default search action
Google
Google Scholar
Semantic Scholar
Internet Archive Scholar
CiteSeerX
ORCIDPaul C. van Oorschot
Person information
- affiliation: Carleton University, Ottawa, Canada
Refine list
refinements active!
zoomed in on ?? of ?? records
view refined list in
export refined list as
showing all ?? records
2020 – today
- 2024
[j71]Srivathsan G. Morkonda
, Sonia Chiasson, Paul C. van Oorschot:
Influences of displaying permission-related information on web single sign-on login decisions. Comput. Secur. 139: 103666 (2024)- [j70]Frank Piessens, Paul C. van Oorschot:
Side-Channel Attacks: A Short Tour. IEEE Secur. Priv. 22(2): 75-80 (2024) - [c104]Feng Hao, Samiran Bag, Liqun Chen, Paul C. van Oorschot:
Owl: An Augmented Password-Authenticated Key Exchange Scheme. FC (2) 2024: 227-244 - [i20]Ali Sadeghi Jahromi, AbdelRahman Abdou, Paul C. van Oorschot:
DNSSEC+: An Enhanced DNS Scheme Motivated by Benefits and Pitfalls of DNSSEC. CoRR abs/2408.00968 (2024) - 2023
- [j69]Christopher Bellman, Paul C. van Oorschot:
Systematic analysis and comparison of security advice as datasets. Comput. Secur. 124: 102989 (2023) - [j68]Xavier de Carné de Carnavalet, Paul C. van Oorschot:
A Survey and Analysis of TLS Interception Mechanisms and Motivations: Exploring how end-to-end TLS is made "end-to-me" for web traffic. ACM Comput. Surv. 55(13s): 269:1-269:40 (2023) - [j67]David Barrera, Christopher Bellman, Paul C. van Oorschot:
A close look at a systematic method for analyzing sets of security advice. J. Cybersecur. 9(1) (2023) - [j66]Paul C. van Oorschot:
Memory Errors and Memory Safety: C as a Case Study. IEEE Secur. Priv. 21(2): 70-76 (2023) - [j65]Paul C. van Oorschot:
Memory Errors and Memory Safety: A Look at Java and Rust. IEEE Secur. Priv. 21(3): 62-68 (2023) - [j64]David Barrera, Christopher Bellman, Paul C. van Oorschot:
Security Best Practices: A Critical Analysis Using IoT as a Case Study. ACM Trans. Priv. Secur. 26(2): 13:1-13:30 (2023) - [i19]Srivathsan G. Morkonda, Sonia Chiasson, Paul C. van Oorschot:
Influences of Displaying Permission-related Information on Web Single Sign-On Login Decisions. CoRR abs/2308.13074 (2023) - [i18]Feng Hao, Samiran Bag, Liqun Chen, Paul C. van Oorschot:
Owl: An Augmented Password-Authenticated Key Exchange Scheme. IACR Cryptol. ePrint Arch. 2023: 768 (2023) - 2022
- [j63]Paul C. van Oorschot:
A View of Security as 20 Subject Areas in Four Themes. IEEE Secur. Priv. 20(1): 102-108 (2022) - [j62]Paul C. van Oorschot:
Security as an Artificial Science, System Administration, and Tools. IEEE Secur. Priv. 20(6): 74-78 (2022) - [c103]Feng Hao, Paul C. van Oorschot:
SoK: Password-Authenticated Key Exchange - Theory, Practice, Standardization and Real-World Lessons. AsiaCCS 2022: 697-711 - [p1]Paul C. van Oorschot:
Public Key Cryptography's Impact on Society: How Diffie and Hellman Changed the World. Democratizing Cryptography 2022: 19-56 - [i17]Christopher Bellman, Paul C. van Oorschot:
Systematic Analysis and Comparison of Security Advice Datasets. CoRR abs/2206.09237 (2022) - [i16]David Barrera, Christopher Bellman, Paul C. van Oorschot:
Security Best Practices: A Critical Analysis Using IoT as a Case Study. CoRR abs/2209.01285 (2022) - [i15]Srivathsan G. Morkonda, Sonia Chiasson, Paul C. van Oorschot:
SSOPrivateEye: Timely Disclosure of Single Sign-On Privacy Design Differences. CoRR abs/2209.04490 (2022) - [i14]David Barrera, Christopher Bellman, Paul C. van Oorschot:
A Close Look at a Systematic Method for Analyzing Sets of Security Advice. CoRR abs/2209.04502 (2022) - 2021
- [b3]Paul C. van Oorschot:
Computer Security and the Internet - Tools and Jewels from Malware to Bitcoin, Second Edition. Information Security and Cryptography, Springer 2021, ISBN 978-3-030-83410-4, pp. 1-409 - [j61]Furkan Alaca, Paul C. van Oorschot:
Comparative Analysis and Framework Evaluating Web Single Sign-on Systems. ACM Comput. Surv. 53(5): 112:1-112:34 (2021) - [j60]Paul C. van Oorschot:
Toward Unseating the Unsafe C Programming Language. IEEE Secur. Priv. 19(2): 4-6 (2021) - [j59]Paul C. van Oorschot:
Coevolution of Security's Body of Knowledge and Curricula. IEEE Secur. Priv. 19(5): 83-89 (2021) - [j58]Furkan Alaca, AbdelRahman Abdou, Paul C. van Oorschot:
Comparative Analysis and Framework Evaluating Mimicry-Resistant and Invisible Web Authentication Schemes. IEEE Trans. Dependable Secur. Comput. 18(2): 534-549 (2021) - [c102]Jeremy Clark, Paul C. van Oorschot, Scott Ruoti, Kent E. Seamons, Daniel Zappala:
