2024
Alba: The Dawn of Scalable Bridges for Blockchains.
IACR Cryptol. ePrint Arch., 2024
CryptoVampire: Automated Reasoning for the Complete Symbolic Attacker Cryptographic Model.
IACR Cryptol. ePrint Arch., 2024
Blink: An Optimal Proof of Proof-of-Work.
IACR Cryptol. ePrint Arch., 2024
Securing Lightning Channels against Rational Miners.
IACR Cryptol. ePrint Arch., 2024
BitVM: Quasi-Turing Complete Computation on Bitcoin.
IACR Cryptol. ePrint Arch., 2024
Web Platform Threats: Automated Detection of Web Security Issues With WPT.
Proceedings of the 33rd USENIX Security Symposium, 2024
Optimizing Virtual Payment Channel Establishment in the Face of On-Path Adversaries.
Proceedings of the IFIP Networking Conference, 2024
Message from General Chairs; EuroSP 2024.
Proceedings of the IEEE European Symposium on Security and Privacy Workshops, 2024
Wappler: Sound Reachability Analysis for WebAssembly.
Proceedings of the 37th IEEE Computer Security Foundations Symposium, 2024
Verifying Global Two-Safety Properties in Neural Networks with Confidence.
Proceedings of the Computer Aided Verification - 36th International Conference, 2024
2023
Cookie Crumbles: Breaking and Fixing Web Session Integrity.
Proceedings of the 32nd USENIX Security Symposium, 2023
Glimpse: On-Demand PoW Light Client with Constant-Size Storage for DeFi.
Proceedings of the 32nd USENIX Security Symposium, 2023
WebSpec: Towards Machine-Checked Analysis of Browser Security Mechanisms.
Proceedings of the 44th IEEE Symposium on Security and Privacy, 2023
Breaking and Fixing Virtual Channels: Domino Attack and Donner.
Proceedings of the 30th Annual Network and Distributed System Security Symposium, 2023
Towards a Game-Theoretic Security Analysis of Off-Chain Protocols.
Proceedings of the 36th IEEE Computer Security Foundations Symposium, 2023
2022
Glimpse: On-Demand, Cross-Chain Communication for Efficient DeFi Applications on Bitcoin-based Blockchains.
IACR Cryptol. ePrint Arch., 2022
Foundations of Coin Mixing Services.
IACR Cryptol. ePrint Arch., 2022
Thora: Atomic And Privacy-Preserving Multi-Channel Updates.
IACR Cryptol. ePrint Arch., 2022
WebSpec: Towards Machine-Checked Analysis of Browser Security Mechanisms.
CoRR, 2022
Sleepy Channels: Bi-directional Payment Channels without Watchtowers.
Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, 2022
Adoption and Actual Privacy of Decentralized CoinJoin Implementations in Bitcoin.
Proceedings of the 4th ACM Conference on Advances in Financial Technologies, 2022
2021
Sleepy Channels: Bitcoin-Compatible Bi-directional Payment Channels without Watchtowers.
IACR Cryptol. ePrint Arch., 2021
Donner: UTXO-Based Virtual Channels Across Multiple Hops.
IACR Cryptol. ePrint Arch., 2021
Blitz: Secure Multi-Hop Payments Without Two-Phase Commits.
IACR Cryptol. ePrint Arch., 2021
Rigorous Methods for Smart Contracts (Dagstuhl Seminar 21431).
Dagstuhl Reports, 2021
Pinpointing and Measuring Wasabi and Samourai CoinJoins in the Bitcoin Ecosystem.
CoRR, 2021
Can I Take Your Subdomain? Exploring Same-Site Attacks in the Modern Web.
Proceedings of the 30th USENIX Security Symposium, 2021
A<sup>2</sup>L: Anonymous Atomic Locks for Scalability in Payment Channel Hubs.
Proceedings of the 42nd IEEE Symposium on Security and Privacy, 2021
The Remote on the Local: Exacerbating Web Attacks Via Service Workers Caches.
