More lists of publications from
I am primarily interested in all aspects
of security in distributed systems. I have been working on applying
cryptographic techniques in building secure protocols to solve various
problems in distributed systems. Recently, I have also been
investigating the use of Trusted Computing technologies for securing
endnodes, and ways to make secure systems usable.
List of publications
The documents distributed from this page have been provided as a means to ensure timely dissemination of
scholarly and technical work on a noncommercial basis. Copyright and
all rights therein are maintained by the authors or by other copyright
holders, notwithstanding that they have offered their works here
electronically. It is understood that all persons copying this
information will adhere to the terms and constraints invoked by each
author's copyright. These works may not be reposted without the
explicit permission of the copyright holder.
Off-the-Hook: An Efficient and Usable Client-Side Phishing Prevention Application (with Samuel Marchal et al.)
(to appear) IEEE Transactions on Computers, 2017 ( DOI Bookmark)
Private set intersection for unequal set sizes with mobile applications (with Ágnes Kiss et al.)
(to appear) Proceedings on Privacy Enhancing Technologies (PoPETs), 2017(4):97-117
PETS 2017 Symposium, Minnesota, US, July 2017
IACR ePrint 2017/60
Ethics in Information Security
Editorial, IEEE Security & Privacy, 15(3):3-4, June 2017, ( DOI Bookmark)
Profiling Users by Modeling Web Transactions (with Radek Tomšů and Samuel Marchal)
IoT SENTINEL: Automated Device-Type Identification for Security Enforcement in IoT (with Markus Miettinen et al.)
STASH: Securing Transparent Authentication Schemes Using Prover-Side Proximity Verification (with Mika Juuti et al.)
SELint: An SEAndroid Policy Analysis Tool (with Elena Reshetova and Filippo Bonazzi)
Know Your Phish: Novel Techniques for Detecting Phishing Sites and Their Targets (with Samuel Marchal, Kalle Saari and Nidhi Singh)
Real-Time Client-Side Phishing Prevention Add-On (with Giovanni Armano and Samuel Marchal)
Characterizing SEAndroid Policies in the Wild (with Elena Reshetova, Filippo Bonazzi, Thomas Nyman and Ravishankar Borgaonkar)
On improving tie strength estimates by aggregating multiple communication channels (with Narges Yousefnezhad and Marcin Nagy)
Pitfalls in Designing Zero-Effort Deauthentication: Opportunistic Human Observation Attacks. (with Otto Huhta, Swapnil Udar, Mika Juuti, Prakash Shrestha and Nitesh Saxena)
Practical Attacks Against Privacy and Availability in 4G/LTE Mobile Communication Systems (with Altaf Shaik, Jean-Pierre Seifert, Ravishankar Borgaonkar, and Valtteri Niemi)
LookAhead: Augmenting Crowdsourced Website Reputation Systems with Predictive Modeling (with Sourav Bhattacharya and Otto Huhta)
On Making Emerging Trusted Execution Environments Accessible to Developers (with Thomas Nyman and Brian McGillion)
Using contextual co-presence to strengthen Zero-Interaction Authentication: Design, integration and usability (with Hien Truong et al)
in Pervasive and Mobile Computing 16(B):187-204, 2015 ( DOI Bookmark)
Mobile Trusted Computing (with Jan-Erik Ekberg et al)
Proceedings of the IEEE 102(8): 1189-1206 (2014) ( DOI Bookmark)
Security of OS-Level Virtualization Technologies (with Elena Reshetova et al)
Best paper award
Comparing and Fusing Different Sensor Modalities for Relay
Attack Resistance in Zero-Interaction Authentication (with Hien
Truong et al)
Drone to the Rescue: Relay-Resilient Authentication using
Ambient Multi-Sensing (with Babins Shrestha, Nitesh
Saxena and Hien Truong)
The Company You Keep: Mobile Malware Infection Rates and
Inexpensive Risk Indicators (with Hien Truong et al)
The Untapped Potential of Trusted Execution Environments on
(with Jan-Erik Ekberg and Kari Kostiainen)
In the IEEE Security & Privacy
Magazine. 12(4):29-37 ( DOI
(abstract of invited talk), Financial Cryptography 2013, LNCS
293-294 ( DOI Bookmark)
PeerShare: A System Secure Distribution of Sensitive Data
Among Social Contacts (with Marcin Nagy and Jörg Ott)
CrowdShare: Secure Mobile Resource Sharing (with Alexandra Dimitrienko et al.)
