Paul van Oorschot
#67,024
Most Influential Person Now
Cryptographer
Paul van Oorschot's AcademicInfluence.com Rankings
Paul van Oorschotmathematics Degrees
Mathematics
#5406
World Rank
#7610
Historical Rank
Measure Theory
#856
World Rank
#1125
Historical Rank
Download Badge
Computer Science Mathematics
Why Is Paul van Oorschot Influential?
(Suggest an Edit or Addition)According to Wikipedia, Paul C. van Oorschot is a cryptographer and computer security researcher, currently a professor of computer science at Carleton University in Ottawa, Ontario, where he holds the Canada Research Chair in Authentication and Computer Security. He is a Fellow of the Royal Society of Canada . He is best known as co-author of the Handbook of Applied Cryptography , together with Alfred Menezes and Scott Vanstone. Van Oorschot was awarded the 2000 J.W. Graham Medal in Computing Innovation. He also helped organize the first Selected Areas in Cryptography workshop in 1994.
Paul van Oorschot's Published Works
Number of citations in a given year to any of this author's works
Total number of citations to an author for the works they published in a given year. This highlights publication of the most important work(s) by the author
Published Works
- Handbook of Applied Cryptography (2018) (12221)
- Authentication and authenticated key exchanges (1992) (1148)
- The Quest to Replace Passwords: A Framework for Comparative Evaluation of Web Authentication Schemes (2012) (784)
- Graphical passwords: Learning from the first twelve years (2012) (744)
- A methodology for empirical analysis of permission-based security models and its application to android (2010) (555)
- White-Box Cryptography and an AES Implementation (2002) (383)
- Parallel Collision Search with Cryptanalytic Applications (2013) (373)
- Graphical Password Authentication Using Cued Click Points (2007) (367)
- On unifying some cryptographic protocol logics (1994) (342)
- A White-Box DES Implementation for DRM Applications (2002) (296)
- A Research Agenda Acknowledging the Persistence of Passwords (2012) (291)
- Human-Seeded Attacks and Exploiting Hot-Spots in Graphical Passwords (2007) (271)
- MDx-MAC and Building Fast MACs from Hash Functions (1995) (271)
- A Usability Study and Critique of Two Password Managers (2006) (256)
- Influencing users towards better passwords: persuasive cued click-points (2008) (238)
- A second look at the usability of click-based graphical passwords (2007) (237)
- SoK: SSL and HTTPS: Revisiting Past Challenges and Evaluating Certificate Trust Model Enhancements (2013) (236)
- Multiple password interference in text passwords and click-based graphical passwords (2009) (219)
- Pass-thoughts: authenticating with our minds (2005) (199)
- Passwords and the evolution of imperfect authentication (2015) (193)
- Persuasive Cued Click-Points: Design, Implementation, and Evaluation of a Knowledge-Based Authentication Mechanism (2012) (188)
- Improving text passwords through persuasion (2008) (186)
- Overview of Cryptography (1996) (181)
- On Diffie-Hellman Key Agreement with Short Exponents (1996) (178)
- Graphical Dictionaries and the Memorable Space of Graphical Passwords (2004) (175)
- An Administrator's Guide to Internet Password Research (2014) (158)
- Parallel collision search with application to hash functions and discrete logarithms (1994) (156)
- Purely Automated Attacks on PassPoints-Style Graphical Passwords (2010) (156)
- Towards secure design choices for implementing graphical passwords (2004) (155)
- On predictive models and user-drawn graphical passwords (2008) (153)
- User interface design affects security: patterns in click-based graphical passwords (2009) (150)
- Using a Personal Device to Strengthen Password Authentication from an Untrusted Computer (2007) (141)
- DNS-based Detection of Scanning Worms in an Enterprise Network (2005) (140)
- Extending cryptographic logics of belief to key agreement protocols (1993) (138)
- Passwords: If We're So Smart, Why Are We Still Using Them? (2009) (136)
- Handbook Of Applied Cryptography Crc Press (2015) (134)
- Pretty Secure BGP, psBGP (2005) (132)
- An Introduction to Error Correcting Codes with Applications (1989) (130)
