Matteo Maffei
Univ.Prof.
Roles
-
Head of Research Unit
Security and Privacy, E192-06 -
Full Professor
Security and Privacy, E192-06 -
Curriculum Coordinator
Bachelor / Specialization / Cybersecurity -
Curriculum Commission for Informatics
Substitute Member
Courses
2024W
- Bachelor Thesis / 192.061 / PR
- Cryptocurrencies / 192.065 / VU
- Introduction to Logical Methods in Computer Science / 184.766 / VO
- Orientation Bachelor with Honors of Informatics and Business Informatics / 180.767 / SE
- Project in Computer Science 1 / 192.021 / PR
- Project in Computer Science 2 / 192.022 / PR
- Research Seminar LogiCS / 184.767 / SE
- Seminar for PhD Students / 192.060 / SE
2025S
- Introduction to Logical Methods in Computer Science / 184.766 / VO
- Project in Computer Science 1 / 192.021 / PR
- Project in Computer Science 2 / 192.022 / PR
- Research Seminar LogiCS / 184.767 / SE
Projects
-
Effective Formal Methods for Smart-Contract Certification
2023 – 2027 / Vienna Science and Technology Fund (WWTF)
Publications: 192933 / 199514 / 199522 / 203882 / 203672 / 202379 / 203892 / 204116 -
Semantic and Cryptographic Foundations of Security and Privacy by Compositional Design
2023 – 2026 / Austrian Science Fund (FWF)
Publications: 189688 / 190634 / 190025 / 193102 / 192933 / 193926 / 192946 / 193074 / 195542 / 199514 / 199522 / 200038 / 200888 / 200903 / 200896 / 200893 / 202379 / 202600 / 203695 / 203892 / 203814 / 203816 / 204116 / 204344 / 204483 / 204345 -
Distributed Ledger Development and Implementation
2022 – 2024 / ABC Research GmbH
Publication: 204116 -
Blockchain Technologies for the Internet of Things
2020 – 2025 / Christian Doppler Research Association (CDG)
Publications: 139862 / 139860 / 153863 / 158286 / 152968 / 152969 / 175654 / 154428 / 158188 / 171624 / 177467 / 190648 / 189835 / 190192 / 189792 / 189878 / 190025 / 192610 / 190685 / 192166 / 200038 / 203892 / 204116 -
Security and Privacy Foundations of Blockchain Technologies
2020 – 2024 / SBA Research gemeinnützige GmbH
Publications: 190633 / 190031 / 190032 / 194425 / 192610 / 192677 / 192585 / 204116 / 204362 -
Vienna Cybersecurity and Privacy Research Center
2019 – 2023 / Vienna Business Agency (WAW)
Publications: 139862 / 139860 / 153863 / 158286 / 152968 / 152969 / 152950 / 152954 / 175654 / 150285 / 150314 / 191199 / 177467 / 191198 / 190648 / 189835 / 190192 / 189792 / 189878 / 192610 / 191151 / 190685 -
Cryptographic Foundations for Future-proof Internet Security
2019 – 2023 / Austrian Science Fund (FWF)
Publications: 139862 / 139860 / 153863 / 158286 / 152968 / 152969 / 152950 / 152954 / 175654 / 154428 / 153177 / 177467 / 190648 / 189835 / 190192 / 189792 / 189878 / 192610 / 193565 / 193570 / 190685 / 190687 -
Foundations and Tools for Client-Side Web Security
2018 – 2024 / European Research Council (ERC)
Publications: 139862 / 139860 / 153863 / 158286 / 152968 / 152969 / 152950 / 152954 / 175654 / 154428 / 150314 / 153177 / 177467 / 191198 / 190648 / 189835 / 190192 / 189792 / 189878 / 190025 / 192610 / 191151 / 190685 / 203681 / 200038 / 202379 / 203892 / 204116 / 204362 -
Privacy-Preserving Regulatory Technologies for Distributed Ledger Technologies
2018 – 2021 / Austrian Research Promotion Agency (FFG)
Publications: 139862 / 152968 / 152950 / 152954 / 153177 / 190192 / 189792 -
Scalability for Lightning Networks
2018 – 2020 / Chaincode Labs Inc -
Ethertrust - Trustworthy smart contracts
2018 – 2019 / netidee.at
Publication: 153177
Publications
2024
- Distillation based Robustness Verification with PAC Guarantees / Indri, P., Blohm, P., Athavale, A., Bartocci, E., Weissenbacher, G., Maffei, M., Nickovic, D., Gärtner, T., & Malhotra, S. (2024). Distillation based Robustness Verification with PAC Guarantees. In Volume 235: International Conference on Machine Learning, 21-27 July 2024, Vienna, Austria. 41st International Conference on Machine Learning (ICML 2024), Vienna, Austria. http://hdl.handle.net/20.500.12708/200890
-
Verifying Global Two-Safety Properties in Neural Networks with Confidence
/
Athavale, A., Bartocci, E., Christakis, M., Maffei, M., Ničković, D., & Weissenbacher, G. (2024). Verifying Global Two-Safety Properties in Neural Networks with Confidence. In A. Gurfinkel & V. Ganesh (Eds.), Computer Aided Verification (pp. 329–351). Springer. https://doi.org/10.1007/978-3-031-65630-9_17
Projects: Browsec (2018–2024) / ForSmart (2023–2027) / ProbInG (2020–2025) / SFB SPyCoDe (2023–2026) / TAIGER (2023–2027) -
Optimizing Virtual Payment Channel Establishment in the Face of On-Path Adversaries
