privacy-preserving Network Forensics, Mikhail Afanasyev, Tadayoshi Kohno, Justin Ma, Nick Murphy, Stefan Savage, Alex C. Snoeren, and Geoffrey M. Voelker, Communications of the Association for Computing Machinery 54(5), May 2011.

Extracting Device Fingerprints from Flash Memory by Exploiting Physical Variations, Pravin Prabhu, Ameen Akel, Laura Grupp, Wing-Key Yu, G. Edward Suh, Edwin Kan, and Steven Swanson, Proceedings of the 4th International Conference on Trust and Trustworthy Computing (TRUST), Pittsburg, Pennsylvania, June 2011.

Analyzing the Cross-domain Policies of Flash Applications, Dongseok Jang, Aishwarya Venkataraman, G. Michael Sawka, and Hovav Shacham, Proceedings of Web 2.0 Security and Privacy 2011 (W2SP), San Franciso, May 2011.

Fingerprinting Information in JavaScript Implementations, Keaton Mowery, Dillon Bogenreif, Scott Yilek, and Hovav Shacham, Proceedings of Web 2.0 Security and Privacy 2011 (W2SP), San Franciso, May 2011.

Click Trajectories: End-to-End Analysis of the Spam Value Chain, Kirill Levchenko, Andreas Pitsillidis, Neha Chachra, Brandon Enright, Márk Félegyházi, Chris Grier, Tristan Halvorson, Chris Kanich, Christian Kreibich, He Liu, Damon McCoy, Nicholas Weaver, Vern Paxson, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, May 2011, pages 431-446.

Efficient Authentication from Hard Learning Problems, Eike Kiltz, Krzysztof Pietrzak, David Cash, Abhishek Jain, and Daniele Venturi, Proceedings of Eurocrypt 2011, Tallinn, Estonia, May 2011.

Careful with Composition: Limitations of the Indifferentiability Framework, Thomas Ristenpart, Hovav Shacham, and Thomas Shrimpton, Proceedings of Eurocrypt 2011, Tallinn, Estonia, May 2011.

On the Effects of Registrar-level Intervention, He Liu, Kirill Levchenko, Mark Felegyhazi, Christian Kreibich, Gregor Maier, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the USENIX Workshop on Large-scale Exploits and Emergent Threats (LEET), Boston, MA, March 2011.

Got Traffic? An Evaluation of Click Traffic Providers, Qing Zhang, Thomas Ristenpart, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the WICOM/AIRWeb Workshop on Web Quality (WebQuality), Hyderabad, India, Mar 2011.

Security Amplification for the Cascade of Arbitrarily Weak PRPs: Tight Bounds via the Interactive Hardcore Lemma, Stefano Tessaro, Proceedings of TCC 2011, Providence, Rhode Island, March 2011.

Identity-Based Encryption Secure Against Selective Opening Attack, Mihir Bellare, Brent Waters, and Scott Yilek, Proceedings of TCC 2011, Providence, Rhode Island, March 2011.

Proximax: Fighting Censorship with an Adaptive System for Distribution of Open Proxies, Kirill Levchenko, Jose Andre Morales, and Damon McCoy, Proceedings of the International Conference on Financial Cryptography and Data Security, St Lucia, February 2011.

Learning to Detect Malicious URLs, Justin Ma, Lawrence K Saul, Stefan Savage, and Geoffrey M Voelker, ACM Transactions on Intelligent Systems and Technology (TIST) 2(3), April 2011.

Universally Composable and Statistically Secure Verifiable Secret Sharing Scheme Based on Pre-Distributed Data, Rafael Dowsley, Jöorn Müller-Quade, Akira Otsuka, Goichiro Hanaoka, Hideki Imai, and Anderson C. A. Nascimento, IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences E94-A(2):725-34, February 2011.

Reliably Erasing Data From Flash-based Solid State Drives, Michael Wei, Laura M. Grupp, Frederick E. Spada, and Steven Swanson, Proceedings of the 9th USENIX Conference on File and Storage Technologies, San Jose, CA, February 2011.

2010

Hardware Assistance for Trustworthy Systems through 3-D Integration, Jonathan Valamehr, Mohit Tiwari, Timothy Sherwood, Ryan Kastner, Ted Huffmire, Cynthia Irvine, and Timothy Levin, Proceedings of ACSAC 2010, Austin, TX, December 2010.

Practical Defenses for Evil Twin Attacks in 802.11, Harold Gonzales, Kevin Bauer, Janne Lindqvist, and Damon McCoy, Proceedings of IEEE GlobeCom 2010, Miami, FL, December 2010.

Toward Improving Path Selection in Tor, Fallon T. Chen and Joseph Pasquale, Proceedings of IEEE GlobeCom 2010, Miami, FL, December 2010.

Random Oracles with(out) Programmability, Marc Fischlin, Anja Lehmann, Thomas Ristenpart, Thomas Shrimpton, Martijn Stam, and Stefano Tessaro, Proceedings of Asiacrypt 2010, Singapore, December 2010.

Limitations on Transformations from Composite-Order to Prime-Order Groups: The Case of Round-Optimal Blind Signatures, Sarah Meiklejohn, Hovav Shacham, and David Mandell Freeman, Proceedings of Asiacrypt 2010, Singapore, December 2010.

An Empirical Study of Privacy-Violating Information Flows in JavaScript Web Applications, Dongseok Jang, Ranjit Jhala, Sorin Lerner, and Hovav Shacham, Proceedings of the ACM Conference on Computer and Communications Security, Chicago, October 2010.

Return-Oriented Programming without Returns, Stephen Checkoway, Lucas Davi, Alexandra Dmitrienko, Ahmad-Reza Sadeghi, Hovav Shacham, and Marcel Winandy, Proceedings of the ACM Conference on Computer and Communications Security, Chicago, October 2010.

Hardware Trust Implications of 3-D Integration, Ted Huffmire, Timothy Levin, Michael Bilzor, Cynthia Irvine, Jonathan Valamehr, Mohit Tiwari, Timothy Sherwood, and Ryan Kastner, Proceedings of the 5th Workshop on Embedded Systems Security (WESS), Scottsdale, AZ, October 2010.

Pseudorandom Functions and Permutations Provably Secure Against Related-Key Attacks, Mihir Bellare and David Cash, Proceedings of Crypto 2010, Santa Barbara, CA, August 2010.

