Posts by Collection

End-to-End Encrypted Cloud Storage

Published: March 19, 2024

Recommended citation: M. Backendal, M. Haller, K. G. Paterson, "End-to-End Encrypted Cloud Storage" IEEE Security & Privacy Magazine https://ieeexplore.ieee.org/abstract/document/10488835

Frontal Attack: Leaking Control-​Flow in SGX via the CPU Frontend

Published: August 01, 2021

Recommended citation: Ivan Puddu*, Moritz Schneider, Miro Haller, Srdjan Čapkun. (2021). "Frontal Attack: Leaking Control-​Flow in SGX via the CPU Frontend". USENIX Security 2021. https://www.usenix.org/system/files/sec21-puddu.pdf

MEGA: Malleable Encryption Goes Awry

Published: July 01, 2022

Recommended citation: Matilda Backendal, Miro Haller* and Kenneth G. Paterson. (2023). "MEGA: Malleable Encryption Goes Awry". IEEE S&P 2023.

Published: May 01, 2023

Recommended citation: Martin R. Albrecht, Miro Haller, Lenka Mareková*, Kenneth G. Paterson. (2023). "Caveat Implementor! Key Recovery Attacks on MEGA". Eurocrypt 2023. https://link.springer.com/chapter/10.1007/978-3-031-30589-4_7

HECO: Fully Homomorphic Encryption Compiler

Published: August 05, 2023

Recommended citation: Alexander Viand*, Patrick Jattke, Miro Haller, Anwar Hithnawi. (2023). "HECO: Fully Homomorphic Encryption Compiler". USENIX Security 2023. https://www.usenix.org/conference/usenixsecurity23/presentation/viand

An Empirical Analysis on the Use and Reporting of National Security Letters

Published: March 05, 2024

Recommended citation: Alex Bellon, Miro Haller*, Andrey Labunets, Enze Liu, and Stefan Savage. (2025). "An Empirical Analysis on the Use and Reporting of National Security Letters". CSLAW 2025 https://computersciencelaw.org/2022/accepted-papers/

RADIUS/UDP considered harmful

Published: July 09, 2024

Recommended citation: Sharon Goldberg, Miro Haller*, Nadia Heninger*, Mike Milano, Dan Shumow, Marc Stevens, Adam Suhl*. (2024). "RADIUS/UDP considered harmful". USENIX Security 2024 https://www.usenix.org/system/files/usenixsecurity24-goldberg.pdf

MFKDF: Multiple Factors Knocked Down Flat

Published: August 14, 2024

Recommended citation: Matteo Scarlata*, Matilda Backendal, Miro Haller. (2024). "MFKDF: Multiple Factors Knocked Down Flat". USENIX Security 2024 https://www.usenix.org/system/files/usenixsecurity24-scarlata.pdf

A Formal Treatment of End-to-End Encrypted Cloud Storage

Published: August 18, 2024

Recommended citation: Matilda Backendal*, Hannah Davis, Felix Günther, Miro Haller*, Kenneth G. Paterson. (2024). "A Formal Treatment of End-to-End Encrypted Cloud Storage". Crypto 2024 https://link.springer.com/chapter/10.1007/978-3-031-68379-4_2

Group Key Progression: Strong Security for Shared Persistent Data

Published: June 03, 2025

Recommended citation: Matilda Backendal, David Balbás, and Miro Haller. (2025). "Group Key Progression: Strong Security for Shared Persistent Data". preprint

No Key, No Problem: Vulnerabilities in Master Lock Smart Locks

Published: August 11, 2025

Recommended citation: Chengsong Diao*, Danielle Dang, Sierra Lira, Angela Tsai, Miro Haller, and Nadia Heninger (2025). "No Key, No Problem: Vulnerabilities in Master Lock Smart Locks". USENIX WOOT 2025. https://www.usenix.org/system/files/woot25-diao.pdf

SGX Accurate Time Measurements

Published: June 06, 2019

This talk briefly summarizes our improvements on time measurements inside SGX enclaves. It discusses our discovery of the “Poor man’s CMOV” phenomenon, which later led to the USENIX Security paper on the Frontal Attack.

Revisiting Microarchitectural Side-Channels

Published: June 01, 2020

This talks presents the results of applying cache side-channels to contemporary hardware and investigating AES lookup tables, AES key scheduling, and Argon2. The slides give a brief overview of the content described in this blog post

Climbing the Hacking /mnt/ain

Published: October 12, 2021

This talk discusses my experience as team coach of the Swiss National Hacking Team and preparing it for the European Cyber Security Challenge 2021.

Why E2EE Cloud Storage is hard - Challenges, Attacks and Best Practices

Published: March 27, 2023

We discuss leasons learnt from breaking MEGA for why end-to-end encrypted cloud storage is hard to design.

MEGA: Malleable Encryption Goes Awry

Published: May 25, 2023

In this talk, I present five attacks on the user-controlled end-to-end security MEGA. Our attacks show that a malicious provider can break authentication and compromise file confidentiality and integrity.

Key Overwriting Attacks

Published: November 30, 2023

There are two variants of this talk.

An Empirical Analysis on the Use and Reporting of National Security Letters

Published: March 12, 2024

We investigate the effectiveness of existing transparency mechnisms used for National Security Letters by aggregating and analyzing public information about them that is released by various sources.

Thriving in between theory and practice: How applied cryptography bridges the gap

Published: April 03, 2024

Abstract

Our abstract from the talk announcement:

MFKDF: Multiple Factors Knocked Down Flat

Published: June 05, 2024

This talk presents multiple attacks against the Multi-Factor Key Derivation Function, a novel cryptographic primitive that was presented at USENIX’23.

Blast-RADIUS: Breaking Enterprise Authentication

Published: July 26, 2024

The Blast-RADIUS attack allows an MITM attacker to authenticate to any device that uses RADIUS over UDP, which includes the vast majority of network routers and other network gear in enterprise infrastructure.

A Formal Treatment of End-to-End Encrypted Cloud Storage

Published: August 21, 2024

Paper