Metadata; Books; Journal articles; Conference proceedings articles; Contributions to books; Edited books; Other publications; Presentations at conferences and seminars; Journalism; Patents; Footnotes
Back to Chris Mitchell's home page
The following information should help disambiguate me from the many other Chris Mitchells.
[B1] A. W. Dent and C. J. Mitchell, 'User's Guide to Cryptography and Standards', Artech House, 2005.
[1] H. J. Beker and C. J. Mitchell, 'A construction method for point divisible designs', Journal of Statistical Planning and Inference 2 (1978) 293-306.
[2] C.J. Mitchell, 'An infinite family of symmetric designs' (pdf), Discrete Mathematics 26 (1979) 247-250.
[3] H.J. Beker, C.J. Mitchell and F.C. Piper, 'Tactical decompositions of designs' (pdf), Aequationes Mathematicae 25 (1982) 123-152.
[4] C.J. Mitchell, 'Group divisible designs with dual properties' (pdf), Mitteilungen aus dem Mathem. Seminar Giessen, Sonderdruck aus Heft 165 (1984) 105-117.
[5] C.J. Mitchell and F.C. Piper, 'A classification of time element speech scramblers' (pdf), Journal of the IERE 55 (1985) 391-396.
[6] C.J. Mitchell and P.R. Wild, 'Switch reduction for bidirectional telephone systems' (pdf), Electronics Letters 23 (1987) 346-347.
[7] C.J. Mitchell and F.C. Piper, 'The cost of reducing key-storage requirements in secure networks' (pdf), Computers and Security 6 (1987) 339-341.
[8] H. J. Beker and C. J. Mitchell, 'Permutations with restricted displacement', SIAM Journal on Algebraic and Discrete Methods 8 (1987) 338-363.
[9] J. Jedwab and C.J. Mitchell, 'Constructing new perfect binary arrays' (pdf), Electronics Letters 24 (1988) 650-652.
[10] C.J. Mitchell, 'Comment on 'Existence of one-dimensional perfect binary arrays'' (pdf), Electronics Letters 24 (1988) 714.
[11] C.J. Mitchell and P.R. Wild, 'Switching networks for bidirectional telephone systems' (pdf), Ars Combinatoria 25A (1988) 89-94.
[12] C.J. Mitchell and P.R. Wild, 'Switch minimisation for a simple bidirectional network' (pdf), Electronics Letters 24 (1988) 1284-1286.
[13] C.J. Mitchell and F.C. Piper, 'Key storage in secure networks' (pdf), Discrete Applied Mathematics 21 (1988) 215-228.
[14] C.J. Mitchell and M. Walker, 'Solutions to the multidestination secure electronic mail problem' (pdf), Computers and Security 7 (1988) 483-488.
[15] C.J. Mitchell, 'Multi-destination secure electronic mail' (pdf), The Computer Journal 32 (1989) 13-15.
[16] C.J. Mitchell, P.D.C. Rush and M. Walker, 'A remark on hash functions for message authentication', Computers and Security 8 (1989) 55-58.
[17] C.J. Mitchell and P.R. Wild, 'One-stage one-sided rearrangeable switching networks' (pdf), IEEE Transactions on Communications COM-37 (1989) 52-56.
[18] A. Selby and C.J. Mitchell, 'Algorithms for software implementations of RSA' (pdf), IEE Proceedings Part E (Computers and Digital Techniques) 136 (1989) 166-170.
[19] C.J. Mitchell, P.D.C. Rush and M. Walker, 'CCITT/ISO standards for secure message handling', IEEE Journal on Selected Areas in Communications 7 (1989) 517-524.
[20] C.J. Mitchell, 'Another postage stamp problem' (pdf), The Computer Journal 32 (1989) 374-376.
[21] J. Jedwab and C.J. Mitchell, 'Minimum weight modified signed-digit representations and fast exponentiation' (pdf), Electronics Letters 25 (1989) 1171-1172.
[22] C.J. Mitchell, 'Limitations of challenge-response entity authentication", Electronics Letters 25 (1989) 1195-1196.
[23] C.J. Mitchell, 'Comment on 'Blocking method for RSA cryptosystem without expanding cipher length'' (pdf), Electronics Letters 25 (1989) 1527.
[24] C.J. Mitchell, 'Distance-invariant error control codes from combinatorial designs' (pdf), Electronics Letters 25 (1989) 1528-1529.
[25] J. Burns and C.J. Mitchell, 'A security scheme for resource sharing over a network', Computers and Security 9 (1990) 67-75.
[26] J. Jedwab and C.J. Mitchell, 'Infinite families of quasiperfect and doubly quasiperfect binary arrays' (pdf), Electronics Letters 26 (1990) 294-295.
[27] C. I'Anson and C.J. Mitchell, 'Security defects in C.C.I.T.T. Recommendation X.509 - The directory authentication framework' (pdf), ACM Computer Communication Review 20 no 2 (April 1990) 30-34.
[28] C.J. Mitchell, P.D.C. Rush and M. Walker, 'A secure messaging architecture implementing the X.400-1988 security features' (pdf), The Computer Journal 33 (1990) 290-295.
[29] C.J. Mitchell, 'Enumerating Boolean functions of cryptographic significance', Journal of Cryptology 2 (1990) 155-170.
[30] P. Godlewski and C. J. Mitchell, 'Key-minimal cryptosystems for unconditional secrecy', Journal of Cryptology 3 (1990) 1-25.
[31] C.J. Mitchell and V. Varadharajan, 'Modified forms of cipher block chaining', Computers and Security 10 (1991) 37-40.
[32] C.J. Mitchell, 'Authenticating multicast Internet electronic mail messages using a bidirectional MAC is insecure', IEEE Transactions on Computers 41 (1992) 505-507.
[33] C.J. Mitchell and A. Thomas, 'Standardising authentication protocols based on public key techniques', Journal of Computer Security, 2 (1993) 23-36.
[34] C. J. Mitchell and K. G. Paterson, 'Decoding perfect maps', Designs, Codes and Cryptography, 4 (1994) 11-30.
[35] J. Jedwab, C. J. Mitchell, F. C. Piper and P. R. Wild, 'Perfect binary arrays and difference sets', Discrete Mathematics, 125 (1994) 241-254.
[36] C. J. Mitchell, M. Walker and P. R. Wild, 'The combinatorics of perfect authentication schemes', SIAM Journal on Discrete Mathematics, 7 (1994) 102-107.
[37] J. Burns and C. J. Mitchell, 'On parameter selection for server-aided RSA computation schemes' (pdf), IEEE Transactions on Computers, 43 (1994) 163-174.
[38] C. J. Mitchell, 'Constructing c-ary Perfect Factors', Designs, Codes and Cryptography, 4 (1994) 341-368.
[39] C. J. Mitchell, 'Aperiodic and semi-periodic perfect maps', IEEE Transactions on Information Theory, 41 (1995) 88-95.
[40] L. Chen, D. Gollmann and C. J. Mitchell, 'Distributing trust amongst multiple authentication servers', Journal of Computer Security, 3 (1994/95) 255-267.
[41] C.J. Mitchell, F.C. Piper, M. Walker and P.R. Wild, 'Authentication schemes, perfect local randomizers, perfect secrecy and secret sharing schemes' (pdf), Designs, Codes and Cryptography, 7 (1996) 101-110.
[42] D. Gollmann, Y. Han and C.J. Mitchell, 'Redundant integer representations and fast exponentiation', Designs, Codes and Cryptography, 7 (1996) 135-151.
[43] C.J. Mitchell, 'The Royal Holloway TTP-based key escrow scheme', Information Security Technical Report, 1 no. 1 (1996) 63-69.
[44] C.J. Mitchell, T. Etzion and K.G. Paterson, 'A method for constructing decodable de Bruijn sequences', IEEE Transactions on Information Theory, 42 (1996) 1472-1478.
[45] C.J. Mitchell and L. Chen, 'Comments on the S/KEY user authentication scheme', ACM Operating Systems Review, 30 no. 4 (October 1996) 12-16.
[46] G.H. Hurlbert, C.J. Mitchell and K.G. Paterson, 'On the existence of de Bruijn tori with two by two windows', Journal of Combinatorial Theory, Series A, 76 (1996) 213-230.
[47] Y. Han, C.J. Mitchell and D. Gollmann, 'A fast modular exponentiation for RSA on systolic arrays', International Journal of Computer Mathematics, 63 (1997) 215-226.
[48] L. Chen, D. Gollmann and C.J. Mitchell, 'Authentication using minimally trusted servers', ACM Operating Systems Review, 31 no. 3 (July 1997) 16-28.
[49] C.J. Mitchell, 'De Bruijn sequences and perfect factors', SIAM Journal on Discrete Mathematics, 10 (1997) 270-281.
[50] C.J. Mitchell, 'Authentication using cryptography', Information Security Technical Report, 2 no. 2 (1997) 25-32.
[51] C. J. Mitchell, M. Ward and P. Wilson, 'Key control in key agreement protocols', Electronics Letters, 34 (1998) 980-981.
[52] C. J. Mitchell and K.G. Paterson, 'Perfect factors from cyclic codes and interleaving', SIAM Journal on Discrete Mathematics, 11 (1998) 241-264.