ZKPDL: A Language-based System for Efficient Zero-Knowledge Proofs and Electronic Cash, Sarah Meiklejohn, C. Chris Erway, Alptekin Kupcu, Theodora Hinkle, and Anna Lysyanskaya, Proceedings of the USENIX Security Symposium, Washington, D.C., August 2010.

Re: CAPTCHAs -- Understanding CAPTCHA Solving from an Economic Context, Marti Motoyama, Kirill Levchenko, Chris Kanich, Damon McCoy, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the USENIX Security Symposium, Washington, D.C., August 2010.

Efficient User-Guided Ballot Image Verification, Arel Cordero, Theron Ji, Alan Tsai, Keaton Mowery, and David Wagner, Proceedings of EVT/WOTE 2010, Washington, D.C., August 2010.

Single-Ballot Risk-Limiting Audits Using Convex Optimization, Stephen Checkoway, Anand Sarwate, and Hovav Shacham, Proceedings of EVT/WOTE 2010, Washington, D.C., August 2010.

OpenScan: A Fully Transparent Optical Scan Voting System, Kai Wang, Eric Rescorla, Hovav Shacham, and Serge Belongie, Proceedings of EVT/WOTE 2010, Washington, D.C., August 2010.

Don't Take LaTeX Files from Strangers, Stephen Checkoway, Hovav Shacham, and Eric Rescorla, USENIX ;login: 35(4), August 2010.

Beyond Heuristics: Learning to Classify Vulnerabilities and Predict Exploits, Mehran Bozorgi, Lawrence K. Saul, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the ACM SIGKDD Conference, Washington D.C., July 2010.

A Deterministic Single Exponential Time Algorithm for Most Lattice Problems based on Voronoi Cell Computations, Daniele Micciancio and Panagiotis Voulgaris, 42nd Annual ACM Symposium on Theory of Computing, Cambridge, MA, June 2010.

Theoretical Analysis of Gate Level Information Flow Tracking, Jason Oberg, Wei Hu, Ali Irturk, Mohit Tiwari, Timothy Sherwood, and Ryan Kastner, Proceedings of the 47th Design Automation Conference (DAC), Anaheim, CA, June 2010.

Security Primitives for Reconfigurable Hardware Based Systems, Ted Huffmire, Brett Brotherton, Gang Wang, Timothy Sherwood, Ryan Kastner, Timothy Levin, Thuy D. Nguyen, and Cynthia Irvine, ACM Transactions on Reconfigurable Technology and Systems (TRETS) 3(2), May 2010.

Experimental Security Analysis of a Modern Automobile, Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, Tadayoshi Kohno, Stephen Checkoway, Damon McCoy, Brian Kantor, Danny Anderson, Hovav Shacham, and Stefan Savage, Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, May 2010.

Exploiting Feature Covariance in High-Dimensional Online Learning, Justin Ma, Alex Kulesza, Mark Dredze, Koby Crammer, Lawrence K. Saul, and Fernando Pereira, Proceedings of the International Conference on Artificial Intelligence and Statistics (AISTATS), Sardinia, Italy, May 2010.

Computational Soundness, Co-Induction, and Encryption Cycles, Daniele Micciancio, Proceedings of Eurocrypt 2010, Nice, France, May 2010.

Cryptographic Agility and Its Relation to Circular Encryption, Tolga Acar, Mira Belenkiy, Mihir Bellare, and David Cash, Proceedings of Eurocrypt 2010, Nice, France, May 2010.

Bonsai Trees, or How to Delegate a Lattice Basis, David Cash, Dennis Hofheinz, Eike Kiltz, and Chris Peikert, Proceedings of Eurocrypt 2010, Nice, France, May 2010.

Chosen-Ciphertext Security from Slightly Lossy Trapdoor Functions, Petros Mol and Scott Yilek, Proceedings of PKC 2010, Paris, May 2010.

Are Text-Only Data Formats Safe? Or, Use This LaTeX Class File to Pwn Your Computer, Stephen Checkoway, Hovav Shacham, and Eric Rescorla, Proceedings of the USENIX Workshop on Large-scale Exploits and Emergent Threats (LEET), San Jose, CA, April 2010.

Carousel: Scalable Logging for Intrusion Prevention Systems, Terry Lam, Michael Mitzenmacher, and George Varghese, Proceedings of the 7th ACM/USENIX Symposium on Networked Systems Design and Implementation (NSDI), San Jose, CA, April 2010.

The RSA Group is Pseudo-Free, Daniele Micciancio, Journal of Cryptology 23(2):169-86, April 2010.

Neon: System Support for Derived Data Management, Qing Zhang, John McCullough, Justin Ma, Navil Schear, Michael Vrable, Amin Vahdat, Alex C. Snoeren, and Geoffrey M. Voelker, Proceedings of the ACM International Conference on Virtual Execution Environments (VEE), Pittsburgh, PA, March 2010.

Resettable Public-Key Encryption: How to Encrypt on a Virtual Machine, Scott Yilek, The Cryptographers' Track at the RSA Conference 2010, San Francisco, March 2010.

Leaping Multiple Headers in a Single Bound: Wire Speed Parsing using the Kangaroo System, Christos Kozanitis, John Huber, Sushil Singh, and George Varghese, Proceedings of the IEEE Infocom Conference, San Diego, CA, March 2010.

Botnet Judo: Fighting Spam with Itself, Andreas Pitsillidis, Kirill Levchenko, Christian Kreibich, Chris Kanich, Geoffrey M. Voelker, Vern Paxson, Nicholas Weaver, and Stefan Savage, Proceedings of the Network and Distributed System Security Symposium (NDSS), San Diego, CA, February 2010.

When Good Randomness Goes Bad: Virtual Machine Reset Vulnerabilities and Hedging Deployed Cryptography, Thomas Ristenpart and Scott Yilek, Proceedings of the Network and Distributed System Security Symposium (NDSS), San Diego, CA, February 2010.

Faster Exponential Time Algorithms for the Shortest Vector Problem, Daniele Micciancio and Panagiotis Voulgaris, ACM-SIAM Symposium on Discrete Algorithms, Austin, TX, January 2010, pages 1468-80.

Robust Encryption, Michel Abdalla, Mihir Bellare, and Gregory Neven, Proceedings of TCC 2010, Zurich, March 2010, pages 480-97.

Uniform Direct Product Theorems: Simplified, Optimized, and Derandomized, Russell Impagliazzo, Ragesh Jaiswal, Valentine Kabanets, and Avi Wigderson, SIAM Journal on Computing 39(4):1637-65, January 2010.