/
Aumayr, L., Ceylan, E., Kopyciok, Y., Maffei, M., Moreno-Sanchez, P., Salem, I., & Schmid, S. (2024). Optimizing Virtual Payment Channel Establishment in the Face of On-Path Adversaries. In Proceedings 2024 IFIP Networking Conference (IFIP Networking) (pp. 1–10). https://doi.org/10.23919/IFIPNetworking62109.2024.10619889
Projects: Browsec (2018–2024) / CDL-BOT (2020–2025) / CoRaF (2022–2025) / SFB SPyCoDe (2023–2026) -
Web Platform Threats: Automated Detection of Web Security Issues With WPT
/
Bernardo, P., Veronese, L., DALLA VALLE, V., Calzavara, S., Squarcina, M., Adão, P., & Maffei, M. (2024). Web Platform Threats: Automated Detection of Web Security Issues With WPT. In Proceedings of the 33rd USENIX Security Symposium (pp. 757–774). http://hdl.handle.net/20.500.12708/204362
Projects: Browsec (2018–2024) / SPFBT (2020–2024) / W4MP (2023–2027) -
Wappler: Sound Reachability Analysis for WebAssembly
/
Scherer, M., Blaabjerg, J. F., Sjösten, A., Solitro, M. M., & Maffei, M. (2024). Wappler: Sound Reachability Analysis for WebAssembly. In L. O’Conner & P. Kellenberger (Eds.), 2024 IEEE 37th Computer Security Foundations Symposium (CSF) (pp. 249–264). https://doi.org/10.1109/CSF61375.2024.00025
Projects: Browsec (2018–2024) / CDL-BOT (2020–2025) / ForSmart (2023–2027) / SFB SPyCoDe (2023–2026) - Message from General Chairs; EuroSP 2024 / Weippl, E., & Maffei, M. (2024). Message from General Chairs; EuroSP 2024. In 2024 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW). 9th IEEE European Symposium on Security and Privacy Workshops (EUROS&PW 2024), Wien, Austria. https://doi.org/10.1109/EuroSPW61312.2024.00005
-
CryptoVampire: Automated Reasoning for the Complete Symbolic Attacker Cryptographic Model
/
Jeanteur, S., Kovács, L., Maffei, M., & Rawson, M. (2024). CryptoVampire: Automated Reasoning for the Complete Symbolic Attacker Cryptographic Model. In 2024 IEEE Symposium on Security and Privacy (SP) (pp. 3165–3183). IEEE. https://doi.org/10.1109/SP54263.2024.00246
Projects: Browsec (2018–2024) / CDL-BOT (2020–2025) / DLDaI (2022–2024) / ForSmart (2023–2027) / SFB SPyCoDe (2023–2026) / SPFBT (2020–2024)
2023
-
Cookie Crumbles: Breaking and Fixing Web Session Integrity
/
Squarcina, M., Adão, P., Lorenzo Veronese, & Matteo Maffei. (2023). Cookie Crumbles: Breaking and Fixing Web Session Integrity. In J. Calandrino & C. Troncoso (Eds.), SEC ’23: Proceedings of the 32nd USENIX Conference on Security Symposium (pp. 5539–5556). USENIX Association. https://doi.org/10.34726/5329
Downloads: Paper (1020 KB) / Appendix Paper (342 KB) / Slides (2.54 MB)
Projects: Browsec (2018–2024) / ViSP (2019–2023) / W4MP (2023–2027) -
Breaking and Fixing Virtual Channels: Domino Attack and Donner
/
Aumayr, L., Moreno-Sanchez, P., Kate, A., & Maffei, M. (2023, September 6). Breaking and Fixing Virtual Channels: Domino Attack and Donner [Presentation]. VISA Research - external research talks, Palo Alto, United States of America (the). http://hdl.handle.net/20.500.12708/192610
Projects: Browsec (2018–2024) / CDL-BOT (2020–2025) / PROFET (2019–2023) / SBA - COOP COMET SBA2 (2016–2019) / SPFBT (2020–2024) / ViSP (2019–2023) -
Thora: Atomic and Privacy-Preserving Multi-Channel Updates
/
Aumayr, L., Abbaszadeh, K., & Maffei, M. (2023, August 30). Thora: Atomic and Privacy-Preserving Multi-Channel Updates [Conference Presentation]. The Science of Blockchain Conference 2023 (SBC’23), Stanford University, United States of America (the). http://hdl.handle.net/20.500.12708/190192
Projects: Browsec (2018–2024) / CDL-BOT (2020–2025) / PR4DLT (2018–2021) / PROFET (2019–2023) / SBA - COOP COMET SBA2 (2016–2019) / ViSP (2019–2023) -
Sleepy Channels: Bitcoin-Compatible Bi-directional Payment Channels without Watchtowers
/
Aumayr, L., Sri AravindaKrishnan Thyagarajan, Giulio Malavolta, Moreno-Sanchez, P., & Maffei, M. (2023, August 30). Sleepy Channels: Bitcoin-Compatible Bi-directional Payment Channels without Watchtowers [Conference Presentation]. The Science of Blockchain Conference 2023, Stanford, United States of America (the). http://hdl.handle.net/20.500.12708/189835
Projects: Browsec (2018–2024) / CDL-BOT (2020–2025) / PROFET (2019–2023) / SBA - COOP COMET SBA2 (2016–2019) / ViSP (2019–2023) -
Glimpse: On-Demand PoW Light Client with Constant-Size Storage for DeFi
/
Scaffino, G., Aumayr, L., Avarikioti, G., & Maffei, M. (2023). Glimpse: On-Demand PoW Light Client with Constant-Size Storage for DeFi. In Proceedings of the 32nd USENIX Security Symposium (pp. 733–750).