[53] K. M. Martin and C. J. Mitchell, 'Analysis of hash function of Yi and Lam', Electronics Letters, 34 (1998) 2327-2328.
[54] C. Y. Yeun, C. J. Mitchell and S.-L. Ng, 'Comment - Signature scheme based on discrete logarithm without using one-way hash-function', Electronics Letters, 34 (1998) 2329-2330.
[55] C. J. Mitchell and C. Y. Yeun, 'Fixing a problem in the Helsinki protocol', ACM Operating Systems Review, 32 no. 4 (October 1998) 21-24.
[56] C. J. Mitchell, 'On integer-valued rational polynomials and depth distributions of binary codes', IEEE Transactions on Information Theory, 44 (1998) 3146-3150.
[57] C. J. Mitchell and C. Y. Yeun, 'Comment - Signature with message recovery', Electronics Letters, 35 (1999) 217.
[58] K. Rantos and C. J. Mitchell, 'Remarks on KRA's key recovery block format', Electronics Letters, 35 (1999) 632-634.
[59] K. M. Martin and C. J. Mitchell, 'Comments on an optimized protocol for mobile network authentication and security', ACM Mobile Computing and Communications Review, 3 no. 2 (April 1999) 37.
[60] D. Coppersmith and C. J. Mitchell, 'Attacks on MacDES MAC Algorithm' (pdf), Electronics Letters, 35 (1999) 1626-1627.
[61] C. J. Mitchell and K. Rantos, 'A fair certification protocol' (pdf), ACM Computer Communication Review, 29 no. 3 (July 1999) 47-49.
[62] C. J. Mitchell and S.-L. Ng, 'Comment - Horng's identification scheme based on Shamir's 'RSA for paranoids'' (pdf), Electronics Letters, 36 (2000) 422.
[63] C. J. Mitchell, 'Making serial number based authentication robust against loss of state' (pdf), ACM Operating Systems Review, 34 no. 3 (July 2000) 56-59.
[64] C. J. Mitchell, 'PKI standards' (pdf), Information Security Technical Report, 5 no. 4 (2000) 17-32.
[65] G. Horn, K. M. Martin and C. J. Mitchell, 'Authentication protocols for mobile network environment value-added services' (pdf), IEEE Transactions on Vehicular Technology, 51 (2002) 383-392.
[66] N. Borselius, C. J. Mitchell and A. Wilson, 'A pragmatic alternative to undetachable signatures' (pdf), ACM SIGOPS Operating Systems Review, 36 no. 2 (April 2002) 6-11.
[67] N. Borselius, C. J. Mitchell and A. Wilson, 'On the value of threshold signatures' (pdf), ACM SIGOPS Operating Systems Review, 36 no. 4 (October 2002) 30-35.
[68] C. J. Mitchell, 'Key recovery attack on ANSI retail MAC' (pdf), Electronics Letters, 39 (2003) 361-362.
[69] L. R. Knudsen and C. J. Mitchell, 'Analysis of 3gpp-MAC and two-key 3gpp-MAC' (pdf), Discrete Applied Mathematics, 128 (2003) 181-191.
[70] C.-L. Hsu, T.-S. Wu, T.-C. Wu and C. J. Mitchell, 'Improvement of modified authenticated key agreement protocol', Applied Mathematics and Computation, 142 (2003) 305-308.
[71] C. J. Mitchell, 'Truncation attacks on MACs' (pdf), Electronics Letters, 39 (2003) 1439-1440.
[72] S. Murphy and C. J. Mitchell, 'Comment: Property of finite fields and its cryptographic application' (pdf), Electronics Letters, 39 (2003) 1646.
[73] C. Gehrmann, C. J. Mitchell and K. Nyberg, 'Manual authentication for wireless devices' (pdf), Cryptobytes, 7 no. 1 (Spring 2004) 29-37.
[74] S.-L. Ng and C. J. Mitchell, 'Comments on mutual authentication and key exchange protocols for low power wireless communications' (pdf), IEEE Communications Letters, 8 (2004) 262-263.
[75] Q. Tang and C. J. Mitchell, 'Comments on a cryptographic key assignment scheme' (pdf), Computer Standards & Interfaces, 27 (2005) 323-326.
[76] Q. Tang and C. J. Mitchell, 'Comments on two anonymous conference key distribution schemes' (pdf), Computer Standards & Interfaces, 27 (2005) 397-400.
[77] K. Rantos and C. J. Mitchell, 'Matching key recovery mechanisms to business requirements' (pdf), Computers & Security, 24 (2005) 232-245.
[78] A. S. Gajparia, C. J. Mitchell and C. Y. Yeun, 'Supporting user privacy in location based services' (pdf), IEICE Transactions, E88-B (2005) 2837-2847.
[79] L. R. Knudsen and C. J. Mitchell, 'Partial key recovery attack against RMAC' (pdf), Journal of Cryptology, 18 (2005) 375-389.
[80] A. Alsaid and C. J. Mitchell, 'Dynamic content attacks on digital signatures' (pdf), Information Management & Computer Security, 13 (2005) 328-336.
[81] Q. Tang and C. J. Mitchell, 'Cryptanalysis of two identification schemes based on an ID-based cryptosystem' (pdf), IEE Proceedings on Communications, 152 (2005) 723-724. [See also: Cryptology ePrint Archive, Report 2005/048, 2005.]
[82] Q. Tang and C. J. Mitchell, 'Cryptanalysis of a hybrid authentication protocol for large mobile networks' (pdf), Journal of Systems and Software, 79 (2006) 496-501 (https://doi.org/10.1016/j.jss.2005.04.022).
[83] C. J. Mitchell, 'Mobile security and trusted computing' (pdf), it - Information Technology, 48 (2006) 321-326 (https://doi.org/10.1524/itit.2006.48.6.321).
[84] P.-W. Yau, S. Hu and C. J. Mitchell, 'Malicious attacks on ad hoc network routing protocols' (pdf), International Journal of Computer Research, 15 no. 1 (2007) 73-100.
[85] C. J. Mitchell, F. C. Piper and P. R. Wild, 'ID-based cryptography using symmetric primitives' (pdf), Designs, Codes and Cryptography, 44 (2007) 249-262 (https://doi.org/10.1007/s10623-007-9095-0).
[86] S. Balfe, E. Gallery, C. J. Mitchell and K. G. Paterson, 'Challenges for trusted computing' (pdf), IEEE Security and Privacy, 6 no. 6 (November/December 2008) 60-66 (https://doi.org/10.1109/MSP.2008.138).
[87] W. A. Alrodhan and C. J. Mitchell, 'Improving the security of CardSpace' (pdf), EURASIP Journal on Information Security, 2009 (2009) ID: 167216, 8 pages (https://doi.org/10.1155/2009/167216).
[88] E. M. Gallery and C. J. Mitchell, 'Trusted computing: Security and applications' (pdf), Cryptologia, 33 (2009) 217-245 (https://doi.org/10.1080/01611190802231140).
[89] L. Chen and C. J. Mitchell, 'Parsing ambiguities in authentication and key establishment protocols', Journal of Electronic Security and Digital Forensics, 3 no. 1 (2010) 82-94 (https://doi.org/10.1504/IJESDF.2010.032333).
[90] B. Song and C. J. Mitchell, 'Scalable RFID security protocols supporting tag ownership transfer', Computer Communications, 34 (2011) 556-566 (https://doi.org/10.1016/j.comcom.2010.02.027).
[91] G. Kounga, C. J. Mitchell and T. Walter, 'Generating certification authority authenticated public keys in ad hoc networks', Security and Communication Networks, 5 (2012) 87-106 (https://doi.org/10.1002/sec.279).
[92] H. Al-Sinani and C. J. Mitchell, 'Enabling interoperation between Shibboleth and information card systems', Security and Communication Networks, 6 (2013) 219-229 (https://doi.org/10.1002/sec.560).
[93] C. Chen, C. J. Mitchell and S. Tang, 'Ubiquitous one-time password service using the Generic Authentication Architecture', Mobile Networks and Applications, 18 (2013) 738-747 (https://doi.org/10.1007/s11036-011-0329-z).
[94] C. J. Mitchell, 'Challenges in standardising cryptography', International Journal of Information Security Science, 5 no 2 (2016) 29-38.
[95] C. J. Mitchell, 'On the security of 2-key triple DES', IEEE Transactions on Information Theory, 62 (2016) 6260-6267 (https://doi.org/10.1109/TIT.2016.2611003). [A preliminary version is available as arXiv:1602.06229 [cs.CR], February 2016, 20 pages.]
[96] C. J. Mitchell, 'Security issues in a group key establishment protocol', The Computer Journal, 62 (2019) 373-376 (https://doi.org/10.1093/comjnl/bxy058). [A preliminary version is available as arXiv:1803.01137 [cs.CR], March 2018, 7 pages.]
[97] N. M. Al Fannah and C. J. Mitchell, 'Too little too late: Can we control browser fingerprinting?', Journal of Intellectual Capital, 21 no 2 (2020) 165-180 (https://doi.org/10.1108/JIC-04-2019-0067).