- A generic attack on checksumming-based software tamper resistance (2005) (124)
- On interdomain routing security and pretty secure BGP (psBGP) (2007) (118)
- Revisiting Defenses against Large-Scale Online Password Guessing Attacks (2012) (113)
- Revisiting Software Protection (2003) (113)
- Password Portfolios and the Finite-Effort User: Sustainably Managing Large Numbers of Accounts (2014) (111)
- Internet geolocation: Evasion and counterevasion (2009) (110)
- On the Security of Iterated Message Authentication Codes (1999) (109)
- On the Security of Two MAC Algorithms (1996) (107)
- Security and usability: the gap in real-world online banking (2008) (102)
- Exploiting predictability in click-based graphical passwords (2011) (101)
- On countering online dictionary attacks with login histories and humans-in-the-loop (2006) (96)
- A Unified Cryptographic Protocol Logic (1996) (90)
- The developer is the enemy (2009) (87)
- A Known Plaintext Attack on Two-Key Triple Encryption (1991) (86)
- On instant messaging worms, analysis and countermeasures (2005) (84)
- Exploring usability effects of increasing security in click-based graphical passwords (2010) (82)
- Usability of anonymous web browsing: an examination of Tor interfaces and deployability (2007) (82)
- Browser interfaces and extended validation SSL certificates: an empirical study (2009) (82)
- Device fingerprinting for augmenting web authentication: classification and analysis of methods (2016) (79)
- SoK: Science, Security and the Elusive Goal of Security as a Scientific Pursuit (2017) (76)
- Hardware-assisted circumvention of self-hashing software tamper resistance (2005) (76)
- On Purely Automated Attacks and Click-Based Graphical Passwords (2008) (75)
- Secure Software Installation on Smartphones (2011) (75)
- Multiple Password Interference in Text and Click-Based Graphical Passwords (2008) (74)
- SOMA: mutual approval for included content in web pages (2008) (70)
- Efficient Implementation (69)
- Understanding and improving app installation security mechanisms through empirical analysis of android (2012) (68)
- Applications of combinatorial designs in computer science (1989) (67)
- Security and Usability Challenges of Moving-Object CAPTCHAs: Decoding Codewords in Motion (2012) (63)
- A three-way investigation of a game-CAPTCHA: automated attacks, relay attacks and usability (2014) (60)
- Exploring User Reactions to New Browser Cues for Extended Validation Certificates (2008) (60)
- Persuasion for Stronger Passwords: Motivation and Pilot Study (2008) (58)
- Improving Implementable Meet-in-the-Middle Attacks by Orders of Magnitude (1996) (56)
- Tapas: design, implementation, and usability evaluation of a password manager (2012) (55)
- Privacy-enhanced sharing of personal content on the web (2008) (54)
- TwoStep: An Authentication Method Combining Text and Graphical Passwords (2009) (51)
- Leveraging personal devices for stronger password authentication from untrusted computers (2011) (47)
- User Study, Analysis, and Usable Security of Passwords Based on Digital Objects (2011) (46)
- On key distribution via true broadcasting (1994) (45)
- Measuring SSL Indicators on Mobile Browsers: Extended Life, or End of the Road? (2012) (43)
- An Empirical Evaluation of Security Indicators in Mobile Web Browsers (2015) (42)
- Quantifying the security advantage of password expiration policies (2015) (42)
- Key recovery attack on ANSI X9.19 retail MAC (1996) (38)
- Markets for zero-day exploits: ethics and implications (2013) (38)
- Securing the Destination-Sequenced Distance Vector Routing Protocol (S-DSDV) (2004) (38)
- Revisiting password rules: facilitating human management of passwords (2016) (36)
- Modern key agreement techniques (1994) (36)
- Analysis of BGP prefix origins during Google's May 2005 outage (2006) (34)
- Detecting intra-enterprise scanning worms based on address resolution (2005) (33)
- Centered Discretization with Application to Graphical Passwords (2008) (32)
- Digital Objects as Passwords (2008) (31)
- CPV: Delay-Based Location Verification for the Internet (2017) (30)
- Security Analysis and Related Usability of Motion-Based CAPTCHAs: Decoding Codewords in Motion (2014) (30)
- A geometric approach to root finding in GF(qm) (1989) (30)
- Software Protection and Application Security : Understanding the Battleground ? (2003) (29)
- S-RIP: A Secure Distance Vector Routing Protocol (2004) (28)
- Internet Geolocation and Evasion (2006) (27)
- Mitigating Network Denial-of-Service Through Diversity-Based Traffic Management (2005) (26)
- Tracking Darkports for Network Defense (2007) (25)
- Exploring the Usability of CAPTCHAS on Smartphones: Comparisons and Recommendations (2015) (25)
- A Protocol for Secure Public Instant Messaging (2006) (23)
- ARP-based Detection of Scanning Worms Within an Enterprise Network (2005) (23)
- Pushing on string (2016) (23)
- A Comparison of Practical Public Key Cryptosystems Based on Integer Factorization and Discrete Logarithms (1990) (22)
- Self-Signed Executables: Restricting Replacement of Program Binaries by Malware (2007) (22)
- A monitoring system for detecting repeated packets with applications to computer worms (2006) (21)
- Meteor: Seeding a Security-Enhancing Infrastructure for Multi-market Application Ecosystems (2012) (21)
- Accurate One-Way Delay Estimation With Reduced Client Trustworthiness (2015) (21)
- A multi-word password proposal (gridWord) and exploring questions about science in security research and usable security evaluation (2011) (21)
- What Lies Beneath? Analyzing Automated SSH Bruteforce Attacks (2015) (21)
- Countering Identity Theft Through Digital Uniqueness, Location Cross-Checking, and Funneling (2005) (21)
- The Future of Authentication (2020) (20)
- Deadbolt: locking down android disk encryption (2013) (20)
- An Alternate Explanation of two BAN-logic "failures" (1994) (19)
- Proceedings of the 17th conference on Security symposium (2008) (18)
- Secure Public Instant Messaging (2004) (17)
- Some Computational Aspects of Root Finding in GF(qm) (1988) (17)
- Addressing Online Dictionary Attacks with Login Histories and Humans-in-the-Loop (Extended Abstract) (2004) (17)
- Onboarding and Software Update Architecture for IoT Devices (2019) (17)
- Exposure Maps: Removing Reliance on Attribution During Scan Detection (2006) (17)
- Server Location Verification (SLV) and Server Location Pinning: Augmenting TLS Authentication (2016) (16)
- Network scan detection with LQS: a lightweight, quick and stateful algorithm (2011) (16)
- Accurate Manipulation of Delay-based Internet Geolocation (2017) (16)
- Three-Way Dissection of a Game-CAPTCHA: Automated Attacks, Relay Attacks, and Usability (2013) (16)
- Passwords for Both Mobile and Desktop Computers: ObPwd for Firefox and Android (2012) (15)
- Centered discretization with application to graphical passwords (full paper) (2008) (14)
- Addressing the Problem of Undetected Signature Key Compromise (1999) (14)
- Heuristics for the evaluation of captchas on smartphones (2015) (14)
- Message authentication by integrity with public corroboration (2005) (13)
- Science of Security: Combining Theory and Measurement to Reflect the Observable (2018) (13)
- On the security and usability of dynamic cognitive game CAPTCHAs (2017) (13)
- Security visualization tools and IPv6 addresses (2009) (13)
- Complexity Issues for Public Key Cryptography (1988) (13)
- A control point for reducing root abuse of file-system privileges (2010) (12)
- Taxing the Queue: Hindering Middleboxes From Unauthorized Large-Scale Traffic Relaying (2015) (12)
- Addressing Malicious SMTP-based Mass-Mailing Activity Within an Enterprise Network (12)
- On the temporal authentication of digital data (1999) (11)
- Baton: certificate agility for android's decentralized signing infrastructure (2014) (11)
- Improving Security Visualization with Exposure Map Filtering (2008) (11)
- INTRODUCTION and FUNDAMENTALS (1989) (11)
- The Internet of Things: Security Challenges (2019) (11)
- A Selective Introduction to Border Gateway Protocol ( BGP ) Security Issues (2005) (11)
- Location verification on the Internet: Towards enforcing location-aware access policies over Internet clients (2014) (11)
- Chapter 9 Hash Functions and Data Integrity (10)
- BP: Formal Proofs, the Fine Print and Side Effects (2018) (10)
- Security analysis of the message authenticator algorithm (MAA) (1997) (10)
- Hash Functions and Data Integrity (1996) (10)
- The Usable Security of Passwords based on Digital Objects : From Design and Analysis to User Study ∗ (2010) (10)
- CROO: A Universal Infrastructure and Protocol to Detect Identity Fraud (2008) (10)
- Subgroup Refinement Algorithms for Root Finding in GF(q) (1992) (9)
- Comparative Analysis and Framework Evaluating Web Single Sign-on Systems (2018) (9)
- Exploration and Field Study of a Password Manager Using Icon-Based Passwords (2011) (9)
- Securing Email (2018) (9)
- A survey and analysis of TLS interception mechanisms and motivations (2020) (8)
- Exploration and Field Study of a Browser-based Password Manager using Icon-based Passwords ? (2011) (8)
- Addressing SMTP-Based Mass-Mailing Activity within Enterprise Networks (2006) (8)
- SoK: Securing Email - A Stakeholder-Based Analysis (2020) (8)
- Weighing Down "The Unbearable Lightness of PIN Cracking" (2008) (7)
- Cryptographic Information Recovery Using Key Recover (2000) (7)
- Reducing Unauthorized Modification of Digital Objects (2012) (7)
- On Predicting and Exploiting HotSpots in Click-Based Graphical Passwords (2008) (7)
- Mercury: Recovering Forgotten Passwords Using Personal Devices (2011) (7)
- Reducing threats from flawed security APIs: The banking PIN case (2009) (7)
- Discovering Packet Structure through Lightweight Hierarchical Clustering (2008) (7)
- Key Management Techniques (1996) (6)
- Back to the Future: Revisiting IPv6 Privacy Extensions (2011) (6)
- Best Practices for IoT Security: What Does That Even Mean? (2020) (5)
- Coding Theory And Cryptology (1999) (5)
- Evaluation in the absence of absolute ground truth: toward reliable evaluation methodology for scan detectors (2013) (5)
- Intrusion Detection and Network-Based Attacks (2020) (5)
- Countering unauthorized code execution on commodity kernels: A survey of common interfaces allowing kernel code modification (2011) (5)
- Baseline functionality for security and control of commodity IoT devices and domain-controlled device lifecycle management (2018) (4)
- Empirical Analysis and Privacy Implications in OAuth-based Single Sign-On Systems (2021) (4)
- System configuration as a privilege (2009) (3)
- Internet of Things Security: Is Anything New? (2018) (3)
- Revisiting network scanning detection using sequential hypothesis testing (2012) (3)
- On splitting sets in block designs and finding roots of polynomials (1990) (3)
- System security, platform security and usability (2010) (3)
- Analysis, Implications, and Challenges of an Evolving Consumer IoT Security Landscape (2019) (3)
- Revisiting past challenges and evaluating certificate trust model enhancements Extended Version (2013) (2)
- Software Security and Systematizing Knowledge (2019) (2)
- Security Issues in the Border Gateway Protocol ( BGP ) (2005) (2)
- Baton: Key Agility for Android without a Centralized Certificate Infrastructure (2013) (2)
- Localization of credential information to address increasingly inevitable data breaches (2009) (2)
- VideoTicket: detecting identity fraud attempts via audiovisual certificates and signatures (2008) (2)
- On Identity Theft and a Countermeasure based on Digital Uniqueness and Location Cross-Checking? (2005) (2)
- Secure Routing Protocols Using Consistency Checks and S-RIP (2003) (2)
- Accommodating IPv6 Addresses in Security Visualization Tools * (2011) (2)
- Computer Security and the Internet - Tools and Jewels (2020) (2)
- Secure Client and Server Geolocation over the Internet (2019) (2)
- A Protocol for Secure Public Instant Messaging (Extended Version) (2006) (1)
- Basic Concepts and Principles (2020) (1)
- Combinatorial and computational issues related to finding roots of polynomials over finite fields (1988) (1)
- Toward Unseating the Unsafe C Programming Language (2021) (1)
- Coevolution of Security's Body of Knowledge and Curricula (2021) (1)
- Patents and Standards (1996) (1)
- Pseudorandom Bits and Sequences (1996) (1)
- Proceedings of the 2015 New Security Paradigms Workshop (2015) (1)
- Handbook of Applied Crytography.@@@The Crytographic Imagination: Secret Writing from Edgar Poe to the Internet. (1999) (1)
- IoT Security Best Practices: A Critical Analysis (2022) (1)
- User Authentication—Passwords,Biometrics and Alternatives (2020) (1)
- Public-Key Certificate Management and Use Cases (2020) (1)
- On the Evasion of Delay-Based IP Geolocation (2014) (1)
- Bibliography of Papers from Selected Cryptographic Forums (1996) (1)
- Public-Key Encryption (1996) (1)
- Systematic Analysis and Comparison of Security Advice Datasets (2022) (1)
- SoK: Password-Authenticated Key Exchange -- Theory, Practice, Standardization and Real-World Lessons (2022) (1)
- A Discussion on Security Education in Academia (2018) (1)
- Exploring Privacy Implications in OAuth Deployments (2021) (1)
- Pair-Splitting Sets in AG(m, q) (1992) (1)
- A Close Look at a Systematic Method for Analyzing Sets of Security Advice (2022) (1)
- Authentication Protocols and Key Establishment (2020) (1)
- Number-Theoretic Reference Problems (1996) (1)
- Identification and Entity Authentication (1996) (1)
- An Enhanced Code Encryption Approach with HNT Transformations for Software Security (2017) (0)
- Browser Enhancements for Preventing Phishing Attacks (2007) (0)
- CAPS: Smoothly Transitioning to a More Resilient Web PKI (2020) (0)
- Memory Errors and Memory Safety: C as a Case Study (2023) (0)
- Security as an Artificial Science, System Administration, and Tools (2022) (0)
- Resonant Battery Balancing (2010) (0)
- Chapter 15 Patents and Standards (0)
- A Comparison of Practical Public-Key based on Integer Factorization and Discrete (extended abstract) (1991) (0)
- Proceedings of the 2017 New Security Paradigms Workshop (2009) (0)
- Privacy-Enhanced SharingofPersonalContentontheWeb (2008) (0)
- Science, Security and Academic Literature: Can We Learn from History? (2017) (0)
- Blockchains and Stealth Tactics for Teaching Security (2020) (0)
- Selected areas in cryptography (1997) (0)
- Broadcasting Session Keys (1994) (0)
- Design Choices and Security Implications in Implementing Diffie-Hellman Key Agreement (1995) (0)
- Deadbolt: Locking Down Android Encryption (2013) (0)
- Variable Size Block Encryption using Dynamic-key Mechanism (VBEDM) (2020) (0)
- Firewalls and Tunnels (2020) (0)
- Special Issue: Selected Areas in Cryptography - Introduction (1997) (0)
- Letter to the Editor (2018) (0)
- Reduction of Password Guessing Attacks using Click Point (2016) (0)
- SoK: Securing Email -- A Stakeholder-Based Analysis (Extended Version) (2018) (0)
- Chapter 4 Public-Key Parameters (0)
- Computer Security and the Internet - Tools and Jewels from Malware to Bitcoin, Second Edition (2021) (0)
- SSOPrivateEye: Timely Disclosure of Single Sign-On Privacy Design Differences (2022) (0)
- Poster : Verifying Geographic Location Presence of Internet Clients (2016) (0)
- SecurityandUsability: TheGapinReal-World OnlineBanking (2007) (0)
- System Security, Platform Security and Usability (Extended Abstract) (2010) (0)
- Chapter 5 Pseudorandom Bits and Sequences (0)
- Proceedings of the 17th USENIX Security Symposium, July 28-August 1, 2008, San Jose, CA, USA (2008) (0)
- Chapter 8 Public-Key Encryption (0)
- Cryptographic Building Blocks (2020) (0)
- A View of Security as 20 Subject Areas in Four Themes (2022) (0)
- External Reviewers (2006) (0)
- Operating System Security and Access Control (2020) (0)
- Passwords for Both Mobile and Desktop Computers Appendix (2012) (0)
- A Novel Image Encryption Method with Z-Order Curve and Random Number (2019) (0)
- Highlights from the 2005 New Security Paradigms Workshop (2005) (0)
- Computer Security Course Bibliography (2002) (0)
- Chapter 12 Key Establishment Protocols (0)
- Software Security—Exploits and Privilege Escalation (2020) (0)
- Web and Browser Security (2020) (0)
- ERROR CORRECTION TECHNIQUES and DIGITAL AUDIO RECORDING (1989) (0)
- Graphical Password Authentication (2018) (0)
- Key Establishment Protocols (1996) (0)
- Some Special Linear Codes (1989) (0)
- Untangling Security and Privacy (2020) (0)
- Session details: Network security (2008) (0)
- BCH CODES and BOUNDS FOR CYCLIC CODES (1989) (0)
This paper list is powered by the following services:
Other Resources About Paul van Oorschot
What Schools Are Affiliated With Paul van Oorschot?
Paul van Oorschot is affiliated with the following schools:
