Slides: Initial WIP draft

2026-05-29 20:15:49 +02:00 · 2026-05-29 20:15:49 +02:00 · be4806c22a
commit be4806c22a
parent 58fa0820fe
2 changed files with 64 additions and 65 deletions
--- a/defence/slides.odp
+++ b/defence/slides.odp
--- a/main.bib
+++ b/main.bib
@ -45,7 +45,7 @@
  organization = {Analog Devices}
 }

-@online{adhikariDontLookUbiquitous2022,
+@online{adhikariDonLookUbiquitous2022,
  title = {Don't {{Look Up}}: {{Ubiquitous Data Exfiltration Pathways}} in {{Commercial Spaces}}},
  shorttitle = {Don't {{Look Up}}},
  author = {Adhikari, Anku and Guo, Samuel and Smaragdis, Paris and Winslett, Marianne},
@ -294,7 +294,7 @@
  location = {London},
  doi = {10.4324/9781003220534},
  abstract = {Cypherpunk Ethics explores the moral worldview of the cypherpunks, a movement that advocates the use of strong digital cryptography—or crypto, for short—to defend individual privacy and promote institutional transparency in the digital age.  Focusing on the writings of Timothy May and Julian Assange, two of the most prolific and influential cypherpunks, the book examines two competing paradigms of cypherpunk philosophy—crypto anarchy and crypto justice—and examines the implications of cypherpunk ethics for a range of contemporary moral issues, including surveillance, privacy, whistleblowing, cryptocurrencies, journalism, democracy, censorship, intellectual property, and power.  Rooted in theory but with very real applications, this volume will appeal not only to students and scholars of digital media, communication, journalism, philosophy, political science, critical data studies, sociology, and the history of technology but also to technologists and activists around the world.},
-  isbn = {978-1-003-22053-4},
+  isbn = {978-1-00-322053-4},
  pagetotal = {142}
 }

@ -343,7 +343,7 @@
  isbn = {978-1-4503-4139-4}
 }

-@inproceedings{arpPrivacyThreatsUltrasonic2017,
+@inproceedings{arpPrivacyThreatsUltrasonic2017a,
  title = {Privacy {{Threats}} through {{Ultrasonic Side Channels}} on {{Mobile Devices}}},
  booktitle = {2017 {{IEEE European Symposium}} on {{Security}} and {{Privacy}} ({{EuroS}}\&{{P}})},
  author = {Arp, Daniel and Quiring, Erwin and Wressnegger, Christian and Rieck, Konrad},
@ -590,8 +590,8 @@
 }

@incollection{baumMoz$$mathbbZ_2^k$$arellaEfficient2022,
-  title = {Moz\$\$\textbackslash mathbb \{{{Z}}\}\_\{2\textasciicircum k\}\$\$arella: {{Efficient Vector-OLE}} and {{Zero-Knowledge Proofs}} over \$\$\textbackslash mathbb \{{{Z}}\}\_\{2\textasciicircum k\}\$\$},
-  shorttitle = {Moz\$\$\textbackslash mathbb \{{{Z}}\}\_\{2\textasciicircum k\}\$\$arella},
+  title = {Moz\$\$\textbackslash mathbb \{\vphantom\}{{Z}}\vphantom\{\}\_\{2\textasciicircum k\}\$\$arella: {{Efficient Vector-OLE}} and {{Zero-Knowledge Proofs}} over \$\$\textbackslash mathbb \{\vphantom\}{{Z}}\vphantom\{\}\_\{2\textasciicircum k\}\$\$},
+  shorttitle = {Moz\$\$\textbackslash mathbb \{\vphantom\}{{Z}}\vphantom\{\}\_\{2\textasciicircum k\}\$\$arella},
  booktitle = {Advances in {{Cryptology}} – {{CRYPTO}} 2022},
  author = {Baum, Carsten and Braun, Lennart and Munch-Hansen, Alexander and Scholl, Peter},
  editor = {Dodis, Yevgeniy and Shrimpton, Thomas},
@ -736,7 +736,7 @@
  langid = {english}
 }

-@inproceedings{bhargavanPracticalInSecurity64bit2016,
+@inproceedings{bhargavanPracticalSecurity64bit2016,
  title = {On the {{Practical}} ({{In-}}){{Security}} of 64-Bit {{Block Ciphers}}: {{Collision Attacks}} on {{HTTP}} over {{TLS}} and {{OpenVPN}}},
  shorttitle = {On the {{Practical}} ({{In-}}){{Security}} of 64-Bit {{Block Ciphers}}},
  booktitle = {Proceedings of the 2016 {{ACM SIGSAC Conference}} on {{Computer}} and {{Communications Security}}},
@ -1547,7 +1547,7 @@
  url = {https://ieeexplore.ieee.org/document/9152700/},
  urldate = {2023-01-19},
  eventtitle = {2020 {{IEEE Symposium}} on {{Security}} and {{Privacy}} ({{SP}})},
-  isbn = {978-1-7281-3497-0}
+  isbn = {978-1-72813-497-0}
 }