[98] C. J. Mitchell, 'The impact of quantum computing on real-world security: A 5G case study', Computers and Security, 93 (June 2020) art # 101825 (https://doi.org/10.1016/j.cose.2020.101825). [A preliminary version is available as arXiv:1911.07583 [cs.CR], November 2019, 27 pages.]
[99] C. J. Mitchell, 'Yet another insecure group key distribution scheme using secret sharing', Journal of Information Security and Applications, 57 (2021) art # 102713 (https://doi.org/10.1016/j.jisa.2020.12713). [A preliminary version is available as arXiv:2003.14356 [cs.CR], March 2020, 11 pages.]
[100] C. J. Mitchell, 'How not to secure wireless sensor networks: A plethora of insecure polynomial-based key pre-distribution schemes', IET Information Security, 15 no 3 (May 2021) 223-230 (https://doi.org/10.1049/ise2.12016). [A preliminary version is available as arXiv:2004.05597 [cs.CR], April 2020, 17 pages.]
[101] C. J. Mitchell and P. R. Wild, 'Constructing orientable sequences', IEEE Transactions on Information Theory, 68 (2022) 4782-4789 (https://doi.org/10.1109/TIT.2022.3158645). [A preliminary version is available as arXiv:2108.03069 [math.CO], August 2021 (revised January 2022), 19 pages.]
[P1] C. J. Mitchell, 'A comparison of the cryptographic requirements for digital secure speech systems operating at different bit rates' (pdf), International conference on Secure Communication Systems, IEE, London, 22--23rd February 1984. IEE Conference Publication 231 (1984) pp. 32-37.
[P2] C. J. Mitchell, 'Speech security and permanents of (0,1) matrices', in H. J. Beker and F. C. Piper, eds., Cryptography and Coding: Proceedings of the IMA Cryptography and Coding Conference, Cirencester, December 1986, Oxford University Press Oxford, 1989), pp. 231-240.
[P3] C. J. Mitchell, P.D.C. Rush and M. Walker, 'The security architecture of the secure mobile messaging demonstrator', in Proceedings of UK IT 88, IED, Swansea, July 1988, pp.171-174.
[P4] P. Godlewski and C. J. Mitchell, 'Key minimal authentication systems for
unconditional secrecy', in J.-J. Quisquater and J.
Vandewalle eds., Advances in Cryptology - Eurocrypt '89
(Houthalen, Belgium, April 1989), Springer-Verlag (LNCS
434),
[P5] C. J. Mitchell, 'The security issue', in Proceedings of Value Added Network Services for Europe, London, September 1989, IBC Technical Services Ltd. (London, 1989).
[P6] C. J. Mitchell and M. Walker, 'OSI and X.400 security', in Proceedings of COMPSEC 89, London, October 1989, Elsevier Science Publishers Ltd. (Oxford, 1989), Volume 1, pp. 145-163.
[P7] C. J. Mitchell, 'OSI and X.400 security', in Proceedings of Network Management '90, London, March 1990, Blenheim Online Ltd. (London, 1990), pp. 157-167.
[P8] C. J. Mitchell, 'Management of secure systems and security within Open Systems Interconnection (OSI)', in Proceedings of Information Security: Confidentiality, Integrity and Availability, London, July 1990, UNICOM Seminars Ltd. (Uxbridge, 1990).
[P9] J. Burns and C. J. Mitchell, 'Coding schemes for two-dimensional position sensing', in M.J. Ganley ed., Cryptography and Coding III: Proceedings of the third IMA Cryptography and Coding Conference, Cirencester, December 1991, Oxford University Press (Oxford, 1993), pp. 31-66.
[P10] C. J. Mitchell, 'New c-ary perfect factors in the de Bruijn Graph', in P.G. Farrell ed., Codes and Cyphers - Cryptography and Coding IV: Proceedings of the fourth IMA Cryptography and Coding Conference, Cirencester, December 1993, Formara Ltd. (Southend, 1995), pp. 299-313.
[P11] C. J. Mitchell, 'Security techniques', in Proceedings of the IEE Electronics Division Colloquium on Security in Networks, London, February 1995, IEE (London) Digest No: 1995/024, pp. 2/1-2/6.
[P12] C. J. Mitchell, 'Security in future mobile networks', in Proceedings of the Second International Workshop on Mobile Multi-Media Communications (MoMuC-2), Bristol, April 1995.
[P13] L. Chen, D. Gollmann and C. J. Mitchell, 'Key distribution without individual trusted authentication servers' (pdf), in Proceedings: The 8th IEEE Computer Security Foundations Workshop, Kenmare, Co. Kerry, Ireland, June 1995, IEEE Computer Society Press (1995), pp. 30-36.
[P14] Y. Han, D. Gollmann and C. J. Mitchell, 'Minimal weight k-SR representations', in C. Boyd ed., Cryptography and Coding - Proceedings 5th IMA Conference, Cirencester, December 1995, Springer-Verlag (LNCS 1025), Berlin (1995), pp. 34-43.
[P15] C. J. Mitchell, 'A storage complexity based analogue of Maurer key establishment using public channels', in C. Boyd ed., Cryptography and Coding - Proceedings 5th IMA Conference, Cirencester, December 1995, Springer-Verlag (LNCS 1025), Berlin (1995), pp. 84-93.
[P16] N. Jefferies, C. Mitchell and M. Walker, 'Trusted Third Party based key management allowing warranted interception', in Proceedings: Public Key Infrastructure Invitational Workshop, MITRE, McLean, Virginia, USA, September 1995, NISTIR 5788, National Institute of Standards and Technology, Gaithersburg, MD, USA (1995).
[P17] N. Jefferies, C. Mitchell and M. Walker, 'A proposed architecture for Trusted Third Party services', in E. Dawson and J. Golic, eds., Cryptography: Policy and Algorithms - Proceedings: International Conference, Brisbane, Australia, July 1995, Springer-Verlag (LNCS 1029), Berlin (1996), pp. 98-104.
[P18] N. Jefferies, C.J. Mitchell and M. Walker, 'Practical solutions to key escrow and regulatory aspects', in Proceedings of Public Key Solutions '96, Zurich, Switzerland, September/October 1996. (Invited paper).
[P19] L. Chen, D. Gollmann and C.J. Mitchell, 'Tailoring authentication protocols to match underlying mechanisms', in J. Pieprzyk and J. Seberry, eds., Information Security and Privacy - Proceedings: First Australasian Conference, Wollongong, NSW, Australia, June 1996, Springer-Verlag (LNCS 1172), Berlin (1996), pp.121-133.
[P20] L. Chen, H.-J. Hitz, G. Horn, K. Howker, V. Kessler, L. Knudsen, C.J. Mitchell and C. Radu, 'The use of Trusted Third Parties and Secure Billing in UMTS', in: Proceedings of the ACTS Mobile Communications Summit, Granada, Spain, 27-29 November 1996, (1996), Volume 2, pp.493-499.
[P21] L. Chen, D. Gollmann and C.J. Mitchell, 'Key escrow in mutually mistrusting domains', in M. Lomas, ed., Security Protocols - Proceedings, International Workshop,
[P22] L. Chen and C.J. Mitchell, 'Key escrow in multiple domains', in: Proceedings of INFOSEC'COM '97, Paris, June 1997, (1997), pp.101-116.
[P23] L. Chen, D. Gollmann, C.J. Mitchell and P. Wild, 'Secret sharing with reusable polynomials', in: Information Security and Privacy - Proceedings 2nd Australasian Conference, ACISP '97, Sydney, Australia, July 1997, Springer-Verlag (LNCS 1270), Berlin (1997), pp.183-193.
[P24] L. Chen and C.J. Mitchell, 'An anonymous and undeniable payment scheme', in: Y. Han, T. Okamoto and S. Qing (eds.), Proceedings of the First International Conference on Information and Communications Security, ICICS '97, Beijing, China, November 1997, Springer-Verlag (LNCS 1334), Berlin (1997), pp.478-482.
[P25] K.M. Martin, B. Preneel, C.J. Mitchell, H.J. Hitz, G. Horn, A. Poliakova, and P. Howard, 'Secure billing for mobile information services in UMTS', in: S. Trigila, A. Mullery, M. Campolargo, H. Vanderstraeten and M. Mampaey (eds.), Intelligence in Services and Networks: Technology for Ubiquitous Telecom Services, (Proceedings of the Fifth International Conference, IS&N 98, Antwerp, Belgium, 25-28 May 1998), Springer-Verlag (LNCS 1430), Berlin (1998), pp.535-548.
[P26] G. Horn, P. Howard, K. M. Martin, C. J. Mitchell, B. Preneel, and K. Rantos, 'Trialling secure billing with Trusted Third Party support for UMTS applications', in: Proceedings of the Third ACTS Mobile Communications Summit, Rhodes, Greece, 9-11 June 1998, pp.574-579.
[P27] C.Y. Yeun, C.J. Mitchell and M. Burmester, 'An online secret sharing scheme which identifies all cheaters', in: Proceedings of NORDSEC '98, Trondheim, Norway, November 1998, and presented at the IMA Conference on Mathematics in Communication, Loughborough, UK, December 1998.
[P28] C.Y. Yeun and C.J. Mitchell, 'How to identify all cheaters in Pinch's scheme', in: Proceedings of JWIS '98, Singapore, December 1998.
