| MetaEmu: An Architecture Agnostic Rehosting Framework for Automotive Firmware | 0 | 0.34 | 2022 |
| Fill your Boots: Enhanced Embedded Bootloader Exploits via Fault Injection and Binary Analysis. | 0 | 0.34 | 2021 |
| VoltPillager: Hardware-based fault injection attacks against Intel SGX Enclaves using the SVID voltage scaling interface | 0 | 0.34 | 2021 |
| Plundervolt: How a Little Bit of Undervolting Can Create a Lot of Trouble | 0 | 0.34 | 2020 |
| Grey-box Analysis and Fuzzing of Automotive Electronic Components via Control-Flow Graph Extraction | 0 | 0.34 | 2020 |
| Dismantling DST80-based Immobiliser Systems. | 0 | 0.34 | 2020 |
| Plundervolt: Software-based Fault Injection Attacks against Intel SGX | 11 | 0.58 | 2020 |
| A Vehicular DAA Scheme for Unlinkable ECDSA Pseudonyms in V2X | 1 | 0.35 | 2020 |
| A Tale of Two Worlds: Assessing the Vulnerability of Enclave Shielding Runtimes | 6 | 0.47 | 2019 |
| Dismantling the AUT64 Automotive Cipher. | 0 | 0.34 | 2018 |
| Spinner: Semi-Automatic Detection of Pinning without Hostname Verification. | 3 | 0.40 | 2017 |
| Why Banker Bob (Still) Can't Get TLS Right: A Security Analysis of TLS in Leading UK Banking Apps. | 3 | 0.40 | 2017 |
| HumIDIFy: A Tool for Hidden Functionality Detection in Firmware. | 2 | 0.36 | 2017 |
| Stringer: Measuring The Importance Of Static Data Comparisons To Detect Backdoors And Undocumented Functionality | 0 | 0.34 | 2017 |
| Lock It And Still Lose It - On The (In) Security Of Automotive Remote Keyless Entry Systems | 10 | 0.93 | 2016 |
| On the (in)security of the latest generation implantable cardiac defibrillators and how to secure them. | 3 | 0.37 | 2016 |
| The Fall of a Tiny Star. | 0 | 0.34 | 2016 |
| Cryptanalysis of the Megamos Crypto Automotive Immobilizer. | 0 | 0.34 | 2015 |
| Relay Cost Bounding for Contactless EMV Payments | 7 | 0.51 | 2015 |
| Wirelessly lockpicking a smart card reader | 1 | 0.36 | 2014 |
| Dismantling Megamos Crypto: Wirelessly Lockpicking a Vehicle Immobilizer | 19 | 1.02 | 2013 |
| Cell-based privacy-friendly roadpricing | 7 | 0.56 | 2013 |
| Dismantling iClass and iClass Elite. | 6 | 0.55 | 2012 |
| Gone in 360 seconds: Hijacking with Hitag2 | 30 | 1.33 | 2012 |
| Cell-Based roadpricing | 3 | 0.41 | 2011 |
| Exposing iClass key diversification | 6 | 0.51 | 2011 |
| Dismantling SecureMemory, CryptoMemory and CryptoRF | 10 | 0.70 | 2010 |
| Towards a practical solution to the RFID desynchronization problem | 0 | 0.34 | 2010 |
| Modeling privacy for off-line RFID systems | 16 | 0.85 | 2010 |
| Privacy-friendly energy-metering via homomorphic encryption | 65 | 3.42 | 2010 |
| A Schnorr-Like Lightweight Identity-Based Signature Scheme | 40 | 1.38 | 2009 |
| Computational soundness of non-malleable commitments | 8 | 0.44 | 2008 |
| Dismantling MIFARE Classic | 58 | 3.94 | 2008 |
| A Practical Attack on the MIFARE Classic | 50 | 4.82 | 2008 |
| Sound and complete computational interpretation of symbolic hashes in the standard model | 7 | 0.45 | 2008 |
| Probabilistic Anonymity and Admissible Schedulers | 7 | 0.49 | 2007 |
| Sound computational interpretation of symbolic hashes in the standard model | 6 | 0.42 | 2006 |
| Sound Computational Interpretation of Formal Hashes. | 5 | 0.46 | 2006 |
| Completeness of Formal Hashes in the Standard Model. | 1 | 0.35 | 2006 |
| Provable anonymity | 21 | 0.98 | 2005 |
| Off-Line karma: a decentralized currency for peer-to-peer and grid applications | 14 | 0.78 | 2005 |
| Spam Filter Analysis | 12 | 0.79 | 2004 |