2009

Hedged Public-Key Encryption: How to Protect Against Bad Randomness, Mihir Bellare, Zvika Brakerski, Moni Naor, Thomas Ristenpart, Gil Segev, Hovav Shacham, and Scott Yilek, Proceedings of Asiacrypt 2009, Tokyo, December 2009.

Foundations of Non-Malleable Hash and One-Way Functions, Alexandra Boldyreva, David Cash, Marc Fischlin, and Bogdan Warinschi, Proceedings of Asiacrypt 2009, Tokyo, December 2009.

Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds, Thomas Ristenpart, Eran Tromer, Hovav Shacham, and Stefan Savage, Proceedings of the ACM Conference on Computer and Communications Security, Chicago, November 2009.

When Private Keys are Public: Results from the 2008 Debian OpenSSL Debacle, Scott Yilek, Eric Rescorla, Hovav Shacham, Brandon Enright, and Stefan Savage, Proceedings of the ACM Internet Measurement Conference, Chicago, November 2009.

Spamalytics: An Empirical Analysis of Spam Marketing Conversion, Chris Kanich, Christian Kreibich, Kirill Levchenko, Brandon Enright, Geoffrey M. Voelker, Vern Paxson, and Stefan Savage, Communications of the Association for Computing Machinery 52(9):99-107, September 2009.

Reconstructing RSA Private Keys from Random Key Bits, Nadia Heninger and Hovav Shacham, Proceedings of Crypto 2009, Santa Barbara, CA, August 2009.

Randomizable Proofs and Delegatable Anonymous Credentials, Mira Belenkiy, Jan Camenisch, Melissa Chase, Markulf Kohlweiss, Anna Lysyanskaya, and Hovav Shacham, Proceedings of Crypto 2009, Santa Barbara, CA, August 2009.

On Bounded Distance Decoding, Unique Shortest Vectors, and the Minimum Distance Problem, Vadim Lyubashevsky and Daniele Micciancio, Proceedings of Crypto 2009, Santa Barbara, CA, August 2009.

Format-Preserving Encryption, Mihir Bellare, Thomas Ristenpart, Phillip Rogaway, and Till Stegers, Proceedings of Selected Areas in Cryptography (SAC) 2009, Calgary, Canada, August 2009.

Can DREs Provide Long-Lasting Security? The Case of Return-Oriented Programming and the AVC Advantage, Stephen Checkoway, Ariel J. Feldman, Brian Kantor, J. Alex Halderman, Edward W. Felten, and Hovav Shacham, Proceedings of EVT/WOTE 2009, Montreal, Canada, August 2009.

Enlisting ISPs to Improve Online Privacy: IP Address Mixing by Default, Barath Raghavan, Tadayoshi Kohno, Alex C. Snoeren, and David Wetherall, Privacy Enhancing Technologies Symposium, Seattle, Washington, August 2009.

Secure and Policy-Compliant Source Routing, Barath Raghavan, Patrick Verkaik, and Alex C. Snoeren, IEEE/ACM Transactions on Networking 17(4), August 2009.

Identifying Suspicious URLs: An Application of Large-Scale Online Learning, Justin Ma, Lawrence K. Saul, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the 26th Annual International Conference on Machine Learning (ICML 2009), Montreal, Quebec, June 2009.

Beyond Blacklists: Learning to Detect Malicious Web Sites from Suspicious URLs, Justin Ma, Lawrence K. Saul, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the ACM SIGKDD Conference, Paris, France, June 2009.

Possibility and Impossibility Results for Encryption and Commitment Secure under Selective Opening, Mihir Bellare, Dennis Hofheinz, and Scott Yilek, Proceedings of Eurocrypt 2009, Cologne, April 2009.

Simulation without the Artificial Abort: Simplified Proof and Improved Concrete Security for Waters' IBE Scheme, Mihir Bellare and Thomas Ristenpart, Proceedings of Eurocrypt 2009, Cologne, April 2009.

Salvaging Merkle-Damgard for Practical Applications, Yevgeniy Dodis, Thomas Ristenpart, and Thomas Shrimpton, Proceedings of Eurocrypt 2009, Cologne, April 2009.

Defending Mobile Phones from Proximity Malware, Gjergji Zyba, Geoffrey M. Voelker, Michael Lilijenstam, András Méhes, and Per Johansson, Proceedings of the IEEE Infocom Conference, Rio de Janeiro, Brazil, April 2009.

Spamcraft: An Inside Look at Spam Campaign Orchestration, Christian Kreibich, Chris Kanich, Kirill Levchenko, Brandon Enright, Geoffrey M. Voelker, Vern Paxson, and Stefan Savage, Proceedings of the USENIX Workshop on Large-scale Exploits and Emergent Threats (LEET), Boston, MA, April 2009.

Key Insulation and Intrusion Resilience over a Public Channel, Mihir Bellare, Shanshan Duan, and Adriana Palacio, The Cryptographers' Track at the RSA Conference 2009, San Francisco, April 2009, pages 84-99.

Security Amplification for Interactive Cryptographic Primitives, Yevgeniy Dodis, Russell Impagliazzo, Ragesh Jaiswal, and Valentine Kabanets, Proceedings of TCC 2009, San Francisco, March 2009, pages 128-45.

Lattice-Based Cryptography, Daniele Micciancio and Oded Regev, In Post Quantum Cryptography. Bernstein, Daniel J. and Buchmann, Johannes and Dahmen, Erik, editor. Springer-Verlag, 2009.

Detecting Malicious Packet Losses, Alper Mizrak, Stefan Savage, and Keith Marzullo, IEEE Transactions on Parallel and Distributed Systems 20(2), February 2009.

Security Proofs for Identity-Based Identification and Signature Schemes, Mihir Bellare, Chanathip Namprempre, and Gregory Neven, Journal of Cryptology 22(1):1-61, January 2009.

Chernoff-Type Direct Product Theorems, Russell Impagliazzo, Ragesh Jaiswal, and Valentine Kabanets, Journal of Cryptology 22(1):75-92, January 2009.

2008

Hash Functions from Sigma Protocols and Improvements to VSH, Mihir Bellare and Todor Ristov, Proceedings of Asiacrypt 2008, Melbourne, Australia, December 2008.

Compact Proofs of Retrievability, Hovav Shacham and Brent Waters, Proceedings of Asiacrypt 2008, Melbourne, Australia, December 2008, pages 90-107.