@book{constantinouAppliedResearchPolicing2021,
@ -1833,7 +1833,7 @@
  location = {Singapore},
  doi = {10.1007/978-981-99-8721-4_1},
  abstract = {A Universal Circuit~(UC) is a Boolean circuit of size~\$\$\textbackslash varTheta (n \textbackslash log n)\$\$Θ(nlogn)that can simulate any Boolean function up to a certain size~n. Valiant (STOC’76) provided the first two UC constructions of asymptotic sizes \$\$\textbackslash sim 5 n\textbackslash log n\$\$∼5nlognand \$\$\textbackslash sim 4.75 n\textbackslash log n\$\$∼4.75nlogn, and today’s most efficient construction of Liu et al.~(CRYPTO’21) has size~\$\$\textbackslash sim 3n\textbackslash log n\$\$∼3nlogn. Evaluating a public UC with a secure Multi-Party Computation~(MPC) protocol allows efficient Private Function Evaluation~(PFE), where a private function is evaluated on private data.},
-  isbn = {978-981-99-8721-4},
+  isbn = {978-981-9987-21-4},
  langid = {english},
  keywords = {multi-party computation,private function evaluation,universal circuit}
 }
@ -1942,7 +1942,7 @@
  keywords = {Computer Science - Cryptography and Security,Quantum Physics}
 }

-@article{dumitruImpostorUSBOffPath,
+@article{dumitruImpostorUSOffPath,
  title = {The {{Impostor Among US}}({{B}}): {{Off-Path Injection Attacks}} on {{USB Communications}}},
  author = {Dumitru, Robert and Genkin, Daniel and Wabnitz, Andrew and Yarom, Yuval},
  abstract = {USB is the most prevalent peripheral interface in modern computer systems and its inherent insecurities make it an appealing attack vector. A well-known limitation of USB is that traffic is not encrypted. This allows on-path adversaries to trivially perform man-in-the-middle attacks. Off-path attacks that compromise the confidentiality of communications have also been shown to be possible. However, so far no off-path attacks that breach USB communications integrity have been demonstrated.},
@ -2261,7 +2261,7 @@
  url = {https://www.fs.com/de/products/42416.html},
  urldate = {2024-09-05},
  abstract = {Kaufen Sie LWL-Pigtail, 1M 12 Fasern SC Singlemode Fasernarbcodiertes LWL-Pigtail, SC/APC Stecker beim Lichtwellenleiter(LWL) Pigtail Hersteller mit besten Preis},
-  langid = {german},
+  langid = {ngerman},
  organization = {FS.com}
 }

@ -3034,7 +3034,7 @@ Subject\_term: Computer science}
  url = {https://www.youtube.com/watch?v=LD9e73BYAnI}
 }

-@article{heathGRAMOlog2Overhead,
+@article{heathGRAMLog2Overhead,
  title = {{{GRAM}} with {{O}}(Log2 n) {{Overhead}}},
  author = {Heath, David and Kolesnikov, Vladimir and Ostrovsky, Rafail},
  abstract = {Garbled RAM (GRAM) is a powerful technique introduced by Lu and Ostrovsky that equips Garbled Circuit (GC) with a sublinear cost RAM without adding rounds of interaction. While multiple GRAM constructions are known, none are suitable for practice, due to costs that have high constants and poor scaling.},
@ -3214,19 +3214,19 @@ Subject\_term: Computer science}
  keywords = {Analytical algorithm,CMOS integrated circuits,CMOS technology,Inductors,Layout,minimum resistance,on-chip inductor,Radiofrequency integrated circuits,Resistance,variable width}
 }

-@online{HttpsArxivorgPdf,
+@online{HttpsArxivOrg,
  title = {{{https://arxiv.org/pdf/1909.13770}}},
  url = {https://arxiv.org/pdf/1909.13770},
  urldate = {2024-05-21}
 }

-@online{HttpsWebarchiveorgWeb,
+@online{HttpsWebArchive,
  title = {{{https://web.archive.org/web/20160421023836id\_/http://people.seas.harvard.edu/\textasciitilde bgoldberg/documents/Papers/ICRA14\_Goldberg.pdf}}},
  url = {https://web.archive.org/web/20160421023836id_/http://people.seas.harvard.edu/~bgoldberg/documents/Papers/ICRA14_Goldberg.pdf},
  urldate = {2024-07-25}
 }

-@online{HttpsWwweuroixnetMedia,
+@online{HttpsWwwEuroix,
  title = {{{https://www.euro-ix.net/media/filer\_public/1f/74/1f7457be-afd8-471b-b333-2cb7958f9d0b/demystify\_quantum\_key\_distribution\_euro-ix.pdf}}},
  url = {https://www.euro-ix.net/media/filer_public/1f/74/1f7457be-afd8-471b-b333-2cb7958f9d0b/demystify_quantum_key_distribution_euro-ix.pdf},
  urldate = {2024-06-28}
@ -3338,13 +3338,13 @@ Subject\_term: Computer science}

