Foundations and Tools for Client-Side Web Security

Bitcoin-compatible Virtual Channels

Auteurs: Lukas Aumayr, Oğuzhan Ersoy, Andreas Erwig, Sebastian Faust, Kristina Hostáková, Matteo Maffei, Pedro Moreno-Sanchez, Siavash Riahi
Publié dans: 2021 IEEE Symposium on Security and Privacy (SP), 2021
Éditeur: IEEE

eThor: Practical and Provably Sound Static Analysis of Ethereum Smart Contracts

Auteurs: Clara Schneidewind, Ilya Grishchenko, Markus Scherer, Matteo Maffei
Publié dans: Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security, 2020, Page(s) 621-640, ISBN 9781450370899
Éditeur: ACM
DOI: 10.1145/3372297.3417250

A Quantitative Analysis of Security, Anonymity and Scalability for the Lightning Network

Auteurs: Sergei Tikhomirov, Pedro Moreno-Sanchez, Matteo Maffei
Publié dans: 2020 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), 2020, Page(s) 387-396, ISBN 978-1-7281-8597-2
Éditeur: IEEE
DOI: 10.1109/eurospw51379.2020.00059

Blitz: Secure Multi-Hop Payments Without Two-Phase Commits

Auteurs: Lukas Aumayr, Pedro Moreno-Sanchez, Aniket Kate, Matteo Maffei
Publié dans: Usenix Security '21, 2021
Éditeur: Usenix

The Remote on the Local: Exacerbating Web Attacks Via Service Workers Caches

Auteurs: Marco Squarcina, Stefano Calzavara, Matteo Maffei
Publié dans: 2021 IEEE Security and Privacy Workshops (SPW), 2021, Page(s) 432-443, ISBN 978-1-6654-3732-5
Éditeur: IEEE
DOI: 10.1109/spw53761.2021.00062

Breaking and Fixing Virtual Channels: Domino Attack and Donner

Auteurs: Lukas Aumayr; Pedro Moreno-Sanchez; Aniket Kate; Matteo Maffei
Publié dans: Proceedings Network and Distributed System Security Symposium 2023, 2023, Page(s) 1-18, ISBN 1-891562-83-5
Éditeur: NDSS
DOI: 10.14722/ndss.2023.24370

A2L: Anonymous Atomic Locks for Scalability in Payment Channel Hubs

Auteurs: Erkan Tairi, Pedro Moreno-Sanchez, Matteo Maffei
Publié dans: 2021 IEEE Symposium on Security and Privacy (SP), 2021
Éditeur: IEEE

Generalized Channels from Limited Blockchain Scripts and Adaptor Signatures

Auteurs: Lukas Aumayr, Oguzhan Ersoy, Andreas Erwig, Sebastian Faust, Kristina Hostáková, Matteo Maffei, Pedro Moreno-Sanchez, Siavash Riahi
Publié dans: Advances in Cryptology – ASIACRYPT 2021. ASIACRYPT 2021. Lecture Notes in Computer Science, Numéro Vol 13091, 2021, Page(s) 635-664, ISBN 978-3-030-92074-6
Éditeur: Springer Cham
DOI: 10.1007/978-3-030-92075-3_22

From Firewalls to Functions and Back

Auteurs: L. Ceragioli, L. Galletta, M. Tempesta
Publié dans: Proceedings of the Third Italian Conference on Cyber Security, 2019, ISSN 1613-0073
Éditeur: CEUR-WS.org

Wappler: Sound Reachability Analysis for WebAssembly

Auteurs: Markus Scherer, Jeppe Fredsgaard Blaabjerg, Alexander Sjösten, Magdalena Solitro, Matteo Maffei
Publié dans: 2024 IEEE 37th Computer Security Foundations Symposium (CSF), 2024, Page(s) 377-392, ISBN 979-8-3503-6203-9
Éditeur: IEEE Computer Society
DOI: 10.1109/csf61375.2024.00025

