- A
simulator for dynamic electricity contracts (with some surprising
results) (June 15, 2023)
- A
proposal for a privacy friendly digital euro, using the existing payment
infrastructure (March 3, 2023)
- Analysing
the Architecture of the European Digital Identity Framework.
(February 14, 2023)
- Summary
of the 3rd Privacy Engineering Network (PEN-NL) workshop (February
6, 2023)
- Mutual
Contact Discovery (September 27, 2022)
- Using
revocable privacy to mitigate the risk of false accusations (July 7,
2021)
- Contact
discovery and notification. Some new privacy concerns (January 14,
2021)
- Universities
need to Act, Digitally (We don’t need a Digital University Act).
(January 10, 2021)
- A Corona
Credential? (April 1, 2020)
- Hansel
and Gretel and the Virus: Privacy Conscious Contact Tracing (March
25, 2020)
- Two
faces of blind signatures (January 24, 2020)
- Privacy
friendly public transport ticketing (August 29, 2019)
- Do
they really need to know who you are? (June 26, 2019)
- Review
of 'Stand out of our light' by James Williams (March 26, 2019)
- Open
access should be free for both authors and readers (January 30,
2019)
- Defining
Distributed Ledgers (November 22, 2018)
- Transparency
is the perfect cover-up (if the sun does *not* shine) (June 4,
2018)
- Privacy
design strategies: the little blue book released. (May 25,
2018)
- Privacyontwerpstrategieën:
publicatie van het blauwe boekje. (May 25, 2018)
- How
the military thinks about cyberspace (November 3, 2017)
- Blockcerts:
Using blokchain for identity management is (mostly) ridiculous
(September 6, 2017)
- The
challenges of privacy engineering (August 2, 2017)
- Interdisciplinary
Summerschool on Privacy (ISP 2017), day #4 (June 23, 2017)
- Interdisciplinary
Summerschool on Privacy (ISP 2017), day #2 (June 22, 2017)
- Interdisciplinary
Summerschool on Privacy (ISP 2017), day #1 (June 20, 2017)
- Fix
TLS. Let’s get rid of certificates. (A clarification and some
improvements.) (February 28, 2017)
- Fix
TLS. Let's get rid of certificates. (February 26, 2017)
- Using
icons to summarise privacy policies: an analysis and a proposal.
(September 21, 2016)
- Summary
of Day #5 of the Interdisciplinary Summerschool on Privacy (July 15,
2016)
- Summary
of Day #4 of the Interdisciplinary Summerschool on Privacy (July 14,
2016)
- Summary
of Day #1 of the Interdisciplinary Summerschool on Privacy (July 12,
2016)
- Summary
of Day #2 of the Interdisciplinary Summerschool on Privacy (July 12,
2016)
- A
very good example of why privacy is important (February 1,
2016)
- The
value of verifying public keys revisited. Or: how to limit the options
for dragnet surveillance. (September 4, 2015)
- WiFi
in de trein is volstrekt onveilig. Nou en? (August 7, 2015)
- Highlights
of the 15th Privacy Enhancing Technologies Symposium 2015, day #2.
(July 1, 2015)
- Highlights
of the 15th Privacy Enhancing Technologies Symposium 2015, day #1.
(June 30, 2015)
- Privately
(and unlinkably) exchanging messages using a public bulletin board
(June 22, 2015)
- Burnrchat.
A design sprint for an anonymous messaging app. (June 12, 2015)
- In
federated identity management, the issuer signing key poses a risk.
(May 22, 2015)
- Hoe
houden we de digitale wereld menselijk? (April 28, 2015)
- Location-restricted
access to data. (April 20, 2015)
- The
ABC of ABC - An Analysis of Attribute-Based Credentials in the Light of
Data Protection, Privacy and Identity (March 27, 2015)
- Using
attribute based credentials for auditable access control (February
18, 2015)
- Highlights
of the Real World Cryptography 2015 workshop, day #3 (January 10,
2015)
- Highlights
of the Real World Cryptography 2015 workshop, day #2 (January 9,
2015)
- Highlights
of the Real World Cryptography 2015 workshop, day #1 (January 8,
2015)
- Why
Peerby Works - And what we can learn from this to develop successful
privacy friendly apps and services. (January 1, 2015)
- Limiting
the risk of federation in identity management (somewhat). (December
5, 2014)
- Wat
je niet hebt kun je ook niet afgeven - Kentekenparkeren zonder dat de
Belastingdienst mee kan kijken. (November 13, 2014)
- Het
eID-stelsel: kort verslag van een discussie. (October 13, 2014)
- Improving
(i)Cloud security. (September 6, 2014)
- PETs
(Privacy Enhancing Technologies) post Snowden (July 18, 2014)
- The
future of IRMA: ideas to improve Attribute Based Credentials. (July
3, 2014)
- Google
gaat PGP voor Gmail ondersteunen. Wat betekent dit precies? (June 6,
2014)
- Active
authentication: continuously making sure that the owner of a smart phone
is actually using it. (June 2, 2014)
- Two
types of location privacy (May 28, 2014)
- Securely
using a single master password on all sites you visit. (April 21,
2014)
- How
to more securely sign in to an account using a password that is shared
across several services? (March 7, 2014)
- What
is the value of verifying public keys? (March 7, 2014)
- Something's
wrong with how Threema exchanges contact details using QR codes (or:
What's in a name? Nothing really...) (February 23, 2014)
- IRMA
en het risico van een online identificatieplicht (February 20,
2014)
- How
to track a user over several devices? (February 12, 2014)
- Highlights
of the Real World Cryptography 2014 workshop, day #3 (January 21,
2014)
- Highlights
of the Real World Cryptography 2014 workshop, day #1 (January 20,
2014)
- Highlights
of the Real World Cryptography 2014 workshop, day #2 (January 20,
2014)
- Wat is
Forward Secrecy? (December 17, 2013)
- AppOps
broken in Android 4.4.2 on rooted phones (December 16, 2013)
- Some
reservations about SpiderOak security. (December 8, 2013)
- Keep
your backup discs offline! (November 7, 2013)
- Even
secure clouds have a backdoor. (October 27, 2013)
- When
will users drop their passwords (and move to a more secure form of
authentication)? (October 21, 2013)
- Tracking
across multiple websites using only first party cookies (October 4,
2013)
- Hebben
de Duitsers nu echt veilige email? (August 11, 2013)
- Whose
security is this anyway? (June 19, 2013)
- Would
you trust the janitor with all your keys? (June 17, 2013)
- Password
or passphrase: which is more secure? (May 16, 2013)
- Google
is sending the perfect phishing email. (April 15, 2013)
- Attribute
based credentials and digital signatures on a single eID (March 5,
2013)
- How
to make money with privacy friendly identity management. (February
21, 2013)
- IRMA
versus Frau Mustermann, take 2: the advantages of attribute based
credentials over a more centralised approach. (February 12,
2013)
- IRMA
versus Frau Mustermann: the advantages of using attribute based
credentials over attestation based approaches. (February 10,
2013)
- An
eID should not be linked exclusively to an identity card. (February
8, 2013)
- Does
a centralised eID service in the German eID system pose a privacy
risk? (February 7, 2013)
- ECRYPT
II workshop on Crypto for 2020, day #2 (January 27, 2013)
- ECRYPT
II workshop on Crypto for 2020, day #1 (January 26, 2013)
- Open
Access! - But How? (January 15, 2013)
- For
Your Eyes Only: Day #2. Summary of presentations. (December 2,
2012)
- For
Your Eyes Only: Main findings. (December 2, 2012)
- For
Your Eyes Only: Day #1: Summary of presentations. (November 30,
2012)
- Wanneer
wordt precies de locatie van je mobiel opgeslagen? (November 28,
2012)
- Proving
your age with IRMA (without revealing you're a dog) (November 12,
2012)
- IRMA:
Using attribute based credentials to stop resale of tickets.
(November 6, 2012)
- Don't
build your business on consent. (September 14, 2012)
- The
fuzzy mud puddle test: can your cloud storage provider access your
encrypted data? (July 27, 2012)
- Een
app die je gedachten afluistert (July 5, 2012)
- IFIP
WG 11.2 Seminar: Summary of presentations. (July 4, 2012)
- RFIDSec
2012: Day #1. Summary of presentations. (July 3, 2012)
- RFIDSec
2012: Day #2. Summary of presentations. (July 3, 2012)
- Attribute
based Credentials and Selective Context Separation (May 28,
2012)
- The
new German eId card has security, privacy and usability limitations.
(May 8, 2012)
- Unlinkability
equals untraceability (April 19, 2012)
- Analysing
ADEPT (Adobe Digital Experience Protection Technology) (April 12,
2012)
- An
unexpected privacy risk of anonymous credentials (February 14,
2012)
- Participatory
sensing / participatory surveillance (January 26, 2012)
- On
using identity cards to store anonymous credentials. (November 16,
2011)
- The
Future of Authenticating Websites (FAWN) - 2 (October 24, 2011)
- On
the moral basis for privacy protection. (October 16, 2011)
- The
Future of Authenticating Websites (FAWN) - 1 (October 6, 2011)
- Het
recht op inzage is een wassen neus. Wat nu? (August 25, 2011)
- Traceable
Anonymity and Revocable Privacy (June 24, 2011)
- Identity
cards should not be used to store anonymous credentials (June 9,
2011)
- Vingerafdrukken:
het effect van hashen op veiligheid en privacy (April 18, 2011)
- Track-me-not:
a comparison of recent browser-based solutions. (January 30,
2011)
- GSM Broken.
(December 28, 2010)
- Calendar
of Security, Privacy and Cryptography related events (December 27,
2010)
- Why
the Privacy Coach runs on NFC (November 11, 2010)
- Blog
spam through social engineering - Approve comments conservatively.
(September 20, 2010)
- The
problem with OpenID. (August 31, 2010)
- Seminar
IFIP WG 11.2 on Pervasive Systems Security (June 8, 2010)
- Push-to-talk
button for RFID (June 8, 2010)
- De
chipkaart: een belangrijke privacy beschermer (June 2, 2010)
- Using
a mobile phone number as an authentic identifier (April 27,
2010)
- The
Identity Crisis (4) - Security (April 6, 2010)
- Fast
anonymous credentials on smart cards (March 31, 2010)
- Xmarks
Smart Search invading privacy (March 3, 2010)
- The
identity crisis (3) - Trust. (February 23, 2010)
- GSM broken?
Well... (December 29, 2009)
- Improve
the resilience of EMV against relay attacks (December 17, 2009)
- The
identity crisis (2) - What is identity? (December 3, 2009)
- PwdHash (November
16, 2009)
- The
Identity Crisis (1) - Membership vs Ownership (November 4,
2009)
- Revocable
Privacy (November 21, 2008)
- The
weakest link fallacy (January 30, 2008)