Home // About

Science

Category
  • A Corona Credential? (April 1, 2020)
  • Hansel and Gretel and the Virus: Privacy Conscious Contact Tracing (March 25, 2020)
  • Two faces of blind signatures (January 24, 2020)
  • Privacy friendly public transport ticketing (August 29, 2019)
  • Do they really need to know who you are? (June 26, 2019)
  • Review of 'Stand out of our light' by James Williams (March 26, 2019)
  • Open access should be free for both authors and readers (January 30, 2019)
  • Defining Distributed Ledgers (November 22, 2018)
  • Transparency is the perfect cover-up (if the sun does *not* shine) (June 4, 2018)
  • Privacyontwerpstrategieën: publicatie van het blauwe boekje. (May 25, 2018)
  • Privacy design strategies: the little blue book released. (May 25, 2018)
  • How the military thinks about cyberspace (November 3, 2017)
  • Blockcerts: Using blokchain for identity management is (mostly) ridiculous (September 6, 2017)
  • The challenges of privacy engineering (August 2, 2017)
  • Interdisciplinary Summerschool on Privacy (ISP 2017), day #4 (June 23, 2017)
  • Interdisciplinary Summerschool on Privacy (ISP 2017), day #2 (June 22, 2017)
  • Interdisciplinary Summerschool on Privacy (ISP 2017), day #1 (June 20, 2017)
  • Fix TLS. Let’s get rid of certificates. (A clarification and some improvements.) (February 28, 2017)
  • Fix TLS. Let's get rid of certificates. (February 26, 2017)
  • Using icons to summarise privacy policies: an analysis and a proposal. (September 21, 2016)
  • Summary of Day #5 of the Interdisciplinary Summerschool on Privacy (July 15, 2016)
  • Summary of Day #4 of the Interdisciplinary Summerschool on Privacy (July 14, 2016)
  • Summary of Day #2 of the Interdisciplinary Summerschool on Privacy (July 12, 2016)
  • Summary of Day #1 of the Interdisciplinary Summerschool on Privacy (July 12, 2016)
  • A very good example of why privacy is important (February 1, 2016)
  • The value of verifying public keys revisited. Or: how to limit the options for dragnet surveillance. (September 4, 2015)
  • WiFi in de trein is volstrekt onveilig. Nou en? (August 7, 2015)
  • Highlights of the 15th Privacy Enhancing Technologies Symposium 2015, day #2. (July 1, 2015)
  • Highlights of the 15th Privacy Enhancing Technologies Symposium 2015, day #1. (June 30, 2015)
  • Privately (and unlinkably) exchanging messages using a public bulletin board (June 22, 2015)
  • Burnrchat. A design sprint for an anonymous messaging app. (June 12, 2015)
  • In federated identity management, the issuer signing key poses a risk. (May 22, 2015)
  • Hoe houden we de digitale wereld menselijk? (April 28, 2015)
  • Location-restricted access to data. (April 20, 2015)
  • The ABC of ABC - An Analysis of Attribute-Based Credentials in the Light of Data Protection, Privacy and Identity (March 27, 2015)
  • Using attribute based credentials for auditable access control (February 18, 2015)
  • Highlights of the Real World Cryptography 2015 workshop, day #3 (January 9, 2015)
  • Highlights of the Real World Cryptography 2015 workshop, day #2 (January 9, 2015)
  • Highlights of the Real World Cryptography 2015 workshop, day #1 (January 8, 2015)
  • Why Peerby Works - And what we can learn from this to develop successful privacy friendly apps and services. (January 1, 2015)
  • Limiting the risk of federation in identity management (somewhat). (December 5, 2014)
  • Wat je niet hebt kun je ook niet afgeven - Kentekenparkeren zonder dat de Belastingdienst mee kan kijken. (November 13, 2014)
  • Het eID-stelsel: kort verslag van een discussie. (October 13, 2014)
  • Improving (i)Cloud security. (September 6, 2014)
  • PETs (Privacy Enhancing Technologies) post Snowden (July 18, 2014)
  • The future of IRMA: ideas to improve Attribute Based Credentials. (July 3, 2014)
  • Google gaat PGP voor Gmail ondersteunen. Wat betekent dit precies? (June 6, 2014)
  • Active authentication: continuously making sure that the owner of a smart phone is actually using it. (June 2, 2014)
  • Two types of location privacy (May 28, 2014)
  • Securely using a single master password on all sites you visit. (April 21, 2014)
  • What is the value of verifying public keys? (March 7, 2014)
  • How to more securely sign in to an account using a password that is shared across several services? (March 6, 2014)
  • Something's wrong with how Threema exchanges contact details using QR codes (or: What's in a name? Nothing really...) (February 23, 2014)
  • IRMA en het risico van een online identificatieplicht (February 20, 2014)
  • How to track a user over several devices? (February 12, 2014)
  • Highlights of the Real World Cryptography 2014 workshop, day #3 (January 21, 2014)
  • Highlights of the Real World Cryptography 2014 workshop, day #2 (January 20, 2014)
  • Highlights of the Real World Cryptography 2014 workshop, day #1 (January 20, 2014)
  • Wat is Forward Secrecy? (December 17, 2013)
  • AppOps broken in Android 4.4.2 on rooted phones (December 16, 2013)
  • Some reservations about SpiderOak security. (December 8, 2013)
  • Keep your backup discs offline! (November 7, 2013)
  • Even secure clouds have a backdoor. (October 27, 2013)
  • When will users drop their passwords (and move to a more secure form of authentication)? (October 21, 2013)
  • Tracking across multiple websites using only first party cookies (October 4, 2013)
  • Hebben de Duitsers nu echt veilige email? (August 11, 2013)
  • Whose security is this anyway? (June 19, 2013)
  • Would you trust the janitor with all your keys? (June 17, 2013)
  • Password or passphrase: which is more secure? (May 16, 2013)
  • Google is sending the perfect phishing email. (April 15, 2013)
  • Attribute based credentials and digital signatures on a single eID (March 5, 2013)
  • How to make money with privacy friendly identity management. (February 21, 2013)
  • IRMA versus Frau Mustermann, take 2: the advantages of attribute based credentials over a more centralised approach. (February 12, 2013)
  • IRMA versus Frau Mustermann: the advantages of using attribute based credentials over attestation based approaches. (February 10, 2013)
  • An eID should not be linked exclusively to an identity card. (February 8, 2013)
  • Does a centralised eID service in the German eID system pose a privacy risk? (February 7, 2013)
  • ECRYPT II workshop on Crypto for 2020, day #2 (January 27, 2013)
  • ECRYPT II workshop on Crypto for 2020, day #1 (January 26, 2013)
  • Open Access! - But How? (January 15, 2013)
  • For Your Eyes Only: Main findings. (December 2, 2012)
  • For Your Eyes Only: Day #2. Summary of presentations. (December 2, 2012)
  • For Your Eyes Only: Day #1: Summary of presentations. (November 30, 2012)
  • Wanneer wordt precies de locatie van je mobiel opgeslagen? (November 28, 2012)
  • Proving your age with IRMA (without revealing you're a dog) (November 12, 2012)
  • IRMA: Using attribute based credentials to stop resale of tickets. (November 6, 2012)
  • Don't build your business on consent. (September 14, 2012)
  • The fuzzy mud puddle test: can your cloud storage provider access your encrypted data? (July 27, 2012)
  • Een app die je gedachten afluistert (July 5, 2012)
  • IFIP WG 11.2 Seminar: Summary of presentations. (July 4, 2012)
  • RFIDSec 2012: Day #2. Summary of presentations. (July 3, 2012)
  • RFIDSec 2012: Day #1. Summary of presentations. (July 3, 2012)
  • Attribute based Credentials and Selective Context Separation (May 28, 2012)
  • The new German eId card has security, privacy and usability limitations. (May 8, 2012)
  • Unlinkability equals untraceability (April 19, 2012)
  • Analysing ADEPT (Adobe Digital Experience Protection Technology) (April 12, 2012)
  • An unexpected privacy risk of anonymous credentials (February 14, 2012)
  • Participatory sensing / participatory surveillance (January 26, 2012)
  • On using identity cards to store anonymous credentials. (November 16, 2011)
  • The Future of Authenticating Websites (FAWN) - 2 (October 24, 2011)
  • On the moral basis for privacy protection. (October 16, 2011)
  • The Future of Authenticating Websites (FAWN) - 1 (October 6, 2011)
  • Het recht op inzage is een wassen neus. Wat nu? (August 25, 2011)
  • Traceable Anonymity and Revocable Privacy (June 24, 2011)
  • Identity cards should not be used to store anonymous credentials (June 9, 2011)
  • Vingerafdrukken: het effect van hashen op veiligheid en privacy (April 18, 2011)
  • Track-me-not: a comparison of recent browser-based solutions. (January 30, 2011)
  • GSM Broken. (December 28, 2010)
  • Calendar of Security, Privacy and Cryptography related events (December 27, 2010)
  • Why the Privacy Coach runs on NFC (November 11, 2010)
  • Blog spam through social engineering - Approve comments conservatively. (September 20, 2010)
  • The problem with OpenID. (August 31, 2010)
  • Seminar IFIP WG 11.2 on Pervasive Systems Security (June 8, 2010)
  • Push-to-talk button for RFID (June 8, 2010)
  • De chipkaart: een belangrijke privacy beschermer (June 2, 2010)
  • Using a mobile phone number as an authentic identifier (April 27, 2010)
  • The Identity Crisis (4) - Security (April 6, 2010)
  • Fast anonymous credentials on smart cards (March 31, 2010)
  • Xmarks Smart Search invading privacy (March 3, 2010)
  • The identity crisis (3) - Trust. (February 23, 2010)
  • GSM broken? Well... (December 29, 2009)
  • Improve the resilience of EMV against relay attacks (December 17, 2009)
  • The identity crisis (2) - What is identity? (December 3, 2009)
  • PwdHash (November 16, 2009)
  • The Identity Crisis (1) - Membership vs Ownership (November 4, 2009)
  • Revocable Privacy (November 21, 2008)
  • The weakest link fallacy (January 30, 2008)
Search /// Archives /// RSS Feed /// Subscribe