When Good Instructions Go Bad: Generalizing Return-Oriented Programming to RISC, Erik Buchanan, Ryan Roemer, Hovav Shacham, and Stefan Savage, Proceedings of the ACM Conference on Computer and Communications Security, Washington, D.C., October 2008, pages 27-38.

Spamalytics: an Empirical Analysis of Spam Marketing Conversion, Chris Kanich, Christian Kreibich, Kirill Levchenko, Brandon Enright, Vern Paxson, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the ACM Conference on Computer and Communications Security, Washington, D.C., October 2008, pages 3-14.

Reconsidering Physical Key Secrecy: Teleduplication via Optical Decoding, Benjamin Laxton, Kai Wang, and Stefan Savage, Proceedings of the ACM Conference on Computer and Communications Security, Washington, D.C., October 2008, pages 469-77.

Deterministic Encryption: Definitional Equivalences and Constructions without Random Oracles, Mihir Bellare, Marc Fischlin, Adam O'Neill, and Thomas Ristenpart, Proceedings of Crypto 2008, Santa Barbara, CA, August 2008, pages 360-78.

From Identification to Signatures Via the Fiat-Shamir Transform: Necessary and Sufficient Conditions for Security and Forward-Security, Michel Abdalla, Jee Hea An, Mihir Bellare, and Chanathip Namprempre, IEEE Transactions on Information Theory 54(8):3631-46, August 2008.

Optimal Communication Complexity of Generic Multicast Key Distribution, Daniele Micciancio and Saurabh Panjwani, IEEE/ACM Transactions on Networking 16(4):803-13, August 2008.

Privacy-preserving Location Tracking of Lost or Stolen Devices: Cryptographic Techniques and Replacing Trusted Third Parties with DHTs, Thomas Ristenpart, Gabriel Maganis, Arvind Krishnamurthy, and Tadayoshi Kohno, Proceedings of the USENIX Security Symposium, San Jose, CA, July 2008.

AutoISES: Automatically Inferring Security Specifications and Detecting Violations, Lin Tan, Xiaolan Zhang, Xiao Ma, Weiwei Xiong, and Yuanyuan Zhou, Proceedings of the USENIX Security Symposium, San Jose, CA, July 2008.

Storm: When Researchers Collide, Brandon Enright, Geoff Voelker, Stefan Savage, Chris Kanich, and Kirill Levchenko, USENIX ;login: 33(4), August 2008.

You Go to Elections with the Voting System You Have: Stop-Gap Mitigations for Deployed Voting Systems, J. Alex Halderman, Eric Rescorla, Hovav Shacham, and David Wagner, Proceedings of EVT 2008, San Jose, CA, July 2008.

An Indistinguishability-Based Characterization of Anonymous Channels, Alejandro Hevia and Daniele Micciancio, Privacy Enhancing Technologies Symposium, Leuven, Belgium, July 2008, pages 24-43.

Efficient Bounded Distance Decoders for Barnes-Wall lattices, Daniele Micciancio and Antonio Nicolosi, 2008 IEEE International Symposium on Information Theory, Toronto, Ontario, Canada, July 2008.

Uniform Direct Product Theorems: Simplified, Optimized, and Derandomized, Russell Impagliazzo, Ragesh Jaiswal, Valentine Kabanets, and Avi Wigderson, 40th Annual ACM Symposium on Theory of Computing, Victoria, B.C., Canada, May 2008, pages 579-588.

On the Spam Campaign Trail, Christian Kreibich, Chris Kanich, Kirill Levchenko, Brandon Enright, Geoffrey M. Voelker, Vern Paxson, and Stefan Savage, Proceedings of the USENIX Workshop on Large-scale Exploits and Emergent Threats (LEET), San Franciso, CA, April 2008.

The Heisenbot Uncertainty Problem: Challenges in Separating Bots from Chaff, Chris Kanich, Kirill Levchenko, Brandon Enright, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the USENIX Workshop on Large-scale Exploits and Emergent Threats (LEET), San Franciso, CA, April 2008.

Detecting Compromised Routers via Packet Forwarding Behavior, Alper Mizrak, Stefan Savage, and Keith Marzullo, IEEE Network 22(2), March 2008.

Recovering NTRU Secret Key From Inversion Oracles, Petros Mol and Moti Yung, Proceedings of PKC 2008, Barcelona, Spain, March 2008.

Lattice-Based Identification Schemes Secure under Active Attacks, Vadim Lyubashevsky, Proceedings of PKC 2008, Barcelona, Spain, March 2008. (Best paper).

Asymptotically Efficient Lattice-Based Digital Signatures, Vadim Lyubashevsky and Daniele Micciancio, Proceedings of TCC 2008, New York, March 2008, pages 37-54.

The Round-Complexity of Black-Box Zero-Knowledge: A Combinatorial Characterization, Daniele Micciancio and Scott Yilek, Proceedings of TCC 2008, New York, March 2008, pages 535-52.

SWIFFT: A Modest Proposal for FFT Hashing, Vadim Lyubashevsky, Daniele Micciancio, Chris Peikert, and Alon Rosen, Proceedings of FSE 2008, Lausanne, Switzerland, February 2008, pages 54-72.

Efficient Reductions among Lattice Problems, Daniele Micciancio, ACM-SIAM Symposium on Discrete Algorithms, San Francisco, CA, January 2008, pages 84-93.

2007

Generalized Compact Knapsaks, Cyclic Lattices, and Efficient One-Way Functions, Daniele Micciancio, Computational Complexity 16(4):365-411, December 2007.

How to Build a Hash Function from any Collision-Resistant Function, Thomas Ristenpart and Thomas Shrimpton, Proceedings of Asiacrypt 2007, Kuching, Sarawak, Malaysia, December 2007, pages 147-63.

Multi-Recipient Encryption Schemes: How to Save on Bandwidth and Computation Without Sacrificing Security, Mihir Bellare, Alexandra Boldyreva, Kaoru Kurosawa, and Jessica Staddon, IEEE Transactions on Information Theory 53(11):3927-43, November 2007.

Can You Infect Me Now? Malware Propagation in Mobile Phone Networks, Chris Fleizach, Michael Lilijenstam, Per Johansson, Geoffrey M. Voelker, and András Méhes, Proceedings of the ACM Workshop on Recurring Malcode (WORM), Washington D.C., November 2007.

Robust Computational Secret Sharing and a Unified Account of Classical Secret-Sharing Goals, Mihir Bellare and Phillip Rogaway, Proceedings of the ACM Conference on Computer and Communications Security, Washington, D.C., October 2007, pages 172-84.