@online{IEEEXploreFullTexta,
  title = {{{IEEE Xplore Full-Text PDF}}:},
-  url = {https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=8558378},
+  url = {https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=6520632},
  urldate = {2024-09-10}
 }

@online{IEEEXploreFullTextb,
  title = {{{IEEE Xplore Full-Text PDF}}:},
-  url = {https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=6520632},
+  url = {https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=8558378},
  urldate = {2024-09-10}
 }

@ -3555,7 +3555,7 @@ Subject\_term: Computer science}
  url = {https://doi.org/10.1201/9781003123675},
  urldate = {2025-11-18},
  abstract = {The crypto wars have raged for half a century. In the 1970s, digital privacy activists prophesied the emergence of an Orwellian State, made possible by computer-mediated mass surveillance. The antidote: digital encryption. The U.S. government warned encryption would not only prevent surveillance of law-abiding citizens, but of criminals, terrorists, and foreign spies, ushering in a rival dystopian future. Both parties fought to defend the citizenry from what they believed the most perilous threats. The government tried to control encryption to preserve its surveillance capabilities; privacy activists armed citizens with cryptographic tools and challenged encryption regulations in the courts. No clear victor has emerged from the crypto wars. Governments have failed to forge a framework to govern the, at times conflicting, civil liberties of privacy and security in the digital age—an age when such liberties have an outsized influence on the citizen–State power balance. Solving this problem is more urgent than ever. Digital privacy will be one of the most important factors in how we architect twenty-first century societies—its management is paramount to our stewardship of democracy for future generations. We must elevate the quality of debate on cryptography, on how we govern security and privacy in our technology-infused world. Failure to end the crypto wars will result in societies sleepwalking into a future where the citizen–State power balance is determined by a twentieth-century status quo unfit for this century, endangering both our privacy and security. This book provides a history of the crypto wars, with the hope its chronicling sets a foundation for peace.},
-  isbn = {978-1-003-12367-5}
+  isbn = {978-1-00-312367-5}
 }

@inproceedings{jiangGhostTypeLimitsUsing2024,
@ -3917,7 +3917,7 @@ Subject\_term: Computer science}
  urldate = {2024-07-31},
  abstract = {Most common user authentication methods use some form of password or a combination of passwords. However, encryption schemes are generally not directly compatible with user passwords and thus, Password-Based Key Derivation Functions (PBKDFs) are used to convert user passwords into cryptographic keys. In this paper, we analyze the theoretical security of PBKDF2 and present two vulnerabilities, γ-collision and δ-collision. Using AES-128 as our exemplar, we show that due to γ-collision, text encrypted with one user password can be decrypted with γ − 1 different passwords. We also provide a proof that finding a collision in the derived key for AES-128 requires δ lesser calls to PBKDF2 than the known Birthday attack. Due to this, it is possible to break password-based AES-128 in O(264) calls, which is equivalent to brute-forcing DES.},
  eventtitle = {2021 {{IEEE International Conference}} on {{Cyber Security}} and {{Resilience}} ({{CSR}})},
-  isbn = {978-1-6654-0285-9},
+  isbn = {978-1-66540-285-9},
  langid = {english}
 }