[P29] M. P. Hoyle and C. J. Mitchell, 'On solutions to the key escrow problem', in: B. Preneel and V. Rijmen (eds.), State of the Art in Applied Cryptography, Course on Computer Security and Industrial Cryptography, Leuven, Belgium, June 1997, Springer-Verlag (LNCS 1528), Berlin (1998), pp.277-306.
[P30] K. Rantos and C. J. Mitchell, 'Key recovery in ASPeCT authentication and initialisation of payment protocol', in: Proceedings of the 4th ACTS Mobile Communications Summit, Sorrento, Italy, June 1999.
[P31] D. Coppersmith, L. R. Knudsen and C. J. Mitchell, 'Key recovery and forgery attacks on the MacDES MAC algorithm', in: M. Bellare (ed.), Advances in Cryptology - Proceedings of Crypto 2000, August 2000, Springer-Verlag (LNCS 1880),
[P32] K. Rantos and C. J. Mitchell, 'Key recovery for archived data using smart cards', in: Proceedings of NORDSEC 2000 - 5th Nordic Workshop on Secure IT Systems, Reykjavik, Iceland, 12/13 October 2000, pp.75-85.
[P33] N. Borselius and C. J. Mitchell, 'Certificate translation', in: Proceedings of NORDSEC 2000 - 5th Nordic Workshop on Secure IT Systems, Reykjavik, Iceland, 12/13 October 2000, pp.289-300.
[P34] L.R. Knudsen and C. J. Mitchell, 'An analysis of the 3gpp-MAC scheme', in: D. Augot and C. Carlet (eds.), Proceedings of WCC 2001, Paris, France, 8-12 January 2001, pp.319-328. Also published in Electronic Notes in Discrete Mathematics 6 (April 2001).
[P35] K. Brincat and C. J. Mitchell, 'New CBC-MAC forgery attacks', in: V. Varadharajan and Y. Mu (eds.), Information Security and Privacy, ACISP 2001, Sydney, Australia, July 2001, Springer-Verlag (LNCS 2119), Berlin (2001), pp.3-14.
[P36] C. Gehrmann, G. Horn, N. Jefferies and C. J. Mitchell, 'Securing access to mobile networks beyond 3G', in: Proceedings of the IST Mobile Communications Summit 2001, Barcelona, Spain, September 2001, pp.844-849.
[P37] M. A. Al-Meaither and C. J. Mitchell, 'A person-to-person Internet payment system', in: Proceedings NordSec 2001 - 6th Nordic Workshop on Secure IT Systems, Lyngby, Denmark, November 2001, pp.5-17. (Proceedings available as Technical University of Denmark Technical Report IMM-TR-2001-14).
[P38] N. Borselius, C. J. Mitchell and A. T. Wilson, 'On mobile agent based transactions in moderately hostile environments', in: B. De Decker, F. Piessens, J. Smits and E. Van Herreweghen (eds.), Advances in Network and Distributed Systems Security, Proceedings of IFIP TC11 WG11.4 First Annual Working Conference on Network Security, KU Leuven, Belgium, November 2001, Kluwer Academic Publishers (IFIP Conference Proceedings 206), Boston (2001), pp.173-186.
[P39] P. Jarupunphol and C. J. Mitchell, 'Actual and perceived levels of risk in consumer e-commerce', in: Proceedings - 2nd International We-B Conference 2001, Perth, Western Australia, November 2001, Edith Cowan University (2001), pp.207-216.
[P40] K. Brincat and C. J. Mitchell, 'Key recovery attacks on MACs based on properties of cryptographic APIs', in: B. Honary (ed.), Cryptography and Coding - Proceedings of the 8th IMA International Conference, Cirencester, UK, December 2001, Springer-Verlag (LNCS 2260), Berlin (2001), pp.63-72.
[P41] N. Borselius, C. J. Mitchell and A. T. Wilson, 'Undetachable threshold signatures', in: B. Honary (ed.), Cryptography and Coding - Proceedings of the 8th IMA International Conference, Cirencester, UK, December 2001, Springer-Verlag (LNCS 2260), Berlin (2001), pp.239-244.
[P42] K. Rantos and C. J. Mitchell, 'Key recovery scheme interoperability - a protocol for mechanism negotiation', in: B. Honary (ed.), Cryptography and Coding - Proceedings of the 8th IMA International Conference, Cirencester, UK, December 2001, Springer-Verlag (LNCS 2260), Berlin (2001), pp.268-276.
[P43] V. Khu-smith and C. J. Mitchell, 'Enhancing the security of cookies', in: K. Kim (ed.), Information Security and Cryptology - ICISC 2001 - Proceedings of the 4th International Conference, Seoul, Korea, December 2001, Springer-Verlag (LNCS 2288), Berlin (2002), pp.132-145.
[P44] P. Jarupunphol and C. J. Mitchell, 'The future of SET', in: Proceedings of UKAIS 2002, Leeds, UK, April 2002, Leeds Metropolitan University, Leeds (2002), pp.9-17.
[P45] P. Jarupunphol and C. J. Mitchell, 'Consumer risk perceptions in e-commerce', in: Proceedings of UKAIS 2002, Leeds, UK, April 2002, Leeds Metropolitan University, Leeds (2002), pp.308-315.
[P46] N. Borselius, N. Hur, M. Kaprynski and C. J. Mitchell, 'A security architecture for agent-based mobile systems', in: Proceedings - 3G2002, Third International Conference on Mobile Communications Technologies, London, UK, May 2002, IEE Conference Publication 489, IEE, London (2002), pp.312-318.
[P47] C. Gehrmann, K. Nyberg and C. J. Mitchell, 'The personal CA - PKI for a Personal Area Network', in: Proceedings - IST Mobile & Wireless Communications Summit 2002, Thessaloniki, Greece, June 2002, pp.31-35.
[P48] O. Lazaro, J. Irvine, D. Girma, J. Dunlop, A. Liotta, N. Borselius and C. J. Mitchell, 'Management system requirements for wireless systems beyond 3G', in: Proceedings - IST Mobile & Wireless Communications Summit 2002, Thessaloniki, Greece, June 2002, pp.240-244.
[P49] V. Khu-smith and C. J. Mitchell, 'Electronic transaction security: An analysis of the effectiveness of SSL and TLS', in: Proceedings of the International Conference on Security and Management (SAM '02), Las Vegas, Nevada, USA, June 2002, CSREA Press, USA (2002), pp.425-429.
[P50] P. Jarupunphol and C. J. Mitchell, 'Measuring SSL and SET against e-commerce consumer requirements', in: Proceedings - International Network Conference 2002 (INC 2002), University of Plymouth, UK, July 2002, Plymouth University, UK (2002), pp.323-330.
[P51] P. Jarupunphol and C. J. Mitchell, 'Failures of SET implementation - What is amiss?', in: Proceedings - APDSI 2002, 7th Asia-Pacific Decision Sciences Institute Conference, Bangkok, Thailand, July 2002.
[P52] V. Khu-smith and C. J. Mitchell, 'Using EMV cards to protect e-commerce transactions' (pdf), in: K. Bauknecht, A. Min Tjoa and G. Quirchmayr (eds.), Proceedings of EC-Web 2002, 3rd International Conference on Electronic Commerce and Web Technologies, Aix-en-Provence, France, September 2002, Springer-Verlag (LNCS 2455), Berlin (2002), pp.388-399.
[P53] S. Gultchev, C. J. Mitchell, K. Moessner and R. Tafazolli, 'Securing Reconfigurable Terminals - mechanisms and protocols', in: Proceedings of PIMRC 2002, 13th IEEE International Symposium on Personal, Indoor and Mobile Radio Communications, Lisboa, Portugal, September 2002, IEEE, 2002, volume 2, pp.804-808.
[P54] T. Garefalakis and C. J. Mitchell, 'Securing Personal Area Networks', in: Proceedings of PIMRC 2002, 13th IEEE International Symposium on Personal, Indoor and Mobile Radio Communications, Lisboa, Portugal, September 2002, IEEE, 2002, volume 3, pp.1257-1259.
[P55] C. J. Mitchell and N. Hur, 'On the security of a structural proven signer ordering multisignature scheme', in: B. Jerman-Blazic and T. Klobucar (eds.), Proceedings of the IFIP TC6/TC11 Sixth Joint Working Conference on Communications and Multimedia Security, CMS 2002, Portoroz, Slovenia, September 2002, Kluwer Academic Publishers (IFIP Conference Proceedings 228), Boston (2002), pp.1-8. [A copy of the PowerPoint presentation made at the conference is also available].
[P56] S. Al-Riyami and C. J. Mitchell, 'Renewing cryptographic timestamps', in: B. Jerman-Blazic and T. Klobucar (eds.), Proceedings of the IFIP TC6/TC11 Sixth Joint Working Conference on Communications and Multimedia Security, CMS 2002, Portoroz, Slovenia, September 2002, Kluwer Academic Publishers (IFIP Conference Proceedings 228), Boston (2002), pp.9-16.
