Van Oorschot, Paul - School of Computer Science, Carleton University

• S-RIP: A Secure Distance Vector Routing Protocol Tao Wan Evangelos Kranakis P.C. van Oorschot
• Human-Seeded Attacks and Exploiting Hot-Spots in Graphical Passwords1
• On Unifying Some Cryptographic Protocol Logics Paul F. Syverson
• Leveraging Personal Devices for Stronger Password Authentication from Untrusted Computers
• Software Protection and Application Security: Understanding the Battleground ?
• Protecting Commodity Kernels from Execution of Unauthorized Code
• A White-Box DES Implementation for DRM Applications ?
• Accommodating IPv6 Addresses in Security Visualization Tools David Barrera and P.C. van Oorschot
• Securing the DestinationSequenced Distance Vector Routing Protocol (SDSDV) #
• Countering Identity Theft Through Digital Uniqueness, Location Cross-Checking,
• A Methodology for Empirical Analysis of Permission-Based Security Models
• System Configuration as a Privilege Glenn Wurster Paul C. van Oorschot
• Message Authentication by Integrity with Public Corroboration
• Using a Personal Device to Strengthen Password Authentication from an Untrusted Computer
• Improving Text Passwords Through Persuasion Alain Forget1,2
• The official journal version of this paper appears as: Int. J. Inf. Secur. (2009) 8:387-398. Copyright Springer-Verlag 2009. DOI 10.1007/s10207-009-0080-7.
• On DiffieHellman Key Agreement with Short Exponents ?
• Revisiting Defenses Against Large-Scale Online Password Guessing Attacks
• Exploration and Field Study of a Browser-based Password Manager using Icon-based Passwords
• Reducing Unauthorized Modification of Digital Objects
• Tracking Darkports for Network Defense David Whyte
• A Unified Cryptographic Protocol Logic \Lambda Paul F. Syverson
• Graphical Password Authentication Using Cued Click Points
• Centered Discretization with Application to Graphical Passwords (full paper)
• Improving Security Visualization with Exposure Map Filtering Mansour Alsaleh, David Barrera, P.C. van Oorschot
• Exploiting Predictability in Click-based Graphical Passwords P.C. van Oorschot and Julie Thorpe
• Addressing the Problem of Undetected Signature Key Compromise Mike Just \Lambday Paul C. van Oorschot \Lambda
• Passwords: If We're So Smart, Why Are We Still Using Them?
• The Usable Security of Passwords based on Digital Objects: From Design and Analysis to User Study
• Browser Interfaces and Extended Validation SSL Certificates: An Empirical Study
• Modern Key Agreement Techniques \Lambda Rainer A. Rueppel y Paul C. van Oorschot z
• A KnownPlaintext Attack on TwoKey Triple Encryption Paul C. van Oorschot and Michael J. Wiener
• + Proceedings of Crypto '96 (to appear), SpringerVerlag LNCS, August 1996. Improving Implementable MeetintheMiddle Attacks
• WhiteBox Cryptography and an AES Implementation #
• A Selective Introduction to Border Gateway Protocol (BGP) Security Issues
• Security Analysis of the Message Authenticator Algorithm (MAA) 1 Bart Preneel 2 Vincent Rijmen 2 Paul C. van Oorschot 3
• Further Comments on Keyed MD5 by Bart Preneel and Paul C. van Oorschot.
• Revisiting Software Protection ? P.C. van Oorschot
• Securing the Destination-Sequenced Distance Vector Routing Protocol (S-DSDV)
• Software Protection and Application Security: Understanding the Battleground
• Revisiting Software Protection P.C. van Oorschot
• A key recovery attack on the ANSI X9.19 retail MAC B. Preneel and P.C. van Oorschot
• Message Authentication by Integrity with Public Corroboration
• Internet Geolocation and Evasion James A. Muir P. C. van Oorschot
• Weighing Down "The Unbearable Lightness of PIN Cracking" (Extended Version)
• On Predictive Models and User-Drawn Graphical Passwords1 P.C. van Oorschot, Julie Thorpe
• IEEE TRANS. ON DEPENDABLE AND SECURE COMPUTING 1 Hardware-assisted circumvention of self-hashing
• Seeding a Security-Enhancing Infrastructure for Multi-market Application Ecosystems
• Persuasive Cued Click-Points: Design, implementation, and evaluation of a
• Exploration and Field Study of a Browser-based Password Manager using Icon-based Passwords
• Back to the Future: Revisiting IPv6 Privacy Extensions
• Exploring Usability Effects of Increasing Security in Click-based Graphical Passwords
• System Security, Platform Security and Usability [Extended Abstract]
• Multiple Password Interference in Text Passwords and Click-Based Graphical Passwords
• Exploring User Reactions to New Browser Cues for Extended Validation Certificates
• CROO: A Universal Infrastructure and Protocol to Detect Identity Fraud
• Localization of Credential Information to Address Increasingly Inevitable Data Breaches
• Digital Objects as Passwords Mohammad Mannan and P.C. van Oorschot
• H. Oinas-Kukkonen et al. (Eds.): PERSUASIVE 2008, LNCS 5033, pp. 140150, 2008. Springer-Verlag Berlin Heidelberg 2008
• Discovering Packet Structure through Lightweight Hierarchical Clustering
• Privacy-Enhanced Sharing of Personal Content on the Web
• Weighing Down "The Unbearable Lightness of PIN Cracking"
• A Protocol for Secure Public Instant Messaging Mohammad Mannan and Paul C. van Oorschot
• Detecting Intra-enterprise Scanning Worms based on Address Resolution David Whyte, Paul C. van Oorschot, Evangelos Kranakis
• Pass-thoughts: Authenticating With Our Minds Julie Thorpe
• On Identity Theft and a Countermeasure based on Digital Uniqueness and Location Cross-Checking
• Graphical Dictionaries and the Memorable Space of Graphical Julie Thorpe, P.C. van Oorschot
• Proceedings of Crypto '96 (to appear), Springer-Verlag LNCS, August 1996. Improving Implementable Meet-in-the-Middle Attacks
• Current techniques for collision search with feasible memory requirements involve pseudo-random walks
• Abstract. The authentication logic of Burrows, Abadi and Needham (BAN) provided an important step towards rigourous
• "!$#$"%&')(1023!&"!(4!$5768!$#$)(@9 A&BDCFEHGPI4Q3R"S3TVUXW`Yab Y"c"TeddDf3ghBVSBDEipTDW`TDBDUXqXrtsBDu4YUXBDv)YU)RwxBW`rFyaFv)Ya@ b1 g3Dd7Q"W`R"S3TVUXW`Ya@yvXc@IaFU)EIa4BVS"R3IyE
• Graphical Dictionaries and the Memorable Space of Graphical Passwords #
• On the Security of Iterated Message Authentication Bart Preneel
• The Developer is the Enemy Glenn Wurster
• Revisiting Defenses Against Large-Scale Online Password Guessing Attacks
• A Second Look at the Usability of Click-Based Graphical Passwords
• Self-Signed Executables: Restricting Replacement of Program Binaries by Malware
• Influencing Users Towards Better Passwords: Persuasive Cued Click-Points
• Addressing Online Dictionary Attacks with Login Histories and Humans-in-the-Loop
• Security and Usability: The Gap in Real-World Online Banking
• Pretty Secure BGP (psBGP) Tao Wan Evangelos Kranakis P.C. van Oorschot
• Int. J. Inf. Secur. (2006) 5(3): 186199 DOI 10.1007/s10207-006-0081-8
• Towards Secure Design Choices for Implementing Graphical Passwords # Julie Thorpe P.C. van Oorschot
• Analysis of BGP Prefix Origins During Google's May 2005 Outage Tao Wan Paul C. van Oorschot
• An Alternate Explanation of two BAN-logic "failures" Paul C. van Oorschot
• TwoStep: An Authentication Method Combining Text and Graphical Passwords
• Usability of Anonymous Web Browsing: An Examination of Tor Interfaces and Deployability
• On the Security of Iterated Message Authentication Codes \Lambda
• On the Security of Two MAC Algorithms Bart Preneel 1? Paul C. van Oorschot 2
• Exposure Maps: Removing Reliance on Attribution During Scan Detection
• On Interdomain Routing Security and Pretty Secure BGP (psBGP)
• Towards Secure Design Choices for Implementing Graphical Passwords Julie Thorpe P.C. van Oorschot
• On Purely Automated Attacks and Click-Based Graphical Passwords Amirali Salehi-Abari, Julie Thorpe, and P.C. van Oorschot
• A Usability Study and Critique of Two Password Managers Sonia Chiasson and P.C. van Oorschot
• An Alternate Explanation of two BANlogic ``failures'' Paul C. van Oorschot
• Abstract. The authentication logic of Burrows, Abadi and Needham (BAN) provided an important step towards rigourous
• White-Box Cryptography and an AES Implementation ?
• On Inter-domain Routing Security and Pretty Secure BGP (psBGP)
• On Countering Online Dictionary Attacks with Login Histories and Humans-in-the-Loop
• Graphical Passwords: Learning from the First Twelve Years
• Pretty Secure BGP (psBGP) # Tao Wan Evangelos Kranakis P.C. van Oorschot
• Secure Public Instant Messaging: A Survey Mohammad Mannan
• Exploring Usability Effects of Increasing Security in Click-based Graphical Passwords
• TR-09-09: GRAPHICAL PASSWORDS 1 Graphical Passwords
• A Known-Plaintext Attack on Two-Key Triple Encryption Paul C. van Oorschot and Michael J. Wiener
• On Predictive Models and User-Drawn Graphical Passwords
• Security Visualization Tools and IPv6 Addresses David Barrera and P.C. van Oorschot
• Network Scan Detection with LQS: A Lightweight, Quick and Stateful Algorithm
• Current techniques for collision search with feasible memory requirements involve pseudorandom walks
• Purely Automated Attacks on PassPoints-Style Graphical Passwords
• A Multi-Word Password Proposal (gridWord) and Exploring Questions about Science in
• A Research Agenda Acknowledging the Persistence of Passwords Cormac Herley
• Countering Unauthorized Code Execution on Commodity Kernels: A Survey of Common Interfaces Allowing Kernel Code Modification$
• A Multi-Word Password Proposal (gridWord) and Exploring Questions about Science in
• Revisiting Network Scanning Detection Using Sequential Hypothesis Testing
• Browser Interfaces and EV-SSL Certificates: Confusion, Inconsistencies and HCI Challenges
• Secure Software Installation on Smartphones David Barrera, P.C. van Oorschot
• The Quest to Replace Passwords: A Framework for Comparative Evaluation of Web Authentication Schemes