Proceedings of the IEEE Security and Privacy Workshops, 2021
Practical and Provably Sound Static Analysis of Ethereum Smart Contracts.
Proceedings of the 7th International Conference on Information Systems Security and Privacy, 2021
Formal Methods for the Security Analysis of Smart Contracts.
Proceedings of the Formal Methods in Computer Aided Design, 2021
Cross-Layer Deanonymization Methods in the Lightning Protocol.
Proceedings of the Financial Cryptography and Data Security, 2021
Generalized Channels from Limited Blockchain Scripts and Adaptor Signatures.
Proceedings of the Advances in Cryptology - ASIACRYPT 2021, 2021
2020
A Quantitative Analysis of Security, Anonymity and Scalability for the Lightning Network.
IACR Cryptol. ePrint Arch., 2020
Post-Quantum Adaptor Signature for Privacy-Preserving Off-Chain Payments.
IACR Cryptol. ePrint Arch., 2020
Bitcoin-Compatible Virtual Channels.
IACR Cryptol. ePrint Arch., 2020
Generalized Bitcoin-Compatible Channels.
IACR Cryptol. ePrint Arch., 2020
Can I Take Your Subdomain? Exploring Related-Domain Attacks in the Modern Web.
CoRR, 2020
Demand-Aware Payment Channel Networks.
CoRR, 2020
Cross-Layer Deanonymization Methods in the Lightning Protocol.
CoRR, 2020
The Good, The Bad and The Ugly: Pitfalls and Best Practices in Automated Sound Static Analysis of Ethereum Smart Contracts.
Proceedings of the Leveraging Applications of Formal Methods, Verification and Validation: Applications, 2020
Language-Based Web Session Integrity.
Proceedings of the 33rd IEEE Computer Security Foundations Symposium, 2020
eThor: Practical and Provably Sound Static Analysis of Ethereum Smart Contracts.
Proceedings of the CCS '20: 2020 ACM SIGSAC Conference on Computer and Communications Security, 2020
2019
Group ORAM for privacy and access control in outsourced personal records.
J. Comput. Secur., 2019
A<sup>2</sup>L: Anonymous Atomic Locks for Scalability and Interoperability in Payment Channel Hubs.
IACR Cryptol. ePrint Arch., 2019
Atomic Multi-Channel Updates with Constant Collateral in Bitcoin-Compatible Payment-Channel Networks.
IACR Cryptol. ePrint Arch., 2019
Anonymous Multi-Hop Locks for Blockchain Scalability and Interoperability.
Proceedings of the 26th Annual Network and Distributed System Security Symposium, 2019
Verifying Relational Properties using Trace Logic.
Proceedings of the 2019 Formal Methods in Computer Aided Design, 2019
2018
Proc. Priv. Enhancing Technol., 2018
Multi-Hop Locks for Secure, Privacy-Preserving and Interoperable Payment-Channel Networks.
IACR Cryptol. ePrint Arch., 2018
Simple Password-Hardened Encryption Services.
Proceedings of the 27th USENIX Security Symposium, 2018
WPSE: Fortifying Web Protocols via Browser-Side Security Monitoring.
Proceedings of the 27th USENIX Security Symposium, 2018
UniTraX: Protecting Data Privacy with Discoverable Biases.
Proceedings of the Principles of Security and Trust - 7th International Conference, 2018
A Semantic Framework for the Security Analysis of Ethereum Smart Contracts.
Proceedings of the Principles of Security and Trust - 7th International Conference, 2018
Equivalence Properties by Typing in Cryptographic Branching Protocols.
Proceedings of the Principles of Security and Trust - 7th International Conference, 2018
A monadic framework for relational verification: applied to information security, program equivalence, and optimizations.
Proceedings of the 7th ACM SIGPLAN International Conference on Certified Programs and Proofs, 2018
Foundations and Tools for the Static Analysis of Ethereum Smart Contracts.
