2022index.html

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN">
<html>
<head>
  <meta http-equiv="content-type" content="text/html">
  <title>CS7NS5/CSU44032 Security and Privacy</title>
</head>

<body bgcolor="#fffedc">
<h1>CS7NS5/CSU44032 Security and Privacy</h1>

<p>This is the 2024 version. Last updated 20240305 by
stephen.farrell@cs.tcd.ie</p> 

<h2>Lecture slots</h2>

<p>Our lecture slots this year are face-to-face (yay!) and are: 
<ul>
    <li>Monday 1600-1750, LB01</li>
    <li>Wednesday 1700-1750, LB04</li>
</ul>
Note - room assignments may change, check on the day! (Esp the first day:-)
</p>

<p>Lectures this year mostly in-person with some recordings. 
Recordings will be available somewhere (TBD).
I'll hang out in the "office hours" blackboard collab room on
Tuesday's at 1430 - feel free to pop in there and ask whatever.</p>

<p>Blackboard links:

<ul>
    <li><a href="https://tcd.blackboard.com/ultra/courses/_84350_1/cl/outline">Main module link (for assignments etc)</a></li>
    <li><a href="https://eu.bbcollab.com/guest/8e9b51e92a6844d589600f051df8a305">Office hour</a></li>
</ul>
</p>

<h2>More detail...</h2>

<ul>

  <li>The canonical URL for this stuff is: 
      <a href="https://down.dsg.cs.tcd.ie/cs7053/">https://down.dsg.cs.tcd.ie/cs7053/</a>
      and the latest source is in a github repo at 
      <a href="https://github.com/sftcd/cs7053">https://github.com/sftcd/cs7053</a></li>

  <li>Over the years, this course has had lots of course codes, it was also
      previously CS4407, CS7453 and CS7074, and before that 
      <a href="https://down.dsg.cs.tcd.ie/cs7012/">CS7012</a> and before that
      <a href="https://down.dsg.cs.tcd.ie/nds106u1/">NDS106</a> (the last two
      links are to the old lectures etc.) But when I created the github repo it
      was CS7053, so I stick with that for the URLs:-) The content overlaps a
      good bit but always evolves.</li>

  <li>The <a href="#Lecture">Lecture slides</a> section below has links to
      open-office/ppt/pdf versions of all the lectures for the course. The PDFs
      should be fine as there're no fancy PPT features used.</li>

  <li>The <a href="#stories">News</a> section below has links to relevant 
	  articles usually from the technical media.</a>

  <li>The <a href="#materials">Materials</a> section below has links to, and/or
      local copies of, some background information/papers etc. For assessment
      purposes, you won't need anything other than lecture content and 
      easily available things like RFCs or papers mentioned in lectures. So 
      the list of materials below are just additinal info. (You are of
      course encouraged to read more widely).</li> 

  <li>You can look at loads of 
      <a href="https://down.dsg.cs.tcd.ie/old-exams/index.html">old exams</a>
      with both questions and answers/marking schemes.</li> 

  <li>There will be two mid-term assignments, totalling 20% of the marks for
      the module (so the exam is worth 80%).  We plan to have a "normal"
      sit-down exam. For the written assignments, we have an 
      <a href="llm-policy.html">LLM policy</a>.</li> 

  <li>Note that I <strong>will</strong> be changing the slides as I go.
      Depending on stuff ahead of time may be wasted effort:-)</li> 

</ul>

<h2>Lecture Slides</h2>

<ol>
  <li>Quick intro/logistics (<a href="lectures/00-quick-intro.odp">O-O</a>,<a href="lectures/00-quick-intro.pdf">pdf</a>)</li>
  <li>Security and privacy processes (<a href="lectures/01-processes.odp">O-O</a>,<a href="lectures/01-processes.pdf">pdf</a>)</li>
  <li>Security Concepts (<a href="lectures/02-concepts.odp">O-O</a>,<a href="lectures/02-concepts.pdf">pdf</a>)</li>
  <li>Passwords (<a href="lectures/03-passwords.odp">O-O</a>,<a href="lectures/03-passwords.pdf">pdf</a>)</li>
  <li>Crypto stuff (<a href="lectures/04-crypto.odp">O-O</a>,<a href="lectures/04-crypto.pdf">pdf</a>)</li>
  <li>Post-quantum Crypto (<a href="lectures/05-pqc.odp">O-O</a>,<a href="lectures/05-pqc.pdf">pdf</a>)</li>
  <li>Hybrid Public Key Encryption (HPKE) (<a href="lectures/06-hpke.odp">O-O</a>,<a href="lectures/06-hpke.pdf">pdf</a>)</li>
  <li>Standard security protocols (<a href="lectures/07-protocols.odp">odp</a>,<a href="lectures/07-protocols.pdf">pdf</a>)</li>
  <li>Problems with real-world TLS (<a href="lectures/08-tls-problems.odp">odp</a>,<a href="lectures/08-tls-problems.pdf">pdf</a>)
      <ul>
		<li>SAAG presentation on BEAST and CRIME (<a href="https://www.ietf.org/proceedings/85/slides/slides-85-saag-1.pdf">ietf site</a>,<a href="materials/slides-85-saag-1.pdf">local</a>)</li>
      </ul>
  <li>TLSv1.3 (<a href="lectures/09-tls13.odp">odp</a>,<a href="lectures/09-tls13.pdf">pdf</a>)</li>
  <li>DNS (<a href="lectures/10-dns.pdf">PDF</a>,<a href="lectures/10-dns.odp">O-O</a>) 
	<ul>Materials used from <a href="http://www.dns-school.org/Slides/index.html">Olaf Kolkman's DNS school</a>
  		<li>DNSSEC (<a href="2016lectures/Block_03_DNSSEC_Theory.pdf">pdf</a>)</li>
	</ul>
  </li>
  <li>Ten+ years since Snowden (<a href="lectures/rfc9446-pressie-tcd.pdf">pdf</a>,<a href="lectures/rfc9446-pressie-tcd.odp">odp</a>)</li>
  <li>Guest lecture: The GDPR and how it works, Maria-Grazia Porcedda
      (<a href="lectures/Porcedda_TCD_MSc_25-3-24.pptx">pptx</a>,<a href="lectures/Porcedda_TCD_MSc_25-3-24.pdf">pdf</a>).</li>
</ol>

<h2>2023 Lecture Slides</h2>

<p>These will be variously updated and moved above...</p>

<ol>
  </li>
  <li>Encrypted ClientHello (ECH) (<a href="2023lectures/13-ech.odp">O-O</a>,<a href="2023lectures/13-ech.pdf">PDF</a>)</li>

  <br/>

</ol>



<p>Probably won't cover these this year:</p>

  <ul>
  <li>Some history and issues (updated from 2016 heanet talk) (<a href="2023lectures/heanet-farrell.odp">O-O</a>, <a href="2023lectures/heanet-farrell.pdf">pdf</a>)</li>
  <li>The wonderfully named VOPRF thing(<a href="2023lectures/07-voprf.odp">O-O</a>,<a href="2023lectures/07-voprf.pdf">pdf</a>)</li>
  <li>Mail and Spam (<a href="2016lectures/04-spam.ppt">ppt</a>,<a href="2016lectures/04-spam.pdf">pdf</a>)
	<ul>
		<li>Jim Fenton's spam slides (<a href="2016lectures/fenton.pdf">pdf</a>)</li>
		<li>Murray Kucheraway's DMARC slides (<a href="2016lectures/slides-87-dmarc-3.pdf">pdf</a>)</li>
	</ul>
  </li>
  <li>WebRTC (<a href="2016lectures/12-webrtc.odp">O-O</a>,<a href="2016lectures/12-webrtc.pdf">PDF</a>)</li>
  <li>Snowdonia (<a href="2016lectures/08-snowdonia.ppt">ppt</a>, <a href="2016lectures/08-snowdonia.pdf">pdf</a>)</li>
  <li>Developing stuff with security in mind (<a href="2016lectures/07.5-developing.ppt">ppt</a>,
  	<a href="2016lectures/07.5-developing.pdf">pdf</a>)</li>

  <li>Phil Hunt (Oracle) OAuth intro (<a href="2016lectures/09-oauth.ppt">ppt</a>)</li>

  </ul>


<h2><a name="stories">News Stories</a></h2>

<p>I usually update this sporadically during the run-time of the module with
links to stories that I might want to reference in class.</p>

<h3>2024</h3>

<ul>
    <li>A nice side-channel <a href="https://ninjalab.io/wp-content/uploads/2024/09/20240903_eucleak.pdf">description</a> of a near-practical attack affecting Yubikeys</li>
    <li>A <a href="https://www.wired.com/story/how-pentagon-learned-targeted-ads-to-find-targets-and-vladimir-putin/">Wired article</a> showing in nice but easily understood detail the 
    awfulness of advertising based on real time bidding.</li> 

    <li>NDSS <a href="https://www.ndss-symposium.org/wp-content/uploads/2024-618-paper.pdf">paper</a>
        on attacking fingerprint authentication by listening to the sound of
        swipes on screens - Nice! (but be interested in seeing it
        reproduced).</li>

    <li>NSA and other bits of US DoD admit to buying tracking data from
    brokers. <a href="https://www.theregister.com/2024/01/26/nsa_browser_records/">El reg article</a>,
    and in case it ever gets lost a
    <a href="materials/nsa-buying-fe33e1ba-full.pdf">local copy of the letters.</a>.</li>

    <li>Another case of facial recognition technology (FRT) seeming to produce a bad outcome, from
        <a href="https://www.theguardian.com/technology/2024/jan/22/sunglass-hut-facial-recognition-wrongful-arrest-lawsuit">the Guardian</a>.</li>

    <li>Cute paper on an impractical but interesting leak <a
            href="https://www.science.org/doi/10.1126/sciadv.adj3608">Imaging
            privacy threats from an ambient light sensor</a>.</li>

    <li>A <a href="https://www.macrumors.com/2024/01/09/airdrop-cracked-chinese-authorities/">claim</a>
        of a break in the privacy of Apple airplay exchanges by a Chinese
        "state-backed institution". No real detail as yet, but interesting
        mention of using rainbow tables to reverse some kind of identifier
        hashing/obfuscation.  </li>

</ul>

<h3>2023</h3>

<ul>
    <li>Nice paper about SSH host-key RSA private key recovery in the face of faults: <a href="https://eprint.iacr.org/2023/1711.pdf">https://eprint.iacr.org/2023/1711.pdf</a>.</li>
    <li>Yet another radio-frequency side-channel <a href="https://www.theregister.com/2023/09/13/wifi_beamforming_side_channel_attack/">report</a></li>
    <li>Car privacy is bad, says <a href="https://www.theregister.com/2023/09/06/mozilla_vehicle_data_privacy/">Mozilla.</a></li>
    <li>Some researchers caught ETSI out in <a href="https://www.midnightblue.nl/tetraburst">backdooring TETRA crypto</a>.
        For some reason an ETSI staffer decided to do a
        car-crash <a href="https://zetter.substack.com/p/interview-with-the-etsi-standards">interview</a> on the topic.</li.

    <li>There're always singple point of failure stories, but <a href="https://www.theguardian.com/australia-news/2023/apr/23/australias-farmers-call-for-backup-plan-after-gps-tractor-steering-system-fails">this one's</a> interesting - a satellite SPOF added to a nicely redundant system, that breaks farms in Australia!</li>
    <li>Interesting attack against a vehicle <a href="https://kentindell.github.io/2023/04/03/can-injection/">CAN bus</a> enabling car theft via wiring within headlights.</li>
    <li>A fairly <a href="https://www.bleepingcomputer.com/news/security/godaddy-hackers-stole-source-code-installed-malware-in-multi-year-breach/">bad sounding multi-year attack</a> on hoster GoDaddy and their customers. Things like that are bad.</li>
    <li>Another <a href="https://www.theregister.com/2023/01/26/smart_ovens_do_dumb_stuff/">story</a> about supposedly "smart" devices not bring smart.</li>
    <li>Another reason to not leave MD5 code hanging about: <a href="https://www.akamai.com/blog/security-research/exploiting-critical-spoofing-vulnerability-microsoft-cryptoapi">it enables bad hits in certificate caches</a>.</li>
    <li>An <a
            href="https://arstechnica.com/information-technology/2023/01/a-fifth-of-passwords-used-by-federal-agency-cracked-in-security-audit/">audit
            of passwords</a> found: "the auditors cracked 18,174—or 21
    percent—of the 85,944 cryptographic hashes they tested; 288 of the affected
    accounts had elevated privileges, and 362 of them belonged to senior
government employees. In the first 90 minutes of testing, auditors cracked the
hashes for 16 percent of the department’s user accounts" - good to see some
recent numbers for that. The passwords were from active directory and the article mentions NTLM, which historically has been
speedy to crack, but that level of detail isn't clear.
(<a href="https://www.doioig.gov/sites/default/files/2021-migration/Final%20Inspection%20Report_DOI%20Password_Public.pdf">the underlying audit report</a>)</li>

    <li><a href="https://arstechnica.com/gadgets/2022/12/samsungs-android-app-signing-key-has-leaked-is-being-used-to-sign-malware/">Leaked
            android OEM private keys</a> that have yet to be replaced? Odd.</li>
    <li>Really a late-2022 story: <a href="https://www.theregister.com/2022/12/02/mozilla_microsoft_trustcor/">Another
            CA booted from the Mozilla root program</a>, this time for possible connections to a spyware company.</li>
</ul>
<h3>2022</h3>

<ul>

    <li>A nice <a href="https://www.usenix.org/system/files/sec22-sullivan.pdf">paper</a> describing how passive measurement of
        TLS1.2 and earlier handshakes can spot occasional faulty signatures that can expose a private key.</li>
    <li>A <a href="https://www.qurium.org/alerts/the-tip-of-the-iceberg/">good report</a> on a FB phishing/bot 
        campaign that also does some DDoS (albeit small scale).</li>
    <li>Random improvements: /dev/random and /dev/urandom <a href="https://www.zx2c4.com/projects/linux-rng-5.17-5.18/">merged in Linux kernel</a>.</li>
    <li>Hasn't made much news, but this <a href="https://eprint.iacr.org/2022/214">preprint</a> from
        Ward Beullens describes a key recovery attack on the NIST PQ-competition signature-algorithm 
        finalist Rainbow. Assuming that result holds, (and <a href="https://groups.google.com/a/list.nist.gov/g/pqc-forum/c/KFgw5_qCXiI">it seems to be accepted by the inventors</a>), it's a good lesson about new algorithms.</a>
    <li>Some interesting vulnerabilities in UPS devices (<a href="https://go.theregister.com/feed/www.theregister.com/2022/03/09/tlstorm_apc_ups_critical_zero_days/">el reg report</a>,
        <a href="https://info.armis.com/rs/645-PDC-047/images/Armis-TLStorm-WP%20%281%29.pdf">tech report</a>, <a href="materials/Armis-TLStorm.pdf">local copy</a>)</li>

    <li>In what may be <a href="https://www.theregister.com/2022/02/02/europe_iab_decision/">good news</a>, the Belgian DPA
        has agreed with the Irish Council of Civil Liberties that the so-called "consent" framework underlying a lot of 
        real time bidding (RTB) on the web is not compatible with the GPDR. That'll probably run and run, but it's a
        hopeful sign IMO.</li>

    <li>Publisher (Springer) <a href="https://www.vice.com/en/article/4aw48g/academic-journal-claims-it-fingerprints-pdfs-for-ransomware-not-surveillance">adding per-download unique metadata to PDFs</a>, presumably for tracking or traitor tracing. I added <a href="materials/remove-pdf-metadata.sh">remove-pdf-metadata.sh</a> as a result and cleaned the PDFs in this repo.</li>

    <li><a href="https://en.wikipedia.org/wiki/Log4Shell">Log4j zero day</a>
        was a real doozy - I know a bunch of people who had to spend lots of
        time mitigating that. (It was discovered in Nov 2021 but I only 
        added it here in Jan 2022:-)</li>

    <li><a href="https://www.theregister.com/2022/02/23/chinese_nsa_linux/">El Reg story</a> on
        decomposition and attribution of a sophisticated APT attacker tool. 
        (56-page report: <a href="https://www.pangulab.cn/files/The_Bvp47_a_top-tier_backdoor_of_us_nsa_equation_group.en.pdf">original link</a>,
        <a href="materials/The_Bvp47_a_top-tier_backdoor_of_us_nsa_equation_group.en.pdf">local copy</a>).
    </li>

</ul>

<h3>2021</h3>

<ul>

    <li>Nice <a href="https://www.theregister.com/2021/05/25/cheese_fingerprint_prison/">fingerprint story</a>.</li>
    <li>It's quite old, but I've only read it now, so worth nothing that this
        <a href="https://www.raspberrypi.org/blog/why-raspberry-pi-isnt-vulnerable-to-spectre-or-meltdown/">explanation of Meltown</a> is the best I've seen, so worth a read. (It's from the founder of
        the rPi foundation, and is really well written.)</li>
    <li>We often forget how we depend on the kindness of strangers: a 
        <a href="https://www.zdnet.com/article/yandex-said-it-caught-an-employee-selling-access-to-users-inboxes/">reminder</a>
        of that when a sysadmin sells access to customers email accounts.</li>

    <li>Another WebPKI CA in trouble: 
        the <a href="https://www.theregister.com/2021/02/02/chrome_camerfirma_certificates/">El reg article</a> is ok, 
        but the real meat is in the <a href="https://wiki.mozilla.org/CA:Camerfirma_Issues">Mozilla wiki</a> and the links from
        there. </li>

    <li>Two recent interesting "tracking" stories - one from the <a href="https://www.nytimes.com/2021/02/05/opinion/capitol-attack-cellphone-data.html">NY Times</a> 
        on how AD IDs allow tracking of people who were around the US Capitol building on Jan 6th, and another from
        <a href="https://www.bellingcat.com/resources/2020/12/14/navalny-fsb-methodology/">Bellingcat</a> describing how
        they claim to have determined who likely carried out a recent poisoning. When reading these, try consider
        how your opinion may change if you were sympathetic to those being tracked.</li>

</ul>

<h3>2020 and before</h3>

<ul>

    <li>Fine Apple WiFi <a href="https://googleprojectzero.blogspot.com/2020/12/an-ios-zero-click-radio-proximity.html">hack description</a> incl. lots of tooling.</li>
    <li>Nice DNSSEC Root re-signing ceremony and covid-19 <a href="https://www.theregister.co.uk/2020/04/22/iana_delay_coronavirus/">story</a>.
        You really can't plan for every eventuality!</li>
    <li>Fingerprints are still crap in 2020: <a href="https://blog.talosintelligence.com/2020/04/fingerprint-research.html">talos blog</a></li>
    <li>Snafu in <a href="https://www.theregister.co.uk/2020/02/13/iana_dnssec_ksk_delay/">root key signing</a> that has useful links to process things</li>
    <li>Jan 2020 Msft x.509 vuln (CVE-2020-0601) - dodgy x.509 handling of custom ECC params:
        <ul>
            <li><a href="https://media.defense.gov/2020/Jan/14/2002234275/-1/-1/0/CSA-WINDOWS-10-CRYPT-LIB-20190114.PDF">NSA advisory</a></li>
            <li><a href="https://blog.trailofbits.com/2020/01/16/exploiting-the-windows-cryptoapi-vulnerability/">trailofbits explainer</a></li>
            <li><a href="https://research.kudelskisecurity.com/2020/01/15/cve-2020-0601-the-chainoffools-attack-explained-with-poc/">proof of concept exploit</a></li>
        </ul>
    </li>
    <li>Yet another <a href="https://fil.forbrukerradet.no/wp-content/uploads/2020/01/2020-01-14-out-of-control-final-version.pdf">report</a>
        (<a href="materials/2020-01-14-out-of-control-final-version.pdf">local copy</a>), Norwegian this time,
        about advertising-driven surveillance.</li>

    <li>MITRE common weakness enumeration 
        <a href="https://cwe.mitre.org/top25/archive/2019/2019_cwe_top25.html">list</a> of bug precursors.</li>
    <li>A lovely <a
    href="https://docs.fcc.gov/public/attachments/DOC-359134A1.pdf">FCC
    report</a> on a 37-hour CenturyLink (aka level3) US nationwide outage caused by 4
    weirdo packets!</li>

    <li><a href="https://www.vpnmentor.com/blog/report-biostar2-leak/">Biometric DB leak,</a></li>

    <li><a href="https://krebsonsecurity.com/2019/02/a-deep-dive-on-the-recent-widespread-dns-hijacking-attacks/">Krebs</a> 
        article on DNS infrastructure attack that's close to home actually!</li>
    <li><a
            href="https://www.zdnet.com/article/unsecured-mongodb-databases-expose-kremlins-backdoor-into-russian-businesses/">ZDnet
            story</a> on Russian govt special access via same username/pwd on
    many systems</li>

		<li>Merging images of people in <a href="https://motherboard.vice.com/en_us/article/pa9vyb/peng-collective-artists-hack-german-passport">passports</a></li>
		<li>Who's a good IdP? We thought the megascalers might be but... <a href="https://arstechnica.com/tech-policy/2018/10/google-exposed-non-public-data-for-500k-users-then-kept-it-quiet/">google</a> and <a href="https://www.thesslstore.com/blog/facebook-data-leak-cambridge-analytica/">facebook</a> both recently mucked up somewhat, at mega-scale of course;-( 
		</li>
		<li><a href="https://www.zdnet.com/article/french-police-officer-caught-selling-confidential-police-data-on-the-dark-web/">ZDnet</a>
				story about French police officer selling access to police/national security data on the dark web.</li>

		<li>A <a href="https://www.theregister.co.uk/2018/10/08/super_micro_us_uk_intelligence/">disputed</a> Bloomberg story claiming the Chinese gov. were <a href="https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies">board stuffing</a> in an interesting manner. Regardless of the veracity or otherwise of this report the security of the supply chain issue 
	highlights the need for much more/better open-source hardware. (I'm involved a bit with one such <a href="https://cryptech.is">effort</a>.</li>

<li><a href="https://www.theregister.co.uk/2018/09/25/cisco_hardcoded_credentials/">Cisco</a> hardcoded root a/c in video kit.</li>
<li>Nice <a href="https://www.theregister.co.uk/2018/09/12/feedify_magecart_javascript_library_hacked/">el reg</a>
				story (if true!) about borked JS code being loaded from a 3rd (or 4th, if true) party.</li>
<li> An <a href="https://www.theregister.co.uk/2018/08/09/neural_network_malware/">El-reg article</a> with a cute idea
				for how to construct malware (add DeepLocker reference when available) </li>

</ul>


<h2><a name="materials">Materials</a></h2>

<p>This is a list of good things to read. What you need for 
assessment purposes is all mentioned in the lecture slides.
The full directory is <a href="materials/">here</a> if you
just want to browse it.</p>

<ol>
    <li>A 2022 pre-print analysing data sharing involved with Amazon Alexa and related
        skills that concludes Amazon and skills developers do leverage voice data to
        infer information then shared with advertisers. (<a href="https://arxiv.org/pdf/2204.10920.pdf">pre-preint</a>,
        <a href="materials/2204.10920.pdf">local copy</a>).
    </li>
    <li>A 2022 pre-print on end-to-end encryption and why we need it. 
        (<a href="https://eprint.iacr.org/2022/449.pdf">IACR preprint</a>,
         <a href="materials/e2ee-2022-449.pdf">local copy</a>).
    </li>
    <li>A study of web censorship in India (<a href="https://arxiv.org/abs/1912.08590">Arxiv</a>,
        <a href="materials/india-censorship-1912.08590.pdf">local copy</a>).</li>
    <li>A <a href="materials/lightweight-crypto-survey.pdf">survey</a> of
        "lightweight" cryptography. (<a href="https://eprint.iacr.org/2017/511.pdf">iacr version</a>)</li>

    <li><a href="materials/simplified-DES.pdf">A simplified version of DES</a> contributed by a student, originally developed by <a href="http://math.scu.edu/~eschaefe/">Ed Schaefer</a></li>
    <li><a href="https://obj.umiacs.umd.edu/papers_for_stories/crlite_oakland17.pdf">CRLite</a> (<a href="materials/crlite_oakland17.pdf">local copy</a>), a mozilla experiment to do better than CRLs or OCSP</li>
    <li><a href="https://arxiv.org/pdf/2001.07421.pdf">Google paper</a> (<a href="materials/2001.07421.pdf">local copy</a>) on issues with 
        Apple's intelligent tracking protection and how it could be used to track someone</li>
    <li><a href="https://www.greenbone.net/wp-content/uploads/Greenbone_Security_Report_Unprotected_Patient_Data_a_Review.pdf">Report on publicly accessible medical images</a>(<a href="materials/https://www.greenbone.net/wp-content/uploads/Greenbone_Security_Report_Unprotected_Patient_Data_a_Review.pdf">local copy</a>)</li>
    <li><a href="https://eprint.iacr.org/2020/014">SHA-1 is a shambles</a> (<a href="materials/2020-014.pdf">local copy</a>)
        describes now-practical chosen prefix attacks on sha-1.</li>
    <li>Johnny is fired (<a href="https://github.com/RUB-NDS/Johnny-You-Are-Fired">github</a>,<a href="materials/johnny-fired.pdf">local pdf</a>)</li>
    <li>A paper on guessed Etherium private keys (need to read) <a href=https://www.securityevaluators.com/casestudies/ethercombing/">htmll</a></li>
        <li>A paper on DNS privacy related issues (<a href="https://doi.org/10.1002/poi3.195">paywall</a>,<a href="materials/dnspolicy-10.1002@poi3.195.pdf">local copy</a>)</li>
       <li>A survey paper on attack surface definitions (<a href="https://doi.org/10.1016/j.infsof.2018.07.008">paywall</a>,<a href="materials/attack-surface--1-s2.0-S0950584918301514-main.pdf">local pdf</a>)</li>
		<li>A post-mortem on the equifax hack (<a href="materials/Equifax-Report.pdf">local</a>,<a href="https://oversight.house.gov/wp-content/uploads/2018/12/Equifax-Report.pdf">original</a>
		<li>" The Sorry State of TLS Security in Enterprise Interception Appliances" in 2018! <a href="https://arxiv.org/abs/1809.08729">arxiv.org</a>,<a href="materials/tls-mitm-boxed.pdf">local</a>).</li>
		<li> The 2003 paper on rainbow tables (<a href="https://lasec.epfl.ch/pub/lasec/doc/Oech03.pdf">epfl.ch</a>,
				<a href="materials/Oech03.pdf">local pdf</a>)</li>
		<li>"Screaming Channels:" another side-channel - mixed digital/analogue chips exposing keys (<a href="http://s3.eurecom.fr/docs/ccs18_camurati_preprint.pdf">(no HTTPs!) pdf</a>,
				<a href="materials/https://s3.eurecom.fr/docs/ccs18_camurati_preprint.pdf">local pdf</a>)</li>
		<li>Nethammer: <a href="materials/nethammer-1805.04956.pdf">local pdf</a>(add link to original)</li>
<li>The "Efail" PGP and S/MIME attack (<a href="https://efail.de/efail-attack-paper.pdf">efail.de</a>,<a href="materials/efail-attack-paper.pdf">local pdf</a>)</li>
<li>The 1988 Internet worm (<a href="http://spaf.cerias.purdue.edu/tech-reps/823.pdf">purdue</a>,<a href="materials/spafford88internet.pdf">local</a>)</li>
<li>The end-to-end argument in system design (<a href="http://web.mit.edu/Saltzer/www/publications/endtoend/endtoend.pdf">MIT</a>,<a href="materials/endtoend.pdf">local</a>)</li>
<li>NDSS 2017 paper on TLS MitM box insecurity (<a href="https://jhalderm.com/pub/papers/interception-ndss17.pdf">remote</a>, <a href="materials/interception-ndss17.pdf">local</a>)</li>
<li>Bleichenbacher's attack (<a href="http://link.springer.com/chapter/10.1007/BFb0055716">springer</a>,<a href="materials/bleichenbacher-pkcs.pdf">local</a>)</li>
<li>DROWN attack (<a href="https://drownattack.com/drown-attack-paper.pdf">drownattack.com</a>,<a href="materials/drown-attack-paper.pdf">local</a>)</li>
<li>Stagefright (<a href="https://www.exploit-db.com/docs/39527.pdf">exploit-db.com</a>,<a href="materials/stagefright.pdf">local<a>)</li>
<li>Some DES history (<a href="https://www.princeton.edu/~ota/disk2/1987/8706/870612.PDF">remote</a>,<a href="materials/des-870612.pdf">local</a>) which is
part of a <a href="https://www.princeton.edu/~ota/disk2/1987/8706.html">a book</a></li>
<li>Attacking ASLR via javascript and an MMU - nice! (<a href="http://www.cs.vu.nl//~herbertb/download/papers/anc_ndss17.pdf">Author's site</a>,<a href="materials/anc_ndss17.pdf">local</a>)</li>
<li>Not a paper, but an Intercept <a href="https://theintercept.com/2017/02/20/how-to-run-a-rogue-government-twitter-account-with-an-anonymous-email-address-and-a-burner-phone/">article</a> with a step-by-step on the "fun"
required to create and operate a sorta-anonymous twitter a/c. </li>
<li>A (long, 38pp;-) paper by a lawyer about how Internet technical standards
might be quite telling - good if you're interested in this corner of nerdville;-) (<a href="https://poseidon01.ssrn.com/delivery.php?ID=582114003071118109104006093031125081029032054004040066067028092028071100106089012096122097062099041113051096017083114065113111126050004093022006016108092064092011019002077080118070103066027000022097106081109119109121119012022026002108092100071083124111&EXT=pdf">Original</a>,<a href="materials/SSRN-id2911978.pdf">local copy</a>)</li>

<li>A real sha-1 collision! (<a href="https://shattered.io/">website</a>,
<a href="materials/shattered.pdf">local copy of paper</a>) and the two
colliding files: <a href="https://shattered.io/static/shattered-1.pdf">1</a>
<a href="https://shattered.io/static/shattered-2.pdf">2</a>. (Note
that those two aren't in my git repo - I didn't wanna play with git's 
dependency on sha-1;-)</li>
<li>RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis (<a href="https://eprint.iacr.org/2013/857.pdf">eprint</a>,<a href="materials/rsa-acoustic-857.pdf">local</a>)</li>
<li>Local copies of the papers for some recent notable attacks on CPUs: 
		<a href="materials/meltdown.pdf">meltdown</a>,
		<a href="materials/spectre.pdf">spectre</a>
</li>
<li>The <a href="materials/robot-1189.pdf">ROBOT</a> attack paper.</li>
<li>An attack on machne learning for image processing: <a href="materials/patch-1712.09665.pdf">adversarial patches</a>, and
		another one against machine learning called <a href="materials/foolbox-1712.04248.pdf">foolbox</a></li>
<li>A CCC presentation on the 2010 Sony hack (<a href="https://events.ccc.de/congress/2010/Fahrplan/attachments/1780_27c3_console_hacking_2010.pdf">original</a>,<a href="materials/1780_27c3_console_hacking_2010.pdf">local</a>)</li>
<li>The details of Galois-Counter Mode (<a href="https://eprint.iacr.org/2004/193.pdf">iacr version</a>,<a href="materials/gcm.pdf">local</a>) </li>
<li>A comparison of some AEAD modes (<a href="https://www.fi.muni.cz/~xsvenda/docs/AE_comparison_ipics04.pdf">original</a>,<a href="materials/AE_comparison_ipics04.pdf">local</a>)</li>

</ol>

</body>
</html>