[P57] V. Khu-smith and C. J. Mitchell, 'Using GSM to enhance e-commerce security', in: WMC '02, Proceedings of the Second ACM International Workshop on Mobile Commerce, Atlanta, Georgia, USA, September 2002, ACM Press, New York, 2002, pp.75-81.
[P58] P. Jarupunphol and C. J. Mitchell, 'Implementation aspects of SET/EMV', in: J. L. Monteiro, P. M. C. Swatman and L. V. Tavares (eds.), Towards the Knowledge Society: eCommerce, eBusiness and eGovernment, The 2nd IFIP Conference on e-commerce, e-business and e-government, IFIP I3E 2002, Lisbon, Portugal, October 2002, Kluwer Academic Publishers (IFIP Conference Proceedings 233), Boston (2002), pp.305-315.
[P59] P. Jarupunphol and C. J. Mitchell, 'E-commerce and the media - Influences on security risk perceptions' (pdf), in: W. Cellary and A. Iyengar (eds.), Internet Technologies, Applications and Societal Impact, The 1st IFIP Workshop on Internet Technologies, Applications and Societal Impact, WITASI '02, Wroclaw, Poland, October 2002, Kluwer Academic Publishers (IFIP Conference Proceedings 232), Boston (2002), pp.163-173.
[P60] L. Rila and C. J. Mitchell, 'Security analysis of smartcard to card reader communications for biometric cardholder authentication' (pdf), in: Proceedings of CARDIS '02, 5th Smart Card Research and Advanced Application Conference, San Jose, California, November 2002, USENIX Association, Berkeley, CA (2002), pp.19-28.
[P61] P.-W. Yau and C. J. Mitchell, 'Simple techniques for enhancing the robustness of DSR', in Proceedings of the 3rd Scandinavian Workshop on Wireless Ad-hoc Networks (ADHOC '03), Stockholm, Sweden, May 2003, (2003).
[P62] P. Jarupunphol and C. J. Mitchell, 'PKI implementation issues in B2B e-commerce' (pdf), in U. E. Gattiker (ed.), EICAR Conference Best Paper Proceedings, Copenhagen, Denmark, May 2003, 14 pages.
[P63] M. Al-Meaither and C. J. Mitchell, 'A secure electronic Murabaha transaction' (pdf), in Proceedings of eTransformation, 16th Bled eCommerce Conference, Bled, Slovenia, June 2003, University of Maribor (2003), pp.662-674.
[P64] N. Borselius and C. J. Mitchell, 'Securing FIPA agent communication' (pdf), in H. R. Arabnia and Y. Mun (editors), Proceedings of the 2003 International Conference on Security and Management (SAM '03), Las Vegas, Nevada, USA, June 2003, Volume 1, CSREA Press (2003), pp.135-141.
[P65] P. Jarupunphol and C. J. Mitchell, 'Measuring 3-D Secure and 3D SET against e-commerce end-user requirements' (pdf), in Proceedings of the 8th Collaborative electronic commerce technology and research conference (CollECTeR (Europe) 2003), National University of Ireland, Galway, June 2003, CISC (Centre for Innovation and Structural Change) (2003), pp.51-64.
[P66] A. Pashalidis and C. J. Mitchell, 'A taxonomy of single sign-on systems' (pdf), in R. Safavi-Naini and J. Seberry (editors), Information Security and Privacy - 8th Australasian Conference, ACISP 2003, Wollongong, Australia, July 9-11 2003, Proceedings, Springer-Verlag (LNCS 2727), Berlin (2003), pp.249-264. [A copy of the PowerPoint presentation made at the conference is also available].
[P67] P.-W. Yau and C. J. Mitchell, 'Security vulnerabilities in ad hoc networks' (pdf), in Proceedings of ISCTA '03, 7th International Symposium on Communications Theory and Applications, Ambleside, UK, July 2003, HW Communications Ltd. (2003), pp.99-104.
[P68] M. Al-Meaither and C. J. Mitchell, 'A secure electronic payment scheme for charity donations' (pdf), in: E-Commerce and Web Technologies - 4th International Conference, EC-Web 2003, Prague, Czech Republic, September 2003, Proceedings, Springer-Verlag (LNCS 2738), Berlin (2003), pp.50-61.
[P69] V. Khu-smith and C. J. Mitchell, 'Enhancing e-commerce security using GSM authentication' (pdf), in: E-Commerce and Web Technologies - 4th International Conference, EC-Web 2003, Prague, Czech Republic, September 2003, Proceedings, Springer-Verlag (LNCS 2738), Berlin (2003), pp.72-83. [See also: Royal Holloway, University of London, Mathematics Department Technical Report RHUL-MA-2002-3, December 2002, 13 pages].
[P70] A. Pashalidis and C. J. Mitchell, 'Single sign-on using trusted platforms' (pdf), in: C. Boyd and W. Mao (eds.) Information Security, 6th International Conference, ISC 2003, Bristol, UK, October 2003, Proceedings, Springer-Verlag (LNCS 2851), Berlin (2003), pp.54-68. [See also: Royal Holloway, University of London, Mathematics Department Technical Report RHUL-MA-2003-3, March 2003, 15 pages].
[P71] A. Gajparia, C. J. Mitchell and C. Yeun, 'Using constraints to protect personal location information' (pdf), in: Proceedings of VTC 2003 Fall, IEEE Semiannual Vehicular Technology Conference, Orlando, Florida, October 2003, Volume 3, pp.2112-2116, IEEE Press, 2003.
[P72] M. Al-Meaither and C. J. Mitchell, 'Extending EMV to support Murabaha transactions' (pdf), in: NORDSEC 2003, Proceedings of the Seventh Nordic Workshop on Secure IT Systems - Encouraging Cooperation, Gjøvik University College, Norway, October 2003, Department of Telematics, NTNU, Trondheim, Norway, 2003, pp.95-108.
[P73] L. Rila and C. J. Mitchell, 'Security protocols for biometrics-based cardholder authentication in smartcards' (pdf), in: J. Zhou, M. Yung and Y. Han (editors), Applied Cryptography and Network Security - First International Conference, ACNS 2003 - Kunming, China, October 16-19 2003 - Proceedings, Springer-Verlag (LNCS 2846), Berlin (2003), pp.254-264.
[P74] P. Yau and C. J. Mitchell, 'Reputation methods for routing security for mobile ad hoc networks' (pdf), in: Proceedings of SympoTIC '03, Joint IST Workshop on Mobile Future and Symposium on Trends in Communications, Bratislava, Slovakia, October 2003, IEEE Press, 2003, pp. 130-137.
[P75] A. Pashalidis and C. J. Mitchell, 'Using GSM/UMTS for single sign-on' (pdf), in: Proceedings of SympoTIC '03, Joint IST Workshop on Mobile Future and Symposium on Trends in Communications, Bratislava, Slovakia, October 2003, IEEE Press, 2003, pp. 138-145.
[P76] P. Pagliusi and C. J. Mitchell, 'PANA/GSM authentication for Internet access' (pdf), in: Proceedings of SympoTIC '03, Joint IST Workshop on Mobile Future and Symposium on Trends in Communications, Bratislava, Slovakia, October 2003, IEEE Press, 2003, pp. 146-152.
[P77] C. J. Mitchell, 'Remote user authentication using public information' (pdf), in: K. G. Paterson (editor), Cryptography and Coding, 9th IMA International Conference on Cryptography and Coding, Cirencester, UK, December 2003, Proceedings, Springer-Verlag (LNCS 2898), Berlin (2003), pp.360-369. [A copy of the PowerPoint presentation made at the conference is also available].
[P78] P. Pagliusi and C. J. Mitchell, 'PANA/IKEv2: An Internet authentication protocol for heterogeneous access' (pdf), in: Information Security Applications, 4th International Workshop, WISA 2003, Jeju Island, Korea, August 25-27, 2003, Revised Papers, Springer-Verlag LNCS 2908, Berlin (2003), pp.135-149.
[P79] C. J. Mitchell and P. Pagliusi, 'Is entity authentication necessary?' (pdf), in: Security Protocols, 10th International Workshop, Cambridge, UK, April 17-19 2002, Revised Papers, Springer-Verlag LNCS 2845, Berlin (2004), pp.20-33.
[P80] M. A. Al-Meaither and C. J. Mitchell, 'A secure GSM-based Murabaha transaction' (pdf), in: Proceedings of ICTTA 04, The 1st International Conference on Information & Communication Technologies from Theory to Applications, Damascus, Syria, April 2004, IEEE Press, 2004, pp.77-78.
[P81] P.-W. Yau and C. J. Mitchell, '2HARP: A secure routing protocol to detect failed and selfish nodes in mobile ad hoc networks' (pdf), in: Proceedings: 5th World Wireless Congress (WWC 2004), San Francisco, USA, May 25-28, 2004, Delson Group Inc. (2004), pp.1-6.
[P82] A. Pashalidis and C. J. Mitchell, 'Using EMV cards for single sign-on' (pdf), in: S. K. Katsikas, S. Gritzalis and J. Lopez (eds.), Public Key Infrastructure: First European PKI Workshop, Research and Applications, EuroPKI 2004, Samos Island, Greece, June 25-26, 2004, Proceedings, Springer-Verlag LNCS 3093, Berlin (2004), pp.205-217.