Intuitive security policy configuration in mobile devices
using context profiling (with Aditi Gupta, Markus Miettinen
and Marcin Nagy)
Authenticated encryption primitives for size-constrained
trusted computing (with Jan-Erik Ekberg and Alexandra Afanasyeva)
Practical Property-Based Attestation on Mobile Devices.
(with Kari Kostiainen and Jan-Erik Ekberg)
Proceedings of TRUST 2011
Bookmark), Pittsburgh, June 2011.
Towards User-Friendly Credential Transfer on Open Credential
Platforms (with Kari Kostiainen and Alexandra Afanasyeva)
Proceedings of ACNS 2011
Bookmark), Nerja, Spain, June 2011.
Using context-profiling to aid access control decisions in
mobile devices (with Aditi Gupta and Markus Miettinen)
Vibrate-to-unlock: Mobile phone assisted user authentication
to multiple personal RFID tags (with Nitesh Saxena
Key Attestation from Trusted Execution Environments (with
Alexandra Dmitrienko, Jan-Erik Ekberg and Ahmad-Reza Sadeghi)
Security associations for wireless devices (with Kaisa
In Stefanos Gritzalis, Tom Karygiannis, and Charalabos Skianis,
editors, Security and Privacy in Mobile and Wireless
Networking. Troubador Publishing Ltd, Leicester, UK,
at Aalto publications site)
External Authenticated Non-Volatile Memory with Lifecycle Management for State Protection in Trusted Computing (with Jan-Erik Ekberg)
Controlling Resource Hogs in Delay-Tolerant Networks (with
John Solis, Kari Kostiainen, Philip Ginzboorg and Jörg Ott)
Standards for security associations in personal networks: a comparative
analysis (with Jani Suomalainen and Jukka Valkonen)
Interational Journal of Security in Networks 4(1/2): 87-100, 2009
( DOI bookmark)
Using Salience Differentials to Making Visual Cues
Noticeable (with Andreas Heiner)
A Platform for OnBoard Credentials (with Jan-Erik Ekberg)
Enabling Fairer Digital Rights Management with Trusted
Christian Stüble, Marko
Wolf and Jan-Erik Ekberg)
Security Associations in Personal Networks: A
Comparative Analysis (with Jani Suomalainen and Jukka
Usability Analysis of Secure Pairing Methods (with
Ersin Uzun and Kristiina Karvonen)
Ad Hoc Security Associations for Groups (with Jukka
Valkonen and Kaisa Nyberg)
In the Proceedings of the
Third European Workshop on Security and Privacy in Ad hoc and Sensor
Networks, Hamburg, Germany, September 2006. Volume 4357 of
Lecture Notes in Computer Science,
Springer. (available in Springerlink.)
Secure Device Pairing based on a Visual Channel (with Nitesh Saxena,
Jan-Erik Ekberg and Kari Kostiainen)
Efficient Mutual Data Authentication Using Manually
Authenticated Strings (with Sven Laur and Kaisa Nyberg)
(with Jarkko Tolvanen, Jaakko
Lipasti and Tapio Suihko)
Remote storage for mobile devices
Visitor management in Personal wireless networks (with Seamus
Moloney, Philip Ginzboorg, and Kari Kostiainen)
Laitinen et al.) Extending
Cellular Authentication as a Service
Issues in Initializing Security
On the usefulness of proof-of-possession (with Valtteri
Niemi and Pekka Laitinen)
(with Man-in-the-middle in tunneled
authentication protocols Kaisa Nyberg and Valtteri Niemi)
(with Sampo Sovio and Defining authorization domains using virtual devices Kaisa Nyberg)
In the Proceedings of the 2003 Symposium on
Applications and the Internet Workshops (SAINT'03
Workshops), 2003. Available at IEEExplore
(with Secure Vickrey Auctions without Threshold Trust. Helger Lipmaa and Valtteri Niemi).
In Financial Cryptography 2002, Lecture Notes in Computer
Science, Volume 2357, pages 87-101, 2002. Springer-Verlag.
