TU Wien Informatics

20 Years

Roles

  • Head of Research Unit
    Security and Privacy, E192-06
  • Full Professor
    Security and Privacy, E192-06
  • Curriculum Coordinator
    Bachelor Informatics / Specialization Cybersecurity
  • Curriculum Coordinator
    Double-Degree Program IT Security
  • Curriculum Commission for Informatics
    Substitute Member

2023

2022

2021

  • Formal Methods for the Security Analysis of Smart Contracts / Maffei, M. (2021). Formal Methods for the Security Analysis of Smart Contracts. In Proceedings of the 21st Conference on Formal Methods in Computer-Aided Design – FMCAD 2021 (pp. 8–8). TU Wien Academic Press. https://doi.org/10.34727/2021/isbn.978-3-85448-046-4_3
    Download: PDF (47.5 KB)
  • Donner: UTXO-Based Virtual Channels Across Multiple Hops / Aumayr, L., Moreno-Sanchez, P., Kate, A., & Maffei, M. (2021, September 7). Donner: UTXO-Based Virtual Channels Across Multiple Hops [Presentation]. Bitcoin Sydney Socratic Seminar, Australia. http://hdl.handle.net/20.500.12708/152979
  • Blitz: Secure Multi-Hop Payments Without Two-Phase Commits / Aumayr, L., Moreno-Sanchez, P., Kate, A., & Maffei, M. (2021, May 26). Blitz: Secure Multi-Hop Payments Without Two-Phase Commits [Conference Presentation]. Theory and Practice of Blockchains, Unknown. http://hdl.handle.net/20.500.12708/153230
  • Blitz: Secure Multi-Hop Payments Without Two-Phase Commits / Aumayr, L., Moreno-Sanchez, P., Kate, A., & Maffei, M. (2021, April 27). Blitz: Secure Multi-Hop Payments Without Two-Phase Commits [Presentation]. Bitcoin Sydney Socratic Seminar, Australia. http://hdl.handle.net/20.500.12708/152982
  • Blitz: Secure Multi-Hop Payments Without Two-Phase Commits / Aumayr, L., Moreno-Sanchez, P., Kate, A., & Maffei, M. (2021, February 24). Blitz: Secure Multi-Hop Payments Without Two-Phase Commits [Presentation]. Decrypto Seminar, Unknown. http://hdl.handle.net/20.500.12708/152985
  • Post-Quantum Adaptor Signature for Privacy-Preserving Off-Chain Payments / Tairi, E., Moreno-Sanchez, P., & Maffei, M. (2021). Post-Quantum Adaptor Signature for Privacy-Preserving Off-Chain Payments. In Financial Cryptography and Data Security (pp. 131–150). https://doi.org/10.1007/978-3-662-64331-0_7
  • A<sup>2</sup>L: Anonymous Atomic Locks for Scalability in Payment Channel Hubs / Tairi, E., Moreno-Sanchez, P., & Maffei, M. (2021). A2L: Anonymous Atomic Locks for Scalability in Payment Channel Hubs. In 2021 IEEE Symposium on Security and Privacy (SP). IEEE Symposium on Security and Privacy 2021, United States of America (the). https://doi.org/10.1109/sp40001.2021.00111
  • The Remote on the Local: Exacerbating Web Attacks Via Service Workers Caches / Squarcina, M., Calzavara, S., & Maffei, M. (2021). The Remote on the Local: Exacerbating Web Attacks Via Service Workers Caches. In 2021 IEEE Security and Privacy Workshops (SPW). 15th IEEE Workshop on Offensive Technologies, San Francisco, CA, United States of America (the). https://doi.org/10.1109/spw53761.2021.00062
  • Can I Take Your Subdomain? Exploring Same-Site Attacks in the Modern Web / Squarcina, M., Tempesta, M., Veronese, L., Calzavara, S., & Maffei, M. (2021). Can I Take Your Subdomain? Exploring Same-Site Attacks in the Modern Web. In 30th USENIX Security Symposium (pp. 2917–2934). 30th USENIX Security Symposium, USENIX Security 2021, August 11-13, 2021. http://hdl.handle.net/20.500.12708/58469
  • Blitz: Secure Multi-Hop Payments Without Two-Phase Commits / Aumayr, L., Moreno-Sanchez, P., Kate, A., & Maffei, M. (2021). Blitz: Secure Multi-Hop Payments Without Two-Phase Commits. In 30th USENIX Security Symposium (pp. 4043–4060). USENIX: The Advanced Computing Systems Association. http://hdl.handle.net/20.500.12708/55607
  • Generalized Channels from Limited Blockchain Scripts and Adaptor Signatures / Aumayr, L., Ersoy, O., Erwig, A., Faust, S., Hostáková, K., Maffei, M., Moreno-Sanchez, P., & Riahi, S. (2021). Generalized Channels from Limited Blockchain Scripts and Adaptor Signatures. In Lecture Notes in Computer Science (pp. 635–664). Springer. https://doi.org/10.1007/978-3-030-92075-3_22
  • Bitcoin-Compatible Virtual Channels / Aumayr, L., Ersoy, O., Erwig, A., Faust, S., Hostáková, K., Maffei, M., Moreno-Sanchez, P., & Riahi, S. (2021). Bitcoin-Compatible Virtual Channels. In 2021 IEEE Symposium on Security and Privacy (SP). IEEE Symposium on Security and Privacy 2021, Oakland, United States of America (the). IEEE Computer Society. https://doi.org/10.1109/sp40001.2021.00097
  • Cross-Layer Deanonymization Methods in the Lightning Protocol / Romiti, M., Victor, F., Moreno-Sanchez, P., Nordholt, P. S., Haslhofer, B., & Maffei, M. (2021). Cross-Layer Deanonymization Methods in the Lightning Protocol. In Lecture Notes in Computer Science. Springer Verlag, Austria. Springer LNCS. https://doi.org/10.1007/978-3-662-64322-8

2020

  • The Good, The Bad and The Ugly: Pitfalls and Best Practices in Automated Sound Static Analysis of Ethereum Smart Contracts / Schneidewind, C., Scherer, M., & Maffei, M. (2020). The Good, The Bad and The Ugly: Pitfalls and Best Practices in Automated Sound Static Analysis of Ethereum Smart Contracts. In T. Margaria & B. Steffen (Eds.), Leveraging Applications of Formal Methods, Verification and Validation: Applications. ISoLA 2020, Proceedings, Part III (pp. 212–231). Springer. https://doi.org/10.1007/978-3-030-61467-6_14
  • The Remote on the Local: Exacerbating Web Attacks Via Service Workers Caches in Progressive Web Applications / Somé, D. F., Squarcina, M., Calzavara, S., & Maffei, M. (2020). The Remote on the Local: Exacerbating Web Attacks Via Service Workers Caches in Progressive Web Applications. EuroS&P 2020 SecWeb Workshop, Genova, IT, EU. http://hdl.handle.net/20.500.12708/87080
  • A Quantitative Analysis of Security, Anonymity and Scalability for the Lightning Network / Tikhomirov, S., Moreno-Sanchez, P., & Maffei, M. (2020). A Quantitative Analysis of Security, Anonymity and Scalability for the Lightning Network. In 2020 IEEE European Symposium on Security and Privacy Workshops (EuroS&amp;PW). IEEE Security & Privacy On The Blockchain, Genova, EU. IEEE. https://doi.org/10.1109/eurospw51379.2020.00059
  • eThor: Practical and Provably Sound Static Analysis of Ethereum Smart Contracts / Schneidewind, C., Grishchenko, I., Scherer, M., & Maffei, M. (2020). eThor: Practical and Provably Sound Static Analysis of Ethereum Smart Contracts. In Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security. ACM Conference on Computer and Communications Security (CCS), Washington, USA, Non-EU. Association for Computing Machinery ACM. https://doi.org/10.1145/3372297.3417250
  • Language-Based Web Session Integrity / Calzavara, S., Focardi, R., Grimm, N., Maffei, M., & Tempesta, M. (2020). Language-Based Web Session Integrity. In 2020 IEEE 33rd Computer Security Foundations Symposium (CSF). IEEE Computer Security Foundations Symposium, Santa Barbara, USA, Non-EU. IEEE Computer Society. https://doi.org/10.1109/csf49147.2020.00016
  • Generalized Bitcoin-Compatible Channels / Aumayr, L., Ersoy, O., Erwig, A., Faust, S., Hostáková, K., Maffei, M., Moreno-Sanchez, P., & Riahi, S. (2020). Generalized Bitcoin-Compatible Channels (2020/476). http://hdl.handle.net/20.500.12708/40215

2019

2018

  • Equivalence Properties by Typing in Cryptographic Branching Protocols / Cortier, V., Grimm, N., Lallemand, J., & Maffei, M. (2018). Equivalence Properties by Typing in Cryptographic Branching Protocols. In L. Bauer & R. Küsters (Eds.), Principles of Security and Trust (pp. 160–187). Springer LNCS. https://doi.org/10.1007/978-3-319-89722-6_7
  • UniTraX: Protecting Data Privacy with Discoverable Biases / Munz, R., Eigner, F., Maffei, M., Francis, P., & Garg, D. (2018). UniTraX: Protecting Data Privacy with Discoverable Biases. In L. Bauer & R. Küsters (Eds.), Principles of Security and Trust (pp. 278–299). Springer, Lecture Notes in Computer Science. https://doi.org/10.1007/978-3-319-89722-6_12
  • A Semantic Framework for the Security Analysis of Ethereum Smart Contracts / Grishchenko, I., Schneidewind, C., & Maffei, M. (2018). A Semantic Framework for the Security Analysis of Ethereum Smart Contracts. In Lecture Notes in Computer Science (pp. 243–269). Springer Open. https://doi.org/10.1007/978-3-319-89722-6_10
  • Foundations and Tools for the Static Analysis of Ethereum Smart Contracts / Gishchenko, I., Maffei, M., & Schneidewind, C. (2018). Foundations and Tools for the Static Analysis of Ethereum Smart Contracts. In G. Weissenbacher & H. Chockler (Eds.), Computer Aided Verification (pp. 51–78). Springer Open. https://doi.org/10.1007/978-3-319-96145-3_4
  • WPSE: Fortifying Web Protocols via Browser-Side Security Monitoring / Calzavara, S., Maffei, M., Schneidewind, C., Tempesta, M., & Squarcina, M. (2018). WPSE: Fortifying Web Protocols via Browser-Side Security Monitoring. In Proceedings of the 27th USENIX Security Symposium (pp. 1493–1510). USENIX. http://hdl.handle.net/20.500.12708/57493
  • Simple Password Hardened Encryption Services / Maffei, M., Reinert, M., Lai, R., Egger, C., Chow, S. S. M., & Schröder, D. (2018). Simple Password Hardened Encryption Services. In Proceedings of the 27th USENIX Security Symposium (pp. 1405–1421). USENIX. http://hdl.handle.net/20.500.12708/57492
  • Functional Credentials / Deuber, D., Maffei, M., Malavolta, G., Rabkin, M., Schröder, D., & Simkin, M. (2018). Functional Credentials. In Proceedings on Privacy Enhancing Technologies (pp. 64–84). Walter de Gruyter GmbH. http://hdl.handle.net/20.500.12708/57361
  • A monadic framework for relational verification: applied to information security, program equivalence, and optimizations / Grimm, N., Maillard, K., Fournet, C., Hritcu, C., Maffei, M., Protzenko, J., Ramananandro, T., Swamy, N., & Zanella-Béguelin, S. (2018). A monadic framework for relational verification: applied to information security, program equivalence, and optimizations. In Proceedings of the 7th ACM SIGPLAN International Conference on Certified Programs and Proofs. ACM Digital Library. https://doi.org/10.1145/3167090
  • Subset Predicate Encryption and Its Applications / Katz, J., Maffei, M., Malavolta, G., & Schröder, D. (2018). Subset Predicate Encryption and Its Applications. In Cryptology and Network Security (pp. 115–134). Springer International Publishing. https://doi.org/10.1007/978-3-030-02641-7_6

2017

  • Principles of Security and Trust / Maffei, M., & Ryan, M. (Eds.). (2017). Principles of Security and Trust (Vol. 10204). Springer-Verlag. https://doi.org/10.1007/978-3-662-54455-6
  • A Sound Flow-Sensitive Heap Abstraction for the Static Analysis of Android Applications / Maffei, M., Calzavara, S., Grishchenko, I., & Koutsos, A. (2017). A Sound Flow-Sensitive Heap Abstraction for the Static Analysis of Android Applications. In 2017 IEEE 30th Computer Security Foundations Symposium (CSF). IEEE Computer Security Foundations Symposium, Santa Barbara, USA, Non-EU. IEEE Xplore Digital Library. https://doi.org/10.1109/csf.2017.19
  • Maliciously Secure Multi-Client ORAM / Maffei, M., Malavolta, G., Reinert, M., & Schröder, D. (2017). Maliciously Secure Multi-Client ORAM. In D. Gollmann, A. Miyaji, & H. Kikuchi (Eds.), Applied Cryptography and Network Security (pp. 645–664). © Springer International Publishing AG 2017. https://doi.org/10.1007/978-3-319-61204-1_32
  • On the Security of Frequency-Hiding Order-Preserving Encryption / Reinert, M., Schröder, D., & Maffei, M. (2017). On the Security of Frequency-Hiding Order-Preserving Encryption. In Cryptology and Network Security (pp. 51–70). Springer International Publishing. https://doi.org/10.1007/978-3-030-02641-7_3
  • Concurrency and Privacy with Payment-Channel Networks / Maffei, M., Kate, A., Malavolta, G., Moreno-Sanchez, P., & Ravi, S. (2017). Concurrency and Privacy with Payment-Channel Networks. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. ACM Digital Library. https://doi.org/10.1145/3133956.3134096
  • SilentWhispers: Enforcing Security and Privacy in Decentralized Credit Networks / Maffei, M., Moreno-Sanchez, P., Kate, A., & Malavolta, G. (2017). SilentWhispers: Enforcing Security and Privacy in Decentralized Credit Networks. In Proceedings 2017 Network and Distributed System Security Symposium. Internet Society. https://doi.org/10.14722/ndss.2017.23448
  • A Type System for Privacy Properties / Maffei, M., Lallemand, J., Cortier, V., & Grimm, N. (2017). A Type System for Privacy Properties. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. ACM CCS 2017 Conference on Computer and Communications Security, Dallas, USA, Non-EU. ACM Digital Library. https://doi.org/10.1145/3133956.3133998