More lists of publications from Google Scholar, (or my Google Scholar profile), Microsoft Academic Search DBLP, ACM Author Profile, ResearcherID profile, or CiteSeer.

Research Interests

I am primarily interested in all aspects of security in distributed systems. I have been working on applying cryptographic techniques in building secure protocols to solve various problems in distributed systems. Recently, I have also been investigating the use of Trusted Computing technologies for securing endnodes, and ways to make secure systems usable.

List of publications


The documents distributed from this page have been provided as a means to ensure timely dissemination of scholarly and technical work on a noncommercial basis. Copyright and all rights therein are maintained by the authors or by other copyright holders, notwithstanding that they have offered their works here electronically. It is understood that all persons copying this information will adhere to the terms and constraints invoked by each author's copyright. These works may not be reposted without the explicit permission of the copyright holder.
ACM DL Author-ize serviceC-FLAT: Control-Flow Attestation for Embedded Systems Software
Tigist Abera, N. Asokan, Lucas Davi, Jan-Erik Ekberg, Thomas Nyman, Andrew Paverd, Ahmad-Reza Sadeghi, Gene Tsudik
CCS '16 Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, 2016

ACM DL Author-ize servicePOSTER: Friend or Foe? Context Authentication for Trust Domain Separation in IoT Environments
Markus Miettinen, Jialin Huang, Thien Duc Nguyen, N. Asokan, Ahmad-Reza Sadeghi
WiSec '16 Proceedings of the 9th ACM Conference on Security & Privacy in Wireless and Mobile Networks, 2016

Know Your Phish: Novel Techniques for Detecting Phishing Sites and Their Targets (with Samuel Marchal, Kalle Saari and Nidhi Singh)

Real-Time Client-Side Phishing Prevention Add-On (with Giovanni Armano and Samuel Marchal) .

Characterizing SEAndroid Policies in the Wild (with Elena Reshetova, Filippo Bonazzi, Thomas Nyman and Ravishankar Borgaonkar)

On improving tie strength estimates by aggregating multiple communication channels (with Narges Yousefnezhad and Marcin Nagy)

Pitfalls in Designing Zero-Effort Deauthentication: Opportunistic Human Observation Attacks. (with Otto Huhta, Swapnil Udar, Mika Juuti, Prakash Shrestha and Nitesh Saxena)

Practical Attacks Against Privacy and Availability in 4G/LTE Mobile Communication Systems (with Altaf Shaik, Jean-Pierre Seifert, Ravishankar Borgaonkar, and Valtteri Niemi)

ACM DL Author-ize serviceSEDA: Scalable Embedded Device Attestation
N. Asokan, Ferdinand Brasser, Ahmad Ibrahim, Ahmad-Reza Sadeghi, Matthias Schunter, Gene Tsudik, Christian Wachsmann
CCS '15 Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, 2015

ACM DL Author-ize serviceSecure Deduplication of Encrypted Data without Additional Independent Servers
Jian Liu, N. Asokan, Benny Pinkas
CCS '15 Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, 2015

ACM DL Author-ize serviceChecksum gestures: continuous gestures as an out-of-band channel for secure pairing
Imtiaj Ahmed, Yina Ye, Sourav Bhattacharya, N. Asokan, Giulio Jacucci, Petteri Nurmi, Sasu Tarkoma
UbiComp '15 Proceedings of the 2015 ACM International Joint Conference on Pervasive and Ubiquitous Computing, 2015

LookAhead: Augmenting Crowdsourced Website Reputation Systems with Predictive Modeling (with Sourav Bhattacharya and Otto Huhta)

On Making Emerging Trusted Execution Environments Accessible to Developers (with Thomas Nyman and Brian McGillion)

ACM DL Author-ize serviceSpotShare and nearbyPeople: applications of the Social PaL framework
Marcin Nagy, Thanh Bui, Swapnil Udar, N. Asokan, Jörg Ott
WiSec '15 Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks, 2015

