PublicationsEthical Guidelines for Computer Security Researchers: "Be Reasonable". Len Sassaman. In Workshop on Ethics in Computer Security Research 2010, Tenerife, ES, January 2010. PKI Layer Cake: New Collision Attacks Against the Global X.509 Infrastructure. Dan Kaminsky, Meredith L. Patterson, and Len Sassaman. In Financial Cryptography and Data Security - 14th International Conference, Tenerife, ES, January 2010. How to Bypass Two Anonymity Revocation Schemes. George Danezis and Len Sassaman. In Privacy Enhancing Technologies - 8th International Symposium, Leuven, BE, July 2008. The Byzantine Postman Problem. Len Sassaman and Bart Preneel. 29th Symposium on Information Theory in the Benelux (Leuven, BE) May 2008. Freezing More Than Bits: Chilling Effects of the OLPC XO Security Model. Meredith L. Patterson, Len Sassaman, and David Chaum. Proceedings of Usability, Psychology, and Security 2008, San Francisco, CA, USA, April 2008. Echolot and Leuchtfeuer: Measuring the Reliability of Unreliable Mixes. Klaus Kursawe, Peter Palfrader and Len Sassaman. Technical Report ESAT-COSIC 2007-005, 2007. The Faithless Endpoint: How Tor Puts Certain Users at Greater Risk. Len Sassaman. Technical Report ESAT-COSIC 2007-003, 2007. Subliminal Channels in the Private Information Retrieval Protocols. Meredith L. Patterson and Len Sassaman. Proceedings of the 28th Symposium on Information Theory in the Benelux, Enschede, NL, May 2007. The Pynchon Gate, A Secure Method of Pseudonymous Mail Retrieval. Len Sassaman, Bram Cohen, and Nick Mathewson. Proceedings of the Workshop on Privacy in the Electronic Society (WPES 2005), Arlington, VA, USA, November 2005. Comparison Between Two Practical Mix Designs. Claudia Díaz, Len Sassaman and Evelyne Dewitte. ESORICS: 9th European Symposium on Research in Computer Security. Lecture Notes in Computer Science, Springer-Verlag, September 2004. Heartbeat Traffic to Counter (n-1) Attacks. George Danezis and Len Sassaman. In the Proceedings of the Workshop on Privacy in the Electronic Society (WPES 2003), Washington, DC, USA, October 2003. pp. 89-93. Mixmaster Protocol Version 2. Ulf Moeller, Lance Cottrell, Len Sassaman, Peter Palfrader. IETF Internet Draft, 2003. Efficient Group Keysigning Method. Phil Zimmermann and Len Sassaman. Manuscript, published on the Internet.
Speaking EngagementsTowards a Formal Theory of Computer Insecurity: a Language-Theoretic Approach Dartmouth College Institute for Security, Technology, and Society Speaker Series (Hanover, NH, USA) 17 February, 2011. Minimizing Attack Surfaces with Language-Theoretic Security EIDMA/DIAMANT Cryptography Working Group (Utrecht, NL) 3 December, 2010. The Rise of Distributed, Decentralized, Amateur/Citizen Science and Do It Yourself Biology: Safety and Security Concerns Open Science Summit 2010 (Berkeley, CA, USA) 30 July, 2010. Exploiting the Forest with Trees Black Hat Briefings (Las Vegas, NV, USA) 29 July, 2010. Exploiting Computational Slack in Protocol Grammars PH-Neutral 0x7da (Berlin, DE) 28 May 2010. Language Theoretic Security Attacks: Exploiting Computational Slack in Protocol Grammars KU Leuven COSIC Seminar (Leuven, BE) 21 May 2010. Towards a Code of Ethics for Computer Security Research Workshop on Ethics in Computer Security Research (Tenerife, ES) 28 January 2010. Lessons in Vulnerability Disclosure: So You Broke The Internet - What Now? KU Leuven COSIC Seminar (Leuven, BE) 9 October 2009. Breaking Web Security: Practical Attacks on X.509 Black Hat Briefings (Las Vegas, NV, USA) 29 July, 2009. Freezing More Than Bits: Chilling Effects of the OLPC XO Security Model Stanford University Security Seminar (Stanford, CA, USA) 18 April 2008. Presentation of Freezing More Than Bits: Chilling Effects of the OLPC XO Security Model Usability, Psychology, and Security 2008 (San Francisco, CA, USA) 14 April 2008. Freezing More Than Bits: Chilling Effects of the OLPC XO Security Model University of California, Berkeley Security Reading Group (Berkeley, CA, USA) 7 April 2008. Anonymity for 2015 24th Chaos Communication Congress (Berlin, DE) 27 December 2007. Anonymity and its Discontents Black Hat Briefings (Las Vegas, NV, USA) 1 August, 2007. Presentation of The Pynchon Gate WPES (Arlington, VA, USA), 7 November, 2005. Panel: Future Anonymity Systems What The Hack (Liempde, NL) 30 August, 2005. Privacy Issues in Identity Management 13th CACR Information Security Workshop & 5th Annual Privacy and Security Workshop (Toronto, ON, CA) 28 October, 2004. Making Privacy Enhancing Technology a Reality TOORCON 2004 (San Diego, CA, USA) 25 September, 2004. Mixmaster vs. Reliable: A comparison of two practical mix designs DEFCON 12 (Las Vegas, NV, USA) 30 July, 2004. The Anonymity Toolkit Black Hat Briefings (Las Vegas, NV, USA) 29 July, 2004. Ten Years of Practical Anonymity The Fifth HOPE Conference (New York, NY, USA) 10 July, 2004. Panel: How can Independent Researchers be adequately compensated for the valuable service they provide to vendors and customers while encouraging responsible reporting? Stanford Law School -- Cybersecurity, Research and Disclosure Conference (Stanford, CA, USA) 22 November 2003. Presentation of Heartbeat Traffic to Counter (n-1) Attacks WPES (Washington, DC, USA) 20 October 2003. Panel: Meet the Remailer Operators DEFCON 11 (Las Vegas, NV, USA) 1 August 2003. Attacks on Anonymity Systems: Theory and Practice (with Roger Dingledine) Black Hat Briefings (Las Vegas, NV, USA) 31 July 2003. Designing Useful Privacy Applications Black Hat Europe 2003 Briefings (Amsterdam, NL) 14 May 2003. Anonymity in Practice KU Leuven COSIC Seminar (Leuven, BE) 12 May 2003. Introduction to Anonymity Techniques University of Cambridge Security Seminar (Cambridge, UK) 6 May, 2003 Panel: Experiences deploying anonymous communication systems. Workshop on Privacy Enhancing Technologies (Dresden, DE) 27 March 2003. The Promise of Privacy LISA -- 16th Large Installation System Administration Conference (Philadelphia, PA, USA) 7 November 2002. (review) Anonymity Services and The Law DEFCON 10 (Las Vegas, NV, USA) 2 August 2002. Forensic Dead-Ends: Tracing Users Through Anonymous Remailers Black Hat Briefings (Las Vegas, NV, USA) 31 July 2002. BOF: Future directions for Anonymous Remailers Computers, Freedom, and Privacy (San Francisco, CA, USA) 18 April 2002. Fundamental Flaws in the SSL Certificate Authority Model DEFCON 9 (Las Vegas, NV, USA) 14 July, 2001. The State of the OpenPGP Keyserver Infrastructure North American Network Operators Group, 20th Conference (Washington, DC, USA) 22-23 May 2000.
Other Conferences and Workshops Attended13th International Course on Computer Security and Cryptography (Leuven-Heverlee, BE) 14-17 June, 2011. PH-Neutral 0x7db (Berlin, DE) 27-29 May, 2011. Hackito Ergo Sum (Paris, FR) 7-9 April, 2011. 27th Chaos Communication Congress (Berlin, DE) 27-30 December, 2010. Lift-off towards Open Government (Brussels, BE) 15-16 December, 2010. BCRYPT PhD Day (Ghent, BE) 17 November, 2010. DEFCON 18 (Las Vegas, NV, USA) 30 July - 1 August, 2010. Financial Cryptography and Data Security 2010 (Tenerife, ES) 24-27 January, 2010. Leuven Faculty of Social Sciences Interdisciplinary Privacy Course 2010 (Leuven, BE) 23-24 June, 2010. ICANN 38 (Brussels, BE) 19 - 25 June 2010. EU Parliment Hearing: (SELF) CENSORSHIP NEW CHALLENGES FOR FREEDOM OF EXPRESSION IN EUROPE. (Brussels, BE, EU) 21 June 2010. Workshop on Future Privacy and Security Research Challenges in Online Social Networks (Leuven, BE) 5 November 2009. Coding Theory and Cryptography III: Contact Forum of The Royal Flemish Academy of Belgium for Science and the Arts (Brussels, BE) 25 September, 2009. DEFCON 17 (Las Vegas, NV, USA) 30 July - 2 August, 2009. CodeCon 6 (San Francisco, CA, USA) 17-19 April, 2009. Founder, organizer, program co-chair. FOSDEM 2009 (Brussels, BE) 7-8 February, 2009. 25th Chaos Communication Congress (Berlin, DE) 27-30 December, 2008. HotPETs 2008 (Leuven, BE) 25 July, 2008. Founder, program co-chair. BarCamp Baltics 2008 (Riga, Latvia) 8-10 February, 2008. DEFCON 15 (Las Vegas, NV, USA) 3-5 August, 2007. 7th Workshop on Privacy Enhancing Technologies (Ottawa, ON, CA) 20-22 June, 2007. PH-Neutral 0x7d7 (Berlin, DE) 25-27 May, 2007. The 28th Symposium on Information Theory in the Benelux (Enschede, NL) 24-25 May, 2007. The 26th Annual International Cryptology Conference - Crypto 2006 (Santa Barbara, California, USA) 20-24 August, 2006. 6th Workshop on Privacy Enhancing Technologies (Cambridge, UK) 28-30 June, 2006. O'Reilly Emerging Technology Conference (San Diego, CA, USA) 6-9 March, 2006. CodeCon 5 (San Francisco, CA, USA) 10-12 February 2006. Founder, organizer, program chair. 14th CACR Information Security Workshop & 6th Annual Privacy and Security Workshop (Toronto, ON, CA) 3-4 November, 2005. Black Hat Europe 2005 Briefings (Amsterdam, NL) 29-30 March 2005. CodeCon 4 (San Francisco, CA, USA) 11-13 February 2005. Founder, organizer. Workshop on Secure Multiparty Protocols - SMP 2004 (Amsterdam, NL) 7-8 October 2004. USENIX Security '04 (San Diego, CA, USA) 9-13 August, 2004. CodeCon 3 (San Francisco, CA, USA) 20-22 February 2004. Founder, organizer. TOORCON 2003: Information Security Conference (San Diego, CA, USA) 26-28 September 2003. RSA Conference 2003 (San Francisco, CA, USA) 13-17 April 2003. CodeCon 2 (San Francisco, CA, USA) 22-24 February 2003. Founder, organizer. Second Workshop on Privacy Enhancing Technologies (San Francisco, CA, USA) 14-15 April 2002. RSA Conference 2002 (San Jose, CA, USA) 18-22 February 2002. CodeCon 1 (San Francisco, CA, USA) 15-17 February 2002. Founder, organizer. Second PARC Workshop on Life in an Era of Cryptographic Abundance (Palo Alto, CA, USA) 18 October 2001. RSA Conference 2001 (San Francisco, CA, USA) 8-12 April 2001. 23rd National Information Systems Security Conference (Baltimore, MD, USA) 18 October 2000. Linux World Conference and Expo, (San Jose, CA, USA) 14-17 August 2000. DEFCON 8 (Las Vegas, NV, USA) 28-30 July, 2000. Black Hat Briefings 2000 (Las Vegas, NV, USA) 26-27 July 2000. Xerox PARC Workshop on Life in an Era of Cryptographic Abundance (Palo Alto, CA, USA) 20 June, 2000. The First PGP Keyserver Manager Symposium (Utrecht, NL) 22-23 May 2000. The Fourth Internet Security Conference (San Jose, CA, USA) 24-28 April 2000. Linux World Expo New York (New York, NY, USA) Jan 2000.
|