Foundations of Coin Mixing Services

Auteurs: Noemi Glaeser, Matteo Maffei, Giulio Malavolta, Pedro Moreno-Sanchez, Erkan Tairi, Sri Aravinda Krishnan Thyagarajan
Publié dans: CCS '22: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, Numéro Nov 7th, 2022, 2022, Page(s) 1259-1273, ISBN 9781450394505
Éditeur: Association for Computing Machinery
DOI: 10.1145/3548606.3560637

Formal Methods for the Security Analysis of Smart Contracts

Auteurs: Matteo Maffei
Publié dans: Proceedings of the 21st Conference on Formal Methods in Computer-Aided Design – FMCAD 2021, 2021, Page(s) 8
Éditeur: TU Wien Academic Press
DOI: 10.34727/2021/isbn.978-3-85448-046-4_3

The Bridge between Web Applications and Mobile Platforms is Still Broken

Auteurs: P. Beer, L. Veronese, M. Squarcina, M. Lindorfer
Publié dans: SecWeb 2022. Peer-reviewed. Not in conference proceedings, 2022
Éditeur: IEEE Security and Privacy Workshops (SPW)

Atomic Multi-Channel Updates with Constant Collateral in Bitcoin-Compatible Payment-Channel Networks

Auteurs: Cavallaro, Lorenzo; Kinder, Johannes; Wang, XiaoFeng; Katz, Jonathan; Egger, Christoph; Moreno-Sanchez, Pedro; Maffei, Matteo
Publié dans: CCS '19: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, 2019
Éditeur: ACM

Thora: Atomic and Privacy-Preserving Multi-Channel Updates

Auteurs: Lukas Aumayr, Kasra Abbaszadeh, Matteo Maffei
Publié dans: CCS '22: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, Numéro Nov 7th, 2022, 2022, Page(s) 165-178, ISBN 9781450394505
Éditeur: Association for Computing Machinery
DOI: 10.1145/3548606.3560556

Adoption and Actual Privacy of Decentralized CoinJoin Implementations in Bitcoin

Auteurs: Rainer Stütz; Johann Stockinger; Pedro Moreno-Sanchez; Bernhard Haslhofer; Matteo Maffei
Publié dans: AFT '22: Proceedings of the 4th ACM Conference on Advances in Financial Technologies, 2023, Page(s) 254–267
Éditeur: Association for Computing Machinery
DOI: 10.1145/3558535.3559782

eThor: Practical and Provably Sound Static Analysis of Ethereum Smart Contracts

Auteurs: Ligatti, Jay; Ou, Xinming; Katz, Jonathan; Vigna, Giovanni; Schneidewind, Clara; Grishchenko, Ilya; Scherer, Markus; Maffei, Matteo
Publié dans: CCS '20: Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security, 2020
Éditeur: ACM

Post-Quantum Adaptor Signature for Privacy-Preserving Off-Chain Payments

Auteurs: Erkan Tairi, Pedro Moreno-Sanchez, Matteo Maffei
Publié dans: Financial Cryptography and Data Security 2021, 2021
Éditeur: Springer

Sleepy Channels: Bi-directional Payment Channels without Watchtowers

Auteurs: Lukas Aumayr, Sri AravindaKrishnan Thyagarajan, Giulio Malavolta, Pedro Moreno-Sanchez, Matteo Maffei
Publié dans: CCS '22: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, Numéro Nov 7th, 2022, 2022, Page(s) 179-192, ISBN 9781450394505
Éditeur: Association for Computing Machinery
DOI: 10.1145/3548606.3559370

WebSpec: Towards Machine-Checked Analysis of Browser Security Mechanisms

Auteurs: L. Veronese, B. Farinier, P. Bernardo, M. Tempesta, M. Squarcina, M. Maffei
Publié dans: 2023 IEEE Symposium on Security and Privacy (SP), 2023, Page(s) 2761-2779, ISBN 978-1-6654-9336-9
Éditeur: IEEE
DOI: 10.1109/sp46215.2023.10179465

Verifying Relational Properties using Trace Logic

Auteurs: Gilles Barthe, Renate Eilers, Pamina Georgiou, Bernhard Gleiss, Laura Kovacs, Matteo Maffei
Publié dans: 2019 Formal Methods in Computer Aided Design (FMCAD), 2019, Page(s) 170-178, ISBN 978-0-9835678-9-9
Éditeur: IEEE
DOI: 10.23919/fmcad.2019.8894277

Atomic Multi-Channel Updates with Constant Collateral in Bitcoin-Compatible Payment-Channel Networks

Auteurs: Christoph Egger, Pedro Moreno-Sanchez, Matteo Maffei
Publié dans: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security - CCS '19, 2019, Page(s) 801-815, ISBN 9781-450367479
Éditeur: ACM Press
DOI: 10.1145/3319535.3345666

Postcards from the Post-HTTP World: Amplification of HTTPS Vulnerabilities in the Web Ecosystem

Auteurs: Stefano Calzavara, Riccardo Focardi, Matus Nemec, Alvise Rabitti, Marco Squarcina
Publié dans: 2019 IEEE Symposium on Security and Privacy (SP), 2019, Page(s) 281-298, ISBN 978-1-5386-6660-9
Éditeur: IEEE
DOI: 10.1109/sp.2019.00053

Anonymous Multi-Hop Locks for Blockchain Scalability and Interoperability

Auteurs: Giulio Malavolta, Pedro Moreno-Sanchez, Clara Schneidewind, Aniket Kate, Matteo Maffei
Publié dans: Proceedings 2019 Network and Distributed System Security Symposium, 2019, ISBN 1-891562-55-X
Éditeur: Internet Society
DOI: 10.14722/ndss.2019.23330

WPSE: Fortifying Web Protocols via Browser-Side Security Monitoring

Auteurs: Stefano Calzavara, Riccardo Focardi, Matteo Maffei, Clara Schneidewind, Marco Squarcina, Mauro Tempesta
Publié dans: 27th Usenix Security Symposium, 2018, Page(s) 1493-1510, ISBN 978-1-939133-04-5
Éditeur: Usenix

Simple Password-Hardened Encryption Services

Auteurs: "Russell W. F. Lai, Christoph Egger, Manuel Reinert, Sherman S. M. Chow, Matteo Maffei, Dominique Schr{\""{o}}der"
Publié dans: 27th Usenix Security Symposium, 2018, Page(s) 1405-1421, ISBN 978-1-939133-04-5
Éditeur: Usenix

Cookie Crumbles: Breaking and Fixing Web Session Integrity

Auteurs: Marco Squarcina, Pedro Adão, Lorenzo Veronese, Matteo Maffei
Publié dans: 32nd USENIX Security Symposium (USENIX Security 23), 2023, Page(s) 5539-5556, ISBN 978-1-939133-37-3
Éditeur: USENIX Association

Glimpse: On-Demand PoW Light Client with Constant-Size Storage for DeFi

Auteurs: Giulia Scaffino, Lukas Aumayr, Zeta Avarikioti, Matteo Maffei
Publié dans: 32nd USENIX Security Symposium (USENIX Security 23), 2023, Page(s) 733-750, ISBN 978-1-939133-37-3
Éditeur: Usenix Association

Language-Based Web Session Integrity

Auteurs: Stefano Calzavara, Riccardo Focardi, Niklas Grimm, Matteo Maffei, Mauro Tempesta
Publié dans: 2020 IEEE 33rd Computer Security Foundations Symposium (CSF), 2020, Page(s) 107-122, ISBN 978-1-7281-6572-1
Éditeur: IEEE
DOI: 10.1109/csf49147.2020.00016

Towards a Game-Theoretic Security Analysis of Off-Chain Protocols

Auteurs: Rain, Sophie; Avarikioti, Georgia; Kovács, Laura; Maffei, Matteo
Publié dans: IEEE 36th Computer Security Foundations Symposium (CSF), 2023, Page(s) 107-122, ISBN 979-8-3503-2192-0
Éditeur: Institute of Electrical and Electronics Engineers
DOI: 10.1109/csf57540.2023.00003

Can I Take Your Subdomain? Exploring Related-Domain Attacks in the Modern Web

Auteurs: Marco Squarcina, Mauro Tempesta, Lorenzo Veronese, Stefano Calzavara, Matteo Maffei
Publié dans: Usenix Security, 2021
Éditeur: Usenix

Tabbed Out: Subverting the Android Custom Tab Security Model

Auteurs: Philipp Beer, Marco Squarcina, Lorenzo Veronese, Martina Lindorfer
Publié dans: 2024 IEEE Symposium on Security and Privacy (SP), 2024
Éditeur: IEEE Computer Society
DOI: 10.1109/sp54263.2024.00105

Cross-Layer Deanonymization Methods in the Lightning Protocol

Auteurs: Romiti, Matteo; Victor, Friedhelm; Moreno-Sanchez, Pedro; Haslhofer, Bernhard; Maffei, Matteo
Publié dans: Financial Cryptography and Data Security 2021, Numéro 1, 2021
Éditeur: Springer

Web Platform Threats: Automated Detection of Web Security Issues With WPT

Auteurs: Pedro Bernardo, Lorenzo Veronese, Valentino Dalla Valle, Stefano Calzavara, Marco Squarcina, Pedro Adão, Matteo Maffei
Publié dans: Proceedings of the 33rd USENIX Security Symposium, 2024, Page(s) 757 - 774, ISBN 978-1-939133-44-1
Éditeur: Usenix Association

FWS: Analyzing, maintaining and transcompiling firewalls

Auteurs: Chiara Bodei, Lorenzo Ceragioli, Pierpaolo Degano, Riccardo Focardi, Letterio Galletta, Flaminia Luccio, Mauro Tempesta, Lorenzo Veronese
Publié dans: Journal of Computer Security, Numéro 29/1, 2021, Page(s) 77-134, ISSN 0926-227X
Éditeur: IOS Press
DOI: 10.3233/jcs-200017

Introducing robust reachability

Auteurs: Guillaume Girol; Benjamin Farinier; Sébastien Bardin
Publié dans: Formal Methods in System Design, 2022, Page(s) 1-29, ISSN 0925-9856
Éditeur: Kluwer Academic Publishers
DOI: 10.1007/s10703-022-00402-x

Group ORAM for privacy and access control in outsourced personal records

Auteurs: Matteo Maffei, Giulio Malavolta, Manuel Reinert, Dominique Schröder
Publié dans: Journal of Computer Security, Numéro 27/1, 2019, Page(s) 1-47, ISSN 0926-227X
Éditeur: IOS Press
DOI: 10.3233/jcs-171030

Functional Credentials

Auteurs: Dominic Deuber, Matteo Maffei, Giulio Malavolta, Max Rabkin, Dominique Schröder, Mark Simkin
Publié dans: Proceedings on Privacy Enhancing Technologies, Numéro 2018/2, 2018, Page(s) 64-84, ISSN 2299-0984
Éditeur: De Gruyter
DOI: 10.1515/popets-2018-0013

Strategic Analysis of Griefing Attack in Lightning Network

Auteurs: Mazumdar, Subhra; Banerjee, Prabal; Sinha, Abhinandan; Ruj, Sushmita; Roy, Bimal
Publié dans: IEEE Transactions on Network and Service Management, Numéro vol. 20, no. 2, 2022, Page(s) 1790-1803, ISSN 1932-4537
Éditeur: Institute of Electrical and Electronics Engineers
DOI: 10.1109/tnsm.2022.3230768

Bulwark: Holistic and Verified Security Monitoring of Web Protocols

Auteurs: Lorenzo Veronese, Stefano Calzavara, Luca Compagna
Publié dans: Computer Security – ESORICS 2020 - 25th European Symposium on Research in Computer Security, ESORICS 2020, Guildford, UK, September 14–18, 2020, Proceedings, Part I, Numéro 12308, 2020, Page(s) 23-41, ISBN 978-3-030-58950-9
Éditeur: Springer International Publishing
DOI: 10.1007/978-3-030-58951-6_2

Foundations and Tools for the Static Analysis of Ethereum Smart Contracts

Auteurs: Ilya Grishchenko, Matteo Maffei, Clara Schneidewind
Publié dans: Computer Aided Verification - 30th International Conference, CAV 2018, Held as Part of the Federated Logic Conference, FloC 2018, Oxford, UK, July 14-17, 2018, Proceedings, Part I, Numéro 10981, 2018, Page(s) 51-78, ISBN 978-3-319-96144-6
Éditeur: Springer International Publishing
DOI: 10.1007/978-3-319-96145-3_4

A Semantic Framework for the Security Analysis of Ethereum Smart Contracts

Auteurs: Ilya Grishchenko, Matteo Maffei, Clara Schneidewind
Publié dans: Principles of Security and Trust, Numéro 10804, 2018, Page(s) 243-269, ISBN 978-3-319-89721-9
Éditeur: Springer International Publishing
DOI: 10.1007/978-3-319-89722-6_10

Equivalence Properties by Typing in Cryptographic Branching Protocols

Auteurs: Véronique Cortier, Niklas Grimm, Joseph Lallemand, Matteo Maffei
Publié dans: Principles of Security and Trust, Numéro 10804, 2018, Page(s) 160-187, ISBN 978-3-319-89721-9
Éditeur: Springer International Publishing
DOI: 10.1007/978-3-319-89722-6_7

Not All Bugs Are Created Equal, But Robust Reachability Can Tell the Difference

Auteurs: Guillaume Girol, Benjamin Farinier, Sébastien Bardin
Publié dans: Computer Aided Verification - 33rd International Conference, CAV 2021, Virtual Event, July 20–23, 2021, Proceedings, Part I, Numéro 12759, 2021, Page(s) 669-693, ISBN 978-3-030-81684-1
Éditeur: Springer International Publishing
DOI: 10.1007/978-3-030-81685-8_32

The Good, The Bad and The Ugly: Pitfalls and Best Practices in Automated Sound Static Analysis of Ethereum Smart Contracts

Auteurs: Clara Schneidewind, Markus Scherer, Matteo Maffei
Publié dans: Leveraging Applications of Formal Methods, Verification and Validation: Applications - 9th International Symposium on Leveraging Applications of Formal Methods, ISoLA 2020, Rhodes, Greece, October 20–30, 2020, Proceedings, Part III, Numéro 12478, 2020, Page(s) 212-231, ISBN 978-3-030-61466-9
Éditeur: Springer International Publishing
DOI: 10.1007/978-3-030-61467-6_14

Alba: The Dawn of Scalable Bridges for Blockchains

Auteurs: Giulia Scaffino, Lukas Aumayr, Mahsa Bastankhah, Zeta Avarikioti, Matteo Maffei
Publié dans: 2024
Éditeur: IACR Cryptology ePrint Archive

CRYPTOVAMPIRE: Automated Reasoning for the Complete Symbolic AttackerCryptographic Model

Auteurs: Simon Jeanteur, Laura Kovacs, Matteo Maffei, Michael Rawson
Publié dans: 2024
Éditeur: IACR Cryptology ePrint Archive

Blink: An Optimal Proof of Proof-of-Work

Auteurs: Lukas Aumayr, Zeta Avarikioti, Matteo Maffei, Giulia Scaffino, Dionysis Zindros
Publié dans: 2024
Éditeur: IACR Cryptology ePrint Archive

Web Platform Threats: Automated Detection of Web Security Issues With WPT

Auteurs: Pedro Bernardo, Lorenzo Veronese, Valentino Dalla Valle, Stefano Calzavara, Marco Squarcina, Pedro Adão, Matteo Maffei
Publié dans: 33rd USENIX Security Symposium, 2024
Éditeur: USENIX Association

Livrables

Publications

Partager cette page

Télécharger