Using contextual co-presence to strengthen Zero-Interaction Authentication: Design, integration and usability (with Hien Truong et al)
  • in Pervasive and Mobile Computing 16(B):187-204, 2015 (DOI Bookmark)

Mobile Trusted Computing (with Jan-Erik Ekberg et al)
  • Proceedings of the IEEE 102(8): 1189-1206 (2014) (DOI Bookmark)

Security of OS-Level Virtualization Technologies (with Elena Reshetova et al)

ACM DL Author-ize serviceContext-Based Zero-Interaction Pairing and Key Evolution for Advanced Personal Devices
Markus Miettinen, N. Asokan, Thien Duc Nguyen, Ahmad-Reza Sadeghi, Majid Sobhani
CCS '14 Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, 2014

ACM DL Author-ize serviceCitizen Electronic Identities using TPM 2.0
Thomas Nyman, Jan-Erik Ekberg, N. Asokan
TrustED '14 Proceedings of the 4th International Workshop on Trustworthy Embedded Devices, 2014

ACM DL Author-ize serviceGroupsourcing: nudging users away from unsafe content
Jian Liu, Sini Ruohomaa, Kumaripaba Athukorala, Giulio Jacucci, N. Asokan, Janne Lindqvist
NordiCHI '14 Proceedings of the 8th Nordic Conference on Human-Computer Interaction: Fun, Fast, Foundational, 2014

ACM DL Author-ize serviceConXsense: automated context classification for context-aware access control
Markus Miettinen, Stephan Heuser, Wiebke Kronz, Ahmad-Reza Sadeghi, N. Asokan
ASIA CCS '14 Proceedings of the 9th ACM symposium on Information, computer and communications security, 2014
(Best paper award)
Comparing and Fusing Different Sensor Modalities for Relay Attack Resistance in Zero-Interaction Authentication (with Hien Truong et al)

Drone to the Rescue: Relay-Resilient Authentication using Ambient Multi-Sensing (with Babins Shrestha, Nitesh Saxena and Hien Truong)

The Company You Keep: Mobile Malware Infection Rates and Inexpensive Risk Indicators (with Hien Truong et al)
ACM DL Author-ize serviceOn mobile malware infections
N. Asokan
WiSec '14 Proceedings of the 2014 ACM conference on Security and privacy in wireless & mobile networks, 2014

ACM DL Author-ize serviceTrusted execution environments on mobile devices
Jan-Erik Ekberg, Kari Kostiainen, N. Asokan
CCS '13 Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security, 2013

ACM DL Author-ize serviceCCS'13 co-located workshop summary for SPSM 2013
Adrienne Porter Felt, N. Asokan
CCS '13 Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security, 2013

The Untapped Potential of Trusted Execution Environments on Mobile Devices (with Jan-Erik Ekberg and Kari Kostiainen)
  • In the IEEE Security & Privacy Magazine. 12(4):29-37 (DOI Bookmark)
  • (abstract of invited talk), Financial Cryptography 2013, LNCS 2013, 293-294 (DOI Bookmark)

PeerShare: A System Secure Distribution of Sensitive Data Among Social Contacts (with Marcin Nagy and Jörg Ott)

CrowdShare: Secure Mobile Resource Sharing (with Alexandra Dimitrienko et al.)

Intuitive security policy configuration in mobile devices using context profiling (with Aditi Gupta, Markus Miettinen and Marcin Nagy)

Authenticated encryption primitives for size-constrained trusted computing (with Jan-Erik Ekberg and Alexandra Afanasyeva)

ACM DL Author-ize serviceIs this app safe?: a large scale study on application permissions and risk signals
Pern Hui Chia, Yusuke Yamamoto, N. Asokan
WWW '12 Proceedings of the 21st international conference on World Wide Web, 2012

ACM DL Author-ize serviceIdentity verification schemes for public transport ticketing with NFC phones
Sandeep Tamrakar, Jan-Erik Ekberg, N. Asokan
STC '11 Proceedings of the sixth ACM workshop on Scalable trusted computing, 2011

ACM DL Author-ize serviceCredential life cycle management in open credential platforms (short paper)
Kari Kostiainen, N. Asokan
STC '11 Proceedings of the sixth ACM workshop on Scalable trusted computing, 2011

Practical Property-Based Attestation on Mobile Devices. (with Kari Kostiainen and Jan-Erik Ekberg)
  • Proceedings of TRUST 2011 (DOI Bookmark), Pittsburgh, June 2011.