Proceedings of the Computer Aided Verification - 30th International Conference, 2018
2017
Security & privacy column.
ACM SIGLOG News, 2017
Concurrency and Privacy with Payment-Channel Networks.
IACR Cryptol. ePrint Arch., 2017
Maliciously Secure Multi-Client ORAM.
IACR Cryptol. ePrint Arch., 2017
A Type System for Privacy Properties (Technical Report).
CoRR, 2017
A Monadic Framework for Relational Verification (Functional Pearl).
CoRR, 2017
A Sound Flow-Sensitive Heap Abstraction for the Static Analysis of Android Applications.
Proceedings of the 30th IEEE Computer Security Foundations Symposium, 2017
A Type System for Privacy Properties.
Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, 2017
On the Security of Frequency-Hiding Order-Preserving Encryption.
Proceedings of the Cryptology and Network Security - 16th International Conference, 2017
Subset Predicate Encryption and Its Applications.
Proceedings of the Cryptology and Network Security - 16th International Conference, 2017
2016
SilentWhispers: Enforcing Security and Privacy in Decentralized Credit Networks.
IACR Cryptol. ePrint Arch., 2016
HornDroid: Practical and Sound Static Analysis of Android Applications by SMT Solving.
Proceedings of the IEEE European Symposium on Security and Privacy, 2016
Micro-policies for Web Session Security.
Proceedings of the IEEE 29th Computer Security Foundations Symposium, 2016
2015
Affine Refinement Types for Secure Distributed Programming.
ACM Trans. Program. Lang. Syst., 2015
Privacy and Access Control for Outsourced Personal Records.
IACR Cryptol. ePrint Arch., 2015
Type-Based Verification of Electronic Voting Protocols.
IACR Cryptol. ePrint Arch., 2015
Privacy Preserving Payments in Credit Networks: Enabling trust with privacy in online marketplaces.
Proceedings of the 22nd Annual Network and Distributed System Security Symposium, 2015
Symbolic Malleable Zero-Knowledge Proofs.
Proceedings of the IEEE 28th Computer Security Foundations Symposium, 2015
2014
Union, intersection and refinement types and reasoning about type disjointness for secure protocol implementations.
J. Comput. Secur., 2014
Privacy-preserving Data Aggregation with Optimal Utility.
IACR Cryptol. ePrint Arch., 2014
Brief announcement: towards security and privacy for outsourced data in the multi-party setting.
Proceedings of the ACM Symposium on Principles of Distributed Computing, 2014
Differentially private data aggregation with optimal utility.
Proceedings of the 30th Annual Computer Security Applications Conference, 2014
2013
AppGuard - Enforcing User Requirements on Android Apps.
Proceedings of the Tools and Algorithms for the Construction and Analysis of Systems, 2013
Logical Foundations of Secure Resource Management in Protocol Implementations.
Proceedings of the Principles of Security and Trust - Second International Conference, 2013
AppGuard - Fine-Grained Policy Enforcement for Untrusted Android Applications.
Proceedings of the Data Privacy Management and Autonomous Spontaneous Security, 2013
Security and Privacy by Declarative Design.
Proceedings of the 2013 IEEE 26th Computer Security Foundations Symposium, 2013
Differential Privacy by Typing in Security Protocols.
Proceedings of the 2013 IEEE 26th Computer Security Foundations Symposium, 2013
2012
Affine Refinement Types for Authentication and Authorization.
Proceedings of the Trustworthy Global Computing - 7th International Symposium, 2012
ObliviAd: Provably Secure and Practical Online Behavioral Advertising.
Proceedings of the IEEE Symposium on Security and Privacy, 2012
Automated Synthesis of Secure Distributed Applications.
Proceedings of the 19th Annual Network and Distributed System Security Symposium, 2012
2011
G2C: Cryptographic Protocols from Goal-Driven Specifications.
Proceedings of the Theory of Security and Applications - Joint Workshop, 2011
Union and Intersection Types for Secure Protocol Implementations.
