Add hs3 paper reference

chapter-epa/chapter.tex

@@ -11,7 +11,7 @@
 
 \todo{FIXME: Proper citation here}
 \sourceattrib{This part is based on a short paper written by Jan Sebastian Götte and presented by Jan Sebastian Götte at
-the HS3 workshop at ESORICS 2025.}
+the HS3 workshop at ESORICS 2025~\cite{gotteGermanyRollingOut2026}.}
 Looking at the landscape of computer security solutions, we are presented with a wide variety of vendors and products
 that may give the impression that hardware security is a solved problem. Vendors sell various claims rangning from
 \emph{``You don't need hardware security, just do it in the cloud!''}~\cite{

chapter-hsms/pres-harris.tex

@@ -28,7 +28,7 @@
 \newcommand{\sampleno}[1]{#1}
 
 \title{Tamper-Sensing Meshes in the Wild}
-\author{Jan Sebastian Götte \& Björn Scheuermann\\TU Darmstadt\\contact: \texttt{research@jaseg.de}}
+\author{\textbf{Jan Sebastian Götte} \& Björn Scheuermann\\TU Darmstadt\\contact: \texttt{research@jaseg.de}}
 \date{2026-03-24}
 
 \begin{document}
@@ -62,7 +62,7 @@
 \item \textbf{1990s}: Widespread commercial adoption with cryptographic applications
 \end{itemize}
 
-Other, hard to date examples: NSA use for protecting ciphering machines~\cite{boakHistoryUSCommunications1973}, US use in nuclear weapons~\cite{carterManagingNuclearOperations1987}
+Other, hard to date examples: NSA use for protecting ciphering machines~\cite{boakHistoryUSCommunications1973,boakHistoryUSCommunications1981}, US use in nuclear weapons~\cite{carterManagingNuclearOperations1987}
 \end{frame}
 
 \begin{frame}{Commercial Applications Today}
@@ -321,18 +321,19 @@ Other, hard to date examples: NSA use for protecting ciphering machines~\cite{bo
 
 \begin{frame}{Thermoforming Example}
 \begin{columns}[T]
-\begin{column}{0.32\textwidth}
+\begin{column}{0.48\textwidth}
     \centering
     \includegraphics[width=.6\textwidth]{survey_formed_mesh_before.jpg}\\
     \small Before removing lacquer
 \end{column}
-\begin{column}{0.32\textwidth}
+\begin{column}{0.48\textwidth}
     \centering
     \includegraphics[width=.6\textwidth]{survey_formed_mesh_after.jpg}\\
     \small After removing lacquer
 \end{column}
 \end{columns}
 \vspace{3mm}
+\centering
 \small Formed cavities in printed foil mesh specimen H24
 \end{frame}
 
@@ -372,15 +373,11 @@ Other, hard to date examples: NSA use for protecting ciphering machines~\cite{bo
 \end{frame}
 
 \begin{frame}{Security Issues Observed}
-\textbf{Design Defects:}
 \begin{itemize}
+    \item Incomplete mesh coverage
     \item Meshes not overlapping at edges leaving gaps for probe insertion
     \item Gaps at mesh-PCB interfaces
     \item Thermoformed cavities with enlarged structure size at corners
-\end{itemize}
-
-\textbf{Obscurity Failures:}
-\begin{itemize}
     \item In one case, an opaque lacquer was easily removed with acetone (without damaging the mesh!)
     \item Trace patterns visible through cover layers due to surface unevenness
 \end{itemize}
@@ -429,7 +426,7 @@ Other, hard to date examples: NSA use for protecting ciphering machines~\cite{bo
 
 \begin{frame}
 \centering
-Long-form version of this presentation in my thesis:
+Long-form version of this presentation in my thesis (pre-release, to be published this summer):
 
 \url{https://jaseg.de/thesis-final-web.pdf}
 

main.bib

@@ -2668,6 +2668,22 @@ Subject\_term: Computer science}
   keywords = {electronic commerce,hardware security,implementation,smart cards}
 }
 
+@inproceedings{gotteGermanyRollingOut2026,
+  title = {Germany Is {{Rolling Out Nation-Scale Key Escrow}} and {{Nobody}} Is {{Talking About}} It},
+  booktitle = {Computer {{Security}}. {{ESORICS}} 2025 {{International Workshops}}},
+  author = {Götte, Jan Sebastian},
+  editor = {Laborde, Romain and Garcia-Alfaro, Joaquin and Yazdinejad, Abbas and Epiphaniou, Gregory and Abie, Habtamu and Ranise, Silvio and Choraś, Michał and Woźniak, Michał and Hara, Yuko and Mühlberg, Jan Tobias and Greco, Claudia and Choo, Kim-Kwang Raymond},
+  date = {2026},
+  pages = {370--377},
+  publisher = {Springer Nature Switzerland},
+  location = {Cham},
+  doi = {10.1007/978-3-032-16165-9_22},
+  abstract = {Germany is currently rolling out an opt-out, nation-scale database of the medical records of the majority of~its population, with low-income people being disproportionally represented among its users. While there has~been considerable criticism of the system coming from civil society, independent academic analysis of the system by~the cryptography and information security community has been largely absent. In this paper, we aim to raise awareness~of the system’s existence and, based on the system’s public specifications, highlight several concerning cryptographic engineering decisions. Our core observations is that the system’s most sensitive long-term user keys are derived~by a rudimentary, home-grown centralized key escrow mechanism. This mechanism relies on a per-use salt and only 256~bit of entropy, shared globally across millions of users. Furthermore, the system’s specification mandates only level~3 compliance with the obsolete FIPS 140-2 security standard, which requires “hard, opaque potting”, but lacks active tamper sensing. As a result, the system remains vulnerable to attacks by nation states and other well-funded adversaries.},
+  isbn = {978-3-032-16165-9},
+  langid = {english},
+  keywords = {Cryptography,Governance,Hardware Security Module (HSM),Healthcare,Physical Security,Tamper Resistance}
+}
+
 @inproceedings{gotteHighFidelitySecurity2026,
   title = {High {{Fidelity Security Mesh Monitoring}} Using {{Low-Cost}}, {{Embedded Time Domain Reflectometry}}},
   booktitle = {Transactions on {{Cryptographic Hardware}} and {{Embedded Systems}}},