Publications Birgit Pfitzmann (in Chronological Order, August 2007)

In Journals and Proceedings, Published or Accepted

Those in better places are in bold face.

 

[121]      Michael Backes, Birgit Pfitzmann: Limits of the BRSIM/UC soundness of Dolev–Yao-style XOR; to appear in International Journal of Information Security (IJIS) 2007, online preprinthttp://www.springerlink.com/content/85071h1v5077n847/?p=247ca479e2dd4aeb9249857ab65a91b8&pi=1.

[120]      Michael Backes, Birgit Pfitzmann, Michael Waidner: The reactive simulatability (RSIM) framework for asynchronous systems; to appear in Information and Computation, 2007.

[119]      Birgit Pfitzmann: Multi-layer Audit of Access Rights; accepted for 4th VLDB Workshop on Secure Data Management (SDM'07), Vienna, Sept. 2007, proc. to appear in LNCS, Springer-Verlag.

[118]      Jan Camenisch, Birgit Pfitzmann: Federated Identity Management; in: Milan Petkovic, Willem Jonker (eds.): Security, Privacy and Trust in Modern Data Management, Springer-Verlag, Data-Centric Systems and Applications, Berlin 2007, 213-238.

[117]      Michael Backes, Birgit Pfitzmann, Andre Scedrov: Key-dependent Message Security under Active Attacks - BRSIM/UC-Soundness of Symbolic Encryption with Key Cycles; to 20th IEEE Computer Security Foundations Symposium (CSF) 2007.

[116]      Carl Abrams, Jürg von Känel, Samuel Müller, Birgit Pfitzmann, Susanne Ruschka-Taylor;  Optimized Enterprise Risk Management; IBM Systems Journal 46/2 (2007) 219-234.

[115]      Zinaida Benenson, Felix C. Freiling, Birgit Pfitzmann, Christian Rohner, Michael Waidner: Verifiable Agreement: Limits of Non-repudiation in Mobile Peer-to-Peer Ad Hoc Networks; 3rd Security and Privacy in Ad-Hoc and Sensor Networks (ESAS 2006), LNCS 4357, Springer-Verlag, Berlin 2006, 165-178.

[114]      Michael Backes, Birgit Pfitzmann, Michael Waidner: Formal Methods and Cryptography; FM 2006: Formal Methods, LNCS 4085, Springer-Verlag, Berlin 2006, 612-616.

[113]      Michael Backes, Birgit Pfitzmann, Michael Waidner: Limits of the Reactive Simulatability/UC of Dolev-Yao Models with Hashes; 11th European Symposium on Research in Computer Security (ESORICS 2006), LNCS 4189, Springer-Verlag, Berlin 2006, 404-423.

[112]      Christoph Sprenger, Michael Backes, David Basin, Birgit Pfitzmann, Michael Waidner: Cryptographically Sound Theorem Proving; 19th IEEE Computer Security Foundations Workshop (CSFW), IEEE Computer Society Press, Washington 2006, 153-166.

[111]      Samuel Müller, Birgit Pfitzmann: Effektives Compliance Management; DIGMA – Zeitschrift für Datenrecht und Informationssicherheit 6/1 (2006) 36-39 (in German).

[110]      Michael Backes, Birgit Pfitzmann: Cryptographic Key Secrecy of the Strengthened Yahalom Protocol via a Symbolic Security Proof; 21st IFIP TC-11 International Information Security Conference (SEC'2006), Karlstad, May 2006; preliminary version IBM Research Report RZ 3601 (#99611) 04/18/05.

[109]      Samuel Müller, Birgit Pfitzmann: Compliance Management basierend auf Gesetzesformalisierungen¾Das REALM-Projekt; Internationales Rechtsinformatik Symposion (IRIS), Vienna, Feb. 2006 (in German), proc. to appear in Verlag Österreich, 2006.

[108]      Michael Backes, Sebastian Mödersheim, Birgit Pfitzmann, Luca Viganò: Symbolic and Cryptographic Analysis of the Secure WS-ReliableMessaging Scenario; Foundations of Software Science and Computation Structures (FOSSACS), LNCS 3921, Springer-Verlag, Berlin 2006, 428-445.

[107]      Christopher Giblin, Alice Y. Liu, Samuel Müller, Birgit Pfitzmann, Xin Zhou: Regulations Expressed As Logical Models (REALM); 18th Annual Conference on Legal Knowledge and Information Systems (JURIX 2005), Brussels, Dec. 8-10, 2005, proceedings to appear in IOS Press, Amsterdam.

[106]      Michael Backes, Birgit Pfitzmann, Michael Waidner: Justifying a Dolev-Yao Model under Active Attacks; Foundations of Security Analysis and Design III: FOSAD 2004/2005 Tutorial Lectures, LNCS 3655, Springer-Verlag, 2005, 1-41.

[105]      Thomas Groß, Birgit Pfitzmann, Ahmad-Reza Sadeghi: Proving a WS-Federation Passive Requestor Profile with a Browser Model; 2005 ACM Workshop on Secure Web Services (SWS), ACM Press, 54-64.

[104]      KPSW_05 Günter Karjoth, Birgit Pfitzmann, Matthias Schunter, Michael Waidner: Service-oriented Assurance – Comprehensive Security by Explicit Assurances; First Workshop on Quality of Protection (QoP 2005), Milano, Sept. 2005, to be published by Springer-Verlag. Preproceedings version as IBM Research Report RZ 3625 (# ??) 08/15/05, IBM Research Division, Zurich, Sept 2005.

[103]      Thomas Groß, Birgit Pfitzmann, Ahmad-Reza Sadeghi: Browser Model for Security Analysis of Browser-Based Protocols; 10th European Symposium on Research in Computer Security (ESORICS 2005), LNCS 3679, Springer-Verlag, Berlin 2005, 489-508.

[102]      Michael Backes, Birgit Pfitzmann: Limits of the Cryptographic Realization of Dolev-Yao-style XOR; 10th European Symposium on Research in Computer Security (ESORICS 2005), LNCS 3679, Springer-Verlag, Berlin 2005, 178-196.

[101]      Windsor W. Hsu, Shauchi Ong, Birgit Pfitzmann: Archiv mit Dokumentenversteinerung; DIGMA – Zeitschrift für Datenrecht und Informationssicherheit 5/2 (2005) 82-84 (invited).

[100]      Michael Backes, Birgit Pfitzmann: Relating symbolic and cryptographic secrecy; IEEE Transactions on Dependable and Secure Computing 2/2 (2005) 109-123.

[99]        Michael Backes, Birgit Pfitzmann: Relating symbolic and cryptographic secrecy; IEEE Symposium on Security and Privacy 2005, IEEE Computer Society Press, Washington 2004, 171-182.

[98]        Michael Backes, Birgit Pfitzmann, Michael Waidner: Reactively Secure Signature Schemes; International Journal of Information Security  (IJIS) 4/4 (2005) 242-252.

[97]        Michael Backes, Birgit Pfitzmann, Michael Waidner: Symmetric Authentication Within a Simulatable Cryptographic Library; International Journal of Information Security (IJIS) 4/3 (2005) 135-154.

[96]        Michael Backes, Birgit Pfitzmann: A Cryptographically Sound Security Proof of the Needham-Schroeder-Lowe Public-Key Protocol; IEEE Journal on Selected Areas in Communication (JSAC) 22/10 (2004) 2075-2086.

