science

Category

Do fair design patterns exist? (February 7, 2024)
Analysing the proposal to regulate the digital euro (December 4, 2023)
Clearghost: Using the laws of nature to limit digital surveillance by law enforcement. (October 24, 2023)
A simulator for dynamic electricity contracts (with some surprising results) (June 15, 2023)
A proposal for a privacy friendly digital euro, using the existing payment infrastructure (March 3, 2023)
Analysing the Architecture of the European Digital Identity Framework. (February 14, 2023)
Summary of the 3rd Privacy Engineering Network (PEN-NL) workshop (February 6, 2023)
Mutual Contact Discovery (September 27, 2022)
Using revocable privacy to mitigate the risk of false accusations (July 7, 2021)
Contact discovery and notification. Some new privacy concerns (January 14, 2021)
Universities need to Act, Digitally (We don’t need a Digital University Act). (January 10, 2021)
A Corona Credential? (April 1, 2020)
Hansel and Gretel and the Virus: Privacy Conscious Contact Tracing (March 25, 2020)
Two faces of blind signatures (January 24, 2020)
Privacy friendly public transport ticketing (August 29, 2019)
Do they really need to know who you are? (June 26, 2019)
Review of 'Stand out of our light' by James Williams (March 26, 2019)
Open access should be free for both authors and readers (January 30, 2019)
Defining Distributed Ledgers (November 22, 2018)
Transparency is the perfect cover-up (if the sun does *not* shine) (June 4, 2018)
Privacy design strategies: the little blue book released. (May 25, 2018)
Privacyontwerpstrategieën: publicatie van het blauwe boekje. (May 25, 2018)
How the military thinks about cyberspace (November 3, 2017)
Blockcerts: Using blokchain for identity management is (mostly) ridiculous (September 6, 2017)
The challenges of privacy engineering (August 2, 2017)
Interdisciplinary Summerschool on Privacy (ISP 2017), day #4 (June 23, 2017)
Interdisciplinary Summerschool on Privacy (ISP 2017), day #2 (June 22, 2017)
Interdisciplinary Summerschool on Privacy (ISP 2017), day #1 (June 20, 2017)
Fix TLS. Let’s get rid of certificates. (A clarification and some improvements.) (February 28, 2017)
Fix TLS. Let's get rid of certificates. (February 26, 2017)
Using icons to summarise privacy policies: an analysis and a proposal. (September 21, 2016)
Summary of Day #5 of the Interdisciplinary Summerschool on Privacy (July 15, 2016)
Summary of Day #4 of the Interdisciplinary Summerschool on Privacy (July 14, 2016)
Summary of Day #1 of the Interdisciplinary Summerschool on Privacy (July 12, 2016)
Summary of Day #2 of the Interdisciplinary Summerschool on Privacy (July 12, 2016)
A very good example of why privacy is important (February 1, 2016)
The value of verifying public keys revisited. Or: how to limit the options for dragnet surveillance. (September 4, 2015)
WiFi in de trein is volstrekt onveilig. Nou en? (August 7, 2015)
Highlights of the 15th Privacy Enhancing Technologies Symposium 2015, day #2. (July 1, 2015)
Highlights of the 15th Privacy Enhancing Technologies Symposium 2015, day #1. (June 30, 2015)
Privately (and unlinkably) exchanging messages using a public bulletin board (June 22, 2015)
Burnrchat. A design sprint for an anonymous messaging app. (June 12, 2015)
In federated identity management, the issuer signing key poses a risk. (May 22, 2015)
Hoe houden we de digitale wereld menselijk? (April 28, 2015)
Location-restricted access to data. (April 20, 2015)
The ABC of ABC - An Analysis of Attribute-Based Credentials in the Light of Data Protection, Privacy and Identity (March 27, 2015)
Using attribute based credentials for auditable access control (February 18, 2015)
Highlights of the Real World Cryptography 2015 workshop, day #3 (January 10, 2015)
Highlights of the Real World Cryptography 2015 workshop, day #2 (January 9, 2015)
Highlights of the Real World Cryptography 2015 workshop, day #1 (January 8, 2015)
Why Peerby Works - And what we can learn from this to develop successful privacy friendly apps and services. (January 1, 2015)
Limiting the risk of federation in identity management (somewhat). (December 5, 2014)
Wat je niet hebt kun je ook niet afgeven - Kentekenparkeren zonder dat de Belastingdienst mee kan kijken. (November 13, 2014)
Het eID-stelsel: kort verslag van een discussie. (October 13, 2014)
Improving (i)Cloud security. (September 6, 2014)
PETs (Privacy Enhancing Technologies) post Snowden (July 18, 2014)
The future of IRMA: ideas to improve Attribute Based Credentials. (July 3, 2014)
Google gaat PGP voor Gmail ondersteunen. Wat betekent dit precies? (June 6, 2014)
Active authentication: continuously making sure that the owner of a smart phone is actually using it. (June 2, 2014)
Two types of location privacy (May 28, 2014)
Securely using a single master password on all sites you visit. (April 21, 2014)
How to more securely sign in to an account using a password that is shared across several services? (March 7, 2014)
What is the value of verifying public keys? (March 7, 2014)
Something's wrong with how Threema exchanges contact details using QR codes (or: What's in a name? Nothing really...) (February 23, 2014)
IRMA en het risico van een online identificatieplicht (February 20, 2014)
How to track a user over several devices? (February 12, 2014)
Highlights of the Real World Cryptography 2014 workshop, day #3 (January 21, 2014)
Highlights of the Real World Cryptography 2014 workshop, day #1 (January 20, 2014)
Highlights of the Real World Cryptography 2014 workshop, day #2 (January 20, 2014)
Wat is Forward Secrecy? (December 17, 2013)
AppOps broken in Android 4.4.2 on rooted phones (December 16, 2013)
Some reservations about SpiderOak security. (December 8, 2013)
Keep your backup discs offline! (November 7, 2013)
Even secure clouds have a backdoor. (October 27, 2013)
When will users drop their passwords (and move to a more secure form of authentication)? (October 21, 2013)
Tracking across multiple websites using only first party cookies (October 4, 2013)
Hebben de Duitsers nu echt veilige email? (August 11, 2013)
Whose security is this anyway? (June 19, 2013)
Would you trust the janitor with all your keys? (June 17, 2013)
Password or passphrase: which is more secure? (May 16, 2013)
Google is sending the perfect phishing email. (April 15, 2013)
Attribute based credentials and digital signatures on a single eID (March 5, 2013)
How to make money with privacy friendly identity management. (February 21, 2013)
IRMA versus Frau Mustermann, take 2: the advantages of attribute based credentials over a more centralised approach. (February 12, 2013)
IRMA versus Frau Mustermann: the advantages of using attribute based credentials over attestation based approaches. (February 10, 2013)
An eID should not be linked exclusively to an identity card. (February 8, 2013)
Does a centralised eID service in the German eID system pose a privacy risk? (February 7, 2013)
ECRYPT II workshop on Crypto for 2020, day #2 (January 27, 2013)
ECRYPT II workshop on Crypto for 2020, day #1 (January 26, 2013)
Open Access! - But How? (January 15, 2013)
For Your Eyes Only: Day #2. Summary of presentations. (December 2, 2012)
For Your Eyes Only: Main findings. (December 2, 2012)
For Your Eyes Only: Day #1: Summary of presentations. (November 30, 2012)
Wanneer wordt precies de locatie van je mobiel opgeslagen? (November 28, 2012)
Proving your age with IRMA (without revealing you're a dog) (November 12, 2012)
IRMA: Using attribute based credentials to stop resale of tickets. (November 6, 2012)
Don't build your business on consent. (September 14, 2012)
The fuzzy mud puddle test: can your cloud storage provider access your encrypted data? (July 27, 2012)
Een app die je gedachten afluistert (July 5, 2012)
IFIP WG 11.2 Seminar: Summary of presentations. (July 4, 2012)
RFIDSec 2012: Day #1. Summary of presentations. (July 3, 2012)
RFIDSec 2012: Day #2. Summary of presentations. (July 3, 2012)
Attribute based Credentials and Selective Context Separation (May 28, 2012)
The new German eId card has security, privacy and usability limitations. (May 8, 2012)
Unlinkability equals untraceability (April 19, 2012)
Analysing ADEPT (Adobe Digital Experience Protection Technology) (April 12, 2012)
An unexpected privacy risk of anonymous credentials (February 14, 2012)
Participatory sensing / participatory surveillance (January 26, 2012)
On using identity cards to store anonymous credentials. (November 16, 2011)
The Future of Authenticating Websites (FAWN) - 2 (October 24, 2011)
On the moral basis for privacy protection. (October 16, 2011)
The Future of Authenticating Websites (FAWN) - 1 (October 6, 2011)
Het recht op inzage is een wassen neus. Wat nu? (August 25, 2011)
Traceable Anonymity and Revocable Privacy (June 24, 2011)
Identity cards should not be used to store anonymous credentials (June 9, 2011)
Vingerafdrukken: het effect van hashen op veiligheid en privacy (April 18, 2011)
Track-me-not: a comparison of recent browser-based solutions. (January 30, 2011)
GSM Broken. (December 28, 2010)
Calendar of Security, Privacy and Cryptography related events (December 27, 2010)
Why the Privacy Coach runs on NFC (November 11, 2010)
Blog spam through social engineering - Approve comments conservatively. (September 20, 2010)
The problem with OpenID. (August 31, 2010)
Seminar IFIP WG 11.2 on Pervasive Systems Security (June 8, 2010)
Push-to-talk button for RFID (June 8, 2010)
De chipkaart: een belangrijke privacy beschermer (June 2, 2010)
Using a mobile phone number as an authentic identifier (April 27, 2010)
The Identity Crisis (4) - Security (April 6, 2010)
Fast anonymous credentials on smart cards (March 31, 2010)
Xmarks Smart Search invading privacy (March 3, 2010)
The identity crisis (3) - Trust. (February 23, 2010)
GSM broken? Well... (December 29, 2009)
Improve the resilience of EMV against relay attacks (December 17, 2009)
The identity crisis (2) - What is identity? (December 3, 2009)
PwdHash (November 16, 2009)
The Identity Crisis (1) - Membership vs Ownership (November 4, 2009)
Revocable Privacy (November 21, 2008)
The weakest link fallacy (January 30, 2008)