@ -4047,7 +4047,7 @@ Subject\_term: Computer science}
  pages = {1955--1971},
  doi = {10.1109/SP40001.2021.00029},
  url = {http://arxiv.org/abs/2009.04263},
-  urldate = {2024-07-25},
+  urldate = {2024-01-08},
  abstract = {Due to its sound theoretical basis and practical efficiency, masking has become the most prominent countermeasure to protect cryptographic implementations against physical sidechannel attacks (SCAs). The core idea of masking is to randomly split every sensitive intermediate variable during computation into at least t+1 shares, where t denotes the maximum number of shares that are allowed to be observed by an adversary without learning any sensitive information. In other words, it is assumed that the adversary is bounded either by the possessed number of probes (e.g., microprobe needles) or by the order of statistical analyses while conducting higher-order SCA attacks (e.g., differential power analysis). Such bounded models are employed to prove the SCA security of the corresponding implementations. Consequently, it is believed that given a sufficiently large number of shares, the vast majority of known SCA attacks are mitigated. In this work, we present a novel laser-assisted SCA technique, called Laser Logic State Imaging (LLSI), which offers an unlimited number of contactless probes, and therefore, violates the probing security model assumption. This technique enables us to take snapshots of hardware implementations, i.e., extract the logical state of all registers at any arbitrary clock cycle with a single measurement. To validate this, we mount our attack on masked AES hardware implementations and practically demonstrate the extraction of the full-length key in two different scenarios. First, we assume that the location of the registers (key and/or state) is known, and hence, their content can be directly read by a single snapshot. Second, we consider an implementation with unknown register locations, where we make use of multiple snapshots and a SAT solver to reveal the secrets.},
  langid = {english},
  keywords = {Computer Science - Cryptography and Security}
@ -4065,7 +4065,7 @@ Subject\_term: Computer science}
  pages = {1955--1971},
  doi = {10.1109/SP40001.2021.00029},
  url = {http://arxiv.org/abs/2009.04263},
-  urldate = {2024-01-08},
+  urldate = {2024-07-25},
  abstract = {Due to its sound theoretical basis and practical efficiency, masking has become the most prominent countermeasure to protect cryptographic implementations against physical sidechannel attacks (SCAs). The core idea of masking is to randomly split every sensitive intermediate variable during computation into at least t+1 shares, where t denotes the maximum number of shares that are allowed to be observed by an adversary without learning any sensitive information. In other words, it is assumed that the adversary is bounded either by the possessed number of probes (e.g., microprobe needles) or by the order of statistical analyses while conducting higher-order SCA attacks (e.g., differential power analysis). Such bounded models are employed to prove the SCA security of the corresponding implementations. Consequently, it is believed that given a sufficiently large number of shares, the vast majority of known SCA attacks are mitigated. In this work, we present a novel laser-assisted SCA technique, called Laser Logic State Imaging (LLSI), which offers an unlimited number of contactless probes, and therefore, violates the probing security model assumption. This technique enables us to take snapshots of hardware implementations, i.e., extract the logical state of all registers at any arbitrary clock cycle with a single measurement. To validate this, we mount our attack on masked AES hardware implementations and practically demonstrate the extraction of the full-length key in two different scenarios. First, we assume that the location of the registers (key and/or state) is known, and hence, their content can be directly read by a single snapshot. Second, we consider an implementation with unknown register locations, where we make use of multiple snapshots and a SAT solver to reveal the secrets.},
  langid = {english},
  keywords = {Computer Science - Cryptography and Security}
@ -4197,7 +4197,7 @@ Subject\_term: Computer science}
  issn = {2511-9044, 2511-9044},
  doi = {10.1002/qute.201800011},
  url = {http://arxiv.org/abs/1703.09278},
-  urldate = {2024-07-15},
+  urldate = {2024-05-27},
  abstract = {Quantum key distribution using weak coherent states and homodyne detection is a promising candidate for practical quantum-cryptographic implementations due to its compatibility with existing telecom equipment and high detection efficiencies. However, despite the actual simplicity of the protocol, the security analysis of this method is rather involved compared to discrete-variable QKD. In this article we review the theoretical foundations of continuous-variable quantum key distribution (CV-QKD) with Gaussian modulation and rederive the essential relations from scratch in a pedagogical way. The aim of this paper is to be as comprehensive and self-contained as possible in order to be well intelligible even for readers with little pre-knowledge on the subject. Although the present article is a theoretical discussion of CV-QKD, its focus lies on practical implementations, taking into account various kinds of hardware imperfections and suggesting practical methods to perform the security analysis subsequent to the key exchange. Apart from a review of well known results, this manuscript presents a set of new original noise models which are helpful to get an estimate of how well a given set of hardware will perform in practice.},
  langid = {english},
  keywords = {Quantum Physics}
@ -4218,7 +4218,7 @@ Subject\_term: Computer science}
  issn = {2511-9044, 2511-9044},
  doi = {10.1002/qute.201800011},
  url = {http://arxiv.org/abs/1703.09278},
-  urldate = {2024-05-27},
+  urldate = {2024-05-02},
  abstract = {Quantum key distribution using weak coherent states and homodyne detection is a promising candidate for practical quantum-cryptographic implementations due to its compatibility with existing telecom equipment and high detection efficiencies. However, despite the actual simplicity of the protocol, the security analysis of this method is rather involved compared to discrete-variable QKD. In this article we review the theoretical foundations of continuous-variable quantum key distribution (CV-QKD) with Gaussian modulation and rederive the essential relations from scratch in a pedagogical way. The aim of this paper is to be as comprehensive and self-contained as possible in order to be well intelligible even for readers with little pre-knowledge on the subject. Although the present article is a theoretical discussion of CV-QKD, its focus lies on practical implementations, taking into account various kinds of hardware imperfections and suggesting practical methods to perform the security analysis subsequent to the key exchange. Apart from a review of well known results, this manuscript presents a set of new original noise models which are helpful to get an estimate of how well a given set of hardware will perform in practice.},
  langid = {english},
  keywords = {Quantum Physics}
@ -4239,7 +4239,7 @@ Subject\_term: Computer science}
  issn = {2511-9044, 2511-9044},
  doi = {10.1002/qute.201800011},
  url = {http://arxiv.org/abs/1703.09278},
-  urldate = {2024-05-02},
+  urldate = {2024-07-15},
  abstract = {Quantum key distribution using weak coherent states and homodyne detection is a promising candidate for practical quantum-cryptographic implementations due to its compatibility with existing telecom equipment and high detection efficiencies. However, despite the actual simplicity of the protocol, the security analysis of this method is rather involved compared to discrete-variable QKD. In this article we review the theoretical foundations of continuous-variable quantum key distribution (CV-QKD) with Gaussian modulation and rederive the essential relations from scratch in a pedagogical way. The aim of this paper is to be as comprehensive and self-contained as possible in order to be well intelligible even for readers with little pre-knowledge on the subject. Although the present article is a theoretical discussion of CV-QKD, its focus lies on practical implementations, taking into account various kinds of hardware imperfections and suggesting practical methods to perform the security analysis subsequent to the key exchange. Apart from a review of well known results, this manuscript presents a set of new original noise models which are helpful to get an estimate of how well a given set of hardware will perform in practice.},
  langid = {english},
  keywords = {Quantum Physics}
@ -4300,7 +4300,7 @@ Subject\_term: Computer science}
  langid = {english}
 }