Projects: Browsec (2018–2024) / CDL-BOT (2020–2025) / CoRaF (2022–2025) / SFB SPyCoDe (2023–2026) -
Thora: Atomic and Privacy-Preserving Multi-Channel Updates
/
Aumayr, L., Abbaszadeh, K., & Maffei, M. (2023, February 28). Thora: Atomic and Privacy-Preserving Multi-Channel Updates [Poster Presentation]. Network and Distributed System Security Symposium (NDSS) 2023, San Diego, United States of America (the). http://hdl.handle.net/20.500.12708/189792
Projects: Browsec (2018–2024) / CDL-BOT (2020–2025) / PR4DLT (2018–2021) / PROFET (2019–2023) / SBA - COOP COMET SBA2 (2016–2019) / ViSP (2019–2023) -
Sleepy Channels: Bi-directional Payment Channels without Watchtowers
/
Aumayr, L., Sri AravindaKrishnan Thyagarajan, Giulio Malavolta, Moreno-Sanchez, P., & Maffei, M. (2023, February 28). Sleepy Channels: Bi-directional Payment Channels without Watchtowers [Poster Presentation]. Network and Distributed System Security Symposium (NDSS) 2023, United States of America (the). http://hdl.handle.net/20.500.12708/189878
Projects: Browsec (2018–2024) / CDL-BOT (2020–2025) / PROFET (2019–2023) / SBA - COOP COMET SBA2 (2016–2019) / ViSP (2019–2023) -
Breaking and Fixing Virtual Channels: Domino Attack and Donner
/
Aumayr, L., Moreno-Sanchez, P., Kate, A., & Maffei, M. (2023). Breaking and Fixing Virtual Channels: Domino Attack and Donner. In Proceedings Network and Distributed System Security Symposium 2023. 30th Annual Network and Distributed System Security Symposium (NDSS) 2023, San Diego, United States of America (the). https://doi.org/10.14722/ndss.2023.24370
Projects: Browsec (2018–2024) / CDL-BOT (2020–2025) / PROFET (2019–2023) / SBA - COOP COMET SBA2 (2016–2019) / ViSP (2019–2023) -
WebSpec: Towards Machine-Checked Analysis of Browser Security Mechanisms
/
Veronese, L., Farinier, B., Bernardo, P., Tempesta, M., Squarcina, M., & Maffei, M. (2023). WebSpec: Towards Machine-Checked Analysis of Browser Security Mechanisms. In 2023 IEEE Symposium on Security and Privacy (SP) (pp. 2761–2779). IEEE. https://doi.org/10.1109/SP46215.2023.10179465
Projects: Browsec (2018–2024) / ViSP (2019–2023) -
Towards a Game-Theoretic Security Analysis of Off-Chain Protocols
/
Rain, S., Avarikioti, G., Kovacs, L., & Maffei, M. (2023). Towards a Game-Theoretic Security Analysis of Off-Chain Protocols. In 2023 IEEE 36th Computer Security Foundations Symposium (CSF) (pp. 107–122). IEEE. https://doi.org/10.1109/CSF57540.2023.00003
Projects: Browsec (2018–2024) / CDL-BOT (2020–2025) / LCS (2017–2025) / PROFET (2019–2023) / ViSP (2019–2023)
2022
-
Thora: Atomic and Privacy-Preserving Multi-Channel Updates
/
Aumayr, L., Abbaszadeh, K., & Maffei, M. (2022). Thora: Atomic and Privacy-Preserving Multi-Channel Updates. In CCS ’22: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security (pp. 165–178). Association for Computing Machinery. https://doi.org/10.1145/3548606.3560556
Projects: Browsec (2018–2024) / CDL-BOT (2020–2025) / PR4DLT (2018–2021) / PROFET (2019–2023) / SBA - COOP COMET SBA2 (2016–2019) / ViSP (2019–2023) -
Foundations of Coin Mixing Services
/
Glaeser, N., Maffei, M., Malavolta, G., Moreno-Sanchez, P., Tairi, E., & Thyagarajan, S. A. (2022). Foundations of Coin Mixing Services. In CCS ’22: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security (pp. 1259–1273). Association for Computing Machinery. https://doi.org/10.34726/3601
Download: Accepted manuscript incl. Suppl. Material. This is the author's version of the work. It is posted here for your personal use. Not for redistribution. (756 KB)
Projects: Browsec (2018–2024) / CDL-BOT (2020–2025) / PROFET (2019–2023) -
Sleepy Channels: Bi-directional Payment Channels without Watchtowers
/
Aumayr, L., Thyagarajan, S. A., Malavolta, G., Moreno-Sanchez, P., & Maffei, M. (2022). Sleepy Channels: Bi-directional Payment Channels without Watchtowers. In CCS ’22: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security (pp. 179–192). Association for Computing Machinery. https://doi.org/10.1145/3548606.3559370
Projects: Browsec (2018–2024) / CDL-BOT (2020–2025) / PROFET (2019–2023) / SBA - COOP COMET SBA2 (2016–2019) / ViSP (2019–2023) -
Thora: Atomic And Privacy-Preserving Multi-Channel Updates
/
Aumayr, L., Kasra Abbaszadeh, & Maffei, M. (2022, October 31). Thora: Atomic And Privacy-Preserving Multi-Channel Updates [Poster Presentation]. Crypto Economics Security Conference, Berkeley, United States of America (the). http://hdl.handle.net/20.500.12708/152968