Authentication and key generation for mobile IP using
GSM authentication and roaming (with Henry Haverinen
and Tuomas Määttänen)
In Proceedings of the 2001 IEEE International Conference
on Communications (ICC 2001), Helsinki, Finland. Pages
2453-2457, vol. 8.
Available at IEEExplore
SEMPER - Secure Electronic Marketplace for Europe
(edited by Gerard Lacoste et al), Springer, Lecture Notes in
Computer Science 1854, 2000
Architecture -- Chapter 6 (with Birgit
Baum-Waidner et al)
The Payment Framework -- Chapter 11 (with
(with Philip Ginzboorg)
Key Agreement in Ad-hoc Networks
Communications Review, 23(17):1627-1637, November 2000.
( DOI Bookmark)
A preliminary version was presented at the Nordsec '99 workshop in Nov. 1999. But there is
no formal proceedings.
Authenticating Public Terminals
Networks and ISDN Systems, 31(8):861-870, May 1999.
( DOI Bookmark)
Towards a Framework for Handling Disputes in Payment Systems
(with Michael Steiner and Els
Protecting the Computation Results of Free-roaming Agents
(with Ceki Gülcü and Günter Karjoth)
Proceedings of the Second International Workshop
on Mobile Agents (MA '98), LNCS 1477,
Sep. 1998. ( DOI Bookmark)
Personal Technologies, 2(2):92-99,
( DOI Bookmark)
Fairness in Electronic Commerce
More on Optimistic Fair Exchange (with Victor Shoup and
A detailed report, Optimistic Fair Exchange of
Digital Signatures, describing the use of verifiable
encryption in fair exchange protocols is available as , Nov. 1997.
An IBM Research Report RZ 2973 extended abstract with the same title appears in the proceedings of Eurocrypt '98. LNCS 1403, pp. 591-606.
A detailed report, Asynchronous Protocols for
Optimistic Fair Exchange, describing an improved fair
exchange protocol is available as , Nov. 1997.
An IBM Research Report RZ 2976 extended
abstract with the same title appears in
the Proceedings of the 1998 IEEE Symposium on Security
and Privacy, pp. 86-99 ( DOI Bookmark).
The jounal version appeared in
the IEEE Journal on Selected Areas in
Communications, 18(4):593-610, April 2000
( DOI Bookmark). The
pre-print version is here.
Design of a Generic Payment Service
(with Jose Abad-Peiro, Michael
Steiner, and Michael Waidner)
(with Electronic Payment Systems
Phil Janson, Michael
Steiner, and Michael Waidner)
IBM Research Report RZ 2890, Dec. 1996.
An edited version appeared in the IEEE Computer Magazine,
Sep. 1997, 30(9):28-35.
A Japanese translation appeared in Nikkei Computer,
pp. 195-201, issue of March 30, 1998.
An updated version appeared as a chapter in volume 53 of the series Advances in Computers published in 2000. ( this is the final version submitted for publication.)
(with Server-Supported Signatures
Gene Tsudik and Michael Waidner)
Proceedings of the Fourth European Symposium on
Research in Computer Security (ESORICS), LNCS 1146, pp.
Sep. 1996. ( DOI Bookmark)
extended version appeared in the Journal of Computer Security, 5(1), pp 91-108, 1997.
Security Issues in Mobile Computing
CS 690B - Research Proposal, April 1995.
Anonymity in a Mobile Computing Environment
Proceedings of the Workshop on Mobile Computing
Systems and Applications, Santa Cruz,
Dec. 1994. ( DOI
In a previous life...
Parallel Algorithms for Constructing the Convex Hull in 2-Dimensions.
Term Paper for the Computational Geometry course, Summer 1990
(for Prof. Anna Lubiw).
A Neural Network Simulator for the Connection Machine.
(with Ravi Shankar et al)
A Parallel Free-text Search System with Indexing.
(with Ophir Frieder and Sanjay Ranka)
A Parallel Implementation of the Hough Transform Method. (with Ravi Shankar)
Term Paper for the Parallel Programming course, Fall 1988
(for Prof. E. E. Sibert).
Proceedings of the 32nd Midwest Symposium on Circuits
and Systems, Page(s): 321 -324 vol.1,
1989. ( DOI Bookmark)
Last modified: Thu, 12 Oct 2017 21:40:14 +0300