-@article{leePrintedSpiralWinding2011,
+@article{leePrintedSpiralWinding2011a,
  title = {Printed {{Spiral Winding Inductor With Wide Frequency Bandwidth}}},
  author = {Lee, Chi Kwan and Su, Y. P. and Ron Hui, S. Y.},
  date = {2011-10},
@ -4500,7 +4500,7 @@ Subject\_term: Computer science}
  langid = {english}
 }

-@article{lopeFirstSelfresonantFrequency2021,
+@article{lopeFirstSelfResonant2021,
  title = {First Self‐resonant Frequency of Power Inductors Based on Approximated Corrected Stray Capacitances},
  author = {Lope, Ignacio and Carretero, Claudio and Acero, Jesus},
  date = {2021-02},
@ -4700,7 +4700,7 @@ Subject\_term: Computer science}
  volume = {13},
  number = {2},
  eprint = {1},
-  eprinttype = {pubmed},
+  eprinttype = {pmid},
  pages = {117--126},
  issn = {0006-2944},
  doi = {10.1016/0006-2944(75)90147-7},
@ -4722,7 +4722,6 @@ Subject\_term: Computer science}
  url = {https://citizenlab.ca/2025/06/first-forensic-confirmation-of-paragons-ios-mercenary-spyware-finds-journalists-targeted/},
  urldate = {2025-11-26},
  abstract = {On April 29, 2025, a select group of iOS users were notified by Apple that they were targeted with advanced spyware. Among the group were two journalists who consented to the technical analysis of their cases. In this report, we discuss key findings from our forensic analyses of their devices.},
-  organization = {Citizen Lab, University of Toronto},
  keywords = {Italy,Mercenary Spyware,Paragon Solutions}
 }

@ -4820,7 +4819,7 @@ Subject\_term: Computer science}
  urldate = {2023-12-21},
  abstract = {Paper documents, where digital signatures are not directly applicable, are still widely utilized due to usability and legal reasons. We propose a novel approach to authenticating paper documents by taking short videos of them with smartphones. Our solution combines cryptographic and image comparison techniques to detect and highlight semantic-changing attacks on rich documents, containing text and graphics. We provide geometrical arguments for the security of our novel comparison algorithm, and prove that its combination with a cryptographic protocol is secure against strong adversaries capable of compromising different system components. We also measure its accuracy on a set of 128 videos of paper documents and a set of 960 synthetically generated warped documents, half containing subtle forgeries. Our algorithm finds all forgeries accurately with no false positives. The highlighted regions are large enough to be visible to users, but small enough to precisely locate forgeries.},
  eventtitle = {{{ACSAC}} '23: {{Annual Computer Security Applications Conference}}},
-  isbn = {979-8-4007-0886-2},
+  isbn = {9798400708862},
  langid = {english}
 }

@ -5049,7 +5048,7 @@ Subject\_term: Computer science}
  url = {https://doi.org/10.1145/3576915.3623092},
  urldate = {2024-07-25},
  abstract = {The threats of physical side-channel attacks and their countermeasures have been widely researched. Most physical side-channel attacks rely on the unavoidable influence of computation or storage on current consumption or voltage drop on a chip. Such data-dependent influence can be exploited by, for instance, power or electromagnetic analysis. In this work, we introduce a novel non-invasive physical side-channel attack, which exploits the data-dependent changes in the impedance of the chip. Our attack relies on the fact that the temporarily stored contents in registers alter the physical characteristics of the circuit, which results in changes in the die's impedance. To sense such impedance variations, we deploy a well-known RF/microwave method called scattering parameter analysis, in which we inject sine wave signals with high frequencies into the system's power distribution network (PDN) and measure the echo of the signals. We demonstrate that according to the content bits and physical location of a register, the reflected signal is modulated differently at various frequency points enabling the simultaneous and independent probing of individual registers. Such side-channel leakage challenges the t-probing security model assumption used in masking, which is a prominent side-channel countermeasure. To validate our claims, we mount non-profiled and profiled impedance analysis attacks on hardware implementations of unprotected and high-order masked AES. We show that in the case of the profiled attack, only a single trace is required to recover the secret key. Finally, we discuss how a specific class of hiding countermeasures might be effective against impedance leakage.},
-  isbn = {979-8-4007-0050-7}
+  isbn = {9798400700507}
 }