Towards User-Friendly Credential Transfer on Open Credential Platforms (with Kari Kostiainen and Alexandra Afanasyeva)
  • Proceedings of ACNS 2011 (DOI Bookmark), Nerja, Spain, June 2011.

Using context-profiling to aid access control decisions in mobile devices (with Aditi Gupta and Markus Miettinen)

Vibrate-to-unlock: Mobile phone assisted user authentication to multiple personal RFID tags (with Nitesh Saxena et al.)

ACM DL Author-ize serviceOld, new, borrowed, blue --: a perspective on the evolution of mobile platform security architectures
Kari Kostiainen, Elena Reshetova, Jan-Erik Ekberg, N. Asokan
CODASPY '11 Proceedings of the first ACM conference on Data and application security and privacy, 2011

ACM DL Author-ize serviceTowards security policy decisions based on context profiling
Markus Miettinen, N. Asokan
AISec '10 Proceedings of the 3rd ACM workshop on Artificial intelligence and security, 2010

ACM DL Author-ize serviceA closer look at recognition-based graphical passwords on mobile devices
Paul Dunphy, Andreas P. Heiner, N. Asokan
SOUPS '10 Proceedings of the Sixth Symposium on Usable Privacy and Security, 2010

Key Attestation from Trusted Execution Environments (with Kari Kostiainen, Alexandra Dmitrienko, Jan-Erik Ekberg and Ahmad-Reza Sadeghi)

Security associations for wireless devices (with Kaisa Nyberg)
  • In Stefanos Gritzalis, Tom Karygiannis, and Charalabos Skianis, editors, Security and Privacy in Mobile and Wireless Networking. Troubador Publishing Ltd, Leicester, UK, 2009. (pre-print at Aalto publications site)

External Authenticated Non-Volatile Memory with Lifecycle Management for State Protection in Trusted Computing (with Jan-Erik Ekberg)

Controlling Resource Hogs in Delay-Tolerant Networks (with John Solis, Kari Kostiainen, Philip Ginzboorg and Jörg Ott)

ACM DL Author-ize serviceOn-board credentials with open provisioning
Kari Kostiainen, Jan-Erik Ekberg, N. Asokan, Aarne Rantala
ASIACCS '09 Proceedings of the 4th International Symposium on Information, Computer, and Communications Security, 2009

Standards for security associations in personal networks: a comparative analysis (with Jani Suomalainen and Jukka Valkonen)
  • Interational Journal of Security in Networks 4(1/2): 87-100, 2009 (DOI bookmark)

ACM DL Author-ize serviceScheduling execution of credentials in constrained secure environments
Jan-Erik Ekberg, N. Asokan, Kari Kostiainen, Aarne Rantala
STC '08 Proceedings of the 3rd ACM workshop on Scalable trusted computing, 2008

Using Salience Differentials to Making Visual Cues Noticeable (with Andreas Heiner)

ACM DL Author-ize serviceSecure roaming with identity metasystems
Long Nguyen Hoang, Pekka Laitinen, N. Asokan
IDtrust '08 Proceedings of the 7th symposium on Identity and trust on the Internet, 2008

A Platform for OnBoard Credentials (with Jan-Erik Ekberg)

ACM DL Author-ize serviceBeyond secure channels
Yacine Gasmi, Ahmad-Reza Sadeghi, Patrick Stewin, Martin Unger, N. Asokan
STC '07 Proceedings of the 2007 ACM workshop on Scalable trusted computing, 2007

