Foundations and Tools for Client-Side Web Security

Bitcoin-compatible Virtual Channels

Autori: Lukas Aumayr, Oğuzhan Ersoy, Andreas Erwig, Sebastian Faust, Kristina Hostáková, Matteo Maffei, Pedro Moreno-Sanchez, Siavash Riahi
Pubblicato in: 2021 IEEE Symposium on Security and Privacy (SP), 2021
Editore: IEEE

eThor: Practical and Provably Sound Static Analysis of Ethereum Smart Contracts

Autori: Clara Schneidewind, Ilya Grishchenko, Markus Scherer, Matteo Maffei
Pubblicato in: Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security, 2020, Pagina/e 621-640, ISBN 9781450370899
Editore: ACM
DOI: 10.1145/3372297.3417250

A Quantitative Analysis of Security, Anonymity and Scalability for the Lightning Network

Autori: Sergei Tikhomirov, Pedro Moreno-Sanchez, Matteo Maffei
Pubblicato in: 2020 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), 2020, Pagina/e 387-396, ISBN 978-1-7281-8597-2
Editore: IEEE
DOI: 10.1109/eurospw51379.2020.00059

Blitz: Secure Multi-Hop Payments Without Two-Phase Commits

Autori: Lukas Aumayr, Pedro Moreno-Sanchez, Aniket Kate, Matteo Maffei
Pubblicato in: Usenix Security '21, 2021
Editore: Usenix

The Remote on the Local: Exacerbating Web Attacks Via Service Workers Caches

Autori: Marco Squarcina, Stefano Calzavara, Matteo Maffei
Pubblicato in: 2021 IEEE Security and Privacy Workshops (SPW), 2021, Pagina/e 432-443, ISBN 978-1-6654-3732-5
Editore: IEEE
DOI: 10.1109/spw53761.2021.00062

Breaking and Fixing Virtual Channels: Domino Attack and Donner

Autori: Lukas Aumayr; Pedro Moreno-Sanchez; Aniket Kate; Matteo Maffei
Pubblicato in: Proceedings Network and Distributed System Security Symposium 2023, 2023, Pagina/e 1-18, ISBN 1-891562-83-5
Editore: NDSS
DOI: 10.14722/ndss.2023.24370

A2L: Anonymous Atomic Locks for Scalability in Payment Channel Hubs

Autori: Erkan Tairi, Pedro Moreno-Sanchez, Matteo Maffei
Pubblicato in: 2021 IEEE Symposium on Security and Privacy (SP), 2021
Editore: IEEE

Generalized Channels from Limited Blockchain Scripts and Adaptor Signatures

Autori: Lukas Aumayr, Oguzhan Ersoy, Andreas Erwig, Sebastian Faust, Kristina Hostáková, Matteo Maffei, Pedro Moreno-Sanchez, Siavash Riahi
Pubblicato in: Advances in Cryptology – ASIACRYPT 2021. ASIACRYPT 2021. Lecture Notes in Computer Science, Numero Vol 13091, 2021, Pagina/e 635-664, ISBN 978-3-030-92074-6
Editore: Springer Cham
DOI: 10.1007/978-3-030-92075-3_22

From Firewalls to Functions and Back

Autori: L. Ceragioli, L. Galletta, M. Tempesta
Pubblicato in: Proceedings of the Third Italian Conference on Cyber Security, 2019, ISSN 1613-0073
Editore: CEUR-WS.org

Wappler: Sound Reachability Analysis for WebAssembly

Autori: Markus Scherer, Jeppe Fredsgaard Blaabjerg, Alexander Sjösten, Magdalena Solitro, Matteo Maffei
Pubblicato in: 2024 IEEE 37th Computer Security Foundations Symposium (CSF), 2024, Pagina/e 377-392, ISBN 979-8-3503-6203-9
Editore: IEEE Computer Society
DOI: 10.1109/csf61375.2024.00025

Foundations of Coin Mixing Services

Autori: Noemi Glaeser, Matteo Maffei, Giulio Malavolta, Pedro Moreno-Sanchez, Erkan Tairi, Sri Aravinda Krishnan Thyagarajan
Pubblicato in: CCS '22: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, Numero Nov 7th, 2022, 2022, Pagina/e 1259-1273, ISBN 9781450394505
Editore: Association for Computing Machinery
DOI: 10.1145/3548606.3560637

Formal Methods for the Security Analysis of Smart Contracts

Autori: Matteo Maffei
Pubblicato in: Proceedings of the 21st Conference on Formal Methods in Computer-Aided Design – FMCAD 2021, 2021, Pagina/e 8
Editore: TU Wien Academic Press
DOI: 10.34727/2021/isbn.978-3-85448-046-4_3

The Bridge between Web Applications and Mobile Platforms is Still Broken

Autori: P. Beer, L. Veronese, M. Squarcina, M. Lindorfer
Pubblicato in: SecWeb 2022. Peer-reviewed. Not in conference proceedings, 2022
Editore: IEEE Security and Privacy Workshops (SPW)

Atomic Multi-Channel Updates with Constant Collateral in Bitcoin-Compatible Payment-Channel Networks

Autori: Cavallaro, Lorenzo; Kinder, Johannes; Wang, XiaoFeng; Katz, Jonathan; Egger, Christoph; Moreno-Sanchez, Pedro; Maffei, Matteo
Pubblicato in: CCS '19: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, 2019
Editore: ACM

Thora: Atomic and Privacy-Preserving Multi-Channel Updates

Autori: Lukas Aumayr, Kasra Abbaszadeh, Matteo Maffei
Pubblicato in: CCS '22: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, Numero Nov 7th, 2022, 2022, Pagina/e 165-178, ISBN 9781450394505
Editore: Association for Computing Machinery
DOI: 10.1145/3548606.3560556

Adoption and Actual Privacy of Decentralized CoinJoin Implementations in Bitcoin

Autori: Rainer Stütz; Johann Stockinger; Pedro Moreno-Sanchez; Bernhard Haslhofer; Matteo Maffei
Pubblicato in: AFT '22: Proceedings of the 4th ACM Conference on Advances in Financial Technologies, 2023, Pagina/e 254–267
Editore: Association for Computing Machinery
DOI: 10.1145/3558535.3559782

eThor: Practical and Provably Sound Static Analysis of Ethereum Smart Contracts

Autori: Ligatti, Jay; Ou, Xinming; Katz, Jonathan; Vigna, Giovanni; Schneidewind, Clara; Grishchenko, Ilya; Scherer, Markus; Maffei, Matteo
Pubblicato in: CCS '20: Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security, 2020
Editore: ACM

Post-Quantum Adaptor Signature for Privacy-Preserving Off-Chain Payments

Autori: Erkan Tairi, Pedro Moreno-Sanchez, Matteo Maffei
Pubblicato in: Financial Cryptography and Data Security 2021, 2021
Editore: Springer

Sleepy Channels: Bi-directional Payment Channels without Watchtowers

Autori: Lukas Aumayr, Sri AravindaKrishnan Thyagarajan, Giulio Malavolta, Pedro Moreno-Sanchez, Matteo Maffei
Pubblicato in: CCS '22: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, Numero Nov 7th, 2022, 2022, Pagina/e 179-192, ISBN 9781450394505
Editore: Association for Computing Machinery
DOI: 10.1145/3548606.3559370

WebSpec: Towards Machine-Checked Analysis of Browser Security Mechanisms

Autori: L. Veronese, B. Farinier, P. Bernardo, M. Tempesta, M. Squarcina, M. Maffei
Pubblicato in: 2023 IEEE Symposium on Security and Privacy (SP), 2023, Pagina/e 2761-2779, ISBN 978-1-6654-9336-9
Editore: IEEE
DOI: 10.1109/sp46215.2023.10179465

Verifying Relational Properties using Trace Logic

Autori: Gilles Barthe, Renate Eilers, Pamina Georgiou, Bernhard Gleiss, Laura Kovacs, Matteo Maffei
Pubblicato in: 2019 Formal Methods in Computer Aided Design (FMCAD), 2019, Pagina/e 170-178, ISBN 978-0-9835678-9-9
Editore: IEEE
DOI: 10.23919/fmcad.2019.8894277

Atomic Multi-Channel Updates with Constant Collateral in Bitcoin-Compatible Payment-Channel Networks

Autori: Christoph Egger, Pedro Moreno-Sanchez, Matteo Maffei
Pubblicato in: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security - CCS '19, 2019, Pagina/e 801-815, ISBN 9781-450367479
Editore: ACM Press
DOI: 10.1145/3319535.3345666

Postcards from the Post-HTTP World: Amplification of HTTPS Vulnerabilities in the Web Ecosystem

Autori: Stefano Calzavara, Riccardo Focardi, Matus Nemec, Alvise Rabitti, Marco Squarcina
Pubblicato in: 2019 IEEE Symposium on Security and Privacy (SP), 2019, Pagina/e 281-298, ISBN 978-1-5386-6660-9
Editore: IEEE
DOI: 10.1109/sp.2019.00053

Anonymous Multi-Hop Locks for Blockchain Scalability and Interoperability

Autori: Giulio Malavolta, Pedro Moreno-Sanchez, Clara Schneidewind, Aniket Kate, Matteo Maffei
Pubblicato in: Proceedings 2019 Network and Distributed System Security Symposium, 2019, ISBN 1-891562-55-X
Editore: Internet Society
DOI: 10.14722/ndss.2019.23330

WPSE: Fortifying Web Protocols via Browser-Side Security Monitoring

Autori: Stefano Calzavara, Riccardo Focardi, Matteo Maffei, Clara Schneidewind, Marco Squarcina, Mauro Tempesta
Pubblicato in: 27th Usenix Security Symposium, 2018, Pagina/e 1493-1510, ISBN 978-1-939133-04-5
Editore: Usenix

Simple Password-Hardened Encryption Services

Autori: "Russell W. F. Lai, Christoph Egger, Manuel Reinert, Sherman S. M. Chow, Matteo Maffei, Dominique Schr{\""{o}}der"
Pubblicato in: 27th Usenix Security Symposium, 2018, Pagina/e 1405-1421, ISBN 978-1-939133-04-5
Editore: Usenix

Cookie Crumbles: Breaking and Fixing Web Session Integrity

Autori: Marco Squarcina, Pedro Adão, Lorenzo Veronese, Matteo Maffei
Pubblicato in: 32nd USENIX Security Symposium (USENIX Security 23), 2023, Pagina/e 5539-5556, ISBN 978-1-939133-37-3
Editore: USENIX Association

Glimpse: On-Demand PoW Light Client with Constant-Size Storage for DeFi

Autori: Giulia Scaffino, Lukas Aumayr, Zeta Avarikioti, Matteo Maffei
Pubblicato in: 32nd USENIX Security Symposium (USENIX Security 23), 2023, Pagina/e 733-750, ISBN 978-1-939133-37-3
Editore: Usenix Association

Language-Based Web Session Integrity

Autori: Stefano Calzavara, Riccardo Focardi, Niklas Grimm, Matteo Maffei, Mauro Tempesta
Pubblicato in: 2020 IEEE 33rd Computer Security Foundations Symposium (CSF), 2020, Pagina/e 107-122, ISBN 978-1-7281-6572-1
Editore: IEEE
DOI: 10.1109/csf49147.2020.00016

Towards a Game-Theoretic Security Analysis of Off-Chain Protocols

Autori: Rain, Sophie; Avarikioti, Georgia; Kovács, Laura; Maffei, Matteo
Pubblicato in: IEEE 36th Computer Security Foundations Symposium (CSF), 2023, Pagina/e 107-122, ISBN 979-8-3503-2192-0
Editore: Institute of Electrical and Electronics Engineers
DOI: 10.1109/csf57540.2023.00003

Can I Take Your Subdomain? Exploring Related-Domain Attacks in the Modern Web

Autori: Marco Squarcina, Mauro Tempesta, Lorenzo Veronese, Stefano Calzavara, Matteo Maffei
Pubblicato in: Usenix Security, 2021
Editore: Usenix

Tabbed Out: Subverting the Android Custom Tab Security Model

Autori: Philipp Beer, Marco Squarcina, Lorenzo Veronese, Martina Lindorfer
Pubblicato in: 2024 IEEE Symposium on Security and Privacy (SP), 2024
Editore: IEEE Computer Society
DOI: 10.1109/sp54263.2024.00105

Cross-Layer Deanonymization Methods in the Lightning Protocol

Autori: Romiti, Matteo; Victor, Friedhelm; Moreno-Sanchez, Pedro; Haslhofer, Bernhard; Maffei, Matteo
Pubblicato in: Financial Cryptography and Data Security 2021, Numero 1, 2021
Editore: Springer

Web Platform Threats: Automated Detection of Web Security Issues With WPT

Autori: Pedro Bernardo, Lorenzo Veronese, Valentino Dalla Valle, Stefano Calzavara, Marco Squarcina, Pedro Adão, Matteo Maffei
Pubblicato in: Proceedings of the 33rd USENIX Security Symposium, 2024, Pagina/e 757 - 774, ISBN 978-1-939133-44-1
Editore: Usenix Association

FWS: Analyzing, maintaining and transcompiling firewalls

Autori: Chiara Bodei, Lorenzo Ceragioli, Pierpaolo Degano, Riccardo Focardi, Letterio Galletta, Flaminia Luccio, Mauro Tempesta, Lorenzo Veronese
Pubblicato in: Journal of Computer Security, Numero 29/1, 2021, Pagina/e 77-134, ISSN 0926-227X
Editore: IOS Press
DOI: 10.3233/jcs-200017

Introducing robust reachability

Autori: Guillaume Girol; Benjamin Farinier; Sébastien Bardin
Pubblicato in: Formal Methods in System Design, 2022, Pagina/e 1-29, ISSN 0925-9856
Editore: Kluwer Academic Publishers
DOI: 10.1007/s10703-022-00402-x

Group ORAM for privacy and access control in outsourced personal records

Autori: Matteo Maffei, Giulio Malavolta, Manuel Reinert, Dominique Schröder
Pubblicato in: Journal of Computer Security, Numero 27/1, 2019, Pagina/e 1-47, ISSN 0926-227X
Editore: IOS Press
DOI: 10.3233/jcs-171030

Functional Credentials

Autori: Dominic Deuber, Matteo Maffei, Giulio Malavolta, Max Rabkin, Dominique Schröder, Mark Simkin
Pubblicato in: Proceedings on Privacy Enhancing Technologies, Numero 2018/2, 2018, Pagina/e 64-84, ISSN 2299-0984
Editore: De Gruyter
DOI: 10.1515/popets-2018-0013

Strategic Analysis of Griefing Attack in Lightning Network

Autori: Mazumdar, Subhra; Banerjee, Prabal; Sinha, Abhinandan; Ruj, Sushmita; Roy, Bimal
Pubblicato in: IEEE Transactions on Network and Service Management, Numero vol. 20, no. 2, 2022, Pagina/e 1790-1803, ISSN 1932-4537
Editore: Institute of Electrical and Electronics Engineers
DOI: 10.1109/tnsm.2022.3230768

Bulwark: Holistic and Verified Security Monitoring of Web Protocols

Autori: Lorenzo Veronese, Stefano Calzavara, Luca Compagna
Pubblicato in: Computer Security – ESORICS 2020 - 25th European Symposium on Research in Computer Security, ESORICS 2020, Guildford, UK, September 14–18, 2020, Proceedings, Part I, Numero 12308, 2020, Pagina/e 23-41, ISBN 978-3-030-58950-9
Editore: Springer International Publishing
DOI: 10.1007/978-3-030-58951-6_2

Foundations and Tools for the Static Analysis of Ethereum Smart Contracts

Autori: Ilya Grishchenko, Matteo Maffei, Clara Schneidewind
Pubblicato in: Computer Aided Verification - 30th International Conference, CAV 2018, Held as Part of the Federated Logic Conference, FloC 2018, Oxford, UK, July 14-17, 2018, Proceedings, Part I, Numero 10981, 2018, Pagina/e 51-78, ISBN 978-3-319-96144-6
Editore: Springer International Publishing
DOI: 10.1007/978-3-319-96145-3_4

A Semantic Framework for the Security Analysis of Ethereum Smart Contracts

Autori: Ilya Grishchenko, Matteo Maffei, Clara Schneidewind
Pubblicato in: Principles of Security and Trust, Numero 10804, 2018, Pagina/e 243-269, ISBN 978-3-319-89721-9
Editore: Springer International Publishing
DOI: 10.1007/978-3-319-89722-6_10

Equivalence Properties by Typing in Cryptographic Branching Protocols

Autori: Véronique Cortier, Niklas Grimm, Joseph Lallemand, Matteo Maffei
Pubblicato in: Principles of Security and Trust, Numero 10804, 2018, Pagina/e 160-187, ISBN 978-3-319-89721-9
Editore: Springer International Publishing
DOI: 10.1007/978-3-319-89722-6_7

Not All Bugs Are Created Equal, But Robust Reachability Can Tell the Difference

Autori: Guillaume Girol, Benjamin Farinier, Sébastien Bardin
Pubblicato in: Computer Aided Verification - 33rd International Conference, CAV 2021, Virtual Event, July 20–23, 2021, Proceedings, Part I, Numero 12759, 2021, Pagina/e 669-693, ISBN 978-3-030-81684-1
Editore: Springer International Publishing
DOI: 10.1007/978-3-030-81685-8_32

The Good, The Bad and The Ugly: Pitfalls and Best Practices in Automated Sound Static Analysis of Ethereum Smart Contracts

Autori: Clara Schneidewind, Markus Scherer, Matteo Maffei
Pubblicato in: Leveraging Applications of Formal Methods, Verification and Validation: Applications - 9th International Symposium on Leveraging Applications of Formal Methods, ISoLA 2020, Rhodes, Greece, October 20–30, 2020, Proceedings, Part III, Numero 12478, 2020, Pagina/e 212-231, ISBN 978-3-030-61466-9
Editore: Springer International Publishing
DOI: 10.1007/978-3-030-61467-6_14

Alba: The Dawn of Scalable Bridges for Blockchains

Autori: Giulia Scaffino, Lukas Aumayr, Mahsa Bastankhah, Zeta Avarikioti, Matteo Maffei
Pubblicato in: 2024
Editore: IACR Cryptology ePrint Archive

CRYPTOVAMPIRE: Automated Reasoning for the Complete Symbolic AttackerCryptographic Model

Autori: Simon Jeanteur, Laura Kovacs, Matteo Maffei, Michael Rawson
Pubblicato in: 2024
Editore: IACR Cryptology ePrint Archive

Blink: An Optimal Proof of Proof-of-Work

Autori: Lukas Aumayr, Zeta Avarikioti, Matteo Maffei, Giulia Scaffino, Dionysis Zindros
Pubblicato in: 2024
Editore: IACR Cryptology ePrint Archive

Web Platform Threats: Automated Detection of Web Security Issues With WPT

Autori: Pedro Bernardo, Lorenzo Veronese, Valentino Dalla Valle, Stefano Calzavara, Marco Squarcina, Pedro Adão, Matteo Maffei
Pubblicato in: 33rd USENIX Security Symposium, 2024
Editore: USENIX Association

Risultati finali

Pubblicazioni

Condividi questa pagina

Scarica