@article{mooreApplicationsWirelessPower2019,
@ -5077,7 +5076,7 @@ Subject\_term: Computer science}
  journaltitle = {Thermochimica Acta},
  shortjournal = {Thermochimica Acta},
  volume = {442},
-  number = {1--2},
+  number = {1-2},
  pages = {14--17},
  issn = {00406031},
  doi = {10.1016/j.tca.2005.11.020},
@ -5251,7 +5250,7 @@ Subject\_term: Computer science}
  urldate = {2023-12-21},
  abstract = {Most terminal devices authenticate users only once at the time of initial login, leaving the terminal unprotected during an active session when the original user leaves it unattended. To address this issue, continuous authentication has been proposed by automatically locking the terminal after a period of inactivity. However, it does not fully eliminate the risk of unauthorized access before the session expires. Recent research has also investigated the feasibility of using physiological and behavioral patterns as biometrics. This study presents a novel two-factor continuous authentication that explores a new form of signal called human-induced electric potential captured by wearables in contact with the user’s body. By analyzing this signal, we can determine the time of user-terminal interactions and compare it with information recorded by the terminal’s OS. If the original user remains on the same terminal, the two-source readings would match. Additionally, the proposed scheme includes an extra layer of protection by extracting terminal’s physical fingerprints from the human-induced electric potential to defend against advanced mimicry attacks. To test the effectiveness of our design, a low-cost wearable prototype is developed. Through extensive experiments, it is found that the proposed scheme has a low error rate of 2.3\%, with minimal computational and energy requirements.},
  eventtitle = {{{ACSAC}} '23: {{Annual Computer Security Applications Conference}}},
-  isbn = {979-8-4007-0886-2},
+  isbn = {9798400708862},
  langid = {english}
 }

@ -5815,7 +5814,7 @@ Subject\_term: Publishing, Machine learning, Authorship, Education}
  keywords = {Acceleration,Cloud computing,Cloud Service,Cryptography,Data Center,Field programmable gate arrays,FPGA,Hardware,Logic gates,Machine learning,Machine Learning,Matrix Multiplication,Multiparty Computation,Secret Sharing,Secure Computation}
 }

-@article{patraABY20ImprovedMixedProtocol,
+@article{patraABY2ImprovedMixedProtocol,
  title = {{{ABY2}}.0: {{Improved Mixed-Protocol Secure Two-Party Computation}}},
  author = {Patra, Arpita and Schneider, Thomas and Suresh, Ajith and Yalame, Hossein},
  abstract = {Secure Multi-party Computation (MPC) allows a set of mutually distrusting parties to jointly evaluate a function on their private inputs while maintaining input privacy. In this work, we improve semi-honest secure two-party computation (2PC) over rings, with a focus on the efficiency of the online phase.},
@ -5828,14 +5827,6 @@ Subject\_term: Publishing, Machine learning, Authorship, Education}
 }

@standard{pcisecuritystandardscouncilPaymentCardIndustry2021,
-  title = {Payment {{Card Industry PIN Transaction Security Hardware Security Module Modular Derived Test Requirements}}},
-  author = {{PCI Security Standards Council}},
-  date = {2021-12},
-  url = {https://docs-prv.pcisecuritystandards.org/PTS/Derived%20Test%20Requirements/PCI_HSM_DTRs_v4.pdf},
-  urldate = {2025-04-09}
-}
-
-@standard{pcisecuritystandardscouncilPaymentCardIndustry2021a,
  title = {Payment {{Card Industry PIN Transaction Security Hardware Security Module Modular Security Requirements}}},
  author = {{PCI Security Standards Council}},
  date = {2021-12},
@ -5845,6 +5836,14 @@ Subject\_term: Publishing, Machine learning, Authorship, Education}
  version = {4.0}
 }

+@standard{pcisecuritystandardscouncilPaymentCardIndustry2021,
+  title = {Payment {{Card Industry PIN Transaction Security Hardware Security Module Modular Derived Test Requirements}}},
+  author = {{PCI Security Standards Council}},
+  date = {2021-12},
+  url = {https://docs-prv.pcisecuritystandards.org/PTS/Derived%20Test%20Requirements/PCI_HSM_DTRs_v4.pdf},
+  urldate = {2025-04-09}
+}
+
@standard{pcisecuritystandardscouncilPaymentCardIndustry2025,
  title = {Payment {{Card Industry PIN Transaction Security Device Testing}} and {{Approval Program Guide}}},
  author = {{PCI Security Standards Council}},
@ -6439,7 +6438,7 @@ Website contains OCR'ed original source and a translation}
  url = {https://dl.acm.org/doi/10.1145/3627106.3627192},
  urldate = {2023-12-21},
  eventtitle = {{{ACSAC}} '23: {{Annual Computer Security Applications Conference}}},
-  isbn = {979-8-4007-0886-2},
+  isbn = {9798400708862},
  langid = {english}
 }

