- Contact discovery and notification. Some new privacy concerns (January 14, 2021)
- Universities need to Act, Digitally (We don’t need a Digital University Act). (January 10, 2021)
- A Corona Credential? (April 1, 2020)
- Hansel and Gretel and the Virus: Privacy Conscious Contact Tracing (March 25, 2020)
- Two faces of blind signatures (January 24, 2020)
- Privacy friendly public transport ticketing (August 29, 2019)
- Do they really need to know who you are? (June 26, 2019)
- Review of 'Stand out of our light' by James Williams (March 26, 2019)
- Open access should be free for both authors and readers (January 30, 2019)
- Defining Distributed Ledgers (November 22, 2018)
- Transparency is the perfect cover-up (if the sun does *not* shine) (June 4, 2018)
- Privacyontwerpstrategieën: publicatie van het blauwe boekje. (May 25, 2018)
- Privacy design strategies: the little blue book released. (May 25, 2018)
- How the military thinks about cyberspace (November 3, 2017)
- Blockcerts: Using blokchain for identity management is (mostly) ridiculous (September 6, 2017)
- The challenges of privacy engineering (August 2, 2017)
- Interdisciplinary Summerschool on Privacy (ISP 2017), day #4 (June 23, 2017)
- Interdisciplinary Summerschool on Privacy (ISP 2017), day #2 (June 22, 2017)
- Interdisciplinary Summerschool on Privacy (ISP 2017), day #1 (June 20, 2017)
- Fix TLS. Let’s get rid of certificates. (A clarification and some improvements.) (February 28, 2017)
- Fix TLS. Let's get rid of certificates. (February 26, 2017)
- Using icons to summarise privacy policies: an analysis and a proposal. (September 21, 2016)
- Summary of Day #5 of the Interdisciplinary Summerschool on Privacy (July 15, 2016)
- Summary of Day #4 of the Interdisciplinary Summerschool on Privacy (July 14, 2016)
- Summary of Day #2 of the Interdisciplinary Summerschool on Privacy (July 12, 2016)
- Summary of Day #1 of the Interdisciplinary Summerschool on Privacy (July 12, 2016)
- A very good example of why privacy is important (February 1, 2016)
- The value of verifying public keys revisited. Or: how to limit the options for dragnet surveillance. (September 4, 2015)
- WiFi in de trein is volstrekt onveilig. Nou en? (August 7, 2015)
- Highlights of the 15th Privacy Enhancing Technologies Symposium 2015, day #2. (July 1, 2015)
- Highlights of the 15th Privacy Enhancing Technologies Symposium 2015, day #1. (June 30, 2015)
- Privately (and unlinkably) exchanging messages using a public bulletin board (June 22, 2015)
- Burnrchat. A design sprint for an anonymous messaging app. (June 12, 2015)
- In federated identity management, the issuer signing key poses a risk. (May 22, 2015)
- Hoe houden we de digitale wereld menselijk? (April 28, 2015)
- Location-restricted access to data. (April 20, 2015)
- The ABC of ABC - An Analysis of Attribute-Based Credentials in the Light of Data Protection, Privacy and Identity (March 27, 2015)
- Using attribute based credentials for auditable access control (February 18, 2015)
- Highlights of the Real World Cryptography 2015 workshop, day #3 (January 10, 2015)
- Highlights of the Real World Cryptography 2015 workshop, day #2 (January 9, 2015)
- Highlights of the Real World Cryptography 2015 workshop, day #1 (January 8, 2015)
- Why Peerby Works - And what we can learn from this to develop successful privacy friendly apps and services. (January 1, 2015)
- Limiting the risk of federation in identity management (somewhat). (December 5, 2014)
- Wat je niet hebt kun je ook niet afgeven - Kentekenparkeren zonder dat de Belastingdienst mee kan kijken. (November 13, 2014)
- Het eID-stelsel: kort verslag van een discussie. (October 13, 2014)
- Improving (i)Cloud security. (September 6, 2014)
- PETs (Privacy Enhancing Technologies) post Snowden (July 18, 2014)
- The future of IRMA: ideas to improve Attribute Based Credentials. (July 3, 2014)
- Google gaat PGP voor Gmail ondersteunen. Wat betekent dit precies? (June 6, 2014)
- Active authentication: continuously making sure that the owner of a smart phone is actually using it. (June 2, 2014)
- Two types of location privacy (May 28, 2014)
- Securely using a single master password on all sites you visit. (April 21, 2014)
- What is the value of verifying public keys? (March 7, 2014)
- How to more securely sign in to an account using a password that is shared across several services? (March 7, 2014)
- Something's wrong with how Threema exchanges contact details using QR codes (or: What's in a name? Nothing really...) (February 23, 2014)
- IRMA en het risico van een online identificatieplicht (February 20, 2014)
- How to track a user over several devices? (February 12, 2014)
- Highlights of the Real World Cryptography 2014 workshop, day #3 (January 21, 2014)
- Highlights of the Real World Cryptography 2014 workshop, day #2 (January 20, 2014)
- Highlights of the Real World Cryptography 2014 workshop, day #1 (January 20, 2014)
- Wat is Forward Secrecy? (December 17, 2013)
- AppOps broken in Android 4.4.2 on rooted phones (December 16, 2013)
- Some reservations about SpiderOak security. (December 8, 2013)
- Keep your backup discs offline! (November 7, 2013)
- Even secure clouds have a backdoor. (October 27, 2013)
- When will users drop their passwords (and move to a more secure form of authentication)? (October 21, 2013)
- Tracking across multiple websites using only first party cookies (October 4, 2013)
- Hebben de Duitsers nu echt veilige email? (August 11, 2013)
- Whose security is this anyway? (June 19, 2013)
- Would you trust the janitor with all your keys? (June 17, 2013)
- Password or passphrase: which is more secure? (May 16, 2013)
- Google is sending the perfect phishing email. (April 15, 2013)
- Attribute based credentials and digital signatures on a single eID (March 5, 2013)
- How to make money with privacy friendly identity management. (February 21, 2013)
- IRMA versus Frau Mustermann, take 2: the advantages of attribute based credentials over a more centralised approach. (February 12, 2013)
- IRMA versus Frau Mustermann: the advantages of using attribute based credentials over attestation based approaches. (February 10, 2013)
- An eID should not be linked exclusively to an identity card. (February 8, 2013)
- Does a centralised eID service in the German eID system pose a privacy risk? (February 7, 2013)
- ECRYPT II workshop on Crypto for 2020, day #2 (January 27, 2013)
- ECRYPT II workshop on Crypto for 2020, day #1 (January 26, 2013)
- Open Access! - But How? (January 15, 2013)
- For Your Eyes Only: Main findings. (December 2, 2012)
- For Your Eyes Only: Day #2. Summary of presentations. (December 2, 2012)
- For Your Eyes Only: Day #1: Summary of presentations. (November 30, 2012)
- Wanneer wordt precies de locatie van je mobiel opgeslagen? (November 28, 2012)
- Proving your age with IRMA (without revealing you're a dog) (November 12, 2012)
- IRMA: Using attribute based credentials to stop resale of tickets. (November 6, 2012)
- Don't build your business on consent. (September 14, 2012)
- The fuzzy mud puddle test: can your cloud storage provider access your encrypted data? (July 27, 2012)
- Een app die je gedachten afluistert (July 5, 2012)
- IFIP WG 11.2 Seminar: Summary of presentations. (July 4, 2012)
- RFIDSec 2012: Day #2. Summary of presentations. (July 3, 2012)
- RFIDSec 2012: Day #1. Summary of presentations. (July 3, 2012)
- Attribute based Credentials and Selective Context Separation (May 28, 2012)
- The new German eId card has security, privacy and usability limitations. (May 8, 2012)
- Unlinkability equals untraceability (April 19, 2012)
- Analysing ADEPT (Adobe Digital Experience Protection Technology) (April 12, 2012)
- An unexpected privacy risk of anonymous credentials (February 14, 2012)
- Participatory sensing / participatory surveillance (January 26, 2012)
- On using identity cards to store anonymous credentials. (November 16, 2011)
- The Future of Authenticating Websites (FAWN) - 2 (October 24, 2011)
- On the moral basis for privacy protection. (October 16, 2011)
- The Future of Authenticating Websites (FAWN) - 1 (October 6, 2011)
- Het recht op inzage is een wassen neus. Wat nu? (August 25, 2011)
- Traceable Anonymity and Revocable Privacy (June 24, 2011)
- Identity cards should not be used to store anonymous credentials (June 9, 2011)
- Vingerafdrukken: het effect van hashen op veiligheid en privacy (April 18, 2011)
- Track-me-not: a comparison of recent browser-based solutions. (January 30, 2011)
- GSM Broken. (December 28, 2010)
- Calendar of Security, Privacy and Cryptography related events (December 27, 2010)
- Why the Privacy Coach runs on NFC (November 11, 2010)
- Blog spam through social engineering - Approve comments conservatively. (September 20, 2010)
- The problem with OpenID. (August 31, 2010)
- Seminar IFIP WG 11.2 on Pervasive Systems Security (June 8, 2010)
- Push-to-talk button for RFID (June 8, 2010)
- De chipkaart: een belangrijke privacy beschermer (June 2, 2010)
- Using a mobile phone number as an authentic identifier (April 27, 2010)
- The Identity Crisis (4) - Security (April 6, 2010)
- Fast anonymous credentials on smart cards (March 31, 2010)
- Xmarks Smart Search invading privacy (March 3, 2010)
- The identity crisis (3) - Trust. (February 23, 2010)
- GSM broken? Well... (December 29, 2009)
- Improve the resilience of EMV against relay attacks (December 17, 2009)
- The identity crisis (2) - What is identity? (December 3, 2009)
- PwdHash (November 16, 2009)
- The Identity Crisis (1) - Membership vs Ownership (November 4, 2009)
- Revocable Privacy (November 21, 2008)
- The weakest link fallacy (January 30, 2008)