Proceedings of the Theory of Security and Applications - Joint Workshop, 2011
Securing social networks.
Proceedings of the 30th Annual ACM Symposium on Principles of Distributed Computing, 2011
Privacy-aware proof-carrying authorization.
Proceedings of the 2011 Workshop on Programming Languages and Analysis for Security, 2011
A Security API for Distributed Social Networks.
Proceedings of the Network and Distributed System Security Symposium, 2011
Resource-Aware Authorization Policies for Statically Typed Cryptographic Protocols.
Proceedings of the 24th IEEE Computer Security Foundations Symposium, 2011
Types for Security Protocols.
Proceedings of the Formal Models and Techniques for Analyzing Security Protocols, 2011
2010
Computationally Sound Verification of Source Code.
IACR Cryptol. ePrint Arch., 2010
Ubiquitous Verification of Ubiquitous Systems.
Proceedings of the Software Technologies for Embedded and Ubiquitous Systems, 2010
Brief announcement: anonymity and trust in distributed systems.
Proceedings of the 29th Annual ACM Symposium on Principles of Distributed Computing, 2010
Proceedings of the Privacy Enhancing Technologies, 10th International Symposium, 2010
Computationally Sound Abstraction and Verification of Secure Multi-Party Computations.
Proceedings of the IARCS Annual Conference on Foundations of Software Technology and Theoretical Computer Science, 2010
2009
Design and Verification of Anonymous Trust Protocols.
Proceedings of the Security Protocols XVII, 2009
Anonymity and Censorship Resistance in Unstructured Overlay Networks.
Proceedings of the On the Move to Meaningful Internet Systems: OTM 2009, 2009
Achieving Security Despite Compromise Using Zero-knowledge.
Proceedings of the 22nd IEEE Computer Security Foundations Symposium, 2009
2008
Anonymous and censorship resistant content sharing in unstructured overlays.
Proceedings of the Twenty-Seventh Annual ACM Symposium on Principles of Distributed Computing, 2008
Automated Verification of Remote Electronic Voting Protocols in the Applied Pi-Calculus.
Proceedings of the 21st IEEE Computer Security Foundations Symposium, 2008
Type-checking zero-knowledge.
Proceedings of the 2008 ACM Conference on Computer and Communications Security, 2008
The CASPA Tool: Causality-Based Abstraction for Security Protocol Analysis.
Proceedings of the Computer Aided Verification, 20th International Conference, 2008
2007
Dynamic types for authentication.
J. Comput. Secur., 2007
Zero-Knowledge in the Applied Pi-calculus and Automated Verification of the Direct Anonymous Attestation Protocol.
IACR Cryptol. ePrint Arch., 2007
Causality-based Abstraction of Multiplicity in Security Protocols.
Proceedings of the 20th IEEE Computer Security Foundations Symposium, 2007
A calculus of challenges and responses.
Proceedings of the 2007 ACM workshop on Formal methods in security engineering, 2007
2006
Dynamic typing for security protocols.
PhD thesis, 2006
2005
Inferring authentication tags.
Proceedings of the POPL 2005 Workshop on Issues in the Theory of Security, 2005
Analysis of Typed Analyses of Authentication Protocols.
Proceedings of the 18th IEEE Computer Security Foundations Workshop, 2005
2004
Tags for Multi-Protocol Authentication.
Proceedings of the 2nd International Workshop on Security Issues in Coordination Models, 2004
Compositional Analysis of Authentication Protocols.
Proceedings of the Programming Languages and Systems, 2004
Authenticity by tagging and typing.
Proceedings of the 2004 ACM Workshop on Formal Methods in Security Engineering, 2004
2003
The rho-spi Calculus at Work: Authentication Case Studies.
Proceedings of the Formal Methods for Security and Time: Proceedings of the MEFISTO Project 2003, 2003
Principles for Entity Authentication.
Proceedings of the Perspectives of Systems Informatics, 2003