@ -6624,11 +6623,11 @@ Website contains OCR'ed original source and a translation}
  keywords = {Dielectric waveguides,Fiber lasers,laser amplifiers,Laser modes,Loss measurement,optical fiber amplifiers,Optical fiber amplifiers,optical fiber lasers,Optical fiber losses,Optical fiber polarization,Optical fibers,Optical propagation,optical waveguide theory,Optical waveguides,Propagation losses,waveguide bends}
 }

-@online{schmiegGooglesThreatModel2024,
+@online{schmiegGoogleThreatModel2024,
  type = {Blog Article},
  title = {Google's {{Threat}} Model for {{Post-Quantum Cryptography}}},
  author = {Schmieg, Sophie and Kölbl, Stefan and Endignoux, Guillaume},
-  date = {2024-11-03},
+  date = {2024-03-11},
  url = {https://bughunters.google.com/blog/5108747984306176/google-s-threat-model-for-post-quantum-cryptography},
  urldate = {2024-06-27},
  abstract = {Read on to understand how Google currently evaluates the threat landscape related to post-quantum cryptography, and what implications this has for migrating from classical cryptographic algorithms to PQC.},
@ -7179,7 +7178,7 @@ Archive 2: https://web.archive.org/web/20250510104017/https://de.linkedin.com/pu
  langid = {english}
 }

-@incollection{TamperResistance2020,
+@incollection{TamperResistance2020a,
  title = {Tamper {{Resistance}}},
  booktitle = {Security {{Engineering}}},
  date = {2020},
@ -8054,7 +8053,7 @@ Archive 2: https://web.archive.org/web/20250510104017/https://de.linkedin.com/pu
  volume = {66},
  number = {4},
  eprint = {4},
-  eprinttype = {pubmed},
+  eprinttype = {pmid},
  pages = {1338--1343},
  issn = {1090-2104},
  doi = {10.1016/0006-291x(75)90506-9},
@ -8088,7 +8087,7 @@ Archive 2: https://web.archive.org/web/20250510104017/https://de.linkedin.com/pu
  volume = {30},
  number = {2},
  eprint = {35},
-  eprinttype = {pubmed},
+  eprinttype = {pmid},
  pages = {225--231},
  issn = {0007-1048},
  doi = {10.1111/j.1365-2141.1975.tb00536.x},
@ -8485,7 +8484,7 @@ Archive 2: https://web.archive.org/web/20250510104017/https://de.linkedin.com/pu
  issn = {2375-1053},
  doi = {10.1109/VTS.2015.7116294},
  url = {https://ieeexplore.ieee.org/document/7116294/?arnumber=7116294},
-  urldate = {2024-10-31},
+  urldate = {2024-10-04},
  abstract = {The long and distributed supply chain of printed circuit boards (PCBs) makes them vulnerable to different forms of counterfeiting attacks. Existing chip-level integrity validation approaches cannot be readily extended to PCB. In this paper, we address this issue with a novel PCB authentication approach that creates robust, unique signatures from a PCB based on process-induced variations in its trace impedances. The approach comes at virtually zero design and hardware overhead and can be applied to legacy PCBs. Experiments with two sets of commercial PCBs as well as a set of custom designed PCBs show that the proposed approach can obtain unique authentication signature with inter-PCB hamming distance of 47.94\% or higher.},
  eventtitle = {2015 {{IEEE}} 33rd {{VLSI Test Symposium}} ({{VTS}})},
  keywords = {Authentication,Copper,Counterfeiting,Electrical resistance measurement,High definition video,Impedance,Impedance measurement,Piracy,Printed Circuit Board (PCB),Probes,PUF,Trust}
@ -8500,7 +8499,7 @@ Archive 2: https://web.archive.org/web/20250510104017/https://de.linkedin.com/pu
  issn = {2375-1053},
  doi = {10.1109/VTS.2015.7116294},
  url = {https://ieeexplore.ieee.org/document/7116294/?arnumber=7116294},
-  urldate = {2024-10-04},
+  urldate = {2024-10-31},
  abstract = {The long and distributed supply chain of printed circuit boards (PCBs) makes them vulnerable to different forms of counterfeiting attacks. Existing chip-level integrity validation approaches cannot be readily extended to PCB. In this paper, we address this issue with a novel PCB authentication approach that creates robust, unique signatures from a PCB based on process-induced variations in its trace impedances. The approach comes at virtually zero design and hardware overhead and can be applied to legacy PCBs. Experiments with two sets of commercial PCBs as well as a set of custom designed PCBs show that the proposed approach can obtain unique authentication signature with inter-PCB hamming distance of 47.94\% or higher.},
  eventtitle = {2015 {{IEEE}} 33rd {{VLSI Test Symposium}} ({{VTS}})},
  keywords = {Authentication,Copper,Counterfeiting,Electrical resistance measurement,High definition video,Impedance,Impedance measurement,Piracy,Printed Circuit Board (PCB),Probes,PUF,Trust}
@ -8584,6 +8583,23 @@ Archive 2: https://web.archive.org/web/20250510104017/https://de.linkedin.com/pu
 }

@inproceedings{zhouPPMLACHighPerformance2022,
+  title = {{{PPMLAC}}: High Performance Chipset Architecture for Secure Multi-Party Computation},
+  shorttitle = {{{PPMLAC}}},
+  booktitle = {Proceedings of the 49th {{Annual International Symposium}} on {{Computer Architecture}}},
+  author = {Zhou, Xing and Xu, Zhilei and Wang, Cong and Gao, Mingyu},
+  date = {2022-06-11},
+  series = {{{ISCA}} '22},
+  pages = {87--101},
+  publisher = {Association for Computing Machinery},
+  location = {New York, NY, USA},
+  doi = {10.1145/3470496.3527392},
+  url = {https://doi.org/10.1145/3470496.3527392},
+  urldate = {2024-07-25},
+  abstract = {Privacy issue is a main concern restricting data sharing and cross-organization collaborations. While Privacy-Preserving Machine Learning techniques such as Multi-Party Computations (MPC), Homomorphic Encryption, and Federated Learning are proposed to solve this problem, no solution exists with both strong security and high performance to run large-scale, complex machine learning models. This paper presents PPMLAC, a novel chipset architecture to accelerate MPC, which combines MPC's strong security and hardware's high performance, eliminates the communication bottleneck from MPC, and achieves several orders of magnitudes speed up over software-based MPC. It is carefully designed to only rely on a minimum set of simple hardware components in the trusted domain, thus is robust against side-channel attacks and malicious adversaries. Our FPGA prototype can run mainstream large-scale ML models like ResNet in near real-time under a practical network environment with non-negligible latency, which is impossible for existing MPC solutions.},
+  isbn = {978-1-4503-8610-4}
+}
+
+@inproceedings{zhouPPMLACHighPerformance2022a,
  title = {{{PPMLAC}}: High Performance Chipset Architecture for Secure Multi-Party Computation},
  shorttitle = {{{PPMLAC}}},
  booktitle = {Proceedings of the 49th {{Annual International Symposium}} on {{Computer Architecture}}},
@ -8601,23 +8617,6 @@ Archive 2: https://web.archive.org/web/20250510104017/https://de.linkedin.com/pu
  langid = {english}
 }

-@inproceedings{zhouPPMLACHighPerformance2022a,
-  title = {{{PPMLAC}}: High Performance Chipset Architecture for Secure Multi-Party Computation},
-  shorttitle = {{{PPMLAC}}},
-  booktitle = {Proceedings of the 49th {{Annual International Symposium}} on {{Computer Architecture}}},
-  author = {Zhou, Xing and Xu, Zhilei and Wang, Cong and Gao, Mingyu},
-  date = {2022-06-11},
-  series = {{{ISCA}} '22},
-  pages = {87--101},
-  publisher = {Association for Computing Machinery},
-  location = {New York, NY, USA},
-  doi = {10.1145/3470496.3527392},
-  url = {https://doi.org/10.1145/3470496.3527392},
-  urldate = {2024-07-25},
-  abstract = {Privacy issue is a main concern restricting data sharing and cross-organization collaborations. While Privacy-Preserving Machine Learning techniques such as Multi-Party Computations (MPC), Homomorphic Encryption, and Federated Learning are proposed to solve this problem, no solution exists with both strong security and high performance to run large-scale, complex machine learning models. This paper presents PPMLAC, a novel chipset architecture to accelerate MPC, which combines MPC's strong security and hardware's high performance, eliminates the communication bottleneck from MPC, and achieves several orders of magnitudes speed up over software-based MPC. It is carefully designed to only rely on a minimum set of simple hardware components in the trusted domain, thus is robust against side-channel attacks and malicious adversaries. Our FPGA prototype can run mainstream large-scale ML models like ResNet in near real-time under a practical network environment with non-negligible latency, which is impossible for existing MPC solutions.},
-  isbn = {978-1-4503-8610-4}
-}
-
@inproceedings{zhouPrintListenerUncoveringVulnerability2024,
  title = {{{PrintListener}}: {{Uncovering}} the {{Vulnerability}} of {{Fingerprint Authentication}} via the {{Finger Friction Sound}}},
  shorttitle = {{{PrintListener}}},