An Inquiry into the Nature and Causes of the Wealth of Internet Miscreants, Jason Franklin, Vern Paxson, Adrian Perrig, and Stefan Savage, Proceedings of the ACM Conference on Computer and Communications Security, Washington, D.C., October 2007.

The Geometry of Innocent Flesh on the Bone: Return-into-libc without Function Calls (on the x86), Hovav Shacham, Proceedings of the ACM Conference on Computer and Communications Security, Washington, D.C., October 2007, pages 552-61.

Slicing Spam with Occam's Razor, Chris Fleizach, Geoffrey M. Voelker, and Stefan Savage, Proceedings of Conference on Email and Anti-Spam (CEAS), Mountain View, CA, August 2007.

Spamscatter: Characterizing Internet Scam Hosting Infrastructure, David S. Anderson, Chris Fleizach, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the USENIX Security Symposium, Boston, MA, August 2007.

Proximity Breeds Danger: Emerging Threats in Metro-area Wireless Networks, Periklis Akritidis, Chin Wee Yung, Vinh The Lam, Stelios Sidiroglou, and Kostas G. Anagnostakis, Proceedings of the USENIX Security Symposium, Boston, MA, August 2007.

Chernoff-Type Direct Product Theorems, Russell Impagliazzo, Ragesh Jaiswal, and Valentine Kabanets, Proceedings of Crypto 2007, Santa Barbara, CA, August 2007, pages 500-516.

Deterministic and Efficiently Searchable Encryption, Mihir Bellare, Alexandra Boldyreva, and Adam O'Neill, Proceedings of Crypto 2007, Santa Barbara, CA, August 2007, pages 535-52.

Source Code Review of the Hart InterCivic Voting System, Srinivas Inguva, Eric Rescorla, Hovav Shacham, and Dan Wallach, Part of California Secretary of State Debra Bowen’s “Top-to-Bottom” Review of the voting machines used in California, August 2007.

Hash Functions in the Dedicated-Key Setting: Design Choices and MPP Transforms, Mihir Bellare and Thomas Ristenpart, Proceedings of the International Colloquium on Automata, Languages and Programming (ICALP), Wroclaw, Poland, July 2007, pages 399-410.

Unrestricted Aggregate Signatures, Mihir Bellare, Chanathip Namprempre, and Gregory Neven, Proceedings of the International Colloquium on Automata, Languages and Programming (ICALP), Wroclaw, Poland, July 2007, pages 411-22.

How to Design Computer Security Experiments, Sean Peisert and Matt Bishop, World Conference on Information Security Education (WISE), June 2007.

Cryptographic Functions from Worst-Case Complexity Assumptions, Daniele Micciancio, Proceedings of the LLL+25 conference in honor of the 25th birthday of LLL, Caen, France, June 2007.

Worst-Case to Average-Case Reductions Based on Gaussian Measures, Daniele Micciancio and Oded Regev, SIAM Journal on Computing 37(1):267-302, May 2007.

The Power of Proofs-of-Possession: Securing Multiparty Signatures against Rogue-Key Attacks, Thomas Ristenpart and Scott Yilek, Proceedings of Eurocrypt 2007, Barcelona, Spain, May 2007, pages 228-45.

Two-Tier Signatures, Strongly Unforgeable Signatures, and Fiat-Shamir without Random Oracles, Mihir Bellare and Sarah Shoup, Proceedings of PKC 2007, Beijing, China, April 2007, pages 201-16.

Efficient Ring Signatures without Random Oracles, Hovav Shacham and Brent Waters, Proceedings of PKC 2007, Beijing, China, April 2007, pages 166-80.

Toward Models for Forensic Analysis, Sean Peisert, Matt Bishop, Sidney Karin, and Keith Marzullo, Proceedings of the International Workshop on Systematic Approaches to Digital Forensic Engineering (SADFE), Seattle, WA, April 2007.

Analysis of the SPV Secure Routing Protocol: Weaknesses and Lessons, Barath Raghavan, Saraubh Panjwani, and Anton Mityagin, ACM SIGCOMM Computer Communication Review 37(2), April 2007.

Analysis of Computer Intrusions using Sequences of Function Calls, Sean Peisert, Matt Bishop, Sidney Karin, and Keith Marzullo, IEEE Transactions on Dependable and Secure Computing 4(2):137-150, April 2007.

How to Enrich the Message Space of a Cipher, Thomas Ristenpart and Phillip Rogaway, Proceedings of FSE 2007, Luxembourg, March 2007, pages 101-18.

Tackling Adaptive Corruptions in Multicast Encryption Protocols, Saurabh Panjwani, Proceedings of TCC 2007, Amsterdam, The Netherlands, February 2007, pages 21-40. (Best student paper).

Identity-Based Multi-signatures from RSA, Mihir Bellare and Gregory Neven, The Cryptographers' Track at the RSA Conference 2007, San Francisco, February 2007, pages 145-62.

Sweeper: A Lightweight End-to-End System for Defending Against Fast Worms, Joseph Tucek, James Newsome, Shan Lu, Chengdu Huang, Spiros Xanthos, David Brumley, Yuanyuan Zhou, and Dawn Song, Proceedings of the 2nd European Conference in Computer Systems (EuroSys), Lisbon, Portugal, March 2007.

On Scalable Attack Detection in the Network, Ramana Rao Kompella, Sumeet Singh, and George Varghese, IEEE/ACM Transactions on Networking 15(1), February 2007.

2006

LIFT: A Low-Overhead Practical Information Flow Tracking System for Detecting Security Attacks, Feng Qin, Cheng Wang, Zhenmin Li, Ho-Seop Kim, Yuanyuan Zhou, and Youfeng Wu, Proceedings of the Annual IEEE/ACM International Symposium on Microarchitecture (MICRO), Orlando, FL, December 2006, pages 135-148.

Back to the Future: A Framework for Automatic Malware Removal, Francis Hsu, Hao Chen, Thomas Ristenpart, Jason Li, and Zhendong Su, Proceedings of ACSAC 2006, December 2006.

Multi-Property-Preserving Hash Domain Extension and the EMD Transform, Mihir Bellare and Thomas Ristenpart, Proceedings of Asiacrypt 2006, Shanghai, China, December 2006, pages 299-314.

Glavlit: Preventing Exfiltration at Wire Speed, Nabil Schear, Carmelo Kintana, Qing Zhang, and Amin Vahdat, Proceedings of the 5th ACM Workshop on Hot Topics in Networks (HotNets-V), Irvine, CA, November 2006.