[95]        Thomas Groß, Birgit Pfitzmann: Proving a WS-Federation Passive Requestor Profile; Preproceedings of ACM Secure Web Services Workshop, Washington, October 2004, 1-10 (proceedings to appear in ACM Press)

[94]        Michael Backes, Birgit Pfitzmann: Computational Probabilistic Non-Interference; International Journal of Information Security (Springer) 3/1 (2004) 42-60.

[93]        Michael Backes, Birgit Pfitzmann, Michael Steiner, Michael Waidner: Polynomial Liveness; Journal of Computer Security (JCS) 12/3-4 (2004) 589-618.

[92]        Michael Backes, Birgit Pfitzmann, Michael Waidner: Low-level Ideal Signatures and General Integrity Idealization; 7th Information Security Conference (ISC), LNCS 3225, Springer-Verlag, Berlin 2004, 39-51.

[91]        Michael Backes, Birgit Pfitzmann: Symmetric Encryption in a Simulatable Dolev-Yao Style Cryptographic Library; 17th IEEE Computer Security Foundations Workshop (CSFW), IEEE Computer Society Press, Washington 2004, 204-218.

[90]        Birgit Pfitzmann: Privacy in Enterprise Identity Federation - Policies for Liberty 2 Single Signon; Elsevier Information Security Technical Report (ISTR) 9/1 (2004) 45-58.

[89]        Michael Backes, Birgit Pfitzmann, Michael Waidner: A General Composition Theorem for Secure Reactive Systems; 1st Theory of Cryptography Conference (TCC), LNCS 2951, Springer-Verlag, Berlin 2004, 336-354.

[88]        Michael Backes, Birgit Pfitzmann: A Cryptographically Sound Security Proof of the Needham-Schroeder-Lowe Public-Key Protocol; Foundations of Software Technology and Theoretical Computer Science (FSTTCS 03), LNCS 2914, Springer-Verlag, Berlin 2003, 1-12.

[87]        Birgit Pfitzmann, Michael Waidner: Analysis of Liberty Single Signon with Enabled Clients; IEEE Internet Computing 7(6) 2003, 38-44.

[86]        Birgit Pfitzmann: Sound Idealizations of Cryptography for Tool-Supported Proofs (Position statement for panel discussion); 1st ACM Workshop on Formal Methods in Security Engineering (FMSE 2003), ACM Press, New York 2003, 64-65.

[85]        Michael Backes, Birgit Pfitzmann, Michael Waidner: A Composable Cryptographic Library with Nested Operations; 10th ACM Conference on Computer and Communications Security (CCS), ACM Press, New York 2003, 220-230.

[84]        Michael Backes, Birgit Pfitzmann, Michael Waidner: Symmetric Authentication Within a Simulatable Cryptographic Library;  8th European Symposium on Research in Computer Security (ESORICS 2003), LNCS 2808, Springer-Verlag, Berlin 2003, 271-290.

[83]        Michael Backes, Birgit Pfitzmann, Matthias Schunter: A Toolkit for Managing Enterprise Privacy Policies;  8th European Symposium on Research in Computer Security (ESORICS 2003), LNCS 2808, Springer-Verlag, Berlin 2003, 162-180 (Won Award for Outstanding Research in Privacy Enhancing Technologies 2004, PET Advisory Board, sponsored by Microsoft).

[82]        Michael Backes, Birgit Pfitzmann, Michael Waidner: Reactively Secure Signature Schemes; 6th Information Security Conference (ISC), LNCS 2851, Springer-Verlag, Berlin 2003, 84-95.

[81]        Michael Backes, Birgit Pfitzmann, Michael Waidner: Security in Business Process Engineering; International Conference on Business Process Management (BPM ’03), LNCS 2678, Springer-Verlag, Berlin 2003, 168-183.

[80]        Michael Backes, Birgit Pfitzmann: Intransitive Non-Interference for Cryptographic Purposes; IEEE Symposium on Security and Privacy 2003, IEEE Computer Society Press, Washington 2003, 140-152.

[79]        Birgit Pfitzmann, Michael Waidner: Federated Identity-Management Protocols — Where User Authentication Protocols May Go; 11th International Workshop on Security Protocols (Cambridge 2003), LNCS 3364, Springer-Verlag, Berlin 2005, 153-174.

[78]        Birgit Pfitzmann: Privacy in Enterprise Identity Federation ‑ Policies for Liberty Single Signon; 3rd International Workshop on Privacy Enhancing Technologies (PET 2003), LNCS 2760, Springer-Verlag, Berlin 2004, 189-204.

[77]        Birgit Pfitzmann, Michael Waidner: Privacy in Browser-Based Attribute Exchange; ACM Workshop on Privacy in the Electronic Society (WPES) 2002, ACM Press 2003, 52-62.

[76]        Michael Backes, Birgit Pfitzmann: Computational Probabilistic Non-Interference; 7th European Symposium on Research in Computer Security (ESORICS 2002), LNCS 2502, Springer-Verlag, Berlin 2002, 1-23.

[75]        Michael Backes, Christian Jacobi, Birgit Pfitzmann: Deriving Cryptographically Sound Implementations Using Composition and Formally Verified Bisimulation; Formal Methods Europe (FME, part of FLoC), LNCS 2391 2391, Springer-Verlag, Berlin 2002, 310-329

[74]        Michael Backes, Birgit Pfitzmann, Michael Steiner, Michael Waidner: Polynomial Fairness and Liveness; IEEE Computer Security Foundations Workshop (CSFW), IEEE Computer Society Press, Washington 2002, 160-174.

[73]        D. Powell, A. Adelsbach, C. Cachin, S. Creese, M. Dacier, Y. Deswarte, T. McCutcheon, N. Neves, B. Pfitzmann, B. Randell, R. Stroud, P. Veríssimo, M. Waidner: MAFTIA (Malicious- and Accidental-Fault Tolerance for Internet Applications); Supplement of the 2001 Int. Conf. on Dependable Systems and Networks, Göteborg, 2001, D32-D35, 2001.

[72]        Birgit Pfitzmann, James Riordan, Christian Stüble, Michael Waidner, Arnd Weber: Die PERSEUS System-Architektur; Verläßliche IT-Systeme, GI-Fachtagung VIS '01, Vieweg, Braunschweig 2001, 1-17.

[71]        Birgit Pfitzmann, Michael Waidner: A Model for Asynchronous Reactive Systems and its Application to Secure Message Transmission; IEEE Symposium on Security and Privacy, IEEE Computer Society Press, Washington 2001, 184-200.

[70]        Birgit Pfitzmann (ed.): Proceedings Eurocrypt 2001, LNCS 2045, Springer-Verlag, Berlin 2001.

[69]        Ammar Alkassar, Alexander Geraldy, Birgit Pfitzmann, Ahmad-Reza Sadeghi: Optimized Self-Synchronizing Mode of Operation; 8th International Workshop on Fast Software Encryption (FSE), LNCS, Springer-Verlag, Berlin 2001, 78-91.

[68]        Birgit Pfitzmann, Ahmad-Reza Sadeghi: Anonymous Fingerprinting with Direct Non-Repudiation; Asiacrypt 2000, LNCS 1976, Springer-Verlag, Berlin 2000, 401-414.

[67]        Birgit Pfitzmann, Michael Waidner: Composition and Integrity Preservation of Secure Reactive Systems; 7th ACM Conference on Computer and Communications Security (CCS), ACM Press, New York 2000, 245-254.