Enabling Fairer Digital Rights Management with Trusted Computing (with Ahmad-Reza Sadeghi, Christian Stüble, Marko Wolf and Jan-Erik Ekberg)

ACM DL Author-ize serviceSecure software installation in a mobile environment
Andreas P. Heiner, N. Asokan
SOUPS '07 Proceedings of the 3rd symposium on Usable privacy and security, 2007

ACM DL Author-ize serviceApplicability of identity-based cryptography for disruption-tolerant networking
N. Asokan, Kari Kostiainen, Philip Ginzboorg, Jörg Ott, Cheng Luo
MobiOpp '07 Proceedings of the 1st international MobiSys workshop on Mobile opportunistic networking, 2007

Security Associations in Personal Networks: A Comparative Analysis (with Jani Suomalainen and Jukka Valkonen)

Usability Analysis of Secure Pairing Methods (with Ersin Uzun and Kristiina Karvonen)

Ad Hoc Security Associations for Groups (with Jukka Valkonen and Kaisa Nyberg)
  • In the Proceedings of the Third European Workshop on Security and Privacy in Ad hoc and Sensor Networks, Hamburg, Germany, September 2006. Volume 4357 of Lecture Notes in Computer Science, Springer. (available in Springerlink.)

Secure Device Pairing based on a Visual Channel (with Nitesh Saxena, Jan-Erik Ekberg and Kari Kostiainen)

Efficient Mutual Data Authentication Using Manually Authenticated Strings (with Sven Laur and Kaisa Nyberg)

Remote storage for mobile devices (with Jarkko Tolvanen, Jaakko Lipasti and Tapio Suihko)

Visitor management in Personal wireless networks (with Seamus Moloney, Philip Ginzboorg, and Kari Kostiainen)

Extending Cellular Authentication as a Service (with Pekka Laitinen et al.)

Issues in Initializing Security

On the usefulness of proof-of-possession (with Valtteri Niemi and Pekka Laitinen)

Man-in-the-middle in tunneled authentication protocols (with Kaisa Nyberg and Valtteri Niemi)

Defining authorization domains using virtual devices (with Sampo Sovio and Kaisa Nyberg)
  • In the Proceedings of the 2003 Symposium on Applications and the Internet Workshops (SAINT'03 Workshops), 2003. Available at IEEExplore

ACM DL Author-ize serviceSecuring ad hoc routing protocols
Manel Guerrero Zapata, N. Asokan
WiSE '02 Proceedings of the 1st ACM workshop on Wireless security, 2002

Secure Vickrey Auctions without Threshold Trust. (with Helger Lipmaa and Valtteri Niemi).
  • In Financial Cryptography 2002, Lecture Notes in Computer Science, Volume 2357, pages 87-101, 2002. Springer-Verlag.

Authentication and key generation for mobile IP using GSM authentication and roaming (with Henry Haverinen and Tuomas Määttänen)
  • In Proceedings of the 2001 IEEE International Conference on Communications (ICC 2001), Helsinki, Finland. Pages 2453-2457, vol. 8. Available at IEEExplore

SEMPER - Secure Electronic Marketplace for Europe (edited by Gerard Lacoste et al), Springer, Lecture Notes in Computer Science 1854, 2000
  • Architecture -- Chapter 6 (with Birgit Baum-Waidner et al)
  • The Payment Framework -- Chapter 11 (with Michael Steiner)

Key Agreement in Ad-hoc Networks (with Philip Ginzboorg)
  • in Computer Communications Review, 23(17):1627-1637, November 2000. (DOI Bookmark)
  • A preliminary version was presented at the Nordsec '99 workshop in Nov. 1999. But there is no formal proceedings.