[P83] A. Alsaid and C. J. Mitchell, 'Digitally signed documents - Ambiguities and solutions' (pdf), in: Proceedings - International Network Conference 2004 (INC 2004), University of Plymouth, UK, July 2004, Plymouth University, UK (2004).
[P84] A. Pashalidis and C. J. Mitchell, 'A security model for anonymous credential systems' (pdf), in: Y. Deswarte, F. Cuppens, S. Jajodia and L. Wang (eds.), Information Security Management, Education and Privacy, Proceedings of the 3rd Working Conference on Privacy and Anonymity in Networked and Distributed Systems, I-NetSec'04, Kluwer Academic Publishers (IFIP Conference Proceedings 148), Boston (2004), pp.183-189.
[P85] P. S. Pagliusi and C. J. Mitchell, 'Heterogeneous Internet access via PANA/UMTS' (pdf), in: Proceedings of the 3rd International Conference on Information Security, Hardware/Software Codesign and Computer Networks - ISCOCO 2004, Rio De Janeiro, Brazil, October 2004, World Scientific and Engineering Academy and Society, 2004.
[P86] A. Gajparia, C. J. Mitchell and C. Y. Yeun, 'The Location Information Preference Authority: Supporting user privacy in location based services' (pdf), in: S. Liimatainen and T. Virtanen (eds.), Nordsec 2004, The 9th Nordic Workshop on Secure IT-systems, Helsinki University of Technology, Finland, November 2004, pp.91-96.
[P87] A. Pashalidis and C. J. Mitchell, 'Impostor: A single sign-on system for use from untrusted devices' (pdf), in: Proceedings of IEEE Globecom 2004, Global Telecommunications Conference, Dallas, Texas, USA, November/December 2004, IEEE Press (2004), Volume 4, pp.2191-2195.
[P88] J. A. MacDonald, W. Sirett and C. J. Mitchell, 'Overcoming channel bandwidth constraints in secure SIM applications' (pdf), in: R. Sasaki, S. Qing and E. Okamoto (eds.), Security and privacy in the age of ubiquitous computing: Proceedings of IFIP Working Groups 11.2/8.8 Small Systems Security/Smart Cards Working Conference at 20th IFIP International Information Security Conference (SEC 2005), Makuhari-Messe, Chiba, Japan, May 2005, Springer-Verlag (2005), pp.539-549.
[P89] A. Gouget, H. Sibert, C. Berbain, N. Courtois, B. Debraize and C. J. Mitchell, 'Analysis of the Bit-Search Generator and sequence compression techniques' (pdf), in: H. Gilbert and H. Handschuh (eds.), Fast Software Encryption: 12th International Workshop, FSE 2005, Paris, France, February 21-23, 2005, Revised Selected Papers, Springer-Verlag LNCS 3557, Berlin (2005), pp.196-214.
[P90] A. K. L. Yau, K. G. Paterson and C. J. Mitchell, 'Padding oracle attacks on CBC-mode encryption with random and secret IVs' (pdf), in: H. Gilbert and H. Handschuh (eds.), Fast Software Encryption: 12th International Workshop, FSE 2005, Paris, France, February 21-23, 2005, Revised Selected Papers, Springer-Verlag LNCS 3557, Berlin (2005), pp.299-319.
[P91] G. Kalogridis, C. J. Mitchell, and G. Clemo, 'Spy agents: Evaluating trust in remote environments' (pdf), in: H. R. Arabnia (ed.), Proceedings of the 2005 International Conference on Security and Management (SAM '05), June 2005, Las Vegas, USA, CSREA Press (2005) pp.405-411.
[P92] C. J. Mitchell, 'Cryptanalysis of two variants of PCBC mode when used for message integrity' (pdf), in: C. Boyd and J. M. González Nieto (eds.), Information Security and Privacy, 10th Australasian Conference, ACISP 2005, Brisbane, Australia, July 4-6, 2005, Proceedings, Springer-Verlag LNCS 3574, Berlin (2005), pp.560-571. [A copy of the PowerPoint presentation made at the conference is also available].
[P93] C. J. Mitchell, 'Error Oracle Attacks on CBC Mode: Is There a Future for CBC Mode Encryption? [corrected version]' (pdf of corrected version), in: J. Zhou, J. Lopez, R. H. Deng and F. Bao (eds.) Information Security: 8th International Conference, ISC 2005, Singapore, September 20-23, 2005. Proceedings, Springer-Verlag LNCS 3650, Berlin (2005), pp.244-258. [A copy of the PowerPoint presentation made at the conference is also available]. [See also: Royal Holloway, University of London, Mathematics Department Technical Report RHUL-MA-2005-7, April 2005, 18 pages].
[P94] J. A. MacDonald and C. J. Mitchell, 'Using the GSM/UMTS SIM to Secure Web Services' (pdf), in Proceedings of the 2nd IEEE International Workshop on Mobile Commerce and Services (WMCS 2005), Munich, July 2005, IEEE (2005), pp.70-78.
[P95] C. J. Mitchell, 'Partial key recovery attacks on XCBC, TMAC and OMAC' (pdf), in: N. Smart (ed.) Cryptography and Coding: 10th IMA International Conference, Cirencester, UK, December 19-21, 2005. Proceedings, Springer-Verlag LNCS 3796, Berlin (2005), pp.155-167. [See also: Royal Holloway, University of London, Mathematics Department Technical Report RHUL-MA-2003-4, August 2003, 15 pages]. [A copy of the PowerPoint presentation made at the conference is also available].
[P96] G. Price and C. J. Mitchell, 'Interoperation between a conventional PKI and an ID-based infrastructure' (pdf), in: D. W. Chadwick and G. Zhao (eds.) Public Key Infrastructure, Second European PKI Workshop: Research and Applications, EuroPKI 2005, Canterbury, UK, June 30 - July 1, 2005. Revised Selected Papers, Springer-Verlag LNCS 3545, Berlin (2005), pp.73-85.
[P97] A. Alsaid and C. J. Mitchell, 'Installing fake root keys in a PC' (pdf), in: D. W. Chadwick and G. Zhao (eds.) Public Key Infrastructure, Second European PKI Workshop: Research and Applications, EuroPKI 2005, Canterbury, UK, June 30 - July 1, 2005. Revised Selected Papers, Springer-Verlag LNCS 3545, Berlin (2005), pp.227-239.
[P98] A. Alsaid and C. J. Mitchell, 'A scanning tool for PC root public key stores' (pdf), in: C. Wolf, S. Lucks, and P.-W. Yau (eds.), WEWoRC 2005 --- Western European Workshop on Research in Cryptology, Leuven, Belgium, July 2005, LNI P-74, Gesellschaft fuer Informatik (2005), pp.45-52. [The source code of the scanning tool described in the paper is available here].
[P99] Q. Tang and C. J. Mitchell, 'Security properties of two authenticated conference key agreement protocols' (pdf), in: S. Qing, W, Mao, J. Lopez, and G. Wang (eds.), Information and Communications Security: 7th International Conference, ICICS 2005, Beijing, China, December 10-13, 2005. Proceedings, Springer-Verlag LNCS 3783, Berlin (2005), pp.304-314. [See also: Cryptology ePrint Archive, Report 2005/185, 2005].
[P100] S. Hu and C. J. Mitchell, 'Improving IP address autoconfiguration security in MANETs using trust modelling' (pdf), in: X. Jia, J. Wu and Y. He (eds.), Mobile Ad-hoc and Sensor Networks: First International Conference, MSN 2005, Wuhan, China, December 13-15, 2005. Proceedings, Springer-Verlag LNCS 3794, Berlin (2005), pp.83-92.
[P101] Q. Tang and C. J. Mitchell, 'On the security of some password-based key agreement schemes' (pdf), in: Y. Hao, J. Liu, Y. Wang, Y. Cheung, H. Yin, L. Jiao, J. Ma and Y. Jiao (eds.), Computational Intelligence and Security: International Conference, CIS 2005, Xi'an, China, December 15-19 2005, Proceedings, Part II, Springer-Verlag LNCS 3802, Berlin (2005), pp.149-154. [See also: Cryptology ePrint Archive, Report 2005/156, 2005].
[P102] Q. Tang and C. J. Mitchell, 'Efficient compilers for authenticated group key exchange' (pdf), in: Y. Hao, J. Liu, Y. Wang, Y. Cheung, H. Yin, L. Jiao, J. Ma and Y. Jiao (eds.), Computational Intelligence and Security: International Conference, CIS 2005, Xi'an, China, December 15-19 2005, Proceedings, Part II, Springer-Verlag LNCS 3802, Berlin (2005), pp.192-197. [The full version is available at: Cryptology ePrint Archive, Report 2005/366, 2005].
[P103] A. Alsaid and C. J. Mitchell, 'Preventing phishing attacks using trusted computing technology' (pdf), in Proceedings of INC 2006, Sixth International Network Conference, Plymouth, UK, July 2006, pp.221-228.
[P104] A. Leung and C. J. Mitchell, 'A service discovery threat model for ad hoc networks' (pdf), in Proceedings of the International Conference on Security and Cryptography (SECRYPT 2006), Setubal, Portugal, August 7-10, 2006, INSTICC Press, 2006, pp.167-174.