Projects: Browsec (2018–2024) / CDL-BOT (2020–2025) / PR4DLT (2018–2021) / PROFET (2019–2023) / SBA - COOP COMET SBA2 (2016–2019) / ViSP (2019–2023) -
Sleepy Channels: Bi-directional Payment Channels without Watchtowers
/
Aumayr, L., Sri AravindaKrishnan Thyagarajan, Giulio Malavolta, Moreno-Sanchez, P., & Maffei, M. (2022, October 31). Sleepy Channels: Bi-directional Payment Channels without Watchtowers [Poster Presentation]. Crypto Economics Security Conference, Berkeley, United States of America (the). http://hdl.handle.net/20.500.12708/152969
Projects: Browsec (2018–2024) / CDL-BOT (2020–2025) / PROFET (2019–2023) / SBA - COOP COMET SBA2 (2016–2019) / ViSP (2019–2023) -
Blitz: Secure Multi-Hop Payments Without Two-Phase Commits
/
Aumayr, L., Moreno-Sanchez, P., Kate, A., & Maffei, M. (2022, August 31). Blitz: Secure Multi-Hop Payments Without Two-Phase Commits [Conference Presentation]. The Science of Blockchain Conference 2022, Stanford, United States of America (the). http://hdl.handle.net/20.500.12708/152954
Projects: Browsec (2018–2024) / PR4DLT (2018–2021) / PROFET (2019–2023) / SBA - COOP COMET SBA2 (2016–2019) / ViSP (2019–2023) -
Generalized Channels from Limited Blockchain Scripts and Adaptor Signatures
/
Aumayr, L., Oguzhan Ersoy, Erwig, A., Faust, S., Hostáková, K., Maffei, M., Moreno-Sanchez, P., & Riahi, S. (2022, August 30). Generalized Channels from Limited Blockchain Scripts and Adaptor Signatures [Conference Presentation]. The Science of Blockchain Conference 2022, Stanford, United States of America (the). http://hdl.handle.net/20.500.12708/152950
Projects: Browsec (2018–2024) / PR4DLT (2018–2021) / PROFET (2019–2023) / SBA - COOP COMET SBA2 (2016–2019) / ViSP (2019–2023) -
Rigorous Methods for Smart Contracts
/
Bjørner, N., Christakis, M., Maffei, M., & Rosu, G. (Eds.). (2022). Rigorous Methods for Smart Contracts (Dagstuhl Seminar 21431). Schloss Dagstuhl – Leibniz-Zentrum für Informatik GmbH, Dagstuhl Publishing. https://doi.org/10.4230/DagRep.11.9.80
Projects: Browsec (2018–2024) / Ethertrust (2018–2019) / PR4DLT (2018–2021) / PROFET (2019–2023)
2021
-
Formal Methods for the Security Analysis of Smart Contracts
/
Maffei, M. (2021). Formal Methods for the Security Analysis of Smart Contracts. In Proceedings of the 21st Conference on Formal Methods in Computer-Aided Design – FMCAD 2021 (pp. 8–8). TU Wien Academic Press. https://doi.org/10.34727/2021/isbn.978-3-85448-046-4_3
Download: PDF (47.5 KB) - Donner: UTXO-Based Virtual Channels Across Multiple Hops / Aumayr, L., Moreno-Sanchez, P., Kate, A., & Maffei, M. (2021, September 7). Donner: UTXO-Based Virtual Channels Across Multiple Hops [Presentation]. Bitcoin Sydney Socratic Seminar, Australia. http://hdl.handle.net/20.500.12708/152979
- Blitz: Secure Multi-Hop Payments Without Two-Phase Commits / Aumayr, L., Moreno-Sanchez, P., Kate, A., & Maffei, M. (2021, May 26). Blitz: Secure Multi-Hop Payments Without Two-Phase Commits [Conference Presentation]. Theory and Practice of Blockchains, Unknown. http://hdl.handle.net/20.500.12708/153230
- Blitz: Secure Multi-Hop Payments Without Two-Phase Commits / Aumayr, L., Moreno-Sanchez, P., Kate, A., & Maffei, M. (2021, April 27). Blitz: Secure Multi-Hop Payments Without Two-Phase Commits [Presentation]. Bitcoin Sydney Socratic Seminar, Australia. http://hdl.handle.net/20.500.12708/152982
- Blitz: Secure Multi-Hop Payments Without Two-Phase Commits / Aumayr, L., Moreno-Sanchez, P., Kate, A., & Maffei, M. (2021, February 24). Blitz: Secure Multi-Hop Payments Without Two-Phase Commits [Presentation]. Decrypto Seminar, Unknown. http://hdl.handle.net/20.500.12708/152985
- Generalized Channels from Limited Blockchain Scripts and Adaptor Signatures / Aumayr, L., Ersoy, O., Erwig, A., Faust, S., Hostáková, K., Maffei, M., Moreno-Sanchez, P., & Riahi, S. (2021). Generalized Channels from Limited Blockchain Scripts and Adaptor Signatures. In Advances in Cryptology – ASIACRYPT 2021 27th International Conference on the Theory and Application of Cryptology and Information Security, Singapore, December 6–10, 2021, Proceedings, Part II (pp. 635–664). Springer. https://doi.org/10.1007/978-3-030-92075-3_22
- Cross-Layer Deanonymization Methods in the Lightning Protocol / Romiti, M., Victor, F., Moreno-Sanchez, P., Nordholt, P. S., Haslhofer, B., & Maffei, M. (2021). Cross-Layer Deanonymization Methods in the Lightning Protocol. In Financial Cryptography and Data Security 25th International Conference, FC 2021, Virtual Event, March 1–5, 2021, Revised Selected Papers, Part I. Springer Verlag, Austria. Springer LNCS. https://doi.org/10.1007/978-3-662-64322-8_9
- Can I Take Your Subdomain? Exploring Same-Site Attacks in the Modern Web / Squarcina, M., Tempesta, M., Veronese, L., Calzavara, S., & Maffei, M. (2021). Can I Take Your Subdomain? Exploring Same-Site Attacks in the Modern Web. In 30th USENIX Security Symposium (pp. 2917–2934). 30th USENIX Security Symposium, USENIX Security 2021, August 11-13, 2021. http://hdl.handle.net/20.500.12708/58469
- Post-Quantum Adaptor Signature for Privacy-Preserving Off-Chain Payments / Tairi, E., Moreno-Sanchez, P., & Maffei, M. (2021). Post-Quantum Adaptor Signature for Privacy-Preserving Off-Chain Payments. In Financial Cryptography and Data Security (pp. 131–150). https://doi.org/10.1007/978-3-662-64331-0_7
- A<sup>2</sup>L: Anonymous Atomic Locks for Scalability in Payment Channel Hubs / Tairi, E., Moreno-Sanchez, P., & Maffei, M. (2021). A2L: Anonymous Atomic Locks for Scalability in Payment Channel Hubs. In 2021 IEEE Symposium on Security and Privacy (SP). IEEE Symposium on Security and Privacy 2021, United States of America (the). https://doi.org/10.1109/sp40001.2021.00111
- The Remote on the Local: Exacerbating Web Attacks Via Service Workers Caches / Squarcina, M., Calzavara, S., & Maffei, M. (2021). The Remote on the Local: Exacerbating Web Attacks Via Service Workers Caches. In 2021 IEEE Security and Privacy Workshops (SPW). 15th IEEE Workshop on Offensive Technologies, San Francisco, CA, United States of America (the). https://doi.org/10.1109/spw53761.2021.00062
- Blitz: Secure Multi-Hop Payments Without Two-Phase Commits / Aumayr, L., Moreno-Sanchez, P., Kate, A., & Maffei, M. (2021). Blitz: Secure Multi-Hop Payments Without Two-Phase Commits. In 30th USENIX Security Symposium (pp. 4043–4060). USENIX: The Advanced Computing Systems Association. http://hdl.handle.net/20.500.12708/55607
- Bitcoin-Compatible Virtual Channels / Aumayr, L., Ersoy, O., Erwig, A., Faust, S., Hostáková, K., Maffei, M., Moreno-Sanchez, P., & Riahi, S. (2021). Bitcoin-Compatible Virtual Channels. In 2021 IEEE Symposium on Security and Privacy (SP). IEEE Symposium on Security and Privacy 2021, Oakland, United States of America (the). IEEE Computer Society. https://doi.org/10.1109/sp40001.2021.00097
2020
- eThor: Practical and Provably Sound Static Analysis of Ethereum Smart Contracts / Schneidewind, C., Grishchenko, I., Scherer, M., & Maffei, M. (2020). eThor: Practical and Provably Sound Static Analysis of Ethereum Smart Contracts. In Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security. ACM Conference on Computer and Communications Security (CCS), Washington, United States of America (the). Association for Computing Machinery ACM. https://doi.org/10.1145/3372297.3417250
- Language-Based Web Session Integrity / Calzavara, S., Focardi, R., Grimm, N., Maffei, M., & Tempesta, M. (2020). Language-Based Web Session Integrity. In 2020 IEEE 33rd Computer Security Foundations Symposium (CSF). IEEE 33rd Computer Security Foundations Symposium (CSF), Santa Barbara, United States of America (the). IEEE Computer Society. https://doi.org/10.1109/csf49147.2020.00016
- The Good, The Bad and The Ugly: Pitfalls and Best Practices in Automated Sound Static Analysis of Ethereum Smart Contracts / Schneidewind, C., Scherer, M., & Maffei, M. (2020). The Good, The Bad and The Ugly: Pitfalls and Best Practices in Automated Sound Static Analysis of Ethereum Smart Contracts. In T. Margaria & B. Steffen (Eds.), Leveraging Applications of Formal Methods, Verification and Validation: Applications. ISoLA 2020, Proceedings, Part III (pp. 212–231). Springer. https://doi.org/10.1007/978-3-030-61467-6_14
- The Remote on the Local: Exacerbating Web Attacks Via Service Workers Caches in Progressive Web Applications / Somé, D. F., Squarcina, M., Calzavara, S., & Maffei, M. (2020). The Remote on the Local: Exacerbating Web Attacks Via Service Workers Caches in Progressive Web Applications. EuroS&P 2020 SecWeb Workshop, Genova, Italy. http://hdl.handle.net/20.500.12708/87080
- A Quantitative Analysis of Security, Anonymity and Scalability for the Lightning Network / Tikhomirov, S., Moreno-Sanchez, P., & Maffei, M. (2020). A Quantitative Analysis of Security, Anonymity and Scalability for the Lightning Network. In 2020 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW). IEEE Security & Privacy On The Blockchain, Genova, Italy. IEEE. https://doi.org/10.1109/eurospw51379.2020.00059
- Generalized Bitcoin-Compatible Channels / Aumayr, L., Ersoy, O., Erwig, A., Faust, S., Hostáková, K., Maffei, M., Moreno-Sanchez, P., & Riahi, S. (2020). Generalized Bitcoin-Compatible Channels (2020/476). http://hdl.handle.net/20.500.12708/40215
2019
- Group ORAM for Privacy and AccessControl in Outsourced Personal Records / Maffei, M., Malavolta, G., Reinert, M., & Schröder, D. (2019). Group ORAM for Privacy and AccessControl in Outsourced Personal Records. Journal of Computer Security, 27(1), 1–47. https://doi.org/10.3233/jcs-171030
- Anonymous Multi-Hop Locks for Blockchain Scalability and Interoperability / Malavolta, G., Moreno-Sanchez, P., Schneidewind, C., Kate, A., & Maffei, M. (2019). Anonymous Multi-Hop Locks for Blockchain Scalability and Interoperability. ACM Advances in Financial Technologies AFT 2019, Zurich, Switzerland. http://hdl.handle.net/20.500.12708/87045
- Trace Reasoning for Formal Verification using the First-Order Superposition Calculus / Georgiou, P., Gleiss, B., Kovacs, L., & Maffei, M. (2019). Trace Reasoning for Formal Verification using the First-Order Superposition Calculus. FMCAD 2019 Student Forum, San Jose, United States of America (the). http://hdl.handle.net/20.500.12708/86988
- Verifying Relational Properties using Trace Logic / Barthe, G., Eilers, R., Georgiou, P., Gleiss, B., Kovacs, L., & Maffei, M. (2019). Verifying Relational Properties using Trace Logic. In B. Clark & J. Yang (Eds.), 2019 Formal Methods in Computer Aided Design (FMCAD). IEEE. https://doi.org/10.23919/fmcad.2019.8894277
- Anonymous Multi-Hop Locks for Blockchain Scalability and Interoperability / Malavolta, G., Moreno-Sanchez, P., Schneidewind, C., Kate, A., & Maffei, M. (2019). Anonymous Multi-Hop Locks for Blockchain Scalability and Interoperability. In Proceedings 2019 Network and Distributed System Security Symposium. Network and Distributed System Security Symposium (NDSS), San Diego, United States of America (the). https://doi.org/10.14722/ndss.2019.23330
- Atomic Multi-Channel Updates with Constant Collateral in Bitcoin-Compatible Payment-Channel Networks / Egger, C., Maffei, M., & Moreno-Sanchez, P. (2019). Atomic Multi-Channel Updates with Constant Collateral in Bitcoin-Compatible Payment-Channel Networks. In ACM (Ed.), Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security. ACM. https://doi.org/10.1145/3319535.3345666
- Atomic Multi-Channel Updates with Constant Collateral in Bitcoin-Compatible Payment-Channel Networks / Egger, C., Moreno-Sanchez, P., & Maffei, M. (2019). Atomic Multi-Channel Updates with Constant Collateral in Bitcoin-Compatible Payment-Channel Networks [Conference Presentation]. Scaling Bitcoin 2019, Tel Aviv, Israel. http://hdl.handle.net/20.500.12708/58034
2018
- Functional Credentials / Deuber, D., Maffei, M., Malavolta, G., Rabkin, M., Schröder, D., & Simkin, M. (2018). Functional Credentials. In Proceedings on Privacy Enhancing Technologies (pp. 64–84). Walter de Gruyter GmbH. http://hdl.handle.net/20.500.12708/57361
- Simple Password Hardened Encryption Services / Maffei, M., Reinert, M., Lai, R., Egger, C., Chow, S. S. M., & Schröder, D. (2018). Simple Password Hardened Encryption Services. In Proceedings of the 27th USENIX Security Symposium (pp. 1405–1421). USENIX. http://hdl.handle.net/20.500.12708/57492
- Subset Predicate Encryption and Its Applications / Katz, J., Maffei, M., Malavolta, G., & Schröder, D. (2018). Subset Predicate Encryption and Its Applications. In Cryptology and Network Security (pp. 115–134). Springer International Publishing. https://doi.org/10.1007/978-3-030-02641-7_6
- A Semantic Framework for the Security Analysis of Ethereum Smart Contracts / Grishchenko, I., Schneidewind, C., & Maffei, M. (2018). A Semantic Framework for the Security Analysis of Ethereum Smart Contracts. In Principles of Security and Trust 7th International Conference, POST 2018, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2018, Thessaloniki, Greece, April 14-20, 2018, Proceedings (pp. 243–269). Springer Open. https://doi.org/10.1007/978-3-319-89722-6_10
- Equivalence Properties by Typing in Cryptographic Branching Protocols / Cortier, V., Grimm, N., Lallemand, J., & Maffei, M. (2018). Equivalence Properties by Typing in Cryptographic Branching Protocols. In L. Bauer & R. Küsters (Eds.), Principles of Security and Trust (pp. 160–187). Springer LNCS. https://doi.org/10.1007/978-3-319-89722-6_7
- UniTraX: Protecting Data Privacy with Discoverable Biases / Munz, R., Eigner, F., Maffei, M., Francis, P., & Garg, D. (2018). UniTraX: Protecting Data Privacy with Discoverable Biases. In L. Bauer & R. Küsters (Eds.), Principles of Security and Trust (pp. 278–299). Springer, Lecture Notes in Computer Science. https://doi.org/10.1007/978-3-319-89722-6_12
- Foundations and Tools for the Static Analysis of Ethereum Smart Contracts / Gishchenko, I., Maffei, M., & Schneidewind, C. (2018). Foundations and Tools for the Static Analysis of Ethereum Smart Contracts. In G. Weissenbacher & H. Chockler (Eds.), Computer Aided Verification (pp. 51–78). Springer Open. https://doi.org/10.1007/978-3-319-96145-3_4
- WPSE: Fortifying Web Protocols via Browser-Side Security Monitoring / Calzavara, S., Maffei, M., Schneidewind, C., Tempesta, M., & Squarcina, M. (2018). WPSE: Fortifying Web Protocols via Browser-Side Security Monitoring. In Proceedings of the 27th USENIX Security Symposium (pp. 1493–1510). USENIX. http://hdl.handle.net/20.500.12708/57493
- A monadic framework for relational verification: applied to information security, program equivalence, and optimizations / Grimm, N., Maillard, K., Fournet, C., Hritcu, C., Maffei, M., Protzenko, J., Ramananandro, T., Swamy, N., & Zanella-Béguelin, S. (2018). A monadic framework for relational verification: applied to information security, program equivalence, and optimizations. In Proceedings of the 7th ACM SIGPLAN International Conference on Certified Programs and Proofs. ACM Digital Library. https://doi.org/10.1145/3167090
2017
- Principles of Security and Trust / Maffei, M., & Ryan, M. (Eds.). (2017). Principles of Security and Trust (Vol. 10204). Springer-Verlag. https://doi.org/10.1007/978-3-662-54455-6
- On the Security of Frequency-Hiding Order-Preserving Encryption / Reinert, M., Schröder, D., & Maffei, M. (2017). On the Security of Frequency-Hiding Order-Preserving Encryption. In Cryptology and Network Security (pp. 51–70). Springer International Publishing. https://doi.org/10.1007/978-3-030-02641-7_3
- Maliciously Secure Multi-Client ORAM / Maffei, M., Malavolta, G., Reinert, M., & Schröder, D. (2017). Maliciously Secure Multi-Client ORAM. In D. Gollmann, A. Miyaji, & H. Kikuchi (Eds.), Applied Cryptography and Network Security (pp. 645–664). © Springer International Publishing AG 2017. https://doi.org/10.1007/978-3-319-61204-1_32
- A Sound Flow-Sensitive Heap Abstraction for the Static Analysis of Android Applications / Maffei, M., Calzavara, S., Grishchenko, I., & Koutsos, A. (2017). A Sound Flow-Sensitive Heap Abstraction for the Static Analysis of Android Applications. In 2017 IEEE 30th Computer Security Foundations Symposium (CSF). IEEE Computer Security Foundations Symposium, Santa Barbara, USA, Non-EU. IEEE Xplore Digital Library. https://doi.org/10.1109/csf.2017.19
- Concurrency and Privacy with Payment-Channel Networks / Maffei, M., Kate, A., Malavolta, G., Moreno-Sanchez, P., & Ravi, S. (2017). Concurrency and Privacy with Payment-Channel Networks. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. ACM Digital Library. https://doi.org/10.1145/3133956.3134096
- SilentWhispers: Enforcing Security and Privacy in Decentralized Credit Networks / Maffei, M., Moreno-Sanchez, P., Kate, A., & Malavolta, G. (2017). SilentWhispers: Enforcing Security and Privacy in Decentralized Credit Networks. In Proceedings 2017 Network and Distributed System Security Symposium. Internet Society. https://doi.org/10.14722/ndss.2017.23448
- A Type System for Privacy Properties / Maffei, M., Lallemand, J., Cortier, V., & Grimm, N. (2017). A Type System for Privacy Properties. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. ACM CCS 2017 Conference on Computer and Communications Security, Dallas, USA, Non-EU. ACM Digital Library. https://doi.org/10.1145/3133956.3133998
Supervisions
-
Detecting Bot Wallets on the Ethereum Blockchain
/
Niedermayer, T. (2024). Detecting Bot Wallets on the Ethereum Blockchain [Diploma Thesis, Technische Universität Wien]. reposiTUm. https://doi.org/10.34726/hss.2024.106562
Download: PDF (3.26 MB) -
Formalization of bitcoin off-chain protocols in F*
/
Zikulnig, A. M. (2024). Formalization of bitcoin off-chain protocols in F* [Diploma Thesis, Technische Universität Wien]. reposiTUm. https://doi.org/10.34726/hss.2024.113647
Download: PDF (1.38 MB) -
WebAPISpec: An extensible, machine checked model of secure browser specifications
/
Lee, A. (2024). WebAPISpec: An extensible, machine checked model of secure browser specifications [Diploma Thesis, Technische Universität Wien]. reposiTUm. https://doi.org/10.34726/hss.2024.119447
Download: PDF (660 KB) -
Foundations of Adaptor Signatures for Distributed Ledger Protocols
/
Tairi, E. (2024). Foundations of Adaptor Signatures for Distributed Ledger Protocols [Dissertation, Technische Universität Wien]. reposiTUm. https://doi.org/10.34726/hss.2024.123264
Download: PDF (2.67 MB) -
Increasing Efficiency and Flexibility in Post-Quantum Cryptography
/
Cini, V. (2024). Increasing Efficiency and Flexibility in Post-Quantum Cryptography [Dissertation, Technische Universität Wien]. reposiTUm. https://doi.org/10.34726/hss.2024.121300
Download: PDF (2.95 MB) -
Foundations of Bitcoin-Compatible Scalability Protocols
/
Aumayr, L. (2024). Foundations of Bitcoin-Compatible Scalability Protocols [Dissertation, Technische Universität Wien]. reposiTUm. https://doi.org/10.34726/hss.2024.122127
Download: PDF (5.09 MB) -
Post-quantum cryptography in OpenPGP
/
Wussler, A. (2023). Post-quantum cryptography in OpenPGP [Diploma Thesis, Technische Universität Wien]. reposiTUm. https://doi.org/10.34726/hss.2023.106226
Download: PDF (1.38 MB) -
A systematic investigation of illicit money flows in the DeFi ecosystem
/
Luzian, S. (2022). A systematic investigation of illicit money flows in the DeFi ecosystem [Diploma Thesis, Technische Universität Wien]. reposiTUm. https://doi.org/10.34726/hss.2023.106121
Download: PDF (2.61 MB) -
Tracing cryptoassets across chains: An empirical analysis of the Terra network
/
Haimerl, N. (2022). Tracing cryptoassets across chains: An empirical analysis of the Terra network [Diploma Thesis, Technische Universität Wien]. reposiTUm. https://doi.org/10.34726/hss.2023.103500
Download: PDF (2.27 MB) -
Sound cross-contract reachability analysis of ethereum smart contracts
/
Schweighofer, M. (2022). Sound cross-contract reachability analysis of ethereum smart contracts [Diploma Thesis, Technische Universität Wien]. reposiTUm. https://doi.org/10.34726/hss.2022.95282
Download: PDF (1.99 MB) -
Static and dynamic enforcement of security via relational reasoning
/
Grimm, N. (2021). Static and dynamic enforcement of security via relational reasoning [Dissertation, Technische Universität Wien]. reposiTUm. https://doi.org/10.34726/hss.2021.90710
Download: PDF (2.93 MB) -
Analysis of decentralized mixing services in the greater bitcoin ecosystem
/
Stockinger, J. (2021). Analysis of decentralized mixing services in the greater bitcoin ecosystem [Diploma Thesis, Technische Universität Wien]. reposiTUm. https://doi.org/10.34726/hss.2021.87269
Download: PDF (1.89 MB) -
Adaptor signature based atomic swaps between bitcoin and a mimblewimble based cryptocurrency
/
Abfalter, J. (2021). Adaptor signature based atomic swaps between bitcoin and a mimblewimble based cryptocurrency [Diploma Thesis, Technische Universität Wien]. reposiTUm. https://doi.org/10.34726/hss.2021.77663
Download: PDF (1.17 MB) -
Foundations for the security analysis of distributed blockchain applications
/
Schneidewind, C. (2021). Foundations for the security analysis of distributed blockchain applications [Dissertation, Technische Universität Wien]. reposiTUm. https://doi.org/10.34726/hss.2021.91204
Download: PDF (3.53 MB) -
Static analysis of low-level code
/
Grishchenko, I. (2021). Static analysis of low-level code [Dissertation, Technische Universität Wien]. reposiTUm. https://doi.org/10.34726/hss.2021.87563
Download: PDF (2.4 MB) -
Privacy preserving authenticated Kkey exchange : Modelling, constructions, proofs and formal verification : Modellierung, Konstruktionen, Beweise und Verification
/
Weninger, A. J. (2020). Privacy preserving authenticated Kkey exchange : Modelling, constructions, proofs and formal verification : Modellierung, Konstruktionen, Beweise und Verification [Diploma Thesis, Technische Universität Wien]. reposiTUm. https://doi.org/10.34726/hss.2021.87263
Download: PDF (1020 KB) -
Payment channel network analysis with focus on lightning network
/
Holzer, P. (2020). Payment channel network analysis with focus on lightning network [Diploma Thesis, Technische Universität Wien]. reposiTUm. https://doi.org/10.34726/hss.2020.75260
Download: PDF (3.04 MB) -
Static analysis of eWASM contracts
/
Schwarz, A. (2019). Static analysis of eWASM contracts [Diploma Thesis, Technische Universität Wien]. reposiTUm. https://doi.org/10.34726/hss.2019.72720
Download: PDF (884 KB) -
Theoretische und praktische Smart Contracts - Realisierung eines Investmentfonds
/
Schneider, J. F. (2018). Theoretische und praktische Smart Contracts - Realisierung eines Investmentfonds [Diploma Thesis, Technische Universität Wien]. reposiTUm. https://doi.org/10.34726/hss.2018.55468
Download: PDF (980 KB)