[66]        Birgit Pfitzmann, Matthias Schunter, Michael Waidner: Cryptographic Security of Reactive Systems; DERA/RHUL Workshop on Secure Architectures and Information Flow, Electronic Notes in Theoretical Computer Science (ENTCS), March 2000, http://www.elsevier.nl/locate/entcs/volume32.html.

[66]        Gérard Lacoste, Birgit Pfitzmann, Michael Steiner, Michael Waidner (ed.) SEMPER - Secure Electronic Marketplace for Europe; LNCS 1854, Springer-Verlag, Berlin 2000, Part I also online <http://www.semper.org/info/#final-report>.

Also coauthor of Part I: Birgit Baum-Waidner, Gérard Lacoste, Birgit Pfitzmann, Michael Steiner, Michael Waidner, Arnd Weber: The Vision of SEMPER; 3-37 ABPP_00

and Ch. 6: N. Asokan, Birgit Baum-Waidner, Torben Pedersen, Birgit Pfitzmann, Matthias Schunter, Michael Steiner, Michael Waidner: Architecture; 45-63.

[65]        Birgit Pfitzmann, Ahmad-Reza Sadeghi: Self-Escrowed Cash Against User Blackmailing; 4th International Conference on Financial Cryptography (FC 2000), LNCS 1962, Springer-Verlag, Berlin 2001, 42-52.

[64]        Jürgen Guth, Birgit Pfitzmann: Error- and Collusion-Secure Fingerprinting for Digital Data; 3rd International Information Hiding Workshop (IHW '99), LNCS 1768, Springer-Verlag, Berlin 2000, 134-145.

[63]        André Adelsbach, Birgit Pfitzmann, Ahmad-Reza Sadeghi: Proving Ownership of Digital Content; 3rd International Information Hiding Workshop (IHW '99), LNCS 1768, Springer-Verlag, Berlin 2000, 117-133.

[62]        Birgit Pfitzmann, Ahmad-Reza Sadeghi: Selbst-Deanonymisierbarkeit gegen Benutzererpressung in digitalen Münzsystemen; Verläßliche IT-Systeme, GI-Fachtagung VIS '99, DuD Fachbeiträge, Vieweg, Braunschweig 1999, 35-48.

[61]        Andreas Pfitzmann, Birgit Pfitzmann, Matthias Schunter, Michael Waidner: Trustworthy User Devices; in: Günter Müller, Kai Rannenberg (ed.): Multilateral Security in Communications, Vol. 3: Technology, Infrastructure, Economy; Addison-Wesley, München 1999, 137-156.

[60]        Birgit Pfitzmann, Ahmad-Reza Sadeghi: Coin-Based Anonymous Fingerprinting; Eurocrypt '99, LNCS 1592, Springer-Verlag, Berlin 1999, 150-164.

[59]        Birgit Pfitzmann, Matthias Schunter: Die SEMPER Sicherheitsarchitektur für elektronischen Handel im Internet; Magazin Forschung 1/1999, Universität des Saarlandes 1999, 22-26.

[58]        Birgit Pfitzmann, Michael Waidner: Digital Signatures; to appear in Encyclopedia of Distributed Computing (ed.: Joseph Urban, Partha Dasgupta), Kluwer Academic Publishers, should have been 1998 (invited, http://cactus.eas.asu.edu/EDC/).

[57]        Oded Goldreich, Birgit Pfitzmann, Ronald L. Rivest: Self-Delegation with Controlled Propagation – or – What If You Lose Your Laptop; Crypto '98, LNCS 1462, Springer-Verlag, Berlin 1998, 153-168.

[56]        Ivan Damgård, Birgit Pfitzmann: Sequential Iteration of Interactive Arguments and an Efficient Zero-Knowledge Argument for NP; 25th International Colloquium on Automata, Languages and Programming (ICALP), LNCS 1443, Springer-Verlag, Berlin 1998, 772-783.

[55]        Birgit Pfitzmann, Matthias Schunter, Michael Waidner: Optimal Efficiency of Optimistic Contract Signing; 17th Symposium on Principles of Distributed Computing (PODC), ACM, New York 1998, 113-122.

[54]        Birgit Pfitzmann, Michael Waidner: Kopierschutz durch asymmetrisches Fingerprinting; Datenschutz und Datensicherheit DuD 22/5 (1998) 258-264 (invited).

[53]        Ivan B. Damgård, Torben P. Pedersen, Birgit Pfitzmann: Statistical Secrecy and Multi-Bit Commitments; IEEE Transactions on Information Theory 44/3 (1998) 1143-1151.

[52]        Anja Jerichow, Jan Müller, Andreas Pfitzmann, Birgit Pfitzmann, Michael Waidner: Real-Time Mixes: A Bandwidth-Efficient Anonymity Protocol; IEEE Journal on Selected Areas in Communications 16/4 (1998) 495-509.

[51]        Birgit Pfitzmann, Michael Waidner: How to Break “Fraud-Detectable Key-Escrow”; Operating Systems Review 32/1 (1998) 23-28.

[50]        Birgit Pfitzmann, Michael Waidner: Kopierschutz durch asymmetrische Schlüssel­kenn­zeichnung mit Signeten; Verläßliche IT-Systeme, GI-Fachtagung VIS '97, Vieweg, Braunschweig 1997, 17-32.

[49]        Birgit Pfitzmann, Michael Waidner: Strong Loss Tolerance of Electronic Coin Systems; ACM Transactions on Computer Systems 15/2 (1997) 194-213.

[48]        Niko Baric, Birgit Pfitzmann: Collision-Free Accumulators and Fail-Stop Signature Schemes Without Trees; Eurocrypt ’97, LNCS 1233, Springer-Verlag, Berlin 1997, 480-494.

[47]        Birgit Pfitzmann, Michael Waidner: Anonymous Fingerprinting; Eurocrypt ’97, LNCS 1233, Springer-Verlag, Berlin 1997, 88-102.

[46]        Ivan B. Damgård, Torben P. Pedersen, Birgit Pfitzmann: On the Existence of Statistically Hiding Bit Commitment Schemes and Fail-Stop Signatures; Journal of Cryptology 10/3 (1997) 163-194.

[45]        Torben P. Pedersen, Birgit Pfitzmann: Fail-stop Signatures; SIAM Journal on Computing 26/2 (1997) 291-330.

[44]        Birgit Pfitzmann, Michael Waidner: Asymmetric Fingerprinting for Larger Collusions; 4th ACM Conference on Computer and Communications Security (CCS), 151-160.

[43]        Andreas Pfitzmann, Birgit Pfitzmann, Matthias Schunter, Michael Waidner: Trusting Mobile User Devices and Security Modules; IEEE Computer 30/2 (1997) 61-68.

[42]        Birgit Pfitzmann: Digital Signature Schemes — General Framework and Fail-Stop Signatures; LNCS 1100, Springer-Verlag, August 1996, 396 pages.

[41]        Birgit Pfitzmann (collected by): Information Hiding Terminology — Results of an informal plenary meeting and additional proposals; Information Hiding, LNCS 1174, Springer-Verlag, Berlin 1996, 347-350.

[40]        Birgit Pfitzmann: Trials of Traced Traitors; Information Hiding, LNCS 1174, Springer-Verlag, Berlin 1996, 49-64.

[39]        Birgit Pfitzmann, Matthias Schunter: Asymmetric Fingerprinting; Eurocrypt ’96, LNCS 1070, Springer-Verlag, Berlin 1996, 84-95.

[38]        Birgit Pfitzmann: Sorting Out Signature Schemes; CWI Quarterly 8/2 (1995) 147-172 (invited; appeared March 1996).

[37]        Hannes Federrath, Anja Jerichow, Andreas Pfitzmann, Birgit Pfitzmann: Mehrseitig sichere Schlüsselerzeugung; Proc. Arbeitskonferenz Trust Center 95, DuD Fachbeiträge, Vieweg, Wiesbaden 1995, 117-131.

[36]        Birgit Pfitzmann, Matthias Schunter, Michael Waidner: How to Break Another “Provably Secure” Payment System; Eurocrypt ’95, LNCS 921, Springer-Verlag, Berlin 1995, 121-132.

[35]        Andreas Pfitzmann, Birgit Pfitzmann, Matthias Schunter, Michael Waidner: Vertrauens­würdige portable Benutzerendgeräte und Sicherheitsmodule; VIS 95 (GI-Fachtagung Verläßliche Informations­systeme, Rostock), Vieweg, Braunschweig 1995, 329-350.

[34]        Jean-Paul Boly, Antoon Bosselaers, Ronald Cramer, Stig Mjølsnes, Frank Muller, Torben Pedersen, Birgit Pfitzmann, Peter de Rooij, Berry Schoenmaker, Luc Vallée, Michael Waidner: Digital Payment Systems in the ESPRIT Project CAFE; Securicom 94, Paris, 1.-3.6.1994, 35-45.

Revision in: Jean-Paul Boly, Antoon Bosselaers, Ronald Cramer, Rolf Michelsen, Stig Mjølsnes, Frank Muller, Torben Pedersen, Birgit Pfitzmann, Peter de Rooij, Berry Schoenmakers, Matthias Schunter, Luc Vallée, Michael Waidner: The ESPRIT Project CAFE — High Security Digital Payment Systems; 3rd European Symposium on Research in Computer Security (ESORICS 94), LNCS 875, Springer-Verlag, Berlin 1994, 217-230.

[33]        Birgit Pfitzmann: Breaking an Efficient Anonymous Channel; Eurocrypt ’94, LNCS 950, Springer-Verlag, Berlin 1995, 332-340.

[32]        Ivan B. Damgård, Torben P. Pedersen, Birgit Pfitzmann: On the Existence of Statistically Hiding Bit Commitment Schemes and Fail-Stop Signatures; Crypto ’93, LNCS 773, Springer-Verlag, Berlin 1994, 250-265.

[31]        Birgit Pfitzmann: Sorting Out Signature Schemes; 1st ACM Conference on Computer and Communications Security (CCS), 3.-5.11.1993, Fairfax, acm press 1993, 74-85.

[30]        Eugène van Heijst, Torben Pedersen, Birgit Pfitzmann: New Constructions of Fail-Stop Signatures and Lower Bounds; Crypto ’92, LNCS 740, Springer-Verlag, Berlin 1993, 15-30.

[29]        Birgit Pfitzmann, Michael Waidner: Attacks on protocols for server-aided RSA computation; Eurocrypt ’92, LNCS 658, Springer-Verlag, Berlin 1993, 153-162.

[28]        Andreas Ort, Ralf Aßmann, Gerrit Bleumer, Manfred Böttger, Dirk Fox, Andreas Pfitzmann, Birgit Pfitzmann, Michael Waidner: Schutz in verteilten Systemen durch Kryptologie – Ein Praktikum im Informatik-Hauptstudium; Datenschutz und Datensicherung DuD 16/11 (1992) 571-579.

[27]        Birgit Pfitzmann, Michael Waidner: Unconditional Byzantine Agreement for any Number of Faulty Processors; STACS ’92, LNCS 577, Springer-Verlag, Berlin 1992, 339-350.

[26]        Birgit Pfitzmann, Michael Waidner: How to Break and Repair a “Provably Secure” Untraceable Payment System; Crypto ’91, LNCS 576, Springer-Verlag, Berlin 1992, 338-350.

[25]        David Chaum, Eugène van Heijst, Birgit Pfitzmann: Cryptographically Strong Undeniable Signatures, Unconditionally Secure for the Signer; Crypto ’91, LNCS 576, Springer-Verlag, Berlin 1992, 470-484.

[24]        Birgit Pfitzmann: Fail-stop Signatures; Principles and Applications; invited talk, Proc. Compsec ’91, 8th world conference on computer security, audit and control, Elsevier, Oxford 1991, 125-134.

[23]        Birgit Pfitzmann: Neu und sicher: Digitale Fail-stop-Signaturen; KES – Zeitschrift für Kommunikations- und EDV-Sicherheit 7/5 (1991) 321-326.

[22]        Birgit Pfitzmann, Michael Waidner: Fail-stop Signatures and their Application; SECURICOM 91; 9th Worldwide Congress on Computer and Communications Security and Protection, 20. - 22. March 1991, Paris La Défense, 145-160.

[21]        Dirk Fox, Birgit Pfitzmann: Effiziente Software-Implementierung des GMR-Signatur­systems; Proc. GI-Fachtagung Verläßliche Informationssysteme (VIS’91), March 1991, Darmstadt, Informatik-Fachberichte 271, Springer-Verlag, Heidelberg 1991, 329-345.

[20]        Birgit Pfitzmann, Michael Waidner: Unbedingte Unbeobachtbarkeit mit kryptographischer Robustheit; Proc. GI-Fachtagung Verläßliche Informationssysteme (VIS’91), March 1991, Darmstadt, Informatik-Fachberichte 271, Springer-Verlag, Heidelberg 1991, 302-320.

[19]        Birgit Pfitzmann, Michael Waidner: Fail-stop-Signaturen und ihre Anwendung; Proc. GI-Fachtagung Verläßliche Informationssysteme (VIS’91), March 1991, Darmstadt, Informatik-Fachberichte 271, Springer-Verlag, Heidelberg 1991, 289-301.

[18]        Andreas Pfitzmann, Birgit Pfitzmann, Michael Waidner: Datenschutz garantierende offene Kommuni­kationsnetze; Teletech NRW, an initiative of Nordrhein-Westfalen; March 1991, paper for Talk 2, presentation at CeBIT’91.

Revisions in: Dokumentation des Fachseminars “Programm-Manipulationen in Netzen”, SYSTEMS 91, München; Deutsche Informatik-Akademie, Bonn, October 1991

and: Vernetzte Systeme und Sicherheit der Informationsverarbeitung, Deutsche Informatik Akademie, Material for a tutorial at the GI-Jahrestagung 1992, Karlsruhe, 75-120

and: Dokumentation Fachseminar Sicherheit in Netzen, Oct. 21, 1993, SYSTEMS 93, München, 75-121.

[17]        Andreas Pfitzmann, Birgit Pfitzmann, Michael Waidner: ISDN-MIXes – Untraceable Communication with very small Bandwidth Overhead; Proc. Kommunikation in verteilten Systemen, Feb. 1991, Mannheim, Informatik-Fachberichte 267, Springer-Verlag, Heidel­berg 1991, 451-463.

Slightly extended in: Information Security, Proc. IFIP/Sec’91, May 1991, Brighton, D. T. Lindsay, W. L. Price (eds.), North-Holland, Amsterdam 1991, 245-258.

[16]        Birgit Baum-Waidner, Birgit Pfitzmann, Michael Waidner: Unconditional Byzantine Agreement with Good Majority, STACS ’91, LNCS 480, Springer-Verlag, Heidelberg 1991, 285-295.

[15]        Gerrit Bleumer, Birgit Pfitzmann, Michael Waidner: A Remark on a Signature Scheme where Forgery can be Proved; Eurocrypt ’90, LNCS 473, Springer-Verlag, Berlin 1991, 441-445.

[14]        Andreas Pfitzmann, Birgit Pfitzmann: Technical Aspects of Data Protection in Health Care Informatics; invited talk, AIM EUROFORUM, Dec. 13-15, 1990, Sevilla, Proceedings published by the Commission of the EU, DG XIII, 119-132.

Revision in: Advances in Medical Informatics, J. Noothoven van Goor and J. P. Christensen (Eds.), IOS Press, Amsterdam 1992, 368-386

[13]        Birgit Pfitzmann, Michael Waidner, Andreas Pfitzmann: Rechtssicherheit trotz Anonymität in offenen digitalen Systemen; Datenschutz und Datensicherung DuD 14/5-6 (1990) 243-253, 305-315.

[12]        Birgit Pfitzmann, Andreas Pfitzmann: How to Break the Direct RSA-Implementation of MIXes; Eurocrypt ’89, LNCS 434, Springer-Verlag, Berlin 1990, 373-381.

[11]        Andreas Pfitzmann, Birgit Pfitzmann: Security in Medical Networks; Handling Health Data in the Future - AIM Working Conference on Data Protection and Confidentiality in Health Informatics (Commission of the European Communities); March 19-21, 1990, Brussels.

[10]        Andreas Pfitzmann, Birgit Pfitzmann, Michael Waidner: Telefon-MIXe: Schutz der Vermittlungsdaten für zwei 64-kbit/s-Duplexkanäle über den (2•64 + 16)-kbit/s-Teilnehmer­anschluß; Datenschutz und Datensicherung DuD /12 (1989) 605-622.

[9]          Michael Waidner, Birgit Pfitzmann: Loss-tolerant Electronic Wallet; Proceedings Smart Card 2000, Amsterdam, Oct. 4-6, 1989.

Extended version: Loss-Tolerance for Electronic Wallets; FTCS 20, June 26-28, 1990, Newcastle upon Tyne (UK), 140-147.

[8]          Birgit Pfitzmann, Andreas Pfitzmann: Anmerkungen zu “Matthias Leclerc: Schlüssel­manage­ment durch Teilschlüssel, DuD 12/88”; Datenschutz und Datensicherung DuD /3 (1989) 116.

[7]          Andreas Pfitzmann, Birgit Pfitzmann, Michael Waidner: Garantierter Datenschutz für zwei 64-kbit/s-Duplexkanäle über den (2•64 + 16)-kbit/s-Teilnehmeranschluß durch Telefon-MIXe; Volume 3 of 4th SAVE-Tagung, April 19-21, 1989, Köln, 1417-1447.

[6]          Andreas Pfitzmann, Birgit Pfitzmann, Michael Waidner: Weitere Aspekte fernmelde­tech­ni­scher Alternativen zum ISDN; PIK, Praxis der Informationsverarbeitung und Kommuni­ka­tion 11/1 (1988) 5-7.

[5]          Andreas Pfitzmann, Birgit Pfitzmann, Michael Waidner: Datenschutz garantierende offene Kommuni­kationsnetze; Informatik-Spektrum 11/3 (1988) 118-142.

[4]          Michael Waidner, Birgit Pfitzmann: Verlusttolerante elektronische Brieftaschen; 3rd Inter­national Conference on Fault-Tolerant Computing-Systems, IFB 147, Springer-Verlag, Berlin 1987, 36-50;

Revision in: Datenschutz und Datensicherung DuD /10 (1987) 487-497.

[3]          Michael Waidner, Birgit Pfitzmann, Andreas Pfitzmann: Über die Notwendigkeit genormter kryptographischer Verfahren; Datenschutz und Datensicherung DuD /6 (1987) 293-299.

[2]          Birgit Pfitzmann, Michael Waidner, Andreas Pfitzmann: Rechtssicherheit trotz Anonymität in offenen digitalen Systemen; Computer und Recht 3/10,11,12 (1987) 712-717, 796-803, 898-904.

[1]          Andreas Pfitzmann, Birgit Pfitzmann, Michael Waidner: Technischer Datenschutz in dienste­integrierenden Digitalnetzen - Warum und wie?; Datenschutz und Datensicherung DuD /3 (1986) 178-191.

Workshops without Proceedings

[W3]      Michael Backes, Birgit Pfitzmann, Michael Waidner: Soundness Limits of Dolev-Yao Models; Workshop on Formal and Computational Cryptography (FCC 2006), Venice, July 2006.

[W2]      Thomas Groß, Birgit Pfitzmann: SAML Artifact Information Flow Revisited; IEEE Workshop on Web Services Security; Berkeley, May 2006.

[W1]      Michael Backes, Birgit Pfitzmann: A Cryptographically Sound Security Proof of the Needham-Schroeder-Lowe Public-Key Protocol (Extended Abstract). Workshop on Security Protocols Verification (SPV'2003), affiliated with CONCUR'2003, Marseille, France, September 2003.

Technical Reports

Only those that are not superseded by or simple longer versions of a published paper.

[TB49]   Thomas Groß, Birgit Pfitzmann: SAML Artifact Information Flow Revisited; IBM Research Report RZ 3643 (#99653) 01/03/06, IBM Research Division, Zurich, January 2006

[TB48]   Birgit Pfitzmann, Matthias Schunter, Michael Waidner: Reactively Simulatable Certified Mail; Cryptology ePrint Archive, Report 2006/041, http://eprint.iacr.org/, Feb 2006. (Strong revision from 2004 of [TB28], which is still a journal submission from 2000.)

[TB45]   BaPS_05 Michael Backes, Birgit Pfitzmann, Andre Scedrov: Key-dependent Message Security under Active Attacks; Cryptology ePrint Archive, Report 2005/421, http://eprint.iacr.org/, Nov 2005.

[TB44] Michael Backes, Sebastian Mödersheim, Birgit Pfitzmann, Luca Viganò: Symbolic and Cryptographic Analysis of the Secure WS-ReliableMessaging Scenario; IBM Research Report 3619 (# 99629) 07/01/2005, IBM Research Division, Zurich, July 2005.

[TB43]   Contributor to Louis Goubin (ed.): New Technical Trends in Asymmetric Cryptography; Report D.AZTEC.3, ECRYPT Network of Excellence, http://www.ecrypt.eu.org/documents/D.AZTEC.3-1.1.pdf, June 2005.

[TB40]   Michael Backes, Birgit Pfitzmann, Michael Waidner: Secure Asynchronous Reactive Systems; Cryptology ePrint Archive, Report 2004/082, http://eprint.iacr.org/, March 2004 (much more detailed version of the first part of [71]).

[TB39]   Michael Backes, BaPW_03 Michael Backes, Birgit Pfitzmann, Michael Waidner: A Universally Composable Cryptographic Library; Cryptology ePrint Archive, Report 2003/015, http://eprint.iacr.org/, January 2003 (much more detailed version of [85]).

[TB38]   PfWa1_02 Birgit Pfitzmann, Michael Waidner: BBAE - A General Protocol for Browser-based Attribute Exchange; IBM Research Report RZ 3455 (#93800) 09/09/02, IBM Research Division, Zurich, September 2002.

[TB36]   AdSt_02 Contributor to André Adelsbach, Michael Steiner (ed.): Cryptographic Semantics for the Algebraic Models; MAFTIA Deliverable D8, Project IST-1999-11583, February 2002, http://www.newcastle.research.­ec.org/­maftia/­deliverables­/­index.html.

[TB35]   PoSt_01 Contributor to David Powell, Robert Stroud (ed.): Conceptual Model and Architecture; MAFTIA Deliverable D2, Project IST-1999-11583, November 2001, http://www.newcastle.research.­ec.org/­maftia/­deliverables­/­index.html and Technical Report CS-TR-749,University of Newcastle upon Tyne.

[TB34]   AdPf_01 André Adelsbach, Birgit Pfitzmann (ed.): Formal Model of Basic Concepts; MAFTIA Deliverable D4, Project IST-1999-11583, July 2001, http://www.newcastle.research.­ec.org/­maftia/­deliverables­/­index.html.

[TB33]   PRSW_01 Birgit Pfitzmann, James Riordan, Christian Stüble, Michael Waidner, Arnd Weber: The PERSEUS System Architecture; IBM Research Report RZ 3335 (#93381) 04/09/01, IBM Research Division, Zurich, April 2001.

[TB32]   VeNe_01 Contributor to Paulo Veríssimo, Nuno Ferreira Neves (ed.): Service and Protocol Architecture for the MAFTIA Middleware; MAFTIA Deliverable D23, Project IST-1999-11583, January 2001, http://www.newcastle.research.­ec.org/­maftia/­deliverables­/­index.html and Technical Report DI/FCUL TR-01-1, University of Lisboa.

[TB31]   Maft_00 Contributor to: Reference Model and Use Cases; MAFTIA Deliverable D1, Project IST-1999-11583, August 2000, http://www.newcastle.research.­ec.org/­maftia/­deliverables­/­index.html.

[TB28]   PfSW2_00 Birgit Pfitzmann, Matthias Schunter, Michael Waidner: Provably Secure Certified Mail; IBM Research Report RZ 3207 (#93253) 02/14/2000, IBM Research Division, Zürich, August 2000.

[TB25]   PWP_00 Birgit Pfitzmann, Michael Waidner, Andreas Pfitzmann: Secure and Anonymous Electronic Commerce: Providing Legal Certainty in Open Digital Systems Without Compromising Anonymity; IBM Research Report RZ 3232 (#93278) 05/22/00, IBM Research Division, Zurich, May 2000.

[TB19]   PfWa4_96 Birgit Pfitzmann, Michael Waidner: Information-Theoretic Pseudosignatures and Byzantine Agreement for t ³ n/3; IBM Research Report RZ 2882 (#90830) 11/18/96, IBM Research Division, Zürich, Nov. 1996.

[TB16]   Birgit Pfitzmann, Michael Waidner: Properties of Payment Systems — General Definition Sketch and Classification; IBM Research Report RZ 2823 (#90126) 05/06/96, IBM Research Division, Zurich, May 1996.

[TB14]   Antoon Bosselaers, Ronald Cramer, Rolf Michelsen, Stig Mjølsnes, Frank Muller, Torben Pedersen, Birgit Pfitzmann, Cristian Radu, Peter de Rooij, Berry Schoenmakers, Matthias Schunter: Functionality of the Basic Protocols, CAFE Public Report IHS8341, CWI Amsterdam, October 7, 1995.

[TB12]   Arnd Weber, Bob Carter, Birgit Pfitzmann, Matthias Schunter, Chris Stanford, Michael Waidner: Secure International Payment and Information Transfer - Towards a Multi-Currency Electronic Wallet; Project CAFE, Conditional Access for Europe, Frankfurt 1995.

[TB9]     Birgit Pfitzmann, Michael Waidner: A General Framework for Formal Notions of “Secure” System; Hildesheimer Informatik-Berichte 11/94 (April 1994), Institut für Informatik, Universität Hildesheim.

[TB6]     Birgit Pfitzmann, Michael Waidner: Unconditionally Untraceable and Fault-tolerant Broadcast and Secret Ballot Election; Hildesheimer Informatik-Berichte (May 1992), Institut für Informatik, Universität Hildesheim.

[TB3]     Michael Waidner, Birgit Pfitzmann: The Dining Cryptographers in the Disco: Unconditional Sender and Recipient Untraceability with Computationally Secure Serviceability; Universität Karlsruhe 1989. (Abstract in Eurocrypt ’89, LNCS 434, Springer-Verlag, Berlin 1990, 690.)

 

2                                                                                                                             Publications by Subject, Abbreviated and with Comments

Out of each sequence of related papers only one is listed explicitly, and the others are mentioned in the comment to this one. Technical reports with published successors are omitted. The numbers correspond to the chronological list above.

2.1                                                                                                                                                      Cryptology

2.1.1                                                                                                                                                      Publications Related to My Thesis

Mainly the invention and further development of fail-stop signatures, a new type of digital signature schemes with particularly high security.

[15]                                                                                                                                                                                           Gerrit Bleumer, Birgit Pfitzmann, Michael Waidner: A Remark on a Signature Scheme where Forgery can be Proved; Eurocrypt ’90, LNCS 473, Springer-Verlag, Berlin 1991, 441-445.

[TB4]                                                                                                                                                                                           Birgit Pfitzmann, Michael Waidner: Formal Aspects of Fail-stop Signatures; Interner Bericht 22/90, Fakultät für Informatik, Universität Karlsruhe, December 1990.

[22]                                                                                                                                                                                           Birgit Pfitzmann, Michael Waidner: Fail-stop Signatures and their Application; SECURICOM 91; 9th Worldwide Congress on Computer and Communications Security and Protection, March 20-22, 1991, Paris La Défense, 145-160.

With a preliminary version in German [19] and presentations for a broader public [23, 24].

[31]                                                                                                                                                                                           Birgit Pfitzmann: Sorting Out Signature Schemes; 1st ACM Conference on Computer and Communications Security, 3.-5.11.1993, Fairfax, acm press 1993, 74-85.

With invited, only slightly revised journal version [38].

                                                                                                                                                                                           Sketch of a general formal definition of signature schemes and a classification of types of signature schemes.

[45]                                                                                                                                                                                           PePf_97 Torben P. Pedersen, Birgit Pfitzmann: Fail-stop Signatures; SIAM Journal on Computing 26/2 (1997) 291-330.

Journal version of the Crypto paper [30] and a Eurocrypt paper by Eugène van Heijst and Torben Pedersen, with some aspects from [15, TB4, 22]. The reason why E. van Heijst is not a coauthor of this version is that he entirely retreated from cryptology to become a priest.

[42]                                                                                                                                                                                           Birgit Pfitzmann: Digital Signature Schemes — General Framework and Fail-Stop Signatures; LNCS 1100, Springer-Verlag, August 1996, 396 pages.

                                                                                                                                                                                           As a revision of my thesis, it comprises all publications mentioned in this subsection: The first part considers the topic of [31] in far more detail. The second part shows the entire design process of fail-stop signatures: First, a definition in the conventional style is derived from the general one, then constructions and security proofs are given, and finally lower bounds on the achievable efficiency are shown and compared with the efficiency already achieved.

2.1.2                                                                                                                                                      Other Publications about Signature Schemes

[21]                                                                                                                                                                                           Dirk Fox, Birgit Pfitzmann: Effiziente Software-Implementierung des GMR-Signatur­systems; Proc. GI-Fachtagung Verläßliche Informationssysteme (VIS’91), March 1991, Darmstadt, Informatik-Fachberichte 271, Springer-Verlag, Heidelberg 1991, 329-345.

                                                                                                                                                                                           Shows that a scheme that is provably secure in a cryptologic sense and often considered impractical can in fact be implemented quite efficiently.

[25]                                                                                                                                                                                           David Chaum, Eugène van Heijst, Birgit Pfitzmann: Cryptographically Strong Undeniable Signatures, Unconditionally Secure for the Signer; Crypto ’91, LNCS 576, Springer-Verlag, Berlin 1992, 470-484.

                                                                                                                                                                                           Application of an idea similar to fail-stop to another class of signature schemes, Chaum’s so-called undeniable signatures, which the recipient cannot simply show around.

[46]                                                                                                                                                                                           DaPP_97 Ivan B. Damgård, Torben P. Pedersen, Birgit Pfitzmann: On the Existence of Statistically Hiding Bit Commitment Schemes and Fail-Stop Signatures; Journal of Cryptology 10/3 (1997) 163-194.

Conference version [32] (this contained an one more chapter, which was extended into [53], see Section 2.1.5).

                                                                                                                                                                                           Weakens the cryptologic assumptions under which fail-stop signatures can be constructed.

[TB10]                                                                                                                                                                                           Birgit Pfitzmann: Fail-Stop Signatures Without Trees; Hildesheimer Informatik-Berichte 16/94 (June 1994), Institut für Informatik, Universität Hildesheim.

                                                                                                                                                                                           Improvement of fail-stop signatures in respect to one of the two efficiency aspects where a  significant gap had remained between the upper and lower bounds in [42].

2.1.3                                                                                                                                                      Cryptanalysis

Breaking cryptologic systems, typically higher cryptologic ones, i.e., neither basic ones where breaking usually means finding a fast algorithm for a precisely given problem, nor protocols that only use cryptology in the form of black-box components.

[12]                                                                                                                                                                                           Birgit Pfitzmann, Andreas Pfitzmann: How to Break the Direct RSA-Implementation of MIXes; Eurocrypt ’89, LNCS 434, Springer-Verlag, Berlin 1990, 373-381.

[26]                                                                                                                                                                                           See payment systems.

[29]                                                                                                                                                                                           Birgit Pfitzmann, Michael Waidner: Attacks on protocols for server-aided RSA computation; Eurocrypt ’92, LNCS 658, Springer-Verlag, Berlin 1993, 153-162.

                                                                                                                                                                                           Server-aided computation allows a small device, e.g., a smartcard, to delegate some of its computing load to an untrusted larger device, e.g., a terminal.

[33]                                                                                                                                                                                           Birgit Pfitzmann: Breaking an Efficient Anonymous Channel; Eurocrypt ’94, LNCS 950, Springer-Verlag, Berlin 1995, 332-340.

[36]                                                                                                                                                                                           See payment systems.

2.1.4                                                                                                                                                      Other Cryptology

[TB11]                                                                                                                                                                                           Birgit Pfitzmann: Kryptographie; Skripten des Fachbereichs Mathematik, Informatik, Naturwissenschaften Nr. 5, Universität Hildesheim, April 1995.

[39]                                                                                                                                                                                           Birgit Pfitzmann, Matthias Schunter: Asymmetric Fingerprinting; Eurocrypt ’96, LNCS 1070, Springer-Verlag, Berlin 1996, 84-95.

                                                                                                                                                                                           Protocols for cryptologic copyright protection with non-repudiation; i.e., they allow responsibility to be assigned to one person. The advantages over previous schemes are analogous to those of asymmetric digital signatures over symmetric authentication codes.

[40]                                                                                                                                                                                           Pfit13_96 Birgit Pfitzmann: Trials of Traced Traitors; Information Hiding, LNCS 1174, Springer-Verlag, Berlin 1996, 49-64.

                                                                                                                                                                                           Similar ideas as in [39] for “broadcast encryption”, i.e., situations where data are broadcast in encrypted form and the copyright protection mechanisms are not applied to the data, but to the keys.

[41]                                                                                                                                                                                           Pfit12_96 Birgit Pfitzmann (collected by): Information Hiding Terminology — Results of an informal plenary meeting and additional proposals; Information Hiding, LNCS 1174, Springer-Verlag, Berlin 1996, 347-350.

                                                                                                                                                                                           Similarities and differences between copyright protection and related areas such as steganography.

[44]                                                                                                                                                                                           PfWa_97 Birgit Pfitzmann, Michael Waidner: Asymmetric Fingerprinting for Larger Collusions; 4th ACM Conference on Computer and Communications Security, Zürich, April 1997, 151-160.

                                                                                                                                                                                           More efficient protocols for the problem from [39].

2.2                                                                                                                                                      Security More Generally

2.2.1                                                                                                                                                      Untraceable Communication

Our earliest topic; protection against traffic analysis in networks.

[5]                                                                                                                                                                                           Andreas Pfitzmann, Birgit Pfitzmann, Michael Waidner: Datenschutz garantierende offene Kommuni­kationsnetze; Informatik-Spektrum 11/3 (1988) 118-142.

Preliminary version [1], Revisions [18].

[17]                                                                                                                                                                                           Andreas Pfitzmann, Birgit Pfitzmann, Michael Waidner: ISDN-MIXes – Untraceable Communication with very small Bandwidth Overhead; Proc. Kommunikation in verteilten Systemen, Feb. 1991, Mannheim, Informatik-Fachberichte 267, Springer-Verlag, Heidelberg 1991, 451-463.

Slightly extended in: Information Security, Proc. IFIP/Sec’91, May 1991, Brighton, D. T. Lindsay, W. L. Price (eds.), North-Holland, Amsterdam 1991, 245-258.

German conference and journal version [7, 10].

                                                                                                                                                                                           Private communication with real-time constraints; a subject that has recently found a lot of attention in the context of mobile computing, e.g., to prevent location information from being collected.

[20]                                                                                                                                                                                           Birgit Pfitzmann, Michael Waidner: Unbedingte Unbeobachtbarkeit mit kryptographischer Robustheit; Proc. GI-Fachtagung Verläßliche Informationssysteme (VIS’91), March 1991, Darmstadt, Informatik-Fachberichte 271, Springer-Verlag, Heidelberg 1991, 302-320.

Technical report in English with published abstract: [TB2, TB3].

2.2.2                                                                                                                                                      Digital Payment Systems, Electronic Marketplaces

[9]                                                                                                                                                                                           Michael Waidner, Birgit Pfitzmann: Loss-Tolerance for Electronic Wallets; FTCS 20, June 26-28, 1990, Newcastle upon Tyne (UK), 140-147.

Technical report with far more details [TB1] (80 pages), German version [4], English preliminary version presented at Smart Card 2000.

                                                                                                                                                                                           How users can get their money back in a secure way if their personal device, e.g., a card, is lost or breaks in digital payment systems where money is actually transferred onto the personal device for the purpose of offline payments.

[13]                                                                                                                                                                                           Birgit Pfitzmann, Michael Waidner, Andreas Pfitzmann: Rechtssicherheit trotz Anonymität in offenen digitalen Systemen; Datenschutz und Datensicherung DuD 14/5-6 (1990) 243-253, 305-315.

Preliminary version (1987): [2].

                                                                                                                                                                                           Systematic overview of typical components of legal or commercial transactions that could be carried out digitally, and of possible types of anonymity, and when and how they can be combined. Application primarily to digital payment systems. Contains a number of ideas that became relevant later, e.g., that electronic coins should not only contain a “coin number”, but also a “public coin key”. (This is the old paper where I repent most strongly that we did not write an English version.)

[26]                                                                                                                                                                                           Birgit Pfitzmann, Michael Waidner: How to Break and Repair a “Provably Secure” Untraceable Payment System; Crypto ’91, LNCS 576, Springer-Verlag, Berlin 1992, 338-350.

                                                                                                                                                                                           Breaks a (theoretical) payment system that is interesting in principle, but where an important aspect was overlooked already in the definition. With countermeasures.

[34]                                                                                                                                                                                           Jean-Paul Boly, Antoon Bosselaers, Ronald Cramer, Rolf Michelsen, Stig Mjølsnes, Frank Muller, Torben Pedersen, Birgit Pfitzmann, Peter de Rooij, Berry Schoenmakers, Matthias Schunter, Luc Vallée, Michael Waidner: The ESPRIT Project CAFE — High Security Digital Payment Systems; ESORICS 94 (Third European Symposium on Research in Computer Security), LNCS 875, Springer-Verlag, Berlin 1994, 217-230.

Preliminary version: Securicom ’94.

More detail technical reports about CAFE: [TB12, TB14].

                                                                                                                                                                                           Written by Michael Waidner and me; see Ch. 3 for the CAFE project.

[TB13]                                                                                                                                                                                           Birgit Pfitzmann, Michael Waidner: Strong Loss Tolerance for Untraceable Electronic Coin Systems; Hildesheimer Informatik-Berichte 15/95 (June 1995), Institut für Informatik, Universität Hildesheim.

Conditionally accepted for ACM Transactions on Computer Systems [BA2].

                                                                                                                                                                                           Same basic idea as in [9], but worked out for a different (newer) payment system.

[36]                                                                                                                                                                                           Birgit Pfitzmann, Matthias Schunter, Michael Waidner: How to Break Another “Provably Secure” Payment System; Eurocrypt ’95, LNCS 921, Springer-Verlag, Berlin 1995, 121-132.

                                                                                                                                                                                           Some relation to [26], but for another payment system (which, in contrast to that considered above, should never have been published). With an outlook on better definitions of payment systems, which should prevent such problems in future.

[TB16]                                                                                                                                                                                           Birgit Pfitzmann, Michael Waidner: Properties of Payment Systems — General Definition Sketch and Classification; IBM Research Report RZ 2823 (#90126) 05/06/96, IBM Research Division, Zurich, May 1996.

                                                                                                                                                                                           Sketch of a high-level definition of payment systems in the style of [31, 42, TB9] and  a systematic overview of properties of different systems. Intended both as a basis for working out the definition in a formal language and as the first half of an overview paper that also considers concrete systems.

2.2.3                                                                                                                                                      Devices and Infrastructure

[37]                                                                                                                                                                                           Hannes Federrath, Anja Jerichow, Andreas Pfitzmann, Birgit Pfitzmann: Mehrseitig sichere Schlüsselerzeugung; Proc. Trust Center 95, DuD Fachbeiträge, Vieweg, Wiesbaden 1995, 117-131.

                                                                                                                                                                                           Contribution to the discussions about so-called trusted third parties and their role in the administration of cryptologic keys.

[43]                                                                                                                                                                                           PPSW_97 Andreas Pfitzmann, Birgit Pfitzmann, Matthias Schunter, Michael Waidner: Trusting Mobile User Devices and Security Modules; IEEE Computer 30/2 (1997) 61-68.

German publication [35], longer preliminary English version [TB15]

                                                                                                                                                                                           Hardware and software preconditions for the secure application of cryptologic schemes such as digital signatures. Overview with several aspects that are usually overlooked.

2.2.4                                                                                                                                                      Miscellaneous Security

[3]                                                                                                                                                                                           Michael Waidner, Birgit Pfitzmann, Andreas Pfitzmann: Über die Notwendigkeit genormter kryptographischer Verfahren; Datenschutz und Datensicherung DuD /6 (1987) 293-299.

                                                                                                                                                                                           This paper and the next treat social aspects of cryptology and communication systems.

[6]                                                                                                                                                                                           Andreas Pfitzmann, Birgit Pfitzmann, Michael Waidner: Weitere Aspekte fernmelde­technischer Alternativen zum ISDN; PIK, Praxis der Informationsverarbeitung und Kommunikation 11/1 (1988) 5-7.

[8]                                                                                                                                                                                           Birgit Pfitzmann, Andreas Pfitzmann: Anmerkungen zu “Matthias Leclerc: Schlüssel­manage­ment durch Teilschlüssel, DuD 12/88”; Datenschutz und Datensicherung DuD /3 (1989) 116.

                                                                                                                                                                                           Small cryptanalysis.

[14]                                                                                                                                                                                           Andreas Pfitzmann, Birgit Pfitzmann: Technical Aspects of Data Protection in Health Care Informatics; Advances in Medical Informatics, J. Noothoven van Goor and J. P. Christensen (eds.), IOS Press, Amsterdam 1992, 368-386.

Preliminary version presented at AIM EUROFORUM; different version [11].

                                                                                                                                                                                           Overview with specific examples.

[28]                                                                                                                                                                                           Andreas Ort, Ralf Aßmann, Gerrit Bleumer, Manfred Böttger, Dirk Fox, Andreas Pfitzmann, Birgit Pfitzmann, Michael Waidner: Schutz in verteilten Systemen durch Kryptologie – Ein Praktikum im Informatik-Hauptstudium; Datenschutz und Datensicherung DuD 16/11 (1992) 571-579.

                                                                                                                                                                                           Article about a practical course.

[TB9]                                                                                                                                                                                           Birgit Pfitzmann, Michael Waidner: A General Framework for Formal Notions of “Secure” System; Hildesheimer Informatik-Berichte 11/94 (April 1994), Institut für Informatik, Universität Hildesheim.

                                                                                                                                                                                           Overview of how the techniques from [31, 42] can be generalized to obtain more general, and sometimes the first, definitions of other classes of cryptologic schemes.

2.3                                                                                                                                                      Distributed Systems

[16]                                                                                                                                                                                           Birgit Baum-Waidner, Birgit Pfitzmann, Michael Waidner: Unconditional Byzantine Agreement with Good Majority, STACS ’91, LNCS 480, Springer-Verlag, Heidelberg 1991, 285-295.

                                                                                                                                                                                           Byzantine agreement protocols provide reliable broadcast in networks that only have point-to-point connections and where processors may be faulty. Here a realization under conditions where folklore belief considered reliable broadcast impossible.

[27]                                                                                                                                                                                           Birgit Pfitzmann, Michael Waidner: Unconditional Byzantine Agreement for any Number of Faulty Processors; STACS ’92, LNCS 577, Springer-Verlag, Berlin 1992, 339-350.

                                                                                                                                                                                           Similar to [16] under even weaker assumptions.

[TB6]                                                                                                                                                                                           Birgit Pfitzmann, Michael Waidner: Unconditionally Untraceable and Fault-tolerant Broadcast and Secret Ballot Election; Hildesheimer Informatik-Berichte (May 1992), Institut für Informatik, Universität Hildesheim.

                                                                                                                                                                                           Voting scheme under the weakest possible assumptions. We should really publish this some time, but due to a lack of definitions in this field and the complexity of the protocol it is nontrivial to prove security in a satisfactory way.