Authenticating Public Terminals (with Michael Steiner, Hervé Debar, and Michael Waidner)
  • Computer Networks and ISDN Systems, 31(8):861-870, May 1999. (DOI Bookmark)

Towards a Framework for Handling Disputes in Payment Systems (with Michael Steiner and Els van Herreweghen)

Protecting the Computation Results of Free-roaming Agents (with Ceki Gülcü and Günter Karjoth)
  • Proceedings of the Second International Workshop on Mobile Agents (MA '98), LNCS 1477, pp. 195-207, Sep. 1998. (DOI Bookmark)
  • Personal Technologies, 2(2):92-99, Dec. 1998. (DOI Bookmark)

Fairness in Electronic Commerce

More on Optimistic Fair Exchange (with Victor Shoup and Michael Waidner)
  • A detailed report, Optimistic Fair Exchange of Digital Signatures, describing the use of verifiable encryption in fair exchange protocols is available as IBM Research Report RZ 2973, Nov. 1997. An extended abstract with the same title appears in the proceedings of Eurocrypt '98. LNCS 1403, pp. 591-606.
  • A detailed report, Asynchronous Protocols for Optimistic Fair Exchange, describing an improved fair exchange protocol is available as IBM Research Report RZ 2976, Nov. 1997. An extended abstract with the same title appears in the Proceedings of the 1998 IEEE Symposium on Security and Privacy, pp. 86-99 (DOI Bookmark).
  • The jounal version appeared in the IEEE Journal on Selected Areas in Communications, 18(4):593-610, April 2000 (DOI Bookmark). The pre-print version is here.

Design of a Generic Payment Service (with Jose Abad-Peiro, Michael Steiner, and Michael Waidner)

Electronic Payment Systems (with Phil Janson, Michael Steiner, and Michael Waidner)
  • IBM Research Report RZ 2890, Dec. 1996.
  • An edited version appeared in the IEEE Computer Magazine, Sep. 1997, 30(9):28-35.
  • A Japanese translation appeared in Nikkei Computer, pp. 195-201, issue of March 30, 1998.
  • An updated version appeared as a chapter in volume 53 of the series Advances in Computers published in 2000. (this is the final version submitted for publication.)

ACM DL Author-ize serviceOptimistic protocols for fair exchange
N. Asokan, Matthias Schunter, Michael Waidner
CCS '97 Proceedings of the 4th ACM conference on Computer and communications security, 1997

Server-Supported Signatures (with Gene Tsudik and Michael Waidner)
  • Proceedings of the Fourth European Symposium on Research in Computer Security (ESORICS), LNCS 1146, pp. 131-143. Springer-Verlag, Sep. 1996. (DOI Bookmark)
  • A slightly extended version appeared in the Journal of Computer Security, 5(1), pp 91-108, 1997.

ACM DL Author-ize serviceUntraceability in mobile networks
Didier Samfat, Refik Molva, N. Asokan
MobiCom '95 Proceedings of the 1st annual international conference on Mobile computing and networking, 1995

Security Issues in Mobile Computing
  • CS 690B - Research Proposal, April 1995.

Anonymity in a Mobile Computing Environment
  • Proceedings of the Workshop on Mobile Computing Systems and Applications, Santa Cruz, Dec. 1994. (DOI Bookmark)

In a previous life...

Parallel Algorithms for Constructing the Convex Hull in 2-Dimensions.
  • Term Paper for the Computational Geometry course, Summer 1990 (for Prof. Anna Lubiw).
A Neural Network Simulator for the Connection Machine. (with Ravi Shankar et al)
A Parallel Free-text Search System with Indexing. (with Ophir Frieder and Sanjay Ranka)
A Parallel Implementation of the Hough Transform Method. (with Ravi Shankar)
  • Term Paper for the Parallel Programming course, Fall 1988 (for Prof. E. E. Sibert).
  • Proceedings of the 32nd Midwest Symposium on Circuits and Systems, Page(s): 321 -324 vol.1, Urbana-Champaign, August 1989. (DOI Bookmark)

Last modified: Sat, 05 Nov 2016 16:21:52 +0200