Published:
Recommended citation: M. Backendal, M. Haller, K. G. Paterson, "End-to-End Encrypted Cloud Storage" to appear in IEEE Security & Privacy, vol. 22, no. 2, March.-April. 2024, doi: 10.1109/MSEC.2024.3352788 https://ieeexplore.ieee.org/abstract/document/10488835
Published:
Recommended citation: Ivan Puddu*, Moritz Schneider, Miro Haller, Srdjan Čapkun. (2021). "Frontal Attack: Leaking Control-Flow in SGX via the CPU Frontend" USENIX Security 2021. https://www.usenix.org/system/files/sec21-puddu.pdf
Published:
Recommended citation: Matilda Backendal, Miro Haller* and Kenneth G. Paterson. (2023). "MEGA: Malleable Encryption Goes Awry" IEEE S&P 2023.
Published:
Recommended citation: Martin R. Albrecht, Miro Haller, Lenka Mareková*, Kenneth G. Paterson. (2023). "Caveat Implementor! Key Recovery Attacks on MEGA" Eurocrypt 2023. https://link.springer.com/chapter/10.1007/978-3-031-30589-4_7
Published:
Recommended citation: Alexander Viand*, Patrick Jattke, Miro Haller, Anwar Hithnawi. (2023). "HECO: Fully Homomorphic Encryption Compiler" USENIX Security 2023. https://www.usenix.org/conference/usenixsecurity23/presentation/viand
Published:
Recommended citation: Alex Bellon, Miro Haller*, Andrey Labunets, Enze Liu, and Stefan Savage. 2024. "An Empirical Analysis on the Use and Reporting of National Security Letters." preprint https://computersciencelaw.org/2024/accepted-papers/
Published:
Recommended citation: Sharon Goldberg, Miro Haller, Nadia Heninger, Mike Milano, Dan Shumow, Marc Stevens, Adam Suhl. 2024. "RADIUS/UDP considered harmful". to appear at USENIX 2024
Published:
Recommended citation: Matteo Scarlata*, Matilda Backendal, Miro Haller. 2024. "MFKDF: Multiple Factors Knocked Down Flat". to appear at USENIX 2024
Published:
Recommended citation: Matilda Backendal*, Hannah Davis, Felix Günther, Miro Haller*, Kenneth G. Paterson. 2024. "A Formal Treatment of End-to-End Encrypted Cloud Storage". to appear at Crypto 2024
Published:
This talk briefly summarizes our improvements on time measurements inside SGX enclaves. It discusses our discovery of the “Poor man’s CMOV” phenomenon, which later led to the USENIX Security paper on the Frontal Attack.
Published:
This talks presents the results of applying cache side-channels to contemporary hardware and investigating AES lookup tables, AES key scheduling, and Argon2. The slides give a brief overview of the content described in this blog post
Published:
This talk discusses my experience as team coach of the Swiss National Hacking Team and preparing it for the European Cyber Security Challenge 2021.
Published:
We discuss leasons learnt from breaking MEGA for why end-to-end encrypted cloud storage is hard to design.
Published:
In this talk, I present five attacks on the user-controlled end-to-end security MEGA. Our attacks show that a malicious provider can break authentication and compromise file confidentiality and integrity.
Published:
In this guest lecture in the applied cryptography course CSE 207b at UCSD, I formalize key overwriting attacks.
Published:
I was fortunate to be hosted by Henry Corrigan-Gibbs and held this talk at MIT CSAIL.
Published:
Matilda Backendal and I were invited to give this talk at the NIST CRClub on where the gap between theory and practice occurs.
Published:
This talk presents multiple attacks against the Multi-Factor Key Derivation Function, a novel cryptographic primitive that was presented at USENIX’23.
Published:
The Blast-RADIUS attack allows an MITM attacker to authenticate to any device that uses RADIUS over UDP, which includes the vast majority of network routers and other network gear in enterprise infrastructure.
Published:
We present a formal syntax and security notions for end-to-end encrypted cloud storage and design the first, provably secure protocol for this widespread application.