Asgard: Software Guards for System Address Spaces, Martin Abadi, Mihiai Budiu, Ulfar Erlingsson, George Necula, and Michael Vrable, Proceedings of the 7th ACM/USENIX Symposium on Operating System Design and Implementation (OSDI), Seattle, WA, November 2006.

Automated Protocol Inference: Unexpected Means of Identifying Protocols, Justin Ma, Kirill Levchenko, Cristian Kriebich, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the ACM Internet Measurement Conference, Rio de Janeiro, Brazil, October 2006.

Finding Diversity in Remote Code Injection Exploits, Justin Ma, John Dunagan, Helen J. Wang, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the ACM Internet Measurement Conference, Rio de Janeiro, Brazil, October 2006.

Stateful Public-Key Cryptosystems: How to Encrypt with One 160-bit Exponentiation, Mihir Bellare, Tadayoshi Kohno, and Victor Shoup, Proceedings of the ACM Conference on Computer and Communications Security, Washington, D.C., October 2006, pages 380-9.

Multisignatures in the Plain Public-Key Model and a General Forking Lemma, Mihir Bellare and Gregory Neven, Proceedings of the ACM Conference on Computer and Communications Security, Washington, D.C., October 2006, pages 390-9.

Puppetnets: Misusing Web Browsers as a Distributed Attack Infrastructure, Periklis Akritidis, Chin Wee Yung, Vinh The Lam, Stelios Sidiroglou, and Kostas G. Anagnostakis, Proceedings of the ACM Conference on Computer and Communications Security, Washington, D.C., October 2006.

Forward Secure Signatures with Untrusted Update, Xavier Boyen, Hovav Shacham, Emily Shen, and Brent Waters, Proceedings of the ACM Conference on Computer and Communications Security, Washington, D.C., October 2006, pages 191-200.

Approximately List-Decoding Direct Product Codes and Uniform Hardness Amplification, Russell Impagliazzo, Ragesh Jaiswal, and Valentine Kabanets, 47th Symposium on Foundations of Computer Science (FOCS 2006), Princeton, NJ, October 2006, pages 187-196.

Detecting Evasion Attacks at High Speeds without Reassembly, George Varghese, Andy Fingerhut, and Flavio Bonomi, Proceedings of the ACM SIGCOMM Conference, Pisa, Italy, September 2006.

Beyond Bloom Filters: From Approximate Membership Checks to Approximate State Machines, Flavio Bonomi, Michael Mitzenmacher, Rina Panigrahy, Sushil Singh, and George Varghese, Proceedings of the ACM SIGCOMM Conference, Pisa, Italy, September 2006.

PRIMED: Community-of-Interest-Based DDoS Mitigation, Patrick Verkaik, Oliver Spatscheck, Jacobus van der Merwe, and Alex C. Snoeren, Proceedings of the ACM SIGCOMM Workshop on Large Scale Attack Defense, Pisa, Italy, September 2006, pages 147-154.

Provably Secure FFT Hashing, Vadim Lyubashevsky, Daniele Micciancio, Chris Peikert, and Alon Rosen, NIST Second Cryptographic Hash Workshop, August 2006.

New Proofs for NMAC and HMAC: Security without Collision-Resistance, Mihir Bellare, Proceedings of Crypto 2006, Santa Barbara, CA, August 2006, pages 602-19.

On Bounded Distance Decoding for General Lattices, Yi-Kai Liu, Vadim Lyubashevsky, and Daniele Micciancio, International Workshop on Randomization and Computation -- RANDOM 2006, Barcelona, Spain, August 2006, pages 450-61.

Fatih: Detecting and Isolating Malicious Routers via Traffic Validation, Alper Mizrak, Yu-Chung Cheng, Keith Marzullo, and Stefan Savage, IEEE Transactions on Dependable and Secure Computing 3(3), July 2006.

Hard Instances of the Constrained Discrete Logarithm Problem, Ilya Mironov, Anton Mityagin, and Kobbi Nissim, ANTS-VII: The 7th International Symposium on Algorithmic Number Theory, Berlin, Germany, July 2006, pages 582-98.

Designing Voting Machines for Verification, Naveen Sastry, Tadayoshi Kohno, and David Wagner, Proceedings of the USENIX Security Symposium, Vancouver, B.C., Canada, July 2006, pages 321-36.

Generalized Compact Knapsacks Are Collision Resistant, Vadim Lyubashevsky and Daniele Micciancio, Proceedings of the International Colloquium on Automata, Languages and Programming (ICALP), Venice, Italy, July 2006, pages 144-55 (volume 2).

Corrupting One vs. Corrupting Many: The Case of Broadcast and Multicast Encryption, Daniele Micciancio and Saurabh Panjwani, Proceedings of the International Colloquium on Automata, Languages and Programming (ICALP), Venice, Italy, July 2006, pages 70-82 (volume 2).

Inferring Internet Denial-of-Service Activity, David Moore, Colleen Shannon, Doug Brown, Geoffrey M. Voelker, and Stefan Savage, ACM Transactions on Computer Systems 24(2):115-139, May 2006.

Code-Based Game-Playing Proofs and the Security of Triple Encryption, Mihir Bellare and Phillip Rogaway, Proceedings of Eurocrypt 2006, St. Petersburg, Russia, May 2006, pages 409-26.

Herding Hash Functions and the Nostradamus Attack, John Kelsey and Tadayoshi Kohno, Proceedings of Eurocrypt 2006, St. Petersburg, Russia, May 2006, pages 183-200.

Sequential Aggregate Signatures and Multisignatures without Random Oracles, Steve Lu, Rafail Ostrovsky, Amit Sahai, Hovav Shacham, and Brent Waters, Proceedings of Eurocrypt 2006, St. Petersburg, Russia, May 2006, pages 465-85.

Tamper-Evident, History-Independent, Subliminal-Free Data Structures on PROM storage, or, How to Store Ballots on a Voting Machine (extended abstract), David Molnar, Tadayoshi Kohno, Naveen Sastry, and David Wagner, Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, May 2006, pages 365-70.

Security Analysis of KEA Authenticated Key Exchange Protocol, Kristin Lauter and Anton Mityagin, Proceedings of PKC 2006, New York, April 2006, pages 378-94.

Logics for Reasoning about Cryptographic Constructions, Russell Impagliazzo and Bruce M. Kapron, Journal of Computer and System Sciences 72(2):286-320, March 2006.