SoK: Securing Email - A Stakeholder-Based Analysis. Financial Cryptography (1) 2021: 360-390 - [c101]Srivathsan G. Morkonda, Sonia Chiasson, Paul C. van Oorschot:
Empirical Analysis and Privacy Implications in OAuth-based Single Sign-On Systems. WPES@CCS 2021: 195-208 - [i13]Srivathsan G. Morkonda, Paul C. van Oorschot, Sonia Chiasson:
Exploring Privacy Implications in OAuth Deployments. CoRR abs/2103.02579 (2021) - [i12]Feng Hao, Paul C. van Oorschot:
SoK: Password-Authenticated Key Exchange - Theory, Practice, Standardization and Real-World Lessons. IACR Cryptol. ePrint Arch. 2021: 1492 (2021) - 2020
- [b2]Paul C. van Oorschot:
Computer Security and the Internet - Tools and Jewels. Information Security and Cryptography, Springer 2020, ISBN 978-3-030-33648-6, pp. 1-338 - [j57]Paul C. van Oorschot:
Untangling Security and Privacy. IEEE Secur. Priv. 18(2): 4-6 (2020) - [j56]Paul C. van Oorschot:
Blockchains and Stealth Tactics for Teaching Security. IEEE Secur. Priv. 18(5): 3-5 (2020) - [c100]Stephanos Matsumoto, Jay Bosamiya, Yucheng Dai, Paul C. van Oorschot, Bryan Parno:
CAPS: Smoothly Transitioning to a More Resilient Web PKI. ACSAC 2020: 655-668 - [i11]Christopher Bellman, Paul C. van Oorschot:
Best Practices for IoT Security: What Does That Even Mean? CoRR abs/2004.12179 (2020) - [i10]Xavier de Carné de Carnavalet, Paul C. van Oorschot:
A survey and analysis of TLS interception mechanisms and motivations. CoRR abs/2010.16388 (2020)
2010 – 2019
- 2019
- [j55]Paul C. van Oorschot:
Software Security and Systematizing Knowledge. IEEE Secur. Priv. 17(3): 4-6 (2019) - [j54]Paul C. van Oorschot, Sean W. Smith:
The Internet of Things: Security Challenges. IEEE Secur. Priv. 17(5): 7-9 (2019) - [c99]Christopher Bellman, Paul C. van Oorschot:
Analysis, Implications, and Challenges of an Evolving Consumer IoT Security Landscape. PST 2019: 1-7 - [c98]Hemant Gupta, Paul C. van Oorschot:
Onboarding and Software Update Architecture for IoT Devices. PST 2019: 1-11 - [i9]AbdelRahman Abdou, Paul C. van Oorschot:
Secure Client and Server Geolocation Over the Internet. CoRR abs/1906.11288 (2019) - 2018
- [j53]AbdelRahman Abdou, Paul C. van Oorschot, Tao Wan:
Comparative Analysis of Control Plane Security of SDN and Conventional Networks. IEEE Commun. Surv. Tutorials 20(4): 3542-3559 (2018) - [j52]Cormac Herley, Paul C. van Oorschot:
Science of Security: Combining Theory and Measurement to Reflect the Observable. IEEE Secur. Priv. 16(1): 12-22 (2018) - [j51]John D. McLean, Cormac Herley, Paul C. van Oorschot:
Letter to the Editor. IEEE Secur. Priv. 16(3): 6-10 (2018) - [j50]AbdelRahman Abdou, Paul C. van Oorschot:
Server Location Verification (SLV) and Server Location Pinning: Augmenting TLS Authentication. ACM Trans. Priv. Secur. 21(1): 1:1-1:26 (2018) - [j49]AbdelRahman Abdou, Paul C. van Oorschot:
Secure Client and Server Geolocation over the Internet. login Usenix Mag. 43(1) (2018) - [c97]Kevin R. B. Butler, Robert K. Cunningham, Paul C. van Oorschot, Reihaneh Safavi-Naini, Ashraf Matrawy, Jeremy Clark:
A Discussion on Security Education in Academia. CCS 2018: 2187-2188 - [c96]Toby C. Murray, Paul C. van Oorschot:
BP: Formal Proofs, the Fine Print and Side Effects. SecDev 2018: 1-10 - [i8]Jeremy Clark, Paul C. van Oorschot, Scott Ruoti, Kent E. Seamons, Daniel Zappala:
Securing Email. CoRR abs/1804.07706 (2018) - [i7]Furkan Alaca, Paul C. van Oorschot:
Comparative Analysis and Framework Evaluating Web Single Sign-On Systems. CoRR abs/1805.00094 (2018) - [i6]Markus Miettinen, Paul C. van Oorschot, Ahmad-Reza Sadeghi:
Baseline functionality for security and control of commodity IoT devices and domain-controlled device lifecycle management. CoRR abs/1808.03071 (2018) - 2017
- [j48]Manar Mohamed, Song Gao, Niharika Sachdeva, Nitesh Saxena, Chengcui Zhang, Ponnurangam Kumaraguru, Paul C. van Oorschot:
On the security and usability of dynamic cognitive game CAPTCHAs. J. Comput. Secur. 25(3): 205-230 (2017) - [j47]AbdelRahman Abdou, Ashraf Matrawy, Paul C. van Oorschot:
CPV: Delay-Based Location Verification for the Internet. IEEE Trans. Dependable Secur. Comput. 14(2): 130-144 (2017) - [j46]AbdelRahman Abdou, Ashraf Matrawy, Paul C. van Oorschot:
Location Verification of Wireless Internet Clients: Evaluation and Improvements. IEEE Trans. Emerg. Top. Comput. 5(4): 563-575 (2017) - [c95]Paul C. van Oorschot:
Science, Security and Academic Literature: Can We Learn from History? MTD@CCS 2017: 1-2 - [c94]AbdelRahman Abdou, Ashraf Matrawy, Paul C. van Oorschot:
Accurate Manipulation of Delay-based Internet Geolocation. AsiaCCS 2017: 887-898 - [c93]Cormac Herley, Paul C. van Oorschot:
SoK: Science, Security and the Elusive Goal of Security as a Scientific Pursuit. IEEE Symposium on Security and Privacy 2017: 99-120 - [i5]Tao Wan, AbdelRahman Abdou, Paul C. van Oorschot:
A Framework and Comparative Analysis of Control Plane Security of SDN and Conventional Networks. CoRR abs/1703.06992 (2017) - [i4]Furkan Alaca, AbdelRahman Abdou, Paul C. van Oorschot:
Comparative Analysis and Framework Evaluating Mimicry-Resistant and Invisible Web Authentication Schemes. CoRR abs/1708.01706 (2017) - 2016
- [j45]Dinei Florêncio, Cormac Herley, Paul C. van Oorschot:
Pushing on string: the 'don't care' region of password strength. Commun. ACM 59(11): 66-74 (2016) - [c92]Furkan Alaca, Paul C. van Oorschot:
Device fingerprinting for augmenting web authentication: classification and analysis of methods. ACSAC 2016: 289-301 - [c91]Leah Zhang-Kennedy, Sonia Chiasson, Paul C. van Oorschot:
Revisiting password rules: facilitating human management of passwords. eCrime 2016: 81-90 - [i3]AbdelRahman Abdou, Paul C. van Oorschot:
Server Location Verification and Server Location Pinning: Augmenting TLS Authentication. CoRR abs/1608.03939 (2016) - 2015
- [j44]Joseph Bonneau, Cormac Herley, Paul C. van Oorschot, Frank Stajano:
Passwords and the evolution of imperfect authentication. Commun. ACM 58(7): 78-87 (2015) - [j43]Sonia Chiasson, Paul C. van Oorschot:
Quantifying the security advantage of password expiration policies. Des. Codes Cryptogr. 77(2-3): 401-408 (2015) - [j42]AbdelRahman Abdou, Ashraf Matrawy, Paul C. van Oorschot:
Taxing the Queue: Hindering Middleboxes From Unauthorized Large-Scale Traffic Relaying. IEEE Commun. Lett. 19(1): 42-45 (2015) - [j41]AbdelRahman Abdou, Ashraf Matrawy, Paul C. van Oorschot:
Accurate One-Way Delay Estimation With Reduced Client Trustworthiness. IEEE Commun. Lett. 19(5): 735-738 (2015) - [j40]Chaitrali Amrutkar, Patrick Traynor, Paul C. van Oorschot:
An Empirical Evaluation of Security Indicators in Mobile Web Browsers. IEEE Trans. Mob. Comput. 14(5): 889-903 (2015) - [c90]Gerardo Reynaga, Sonia Chiasson, Paul C. van Oorschot:
Heuristics for the evaluation of captchas on smartphones. BCS HCI 2015: 126-135 - [c89]AbdelRahman Abdou, David Barrera, Paul C. van Oorschot:
What Lies Beneath? Analyzing Automated SSH Bruteforce Attacks. PASSWORDS 2015: 72-91 - [e3]Anil Somayaji, Paul C. van Oorschot, Mohammad Mannan, Rainer Böhme:
Proceedings of the 2015 New Security Paradigms Workshop, NSPW 2015, Twente, The Netherlands, September 8-11, 2015. ACM 2015, ISBN 978-1-4503-3754-0 [contents] - 2014
- [j39]Yi Xu, Gerardo Reynaga, Sonia Chiasson, Jan-Michael Frahm, Fabian Monrose, Paul C. van Oorschot:
Security Analysis and Related Usability of Motion-Based CAPTCHAs: Decoding Codewords in Motion. IEEE Trans. Dependable Secur. Comput. 11(5): 480-493 (2014) - [c88]Manar Mohamed, Niharika Sachdeva, Michael Georgescu, Song Gao, Nitesh Saxena, Chengcui Zhang, Ponnurangam Kumaraguru, Paul C. van Oorschot, Wei-bang Chen:
A three-way investigation of a game-CAPTCHA: automated attacks, relay attacks and usability. AsiaCCS 2014: 195-206 - [c87]AbdelRahman Abdou, Ashraf Matrawy, Paul C. van Oorschot:
Location verification on the Internet: Towards enforcing location-aware access policies over Internet clients. CNS 2014: 175-183 - [c86]Dinei Florêncio, Cormac Herley, Paul C. van Oorschot:
An Administrator's Guide to Internet Password Research. LISA 2014: 35-52 - [c85]Dinei Florêncio, Cormac Herley, Paul C. van Oorschot:
Password Portfolios and the Finite-Effort User: Sustainably Managing Large Numbers of Accounts. USENIX Security Symposium 2014: 575-590 - [c84]David Barrera, Daniel McCarney, Jeremy Clark, Paul C. van Oorschot:
Baton: certificate agility for android's decentralized signing infrastructure. WISEC 2014: 1-12 - [e2]Konstantin Beznosov, Anil Somayaji, Tom Longstaff, Paul C. van Oorschot:
Proceedings of the 2014 workshop on New Security Paradigms Workshop, Victoria, BC, Canada, September 15-18, 2014. ACM 2014, ISBN 978-1-4503-3062-6 [contents] - 2013
- [j38]Mansour Alsaleh, Paul C. van Oorschot:
Evaluation in the absence of absolute ground truth: toward reliable evaluation methodology for scan detectors. Int. J. Inf. Sec. 12(2): 97-110 (2013) - [c83]Adam Skillen, David Barrera, Paul C. van Oorschot:
Deadbolt: locking down android disk encryption. SPSM@CCS 2013: 3-14 - [c82]Serge Egelman, Cormac Herley, Paul C. van Oorschot:
Markets for zero-day exploits: ethics and implications. NSPW 2013: 41-46 - [c81]Jeremy Clark, Paul C. van Oorschot:
SoK: SSL and HTTPS: Revisiting Past Challenges and Evaluating Certificate Trust Model Enhancements. IEEE Symposium on Security and Privacy 2013: 511-525 - [i2]Manar Mohamed, Niharika Sachdeva, Michael Georgescu, Song Gao, Nitesh Saxena, Chengcui Zhang, Ponnurangam Kumaraguru, Paul C. van Oorschot, Wei-bang Chen:
Three-Way Dissection of a Game-CAPTCHA: Automated Attacks, Relay Attacks, and Usability. CoRR abs/1310.1540 (2013) - 2012
- [j37]Robert Biddle, Sonia Chiasson, Paul C. van Oorschot:
Graphical passwords: Learning from the first twelve years. ACM Comput. Surv. 44(4): 19:1-19:41 (2012) - [j36]Dirk Balfanz, Richard Chow, Ori Eisen, Markus Jakobsson, Steve Kirsch, Scott Matsumoto, Jesus Molina, Paul C. van Oorschot:
The Future of Authentication. IEEE Secur. Priv. 10(1): 22-27 (2012) - [j35]Cormac Herley, Paul C. van Oorschot:
A Research Agenda Acknowledging the Persistence of Passwords. IEEE Secur. Priv. 10(1): 28-36 (2012) - [j34]Mansour Alsaleh, Paul C. van Oorschot:
Revisiting network scanning detection using sequential hypothesis testing. Secur. Commun. Networks 5(12): 1337-1350 (2012) - [j33]Mansour Alsaleh, Mohammad Mannan, Paul C. van Oorschot:
Revisiting Defenses against Large-Scale Online Password Guessing Attacks. IEEE Trans. Dependable Secur. Comput. 9(1): 128-141 (2012) - [j32]Sonia Chiasson, Elizabeth Stobert, Alain Forget, Robert Biddle, Paul C. van Oorschot:
Persuasive Cued Click-Points: Design, Implementation, and Evaluation of a Knowledge-Based Authentication Mechanism. IEEE Trans. Dependable Secur. Comput. 9(2): 222-235 (2012) - [j31]Paul C. van Oorschot, Glenn Wurster:
Reducing Unauthorized Modification of Digital Objects. IEEE Trans. Software Eng. 38(1): 191-204 (2012) - [j30]Mohammad Mannan, Paul C. van Oorschot:
Passwords for Both Mobile and Desktop Computers: ObPwd for Firefox and Android. login Usenix Mag. 37(4) (2012) - [j29]Mohammad Mannan, Paul C. van Oorschot:
Passwords for Both Mobile and Desktop Computers Appendix. login Usenix Mag. 37(4) (2012) - [c80]Daniel McCarney, David Barrera, Jeremy Clark, Sonia Chiasson, Paul C. van Oorschot:
Tapas: design, implementation, and usability evaluation of a password manager. ACSAC 2012: 89-98 - [c79]David Barrera, Jeremy Clark, Daniel McCarney, Paul C. van Oorschot:
Understanding and improving app installation security mechanisms through empirical analysis of android. SPSM@CCS 2012: 81-92 - [c78]Chaitrali Amrutkar, Patrick Traynor, Paul C. van Oorschot:
Measuring SSL Indicators on Mobile Browsers: Extended Life, or End of the Road? ISC 2012: 86-103 - [c77]Joseph Bonneau, Cormac Herley, Paul C. van Oorschot, Frank Stajano:
The Quest to Replace Passwords: A Framework for Comparative Evaluation of Web Authentication Schemes. IEEE Symposium on Security and Privacy 2012: 553-567 - [c76]Yi Xu, Gerardo Reynaga, Sonia Chiasson, Jan-Michael Frahm, Fabian Monrose, Paul C. van Oorschot:
Security and Usability Challenges of Moving-Object CAPTCHAs: Decoding Codewords in Motion. USENIX Security Symposium 2012: 49-64 - 2011
- [j28]Trent Jaeger, Paul C. van Oorschot, Glenn Wurster:
Countering unauthorized code execution on commodity kernels: A survey of common interfaces allowing kernel code modification. Comput. Secur. 30(8): 571-579 (2011) - [j27]David Barrera, Paul C. van Oorschot:
Secure Software Installation on Smartphones. IEEE Secur. Priv. 9(3): 42-48 (2011) - [j26]David Barrera, Paul C. van Oorschot:
Accommodating IPv6 Addresses in Security Visualization Tools. Inf. Vis. 10(2): 107-116 (2011) - [j25]Paul C. van Oorschot, Julie Thorpe:
Exploiting predictability in click-based graphical passwords. J. Comput. Secur. 19(4): 669-702 (2011) - [j24]Mohammad Mannan, Paul C. van Oorschot:
Leveraging personal devices for stronger password authentication from untrusted computers. J. Comput. Secur. 19(4): 703-750 (2011) - [j23]Robert Biddle, Mohammad Mannan, Paul C. van Oorschot, Tara Whalen:
User Study, Analysis, and Usable Security of Passwords Based on Digital Objects. IEEE Trans. Inf. Forensics Secur. 6(3-2): 970-979 (2011) - [j22]David Barrera, Glenn Wurster, Paul C. van Oorschot:
Back to the Future: Revisiting IPv6 Privacy Extensions. login Usenix Mag. 36(1) (2011) - [c75]Mansour Alsaleh, Paul C. van Oorschot:
Network scan detection with LQS: a lightweight, quick and stateful algorithm. AsiaCCS 2011: 102-113 - [c74]Kemal Bicakci, Nart Bedin Atalay, Mustafa Yuceel, Paul C. van Oorschot:
Exploration and Field Study of a Password Manager Using Icon-Based Passwords. Financial Cryptography Workshops 2011: 104-118 - [c73]Mohammad Mannan, David Barrera, Carson D. Brown, David Lie, Paul C. van Oorschot:
Mercury: Recovering Forgotten Passwords Using Personal Devices. Financial Cryptography 2011: 315-330 - [c72]Kemal Bicakci, Paul C. van Oorschot:
A multi-word password proposal (gridWord) and exploring questions about science in security research and usable security evaluation. NSPW 2011: 25-36 - 2010
- [j21]Paul C. van Oorschot, Amirali Salehi-Abari, Julie Thorpe:
Purely automated attacks on passpoints-style graphical passwords. IEEE Trans. Inf. Forensics Secur. 5(3): 393-405 (2010) - [c71]Elizabeth Stobert, Alain Forget, Sonia Chiasson, Paul C. van Oorschot, Robert Biddle:
Exploring usability effects of increasing security in click-based graphical passwords. ACSAC 2010: 79-88 - [c70]Paul C. van Oorschot:
System security, platform security and usability. STC@CCS 2010: 1-2 - [c69]David Barrera, Hilmi Günes Kayacik, Paul C. van Oorschot, Anil Somayaji:
A methodology for empirical analysis of permission-based security models and its application to android. CCS 2010: 73-84 - [c68]Glenn Wurster, Paul C. van Oorschot:
A control point for reducing root abuse of file-system privileges. CCS 2010: 224-236
2000 – 2009
- 2009
- [j20]Mohammad Mannan, Paul C. van Oorschot:
Reducing threats from flawed security APIs: The banking PIN case. Comput. Secur. 28(6): 410-420 (2009) - [j19]James A. Muir, Paul C. van Oorschot:
Internet geolocation: Evasion and counterevasion. ACM Comput. Surv. 42(1): 4:1-4:23 (2009) - [j18]Sonia Chiasson, Alain Forget, Robert Biddle, Paul C. van Oorschot:
User interface design affects security: patterns in click-based graphical passwords. Int. J. Inf. Sec. 8(6): 387-398 (2009) - [c67]Robert Biddle, Paul C. van Oorschot, Andrew S. Patrick, Jennifer Sobey, Tara Whalen:
Browser interfaces and extended validation SSL certificates: an empirical study. CCSW 2009: 19-30 - [c66]Sonia Chiasson, Alain Forget, Elizabeth Stobert, Paul C. van Oorschot, Robert Biddle:
Multiple password interference in text passwords and click-based graphical passwords. CCS 2009: 500-511 - [c65]Cormac Herley, Paul C. van Oorschot, Andrew S. Patrick:
Passwords: If We're So Smart, Why Are We Still Using Them? Financial Cryptography 2009: 230-237 - [c64]Paul C. van Oorschot, Tao Wan:
TwoStep: An Authentication Method Combining Text and Graphical Passwords. MCETECH 2009: 233-239 - [c63]David Barrera, Paul C. van Oorschot:
Security visualization tools and IPv6 addresses. VizSEC 2009: 21-26 - 2008
- [j17]Paul C. van Oorschot, Julie Thorpe:
On predictive models and user-drawn graphical passwords. ACM Trans. Inf. Syst. Secur. 10(4): 5:1-5:33 (2008) - [c62]Amirali Salehi-Abari, Julie Thorpe, Paul C. van Oorschot:
On Purely Automated Attacks and Click-Based Graphical Passwords. ACSAC 2008: 111-120 - [c61]Mansour Alsaleh, David Barrera, Paul C. van Oorschot:
Improving Security Visualization with Exposure Map Filtering. ACSAC 2008: 205-214 - [c60]Sonia Chiasson, Alain Forget, Robert Biddle, Paul C. van Oorschot:
Influencing users towards better passwords: persuasive cued click-points. BCS HCI (1) 2008: 121-130 - [c59]Terri Oda, Glenn Wurster, Paul C. van Oorschot, Anil Somayaji:
SOMA: mutual approval for included content in web pages. CCS 2008: 89-98 - [c58]Deholo Nali, Paul C. van Oorschot:
CROO: A Universal Infrastructure and Protocol to Detect Identity Fraud. ESORICS 2008: 130-145 - [c57]Jennifer Sobey, Robert Biddle, Paul C. van Oorschot, Andrew S. Patrick:
Exploring User Reactions to New Browser Cues for Extended Validation Certificates. ESORICS 2008: 411-427 - [c56]Mohammad Mannan, Paul C. van Oorschot:
Weighing Down "The Unbearable Lightness of PIN Cracking". Financial Cryptography 2008: 176-181 - [c55]Abdulrahman Hijazi, Hajime Inoue, Ashraf Matrawy, Paul C. van Oorschot, Anil Somayaji:
Discovering Packet Structure through Lightweight Hierarchical Clustering. ICC 2008: 33-39 - [c54]Sonia Chiasson, Jayakumar Srinivasan, Robert Biddle, Paul C. van Oorschot:
Centered Discretization with Application to Graphical Passwords. UPSEC 2008 - [c53]Mohammad Mannan, Paul C. van Oorschot:
Localization of credential information to address increasingly inevitable data breaches. NSPW 2008: 13-21 - [c52]Glenn Wurster, Paul C. van Oorschot:
The developer is the enemy. NSPW 2008: 89-97 - [c51]Alain Forget, Sonia Chiasson, Paul C. van Oorschot, Robert Biddle:
Persuasion for Stronger Passwords: Motivation and Pilot Study. PERSUASIVE 2008: 140-150 - [c50]Alain Forget, Sonia Chiasson, Paul C. van Oorschot, Robert Biddle:
Improving text passwords through persuasion. SOUPS 2008: 1-12 - [c49]Mohammad Mannan, Paul C. van Oorschot:
Digital Objects as Passwords. HotSec 2008 - [c48]Mohammad Mannan, Paul C. van Oorschot:
Privacy-enhanced sharing of personal content on the web. WWW 2008: 487-496 - [e1]Paul C. van Oorschot:
Proceedings of the 17th USENIX Security Symposium, July 28-August 1, 2008, San Jose, CA, USA. USENIX Association 2008, ISBN 978-1-931971-60-7 [contents] - 2007
- [j16]Paul C. van Oorschot, Tao Wan, Evangelos Kranakis:
On interdomain routing security and pretty secure BGP (psBGP). ACM Trans. Inf. Syst. Secur. 10(3): 11 (2007) - [c47]David Whyte, Paul C. van Oorschot, Evangelos Kranakis:
Tracking Darkports for Network Defense. ACSAC 2007: 161-171 - [c46]Sonia Chiasson, Paul C. van Oorschot, Robert Biddle:
Graphical Password Authentication Using Cued Click Points. ESORICS 2007: 359-374 - [c45]Mohammad Mannan, Paul C. van Oorschot:
Using a Personal Device to Strengthen Password Authentication from an Untrusted Computer. Financial Cryptography 2007: 88-103 - [c44]Mohammad Mannan, Paul C. van Oorschot:
Security and usability: the gap in real-world online banking. NSPW 2007: 1-14 - [c43]Deholo Nali, Paul C. van Oorschot, Andy Adler:
VideoTicket: detecting identity fraud attempts via audiovisual certificates and signatures. NSPW 2007: 89-101 - [c42]Sonia Chiasson, Robert Biddle, Paul C. van Oorschot:
A second look at the usability of click-based graphical passwords. SOUPS 2007: 1-12 - [c41]Jeremy Clark, Paul C. van Oorschot, Carlisle Adams:
Usability of anonymous web browsing: an examination of Tor interfaces and deployability. SOUPS 2007: 41-51 - [c40]Julie Thorpe, Paul C. van Oorschot:
Human-Seeded Attacks and Exploiting Hot-Spots in Graphical Passwords. USENIX Security Symposium 2007 - [c39]Glenn Wurster, Paul C. van Oorschot:
Self-Signed Executables: Restricting Replacement of Program Binaries by Malware. HotSec 2007 - 2006
- [j15]Paul C. van Oorschot, Jean-Marc Robert, Miguel Vargas Martin:
A monitoring system for detecting repeated packets with applications to computer worms. Int. J. Inf. Sec. 5(3): 186-199 (2006) - [j14]Paul C. van Oorschot, Stuart G. Stubblebine:
On countering online dictionary attacks with login histories and humans-in-the-loop. ACM Trans. Inf. Syst. Secur. 9(3): 235-258 (2006) - [c38]David Whyte, Paul C. van Oorschot, Evangelos Kranakis:
Addressing SMTP-Based Mass-Mailing Activity within Enterprise Networks. ACSAC 2006: 393-402 - [c37]Mohammad Mannan, Paul C. van Oorschot:
A Protocol for Secure Public Instant Messaging. Financial Cryptography 2006: 20-35 - [c36]Tao Wan, Paul C. van Oorschot:
Analysis of BGP prefix origins during Google's May 2005 outage. IPDPS 2006 - [c35]Sonia Chiasson, Paul C. van Oorschot, Robert Biddle:
A Usability Study and Critique of Two Password Managers. USENIX Security Symposium 2006 - [c34]David Whyte, Paul C. van Oorschot, Evangelos Kranakis:
Exposure Maps: Removing Reliance on Attribution During Scan Detection. HotSec 2006 - 2005
- [j13]Paul C. van Oorschot, Anil Somayaji, Glenn Wurster:
Hardware-Assisted Circumvention of Self-Hashing Software Tamper Resistance. IEEE Trans. Dependable Secur. Comput. 2(2): 82-92 (2005) - [c33]Ashraf Matrawy, Paul C. van Oorschot, Anil Somayaji:
Mitigating Network Denial-of-Service Through Diversity-Based Traffic Management. ACNS 2005: 104-121 - [c32]David Whyte, Paul C. van Oorschot, Evangelos Kranakis:
Detecting Intra-enterprise Scanning Worms based on Address Resolution. ACSAC 2005: 371-380 - [c31]Simon N. Foley, Abe Singer, Michael E. Locasto, Stelios Sidiroglou, Angelos D. Keromytis, John P. McDermott, Julie Thorpe, Paul C. van Oorschot, Anil Somayaji, Richard Ford, Mark Bush, Alex Boulatov:
Highlights from the 2005 New Security Paradigms Workshop. ACSAC 2005: 393-396 - [c30]Paul C. van Oorschot, Stuart G. Stubblebine:
Countering Identity Theft Through Digital Uniqueness, Location Cross-Checking, and Funneling. Financial Cryptography 2005: 31-43 - [c29]Tao Wan, Evangelos Kranakis, Paul C. van Oorschot:
Pretty Secure BGP, psBGP. NDSS 2005 - [c28]David Whyte, Evangelos Kranakis, Paul C. van Oorschot:
DNS-based Detection of Scanning Worms in an Enterprise Network. NDSS 2005 - [c27]Julie Thorpe, Paul C. van Oorschot, Anil Somayaji:
Pass-thoughts: authenticating with our minds. NSPW 2005: 45-56 - [c26]Paul C. van Oorschot:
Message authentication by integrity with public corroboration. NSPW 2005: 57-63 - [c25]Glenn Wurster, Paul C. van Oorschot, Anil Somayaji:
A Generic Attack on Checksumming-Based Software Tamper Resistance. S&P 2005: 127-138 - [c24]Mohammad Mannan, Paul C. van Oorschot:
On instant messaging worms, analysis and countermeasures. WORM 2005: 2-11 - [i1]Julie Thorpe, Paul C. van Oorschot, Anil Somayaji:
Pass-thoughts: Authenticating With Our Minds. IACR Cryptol. ePrint Arch. 2005: 121 (2005) - 2004
- [c23]Tao Wan, Evangelos Kranakis, Paul C. van Oorschot:
S-RIP: A Secure Distance Vector Routing Protocol. ACNS 2004: 103-119 - [c22]Julie Thorpe, Paul C. van Oorschot:
Towards Secure Design Choices for Implementing Graphical Passwords. ACSAC 2004: 50-60 - [c21]Stuart G. Stubblebine, Paul C. van Oorschot:
Addressing Online Dictionary Attacks with Login Histories and Humans-in-the-Loop (Extended Abstract). Financial Cryptography 2004: 39-53 - [c20]Tao Wan, Evangelos Kranakis, Paul C. van Oorschot:
Securing the Destination-Sequenced Distance Vector Routing Protocol (S-DSDV). ICICS 2004: 358-374 - [c19]Mohammad Mannan, Paul C. van Oorschot:
Secure Public Instant Messaging. PST 2004: 69-77 - [c18]Julie Thorpe, Paul C. van Oorschot:
Graphical Dictionaries and the Memorable Space of Graphical Passwords. USENIX Security Symposium 2004: 135-150 - 2003
- [c17]Paul C. van Oorschot:
Revisiting Software Protection. ISC 2003: 1-13 - 2002
- [c16]Stanley Chow, Philip A. Eisen, Harold Johnson, Paul C. van Oorschot:
A White-Box DES Implementation for DRM Applications. Digital Rights Management Workshop 2002: 1-15 - [c15]Stanley Chow, Philip A. Eisen, Harold Johnson, Paul C. van Oorschot:
White-Box Cryptography and an AES Implementation. Selected Areas in Cryptography 2002: 250-270 - 2000
- [j12]Michael Smith, Paul C. van Oorschot, Michael Willett:
Cryptographic Information Recovery Using Key Recover. Comput. Secur. 19(1): 21-27 (2000)
1990 – 1999
- 1999
- [j11]Paul C. van Oorschot, Michael J. Wiener:
Parallel Collision Search with Cryptanalytic Applications. J. Cryptol. 12(1): 1-28 (1999) - [j10]Bart Preneel, Paul C. van Oorschot:
On the Security of Iterated Message Authentication Codes. IEEE Trans. Inf. Theory 45(1): 188-199 (1999) - [c14]Mike Just, Paul C. van Oorschot:
Addressing the Problem of Undetected Signature Key Compromise. NDSS 1999 - [r1]Alfred J. Menezes, Paul C. van Oorschot:
Coding Theory And Cryptology. Handbook of Discrete and Combinatorial Mathematics 1999 - 1997
- [j9]Evangelos Kranakis, Paul C. van Oorschot:
Special Issue: Selected Areas in Cryptography - Introduction. Des. Codes Cryptogr. 12(3): 213 (1997) - [j8]Bart Preneel, Vincent Rijmen, Paul C. van Oorschot:
Security analysis of the message authenticator algorithm (MAA). Eur. Trans. Telecommun. 8(5): 455-470 (1997) - 1996
- [b1]Alfred Menezes, Paul C. van Oorschot, Scott A. Vanstone:
Handbook of Applied Cryptography. CRC Press 1996, ISBN 0-8493-8523-7 - [c13]Paul C. van Oorschot, Michael J. Wiener:
Improving Implementable Meet-in-the-Middle Attacks by Orders of Magnitude. CRYPTO 1996: 229-236 - [c12]Bart Preneel, Paul C. van Oorschot:
On the Security of Two MAC Algorithms. EUROCRYPT 1996: 19-32 - [c11]Paul C. van Oorschot, Michael J. Wiener:
On Diffie-Hellman Key Agreement with Short Exponents. EUROCRYPT 1996: 332-343 - 1995
- [c10]Bart Preneel, Paul C. van Oorschot:
MDx-MAC and Building Fast MACs from Hash Functions. CRYPTO 1995: 1-14 - [c9]Paul C. van Oorschot:
Design Choices and Security Implications in Implementing Diffie-Hellman Key Agreement. IMACC 1995: 1 - 1994
- [j7]Rainer A. Rueppel, Paul C. van Oorschot:
Modern key agreement techniques. Comput. Commun. 17(7): 458-465 (1994) - [c8]Mike Just, Evangelos Kranakis, Danny Krizanc, Paul C. van Oorschot:
On Key Distribution via True Broadcasting. CCS 1994: 81-88 - [c7]Paul C. van Oorschot, Michael J. Wiener:
Parallel Collision Search with Application to Hash Functions and Discrete Logarithms. CCS 1994: 210-218 - [c6]Paul F. Syverson, Paul C. van Oorschot:
On unifying some cryptographic protocol logics. S&P 1994: 14-28 - 1993
- [c5]Paul C. van Oorschot:
Extending Cryptographic Logics of Belief to Key Agreement Protocols. CCS 1993: 232-243 - [c4]Paul C. van Oorschot:
An Alternate Explanation of two BAN-logic "failures". EUROCRYPT 1993: 443-447 - 1992
- [j6]Whitfield Diffie, Paul C. van Oorschot, Michael J. Wiener:
Authentication and Authenticated Key Exchanges. Des. Codes Cryptogr. 2(2): 107-125 (1992) - [j5]Alfred Menezes, Paul C. van Oorschot, Scott A. Vanstone:
Subgroup Refinement Algorithms for Root Finding in GF(q). SIAM J. Comput. 21(2): 228-239 (1992) - [j4]Albrecht Beutelspacher, Dieter Jungnickel, Paul C. van Oorschot, Scott A. Vanstone:
Pair-Splitting Sets in AG(m, q). SIAM J. Discret. Math. 5(4): 451-459 (1992) - 1990
- [j3]Paul C. van Oorschot, Scott A. Vanstone:
On splitting sets in block designs and finding roots of polynomials. Discret. Math. 84(1): 71-85 (1990) - [c3]Paul C. van Oorschot:
A Comparison of Practical Public Key Cryptosystems Based on Integer Factorization and Discrete Logarithms. CRYPTO 1990: 576-581 - [c2]Paul C. van Oorschot, Michael J. Wiener:
A Known Plaintext Attack on Two-Key Triple Encryption. EUROCRYPT 1990: 318-325
1980 – 1989
- 1989
- [j2]Charles J. Colbourn, Paul C. van Oorschot:
Applications of Combinatorial Designs in Computer Science. ACM Comput. Surv. 21(2): 223-250 (1989) - [j1]Paul C. van Oorschot, Scott A. Vanstone:
A geometric approach to root finding in GF(qm). IEEE Trans. Inf. Theory 35(2): 444-453 (1989) - 1988
- [c1]Alfred Menezes, Paul C. van Oorschot, Scott A. Vanstone:
Some Computational Aspects of Root Finding in GF(qm). ISSAC 1988: 259-270
Coauthor Index
manage site settings
To protect your privacy, all features that rely on external API calls from your browser are turned off by default. You need to opt-in for them to become active. All settings here will be stored as cookies with your web browser. For more information see our F.A.Q.
Unpaywalled article links
Add open access links from 
to the list of external document links (if available).
Privacy notice: By enabling the option above, your browser will contact the API of unpaywall.org to load hyperlinks to open access articles. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the Unpaywall privacy policy.
Archived links via Wayback Machine
For web page which are no longer available, try to retrieve content from the 
of the Internet Archive (if available).
Privacy notice: By enabling the option above, your browser will contact the API of archive.org to check for archived content of web pages that are no longer available. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the Internet Archive privacy policy.
Reference lists
Add a list of references from 
, 
, and 
to record detail pages.
load references from crossref.org and opencitations.net
Privacy notice: By enabling the option above, your browser will contact the APIs of crossref.org, opencitations.net, and semanticscholar.org to load article reference information. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the Crossref privacy policy and the OpenCitations privacy policy, as well as the AI2 Privacy Policy covering Semantic Scholar.
Citation data
Add a list of citing articles from and to record detail pages.
load citations from opencitations.net
Privacy notice: By enabling the option above, your browser will contact the API of opencitations.net and semanticscholar.org to load citation information. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the OpenCitations privacy policy as well as the AI2 Privacy Policy covering Semantic Scholar.
OpenAlex data
Load additional information about publications from 
.
Privacy notice: By enabling the option above, your browser will contact the API of openalex.org to load additional information. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the information given by OpenAlex.
last updated on 2025-03-10 20:51 CET by the dblp team
all metadata released as open data under CC0 1.0 license
see also: Terms of Use | Privacy Policy | Imprint
dblp was originally created in 1993 at:
since 2018, dblp has been operated and maintained by:
the dblp computer science bibliography is funded and supported by:
