Douglas Stebila
List of papers by publication type
See also my list of papers by topic.
Books
- Protocols for Authentication and Key Establishment, Second Edition. C. Boyd, A. Mathuria, D. Stebila. Information Security and Cryptography. Springer, 2019.
Conference proceedings edited
- Proc. 20th Australasian Conference on Information Security and Privacy (ACISP) 2015. E. Foo, D. Stebila, editors. LNCS, vol. 9144. Springer, 2015.
- Proc. 26th Annual Conference on Selected Areas in Cryptography (SAC) 2019. K. G. Paterson, D. Stebila, editors. LNCS, vol. 11959. Springer, 2019.
- Advances in Cryptology – CRYPTO 2024, Part I. L. Reyzin, D. Stebila, editors. LNCS, vol. 14920. Springer, 2024.
- Advances in Cryptology – CRYPTO 2024, Part II. L. Reyzin, D. Stebila, editors. LNCS, vol. 14921. Springer, 2024.
- Advances in Cryptology – CRYPTO 2024, Part III. L. Reyzin, D. Stebila, editors. LNCS, vol. 14922. Springer, 2024.
- Advances in Cryptology – CRYPTO 2024, Part IV. L. Reyzin, D. Stebila, editors. LNCS, vol. 14923. Springer, 2024.
- Advances in Cryptology – CRYPTO 2024, Part V. L. Reyzin, D. Stebila, editors. LNCS, vol. 14924. Springer, 2024.
- Advances in Cryptology – CRYPTO 2024, Part VI. L. Reyzin, D. Stebila, editors. LNCS, vol. 14925. Springer, 2024.
- Advances in Cryptology – CRYPTO 2024, Part VII. L. Reyzin, D. Stebila, editors. LNCS, vol. 14926. Springer, 2024.
- Advances in Cryptology – CRYPTO 2024, Part VIII. L. Reyzin, D. Stebila, editors. LNCS, vol. 14927. Springer, 2024.
- Advances in Cryptology – CRYPTO 2024, Part IX. L. Reyzin, D. Stebila, editors. LNCS, vol. 14928. Springer, 2024.
- Advances in Cryptology – CRYPTO 2024, Part X. L. Reyzin, D. Stebila, editors. LNCS, vol. 14929. Springer, 2024.
Refereed journal papers
- Anonymity and one-way authentication in key exchange protocols. I. Goldberg, D. Stebila, B. Ustaoglu. In Designs, Codes and Cryptography, 2013.
- Publicly verifiable ciphertexts (full version). J. González Nieto, M. Manulis, B. Poettering, J. Rangasamy, D. Stebila. In Journal of Computer Security, 2013.
- Plaintext awareness in identity-based key encapsulation. M. Manulis, B. Poettering, D. Stebila. In International Journal of Information Security, 2014.
- Secure modular password authentication for the web using channel bindings (full version). M. Manulis, D. Stebila, F. Kiefer, N. Denham. In International Journal of Information Security, 2016.
- Double-authentication-preventing signatures (full version). B. Poettering, D. Stebila. In International Journal of Information Security, 2017.
- ASICS: Authenticated key exchange security incorporating certification systems (full version). C. Boyd, C. Cremers, M. Feltz, K. G. Paterson, B. Poettering, D. Stebila. In International Journal of Information Security, 2017.
- Efficient oblivious database joins. S. Krastnikov, F. Kerschbaum, D. Stebila. In Proceedings of the VLDB Endowment, 2020.
- A formal security analysis of the Signal messaging protocol. K. Cohn-Gordon, C. Cremers, B. Dowling, L. Garratt, D. Stebila. In Journal of Cryptology, 2020.
- Associative blockchain for decentralized PKI transparency. X. Boyen, U. Herath, M. McKague, D. Stebila. In Cryptography, 2021.
- Algorithm substitution attacks: state reset detection and asymmetric modifications. P. Hodges, D. Stebila. In IACR Transactions on Symmetric Cryptography, 2021.
- A cryptographic analysis of the TLS 1.3 handshake protocol. B. Dowling, M. Fischlin, F. Günther, D. Stebila. In Journal of Cryptology, 2021.
- A reduction-based proof for authentication and session key security in 3-party Kerberos. J. Schwenk, D. Stebila. In International Journal of Applied Cryptography, 2023.
Refereed conference papers
- An end-to-end systems approach to elliptic curve cryptography. N. Gura, S. Chang Shantz, H. Eberle, S. Gupta, V. Gupta, D. Finchelstein, E. Goupy, D. Stebila. In CHES 2002.
- Performance analysis of elliptic curve cryptography for SSL. V. Gupta, S. Gupta, S. Chang, D. Stebila. In ACM Wireless Security 2002.
- Generic GF(2m) arithmetic in software and its application to ECC. A. Weimerskirch, D. Stebila, S. Chang. In ACISP 2003.
- Speeding up secure web transactions using elliptic curve cryptography. V. Gupta, D. Stebila, S. Fung, S. Chang, N. Gura, H. Eberle. In NDSS 2004.
- Integrating elliptic curve cryptography into the web's security infrastructure. V. Gupta, D. Stebila, S. Chang. In ACM WWW 2004.
- Unified point addition formulæ and side-channel attacks. D. Stebila, N. Thériault. In CHES 2006.
- Towards denial-of-service-resilient key agreement protocols. D. Stebila, B. Ustaoglu. In ACISP 2009.
- The case for quantum key distribution. D. Stebila, M. Mosca, N. Lütkenhaus. In QuantumComm 2009.
- Quantum coins. M. Mosca, D. Stebila. In Error-Correcting Codes, Finite Geometries and Cryptography 2010.
- Multi-factor password-authenticated key exchange. D. Stebila, P. Udupi, S. Chang. In AISC 2010.
- Predicate-based key exchange. J. Birkett, D. Stebila. In ACISP 2010.
- One-time-password-authenticated key exchange. K. G. Paterson, D. Stebila. In ACISP 2010.
- Fixed argument pairings. C. Costello, D. Stebila. In LATINCRYPT 2010.
- Reinforcing bad behaviour: the misuse of security indicators on popular websites. D. Stebila. In OzCHI 2010.
- Stronger difficulty notions for client puzzles and denial-of-service-resistant protocols. D. Stebila, L. Kuppusamy, J. Rangasamy, C. Boyd, J. González Nieto. In CT-RSA 2011.
- An integrated approach to cryptographic mitigation of denial-of-service attacks. J. Rangasamy, D. Stebila, C. Boyd, J. González Nieto. In ACM ASIACCS 2011.
- Defending web services against denial of service attacks using client puzzles. S. Suriadi, D. Stebila, A. Clark, H. Liu. In IEEE ICWS 2011.
- Efficient modular exponentiation-based puzzles for denial-of-service protection. J. Rangasamy, D. Stebila, C. Boyd, J. González Nieto, L. Kuppusamy. In ICISC 2011.
- Towards a provably secure DoS-resilient key exchange protocol with perfect forward secrecy. L. Kuppusamy, J. Rangasamy, D. Stebila, C. Boyd, J. González Nieto. In INDOCRYPT 2011.
- Practical client puzzles in the standard model. L. Kuppusamy, J. Rangasamy, D. Stebila, C. Boyd, J. González Nieto. In ACM ASIACCS 2012.
- Effort-release public-key encryption from cryptographic puzzles. J. Rangasamy, D. Stebila, C. Boyd, J. González Nieto, L. Kuppusamy. In ACISP 2012.
- Self-identified experts lost on the Interwebs. T. Kelley, S. Lien, L. J. Camp, D. Stebila. In LASER 2012.
- Publicly verifiable ciphertexts. J. González Nieto, M. Manulis, B. Poettering, J. Rangasamy, D. Stebila. In SCN 2012.
- Comparative eye tracking of experts and novices in web single sign-on. M. Arianezhad, L. J. Camp, T. Kelley, D. Stebila. In ACM CODASPY 2013.
- Usability and security of gaze-based graphical grid passwords. M. Arianezhad, D. Stebila, B. Mozaffari. In USEC 2013.
- Quantum key distribution in the classical authenticated key exchange framework. M. Mosca, D. Stebila, B. Ustaoglu. In PQCrypto 2013.
- Count-min sketches for estimating password frequency within Hamming distance two. L. South, D. Stebila. In ACISP 2013.
- Quantum one-time programs. A. Broadbent, G. Gutoski, D. Stebila. In CRYPTO 2013.
- ASICS: Authenticated key exchange security incorporating certification systems. C. Boyd, C. Cremers, M. Feltz, K. G. Paterson, B. Poettering, D. Stebila. In ESORICS 2013.
- On the security of TLS renegotiation. F. Giesen, F. Kohlar, D. Stebila. In ACM CCS 2013.
- Formalising human recognition: A fundamental building block for security proofs. K. Radke, C. Boyd, J. González Nieto, M. Manulis, D. Stebila. In AISC 2014.
- Modelling after-the-fact leakage for key exchange. J. Alawatugoda, D. Stebila, C. Boyd. In ACM ASIACCS 2014.
- Continuous after-the-fact leakage-resilient key exchange. J. Alawatugoda, C. Boyd, D. Stebila. In ACISP 2014.
- Double-authentication-preventing signatures. B. Poettering, D. Stebila. In ESORICS 2014.
- Multi-ciphersuite security of the Secure Shell (SSH) protocol. F. Bergsma, B. Dowling, F. Kohlar, J. Schwenk, D. Stebila. In ACM CCS 2014.
- Secure modular password authentication for the web using channel bindings. M. Manulis, D. Stebila, N. Denham. In SSR 2014.
- Protecting encrypted cookies from compression side-channel attacks. J. Alawatugoda, D. Stebila, C. Boyd. In FC 2015.
- Hierarchical deterministic Bitcoin wallets that tolerate key leakage. G. Gutoski, D. Stebila. In FC 2015.
- Post-quantum key exchange for the TLS protocol from the ring learning with errors problem. J. W. Bos, C. Costello, M. Naehrig, D. Stebila. In IEEE S&P 2015.
- Modelling ciphersuite and version negotiation in the TLS protocol. B. Dowling, D. Stebila. In ACISP 2015.
- An analysis of TLS handshake proxying. D. Stebila, N. Sullivan. In IEEE TrustCom 2015.
- A cryptographic analysis of the TLS 1.3 handshake protocol candidates. B. Dowling, M. Fischlin, F. Günther, D. Stebila. In ACM CCS 2015.
- Continuous after-the-fact leakage-resilient eCK-secure key exchange. J. Alawatugoda, D. Stebila, C. Boyd. In IMA Cryptography & Coding 2015.
- Predicting TLS performance from key exchange performance. F. Moghimifar, D. Stebila. In AISC 2016.
- From stateless to stateful: Generic authentication and authenticated encryption constructions with application to TLS. B. Hale, C. Boyd, S. F. Mjølsnes, D. Stebila. In CT-RSA 2016.
- Safely exporting keys from secure channels: On the security of EAP-TLS and TLS Key Exporters. C. Brzuska, H. Jacobsen, D. Stebila. In EUROCRYPT 2016.
- Authenticated network time synchronization. B. Dowling, D. Stebila, G. Zaverucha. In USENIX Security 2016.
- Secure logging schemes and Certificate Transparency. B. Dowling, F. Günther, U. Herath, D. Stebila. In ESORICS 2016.
- Frodo: Take off the ring! Practical, quantum-secure key exchange from LWE. J. Bos, C. Costello, L. Ducas, I. Mironov, M. Naehrig, V. Nikolaenko, A. Raghunathan, D. Stebila. In ACM CCS 2016.
- Post-quantum key exchange for the Internet and the Open Quantum Safe project. D. Stebila, M. Mosca. In SAC 2016.
- From identification to signatures, tightly: A framework and generic transforms. M. Bellare, B. Poettering, D. Stebila. In ASIACRYPT 2016.
- Deterring certificate subversion: efficient double-authentication-preventing signatures. M. Bellare, B. Poettering, D. Stebila. In PKC 2017.
- A formal security analysis of the Signal messaging protocol. K. Cohn-Gordon, C. Cremers, B. Dowling, L. Garratt, D. Stebila. In IEEE EuroS&P 2017.
- Transitioning to a quantum-resistant public key infrastructure. N. Bindel, U. Herath, M. McKague, D. Stebila. In PQCrypto 2017.
- Security analysis of a design variant of randomized hashing. P. Gauravaram, S. Hirose, D. Stebila. In ATIS 2017.
- Hybrid key encapsulation mechanisms and authenticated key exchange. N. Bindel, J. Brendel, M. Fischlin, B. Goncalves, D. Stebila. In PQCrypto 2019.
- Prototyping post-quantum and hybrid key exchange and authentication in TLS and SSH. E. Crockett, C. Paquin, D. Stebila. In NIST PQC Standardization 2019.
- Benchmarking post-quantum cryptography in TLS. C. Paquin, D. Stebila, G. Tamvada. In PQCrypto 2020.
- ArchiveSafe: mass-leakage-resistant storage from proof-of-work. M. Sabry, R. Samavi, D. Stebila. In DPM 2020.
- Towards post-quantum security for Signal's X3DH handshake. J. Brendel, M. Fischlin, F. Günther, C. Janson, D. Stebila. In SAC 2020.
- Post-quantum TLS without handshake signatures. P. Schwabe, D. Stebila, T. Wiggers. In ACM CCS 2020.
- SoK: Game-based security models for group key exchange. B. Poettering, P. Rösler, J. Schwenk, D. Stebila. In CT-RSA 2021.
- The “quantum annoying” property of password-authenticated key exchange protocols. E. Eaton, D. Stebila. In PQCrypto 2021.
- More efficient post-quantum KEMTLS with pre-distributed public keys. P. Schwabe, D. Stebila, T. Wiggers. In ESORICS 2021.
- Improved attacks against key reuse in learning with errors key exchange. N. Bindel, D. Stebila, S. Veitch. In LATINCRYPT 2021.
- Post-quantum key-blinding for authentication in anonymity networks. E. Eaton, D. Stebila, R. Stracovsky. In LATINCRYPT 2021.
- Post-quantum asynchronous deniable key exchange and the Signal handshake. J. Brendel, R. Fiedler, F. Günther, C. Janson, D. Stebila. In PKC 2022.
- Improving software quality in cryptography standardization projects. M. J. Kannwischer, P. Schwabe, D. Stebila, T. Wiggers. In SSR 2022.
- A tale of two models: formal verification of KEMTLS via Tamarin. S. Celi, J. Hoyland, D. Stebila, T. Wiggers. In ESORICS 2022.
- Proof-of-possession for KEM certificates using verifiable generation. T. Güneysu, P. Hodges, G. Land, M. Ounsworth, D. Stebila, G. Zaverucha. In ACM CCS 2022.
- Post-quantum signatures in DNSSEC via request-based fragmentation. J. Goertzen, D. Stebila. In PQCrypto 2023.
- Making an asymmetric PAKE quantum-annoying by hiding group elements. M. Tiepelt, E. Eaton, D. Stebila. In ESORICS 2023.
- Quantum-safe account recovery for WebAuthn. D. Stebila, S. Wilson. In ACM ASIACCS 2024.
- TurboTLS: TLS connection establishment with 1 less round trip. C. Aguilar-Melchor, T. Bailleux, J. Goertzen, A. Guinet, D. Joseph, D. Stebila. In ESORICS 2024.
- Obfuscated key exchange. F. Günther, D. Stebila, S. Veitch. In ACM CCS 2024.
Technical standards
- ECMQV_ECQV cipher suites for Transport Layer Security (TLS). M. Campagna, D. Stebila. Internet-Draft, 2009.
- Elliptic-curve algorithm integration in the Secure Shell transport layer. D. Stebila, J. Green. RFC 5656, 2009.
- X.509v3 certificates for Secure Shell authentication. K. Igoe, D. Stebila. RFC 6187, 2011.
- A Transport Layer Security (TLS) extension for establishing an additional shared secret. J.M. Schanck, D. Stebila. Internet-Draft, 2017.
- NewHope. E. Alkim, R. Avanzi, J. W. Bos, L. Ducas, A. de la Piedra, P. Schwabe, D. Stebila, M. R. Albrecht, E. Orsini, V. Osheter, K. G. Paterson, G. Peer, N. P. Smart. Submission to the NIST Post-Quantum Cryptography standardization project, Round 2, 2019.
- FrodoKEM: Learning with errors key encapsulation. E. Alkim, J. W. Bos, L. Ducas, K. Easterbrook, B. LaMacchia, P. Longa, I. Mironov, M. Naehrig, V. Nikolaenko, C. Peikert, A. Raghunathan, D. Stebila. Submission to the NIST Post-Quantum Cryptography standardization project, Round 3, 2020.
- X25519Kyber768Draft00 hybrid post-quantum key agreement. B. Westerbaan, D. Stebila. Internet-Draft, 2023.
- KEM-based authentication for TLS 1.3. S. Celi, P. Schwabe, D. Stebila, N. Sullivan, T. Wiggers. Internet-Draft, 2023.
- KEM-based pre-shared-key handshakes for TLS 1.3. T. Wiggers, S. Celi, P. Schwabe, D. Stebila, N. Sullivan. Internet-Draft, 2023.
- TurboTLS for faster connection establishment. D. Stebila, D. Joseph, C. Aguilar-Melchor, J. Goertzen. Internet-Draft, 2023.
- Hybrid key exchange in TLS 1.3. D. Stebila, S. Fluhrer, S. Gueron. Internet-Draft, 2024.
- Post-quantum hybrid ECDHE-MLKEM Key Agreement for TLSv1.3. K. Kwiatkowski, P. Kampanakis, B. Westerbaan, D. Stebila. Internet-Draft, 2024.
- Kemeleon encodings. F. Günther, D. Stebila, S. Veitch. Internet-Draft, 2024.
- PQ/T Hybrid Key Exchange in SSH. P. Kampanakis, D. Stebila, T. Hansen. Internet-Draft, 2024.
Technical reports and unrefereed articles
- Quantum safe cryptography and security: An introduction, benefits, enablers and challengers. M. Campagna et al., D. Stebila. ETSI (European Telecommunications Standards Institute), 2015.
- A cryptographic analysis of the TLS 1.3 draft-10 full and pre-shared key handshake protocol. B. Dowling, M. Fischlin, F. Günther, D. Stebila. 2016.
- Challenges in cryptography. A. Menezes, D. Stebila. In IEEE Security & Privacy, 2021.
- End-to-end security: when do we have it?. A. Menezes, D. Stebila. In IEEE Security & Privacy, 2021.
- CHES 2021 artifact review. D. Stebila. In IACR Transactions on Cryptographic Hardware and Embedded Systems, 2022.
- The Advanced Encryption Standard: 20 years later. A. Menezes, D. Stebila. In IEEE Security & Privacy, 2021.
- A formal treatment of distributed key generation, and new constructions. C. Komlo, I. Goldberg, D. Stebila. 2023.
- Security analysis of the iMessage PQ3 protocol. D. Stebila. 2024.
- Falsifiability, composability, and comparability of game-based security models for key exchange protocols. C. Brzuska, C. Cremers, H. Jacobsen, D. Stebila, B. Warinschi. 2024.
Book chapters
- Cryptographic approaches to denial-of-service resistance. C. Boyd, J. González Nieto, L. Kuppusamy, H. Narasimham, C. Pandu Rangan, J. Rangasamy, J. Smith, D. Stebila, V. Varadarajan. In An Investigation into the Detection and Mitigation of Denial of Service (DoS) Attacks: Critical Information Infrastructure Protection, Springer, 2011.
- Denial of service defence appliance for web services. S. Suriadi, A. Clark, H. Liu, D. Schmidt, J. Smith, D. Stebila. In An Investigation into the Detection and Mitigation of Denial of Service (DoS) Attacks: Critical Information Infrastructure Protection, Springer, 2011.
Refereed conference posters
- Oblivious transfer from any non-trivial binary-symmetric channel. D. Stebila, S. Wolf. In IEEE ISIT 2002.
- Uncloneable quantum money. M. Mosca, D. Stebila. In QIP 2007.
Dissertations
- Cryptographic applications of graph theoretic constructions. D. Stebila. MSc thesis, University of Oxford, 2004.
- Classical authenticated key exchange and quantum cryptography. D. Stebila. PhD thesis, University of Waterloo, 2009.