Concurrent Zero Knowledge Without Complexity Assumptions, Daniele Micciancio, Shien Jin Ong, Amit Sahai, and Salil P. Vadhan, Proceedings of TCC 2006, New York, March 2006, pages 1-20.

Wireless Security and Internetworking, Minho Shin, Justin Ma, Arunesh Mishra, and William A. Arbaugh, Proceedings of the IEEE 94(2), February 2006.

Key Regression: Enabling Efficient Key Distribution for Secure Distributed Storage, Kevin Fu, Seny Kamara, and Tadayoshi Kohno, The 13th Annual Network and Distributed System Security Symposium (NDSS), San Diego, CA, February 2006.

2005

Opportunistic Measurement: Extracting Insight from Spurious Traffic, Martin Casado, Tal Garfinkel, Weidong Cui, Vern Paxson, and Stefan Savage, Proceedings of the 4th ACM Workshop on Hot Topics in Networks (HotNets-IV), College Park, MD, November 2005.

Self-stopping Worms, Justin Ma, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the ACM Workshop on Rapid Malcode (WORM), Washington D.C., November 2005, pages 12-21.

Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse, Rob Sherwood, Bobby Bhattacharjee, and Ryan Braud, Proceedings of the ACM Conference on Computer and Communications Security, Washington, D.C., October 2005.

Rx: Treating Bugs as Allergies---a Safe Method to Survive Software Failure, Feng Qin, Joe Tucek, Jagadeesan Sundaresan, and Yuanyuan Zhou, Proceedings of the 20th ACM Symposium on Operating System Principles (SOSP), Brighton, UK, October 2005. (Award paper).

Scalability, Fidelity and Containment in the Potemkin Virtual Honeyfarm, Michael Vrable, Justin Ma, Jay Chen, David Moore, Erik VandeKieft, Alex C. Snoeren, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the 20th ACM Symposium on Operating System Principles (SOSP), Brighton, UK, October 2005, pages 148-162.

Principles-Driven Forensic Analysis, Sean Peisert, Matt Bishop, Sidney Karin, and Keith Marzullo, Proceedings of the New Security Paradigms Workshop (NSPW), Lake Arrowhead, CA, September 2005.

Searchable Encryption Revisited: Consistency Properties, Relation to Anonymous IBE, and Extensions, Michel Abdalla, Mihir Bellare, Dario Catalano, Eike Kiltz, Tadayoshi Kohno, Tanja Lange, John Malone-Lee, Gregory Neven, Pascal Paillier, and Haixia Shi, Proceedings of Crypto 2005, Santa Barbara, CA, August 2005, pages 205-22.

Improved Security Analyses for CBC MACs, Mihir Bellare, Krzysztof Pietrzak, and Phillip Rogaway, Proceedings of Crypto 2005, Santa Barbara, CA, August 2005, pages 527-45.

Simultaneous Broadcast Revisited, Alejandro Hevia and Daniele Micciancio, 24th Annual ACM Symposium on Principles of Distributed Computing (PODC 2005), Las Vegas, NV, July 2005, pages 324-33.

Empirical Study of Tolerating Denial-of-Service Attacks with a Proxy Network, Ju Wang, Xin Liu, and Andrew Chien, Proceedings of the USENIX Security Symposium, Baltimore, MD, August 2005.

Treating Bugs as Allergies: A Safe Method for Surviving Software Failures, Feng Qin, Joseph Tucek, and Yuanyuan Zhou, Proceedings of the 10th USENIX Workshop on Hot Topics in Operating Systems (HotOS-X), Santa Fe, NM, June 2005.

Append-Only Signatures, Eike Kiltz, Anton Mityagin, Saurabh Panjwani, and Barath Raghavan, Proceedings of the International Colloquium on Automata, Languages and Programming (ICALP), Lisboa, Portugal, July 2005.

Fatih: Detecting and Isolating Malicious Routers, Alper Mizrak, Yu-Chung Cheng, Keith Marzullo, and Stefan Savage, Proceedings of the IEEE Conference on Dependable Systems and Networks (DSN), Yokohama, Japan, June 2005, pages 538-547. (Award paper).

The Complexity of the Covering Radius Problem on Lattices and Codes, Venkatesan Guruswami, Daniele Micciancio, and Oded Regev, Computational Complexity 14(2):90-121, June 2005.

Remote Physical Device Fingerprinting, Tadayoshi Kohno, Andre Brodio, and kc claffy, Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, May 2005. (Award paper).

Mix-Network with Stronger Security, Jan Camenisch and Anton Mityagin, Privacy Enhancing Technologies Symposium, Cavtat, Croatia, May 2005, pages 128-46.

The RSA Group is Pseudo-Free, Daniele Micciancio, Proceedings of Eurocrypt 2005, Aarhus, Denmark, May 2005, pages 387-403.

Remote Physical Device Fingerprinting, Tadayoshi Kohno, Andre Brodio, and kc claffy, IEEE Transactions on Dependable and Secure Computing 2(2):93-108, April 2005.

Surviving Internet Catastrophes, Flavio Junqueira, Ranjita Bhagwan, Alejandro Hevia, Keith Marzullo, and Geoffrey M. Voelker, Proceedings of the USENIX Annual Technical Conference, Anaheim, CA, April 2005.

SafeMem: Exploiting ECC-Memory for Detecting Memory Leaks and Memory Corruption During Production Runs, Feng Qin, Shan Lu, and Yuanyuan Zhou, Proceedings of IEEE International Symposium on High-Performance Computer Architecture, San Francisco, CA, February 2005.

End-to-End Security in the Presence of Intelligent Data Adapting Proxies: the Case of Authenticating Transcoded Streaming Media, Craig Gentry, Alejandro Hevia, Ravi Jain, Toshiro Kawahara, and Zulfikar Ramzan, IEEE Journal on Selected Areas in Communication 23(2):464-73, February 2005.

Adaptive Security of Symbolic Encryption, Daniele Micciancio and Saurabh Panjwani, Proceedings of TCC 2005, Cambridge, MA, February 2005, pages 169-87.

Foundations of Group Signatures: The Case of Dynamic Groups, Mihir Bellare, Haixia Shi, and Chong Zhang, The Cryptographers' Track at the RSA Conference 2005, San Francisco, February 2005, pages 136-53.

2004

Automated Worm Fingerprinting, Sumeet Singh, Cristian Estan, George Varghese, and Stefan Savage, Proceedings of the 6th ACM/USENIX Symposium on Operating System Design and Implementation (OSDI), San Francisco, CA, December 2004, pages 45-60.

Towards Plaintext-Aware Public-Key Encryption without Random Oracles, Mihir Bellare and Adriana Palacio, Proceedings of Asiacrypt 2004, Jeju Island, Korea, December 2004, pages 48-62.

Client Side Caching for TLS, Hovav Shacham, Dan Boneh, and Eric Rescorla, ACM Transactions on Information and System Security 7(4):553-75, November 2004.

Attacking and Repairing the WinZip Encryption Scheme, Tadayoshi Kohno, Proceedings of the ACM Conference on Computer and Communications Security, Washington, D.C., October 2004, pages 72-81.

Group Signatures with Verifier-Local Revocation, Dan Boneh and Hovav Shacham, Proceedings of the ACM Conference on Computer and Communications Security, Washington, D.C., October 2004, pages 168-77.

On the Effectiveness of Address-Space Randomization, Hovav Shacham, Matthew Page, Ben Pfaff, Eu-Jin Goh, Nagendra Modadugu, and Dan Boneh, Proceedings of the ACM Conference on Computer and Communications Security, Washington, D.C., October 2004, pages 298-307.

On the Difficulty of Scalably Detecting Network Attacks, Kirill Levchenko, Ramamohan Paturi, and George Varghese, Proceedings of the ACM Conference on Computer and Communications Security, Washington, D.C., October 2004.

The Top Speed of Flash Worms, Stuart Staniford, David Moore, Vern Paxson, and Nick Weaver, Proceedings of the ACM Workshop on Rapid Malcode (WORM), Washington, D.C., October 2004.

Worst-Case to Average-Case Reductions Based on Gaussian Measures, Daniele Micciancio and Oded Regev, 45th Symposium on Foundations of Computer Science (FOCS 2004), Rome, Italy, October 2004, pages 372-81.

On Scalable Attack Detection in the Network, Ramana Rao Kompella, Sumeet Singh, and George Varghese, Proceedings of the USENIX/ACM Internet Measurement Conference, Taormina, Sicily, Italy, October 2004.

Short Signatures from the Weil Pairing, Dan Boneh, Ben Lynn, and Hovav Shacham, Journal of Cryptology 17(4):297-319, September 2004.

A System for Authenticated Policy-Compliant Routing, Barath Raghavan and Alex C. Snoeren, Proceedings of the ACM SIGCOMM Conference, Portland, OR, September 2004, pages 167-178.

The Inapproximability of Lattice and Coding Problems with Preprocessing, Uriel Feige and Daniele Micciancio, Journal of Computer and System Sciences 69(1):45-67, August 2004.

The Knowledge-of-Exponent Assumptions and 3-Round Zero-Knowledge Protocols, Mihir Bellare and Adriana Palacio, Proceedings of Crypto 2004, Santa Barbara, CA, August 2004, pages 273-89.

Short Group Signatures, Dan Boneh, Xavier Boyen, and Hovav Shacham, Proceedings of Crypto 2004, Santa Barbara, CA, August 2004, pages 41-55.

UCLog: A Unified, Correlated Logging Architecture for Intrusion Detection, Zhenmin Li, Jed Taylor, Elizabeth Partridge, Yuanyuan Zhou, William Yurcik, Cristina Abad, James J. Barlow, and Jeff Rosendale, International Conference on Telecommunication Systems - Modeling and Analysis (ICTSM), July 2004.

The Spread of the Witty Worm, Colleen Shannon and David Moore, IEEE Security and Privacy 2(4), July 2004.

Fault-Tolerant Forwarding in the Face of Malicious Routers, Alper Mizrak, Keith Marzullo, and Stefan Savage, Proceedings of the International Workshop on the Future Directions in Distributed Computing (FuDiCo), Bertinoro, Italy, June 2004.

The Complexity of the Covering Radius Problem on Lattices and Codes, Venkatesan Guruswami, Daniele Micciancio, and Oded Regev, 19th Annual IEEE Conference on Computational Complexity (CCC 2004), Amherst, MA, June 2004, pages 161-73.

Analysis of an Electronic Voting System, Tadayoshi Kohno, Adam Stubblefield, Aviel D. Rubin, and Dan S. Wallach, Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, May 2004, pages 27-42.

Optimal Communication Complexity of Generic Multicast Key Distribution, Daniele Micciancio and Saurabh Panjwani, Proceedings of Eurocrypt 2004, Interlaken, Switzerland, May 2004, pages 153-70.

Hash Function Balance and Its Impact on Birthday Attacks, Mihir Bellare and Tadayoshi Kohno, Proceedings of Eurocrypt 2004, Interlaken, Switzerland, May 2004, pages 401-18.

Security Proofs for Identity-Based Identification and Signature Schemes, Mihir Bellare, Chanathip Namprempre, and Gregory Neven, Proceedings of Eurocrypt 2004, Interlaken, Switzerland, May 2004, pages 268-86.

An Uninstantiable Random-Oracle-Model Scheme for a Hybrid-Encryption Problem, Mihir Bellare, Alexandra Boldyreva, and Adriana Palacio, Proceedings of Eurocrypt 2004, Interlaken, Switzerland, May 2004, pages 171-88.

Sequential Aggregate Signatures from Trapdoor Permutations, Anna Lysyanskaya, Silvio Micali, Leonid Reyzin, and Hovav Shacham, Proceedings of Eurocrypt 2004, Interlaken, Switzerland, May 2004, pages 74-90.

The Spread of the Witty Worm, Colleen Shannon and David Moore, CAIDA Report, March 2004.

Soundness of Formal Encryption in the Presence of Active Adversaries, Daniele Micciancio and Bogdan Warinschi, Proceedings of TCC 2004, Cambridge, MA, February 2004, pages 133-51.

New Security Proofs for the 3GPP Confidentiality and Integrity Algorithms, Tetsu Iwata and Tadayoshi Kohno, Proceedings of FSE 2004, Delhi, India, February 2004, pages 427-45.

CWC: A High-Performance Conventional Authenticated Encryption Mode, Tadayoshi Kohno, John Viega, and Doug Whiting, Proceedings of FSE 2004, Delhi, India, February 2004, pages 408-26.

The EAX Mode of Operation, Mihir Bellare, Phillip Rogaway, and David Wagner, Proceedings of FSE 2004, Delhi, India, February 2004, pages 389-407.

Almost Perfect Lattices, the Covering Radius Problem, and Applications to Ajtai's Connection Factor, Daniele Micciancio, SIAM Journal on Computing 34(1):118-69, 2004.