[P105] S. Nachtigal and C. J. Mitchell, 'Modelling e-business security using business processes' (pdf), in Proceedings of the International Conference on Security and Cryptography (SECRYPT 2006), Setubal, Portugal, August 7-10, 2006, INSTICC Press, 2006, pp.459-464.
[P106] A. Pashalidis and C. J. Mitchell, 'Limits to anonymity when using credentials' (pdf), in: Security Protocols, 12th International Workshop, Cambridge, UK, April 26-28, 2004, Revised Selected Papers, Springer-Verlag LNCS 3957, Berlin (2006), pp.4-12. [A copy of the PowerPoint presentation made at the conference is also available].
[P107] E. M. Gallery and C. J. Mitchell, 'Trusted computing technologies and their use in the provision of high assurance SDR platforms' (pdf), in: Proc. of 2006 Software Defined Radio Technical Conference, Orlando, Florida, November 2006.
[P108] S. Ariyapperuma and C. J. Mitchell, 'Security vulnerabilities in DNS and DNSSEC' (pdf), in: Proceedings of ARES 2007, The International Conference on Availability, Reliability and Security, Vienna, April 2007, IEEE Computer Society Press (2007), pp.335-342.
[P109] I. Abbadi and C. J. Mitchell, 'Digital rights management using a mobile phone' (pdf), in: Proceedings of ICEC 2007, Ninth International Conference on Electronic Commerce, Minneapolis, USA, August 2007, ACM Press (2007), pp.185-194.
[P110] W. Alrodhan and C. J. Mitchell, 'Addressing privacy issues in CardSpace' (pdf), in: Proceedings of IAS '07, Third International Symposium on Information Assurance and Security, Manchester, UK, August 2007, IEEE Computer Society (2007), pp.285-291.
[P111] A. Leung and C. J. Mitchell, 'Ninja: Non Identity Based, Privacy Preserving Authentication for Ubiquitous Environments' (pdf), in: J. Krumm, G. D. Abowd, A. Seneviratne and T. Strang (eds.), UbiComp 2007: Ubiquitous Computing, 9th International Conference, Innsbruck, Austria, September 16--19 2007, Springer-Verlag LNCS 4717, Berlin (2007), pp.73-90.
[P112] E. Gallery and C. J. Mitchell, 'Trusted mobile platforms' (pdf), in: A. Aldini and R. Gorrieri (eds.), Foundations of Security Analysis and Design IV: FOSAD 2006/2007 Tutorial Lectures, Springer-Verlag LNCS 4677, Berlin (2007), pp.282-323. [A copy of the presentation made at the FOSAD 2007 summer school is also available].
[P113] C. J. Mitchell, 'Cryptanalysis of the EPBC authenticated encryption mode' (pdf), in: S. D. Galbraith (ed.), Cryptography and Coding, 11th IMA International Conference, Cirencester, UK, December 18-20, 2007, Proceedings, Springer-Verlag LNCS 4887, Berlin (2007), pp.118-128. [A copy of the presentation made at the conference is also available].
[P114] W. Alrodhan and C. J. Mitchell, 'A client-side CardSpace-Liberty integration architecture' (pdf), in: K. E. Seamons, N. McBurnett and T. Polk (eds.), IDtrust 2008, Proceedings of the 7th Symposium on Identity and Trust on the Internet, March 4-6, 2008, Gaithersburg, Maryland, USA, ACM International Conference Proceeding Series 283, ACM (2008), pp.1-7.
[P115] G. Kalogridis and C. J. Mitchell, 'Using non-adaptive group testing to construct spy agent routes' (pdf), in: Proceedings of the Third International Conference on Availability, Reliability and Security, ARES 2008, March 4-7, 2008, Technical University of Catalonia, Barcelona, Spain, IEEE Computer Society (2008), pp.1013-1019.
[P116] B. Song and C. J. Mitchell, 'RFID authentication protocol for low-cost tags' (pdf), in: V. D. Gligor, J.-P. Hubaux and R. Poovendran (eds.), Proceedings of the First ACM Conference on Wireless Network Security, WiSec 2008, Alexandria, VA, USA, March 31 - April 02, 2008, ACM (2008), pp.140-147.
[P117] W. Alrodhan and C. J. Mitchell, 'A delegation framework for Liberty' (pdf), in: J. Haggerty and M. Merabti (eds.), Proceedings: 3rd Conference on Advances in Computer Security and Forensics (ACSF 2008), 10-11 July 2008, Liverpool, UK, Liverpool JMU (2008), pp.67-73.
[P118] A. Leung, L. Chen and C. J. Mitchell, 'On a possible privacy flaw in Direct Anonymous Attestation (DAA)' (pdf), in: P. Lipp, A.-R. Sadeghi and K.-M. Koch (eds.), Trusted Computing - Challenges and Applications, First International Conference on Trusted Computing and Trust in Information Technologies, TRUST 2008, Villach, Austria, March 11-12, 2008, Proceedings, Springer-Verlag LNCS 4968, Berlin (2008), pp.179-190. [See also: Royal Holloway, University of London, Mathematics Department Technical Report RHUL-MA-2007-10, December 2007, 14 pages].
[P119] A. Leung and C. J. Mitchell, 'A device management framework for secure ubiquitous service delivery' (pdf), in: Proceedings: the Fourth International Symposium on Information Assurance and Security (IAS 2008), Naples, Italy, September 2008, IEEE Computer Society Press, Los Alamitos, CA (2008), pp.267-274. [A copy of the presentation made at the conference is also available].
[P120] C. J. Mitchell, 'Using Human Interactive Proofs to secure human-machine interactions via untrusted intermediaries' (pdf), in: B. Christianson, B. Crispo, J. A. Malcolm and M. Roe (eds.), Security Protocols: 14th International Workshop, Cambridge, UK, March 27--29 2006: Revised Selected Papers, Springer-Verlag LNCS 5087, Berlin (2009), pp.164-170. [A copy of the presentation made at the conference is also available].
[P121] B. Song and C. J. Mitchell, 'Scalable RFID pseudonym protocol' (pdf), in: NSS 2009, Network & System Security, 19-21 October 2009, Gold Coast, Queensland, Australia, IEEE Computer Society Press, Los Alamitos, CA (2009), pp.216-224.
[P122] H. S. Al-Sinani, W. A. Alrodhan and C. J. Mitchell, 'CardSpace-Liberty Integration for CardSpace Users' (pdf), in: Proceedings of the 9th Symposium on Identity and Trust on the Internet 2010 (IDtrust 2010), Gaithersburg, MD, USA, 13-15 April 2010, ACM International Conference Proceedings Series (2010), pp.12-25.
[P123] W. A. Alrodhan and C. J. Mitchell, 'Enhancing User Authentication in Claim-Based Identity Management' (pdf), in: Proceedings of CTS 2010, the 2010 International Symposium on Collaborative Technologies and Systems, 17-21 May 2010, Chicago, Illinois, USA, IEEE, Piscataway, NJ (2010), pp.75-83. [A copy of the presentation made at the conference is also available].
[P124] H. S. Al-Sinani and C. J. Mitchell, 'Using CardSpace as a password manager' (pdf), in: E. de Leeuw, S. Fischer-Huebner and L. Fritsch (eds.), Policies and Research in Identity Management, 2nd IFIP WG 11.6 Working Conference, IDMAN 2010, Oslo, Norway, November 18-19 , 2010, Proceedings, Springer (2010), pp.18-30.
[P125] C. Chen, C. J. Mitchell and S. Tang, 'SSL/TLS session-aware user authentication using a GAA bootstrapped key' (pdf), in: C. Ardagna and J. Zhou (eds.), Information Security Theory and Practice: Security and Privacy of Mobile Devices in Wireless Communication, 5th IFIP WG 11.2 International Workshop, WISTP 2011, Heraklion, Crete, Greece, June 1-3, 2011, Proceedings, Springer-Verlag LNCS 6633, Berlin (2011), pp.54-68.
[P126] H. S. Al-Sinani and C. J. Mitchell, 'Enhancing CardSpace authentication using a mobile device', in: Yingjiu Li (ed.), Data and Applications Security and Privacy XXV - 25th Annual IFIP WG 11.3 Conference, DBSec 2011, Richmond, VA, USA, July 11-13, 2011, Proceedings, Springer-Verlag LNCS 6818, Berlin (2011), pp.201-216.
[P127] H. S. Al-Sinani and C. J. Mitchell, 'Client-based CardSpace-OpenID interoperation', in: E. Gelenbe, R. Lent and G. Sakellari (eds.), Computer and Information Sciences II, 26th International Symposium on Computer and Information Sciences, Springer-Verlag LNEE (2011), pp.387-394. [See also the full version at: Royal Holloway, University of London, Mathematics Department Technical Report RHUL-MA-2011-12, May 2011, 23 pages].
[P128] H. S. Al-Sinani and C. J. Mitchell, 'Extending the scope of CardSpace', in: M. A. Orgun, A. Elci, O. B. Makarevich, S. A. Huss, J. Pieprzyk, L. K. Babenko, A. G. Chefranov, and R. Shankaran (eds.): Proceedings of the 4th International Conference on Security of Information and Networks, SIN 2011, Sydney, NSW, Australia, November 14-19, 2011, ACM (2011), pp.235-238. [See also the full version at: Royal Holloway, University of London, Mathematics Department Technical Report RHUL-MA-2010-15, December 2010, 25 pages].
[P129] H. S. Al-Sinani and C. J. Mitchell, 'A universal client-based identity management tool', in: S. Petkova-Nikova, A. Pashalidis and G. Pernul (eds.), Public Key Infrastructures, Services and Applications - 8th European Workshop, EuroPKI 2011, Leuven, Belgium, September 15-16, 2011, Revised Selected Papers, Springer-Verlag LNCS 7163, Berlin (2012), pp.49-74. [See also the invited (keynote) presentation given at EuroPKI '11].
[P130] C. Chen, C. J. Mitchell and S. Tang, 'Building general purpose security services on trusted computing', in: L. Chen, M. Yung and L. Zhu (eds.), Trusted Systems - Third International Conference, INTRUST 2011, Beijing, China, November 27-29, 2011, Revised Selected Papers, Springer-Verlag LNCS 7222, Berlin (2012), pp.16-31.
[P131] C. J. Mitchell, 'A novel stateless authentication protocol', in: B. Christianson, J. A. Malcolm, V. Matyas and M. Roe (eds.), Security Protocols XVII: 17th International Workshop, Cambridge, UK, April 2009, Revised Selected Papers, Springer-Verlag LNCS 7028, Berlin (2013), pp.269-274. [A copy of the PowerPoint presentation made at the conference is also available].
[P132] C. Chen, S. Tang and C. J. Mitchell, 'Building general-purpose security services on EMV payment cards', in: A. D. Keromytis and R. Di Pietro (eds.), Security and Privacy in Communication Networks, 8th International ICST Conference, SecureComm 2012, Padua, Italy, September 3-5, 2012. Revised Selected Papers, Springer-Verlag LNICST 106, Berlin (2013), pp.29-44. [See also the presentation given at SecureComm 2012].
[P133] C. J. Mitchell, 'Analysing the IOBC Authenticated Encryption Mode', in: C. Boyd and L. Simpson (eds.), Information Security and Privacy - 18th Australasian Conference, ACISP 2013, Brisbane, Australia, July 1-3, 2013, Proceedings, Springer-Verlag LNCS 7959, Berlin (2013), pp.1-12.
[P134] M. S. A. Khan and C. J. Mitchell, 'Another look at privacy threats in 3G mobile telephony', in: W. Susilo and Y. Mu (eds.), Information Security and Privacy - 19th Australasian Conference, ACISP 2014, Wollongong, NSW, Australia, July 7-9, 2014. Proceedings, Springer-Verlag LNCS 8544, Berlin (2014), pp.386-396.
[P135] W. Li and C. J. Mitchell, 'Security issues in OAuth 2.0 SSO implementations', in: S. S. M. Chow, J. Camenisch, L. C. K. Hui and S.-M. Yiu (eds.), Information Security - 17th International Conference, ISC 2014, Hong Kong, China, October 12-14, 2014. Proceedings, Springer-Verlag LNCS 8783, Berlin (2014), pp.529-541.
[P136] W. Li and C. J. Mitchell, 'Addressing threats to real-world identity management systems', in: H. Reimer, N. Pohlmann and W. Schneider (eds.), ISSE 2015, Highlights of the Information Security Solutions Europe 2015 Conference, Springer Vieweg (2015), pp.251-259. [See also the presentation given at ISSE 2015].
[P137] M. S. A. Khan and C. J. Mitchell, 'Improving air interface user privacy in mobile telephony', in: L. Chen and S. Matsuo (eds.), Security Standardisation Research, Second International Conference, SSR 2015, Tokyo, Japan, December 15-16, 2015, Proceedings, Springer-Verlag LNCS 9497, Berlin (2015), pp.165-184. [A preliminary version was posted on arXiv in April 2015 as: arXiv:1504.03287 [cs.CR]].
[P138] M. N. Kayuni, M. S. A. Khan, W. Li, C. J. Mitchell and P. Yau, 'Generating unlinkable IPv6 addresses', in: L. Chen and S. Matsuo (eds.), Security Standardisation Research, Second International Conference, SSR 2015, Tokyo, Japan, December 15-16, 2015, Proceedings, Springer-Verlag LNCS 9497, Berlin (2015), pp.185-199.
[P139] D. Kuhlmann, L. Chen and C. J. Mitchell, 'Trust and Legitimacy in Security Standardization – a new Management Issue?', to appear in: Proceedings of I-ESA 16: 8th International Conference: Interoperability for enterprise systems and applications, Guimaraes, Portugal, March 29-April 1 2016, to be published by ISTE Publications, UK.
[P140] W. Li and C. J. Mitchell, 'Analysing the security of Google's implementation of OpenID Connect', in: J. Caballero, U. Zurutuza and R. J. Rodriguez (eds.), Detection of Intrusions and Malware, and Vulnerability Assessment, 13th International Conference, DIMVA 2016, San Sebastian, Spain, July 7-8, 2016, Proceedings, Springer-Verlag LNCS 9721, Berlin (2016), pp.357-376. [A preliminary version was posted on arXiv in August 2015 as: arXiv:1508.01707 [cs.CR]].
[P141] F. A. Al Maqbali and C. J. Mitchell, 'Password generators: Old ideas and new', in: S. Foresti and J. Lopez (eds.), Information Security Theory and Practice: 10th IFIP WG 11.2 International Conference, WISTP 2016, Heraklion, Crete, Greece, September 26–27, 2016, Proceedings, Springer-Verlag LNCS 9895, Berlin (2016), pp.245-253. [The full version was posted on arXiv in July 2016 as: arXiv:1607.04421 [cs.CR]].]
[P142] M. S. A. Khan and C. J. Mitchell, 'Retrofitting mutual authentication to GSM using RAND hijacking', in: G. Barthe, E. Markatos and P. Samarati (eds.), Security and Trust Management - 12th International Workshop, STM 2016, Heraklion, Crete, Greece, September 26-27, 2016, Proceedings, Springer-Verlag LNCS 9871, Berlin (2016), pp.17-31. [A preliminary version was posted on arXiv in July 2016 as: arXiv:1607.00729 [cs.CR]].]
[P143] M. S. A. Khan and C. J. Mitchell, 'Trashing IMSI catchers in mobile networks', in: Proceedings of the 10th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec 2017), Boston, USA, July 18-20, 2017, ACM (2017), pp.207-218 (https://doi.org/10.1145/3098243.3098248).
[P144] F. A. Al Maqbali and C. J. Mitchell, 'AutoPass: An automatic password generator', in: Proceedings of ICCST 2017: The 51st International Carnahan Conference on Security Technology, Madrid, Spain, October 23-26, 2017, IEEE (2017), pp.1-6 (https://doi.org/10.1109/CCST.2017.8167791). [A preliminary version was posted on arXiv in March 2017 as: arXiv:1703.01959 [cs.CR]].]
[P145] W. Li, C. J. Mitchell and T. Chen, 'Your code is my code: Exploiting a common weakness in OAuth 2.0 implementations', in: V. Matyas, P. Svenda, F. Stajano, B. Christianson, and J. Anderson (eds.), Security Protocols XXVI: 26th International Workshop,, Cambridge, UK, March 19-21, 2018, Revised Selected Papers, Springer LNCS 11286, Berlin (2018), pp.24-41 (https://doi.org/10.1007/978-3-030-03251-7_3).
[P146] W. Li, C. J. Mitchell and T. Chen, 'Mitigating CSRF attacks on OAuth 2.0 systems', in: K. McLaughlin, A. Ghorbani, S. Sezer, R. Lu, L. Chen, R. H. Deng, P. Miller, S. March and J. Nurse (eds.), Proceedings of 2018 16th Annual Conference on Privacy, Security and Trust (PST), Belfast, UK, 28-30 August 2018, IEEE (2018), pp.1-5 (https://doi.org/10.1109/PST.2018.8514180). [A preliminary version was posted on arXiv in January 2018 as: arXiv:1801.07983 [cs.CR].]
[P147] N. M. Al-Fannah, W. Li and C. J. Mitchell, 'Beyond cookie monster amnesia: Real world persistent online tracking', in: L. Chen, M. Manulis and S. Schneider (eds.), Information Security - 21st International Conference, ISC 2018, Guildford, UK, September 9-12, 2018, Proceedings, Springer LNCS 11060, Berlin (2018), pp.481-501 (https://doi.org/10.1007/978-3-319-99136-8_26).
[P148] F. A. Al Maqbali and C. J. Mitchell, 'Email-based password recovery — risking or rescuing users?', in: Proceedings of ICCST 2018: The 52nd International Carnahan Conference on Security Technology, Montréal, Québec, Canada, October 22-25, 2018, IEEE (2018), 5 pages (https://doi.org/10.1109/CCST.2018.8585576).
[P149] F. Al Maqbali and C. J. Mitchell, 'Web password recovery: A necessary evil?', in: K. Arai, R. Bhatia and S. Kapoor (eds.), Proceedings of the Future Technologies Conference (FTC) 2018, Vancouver, Canada, November 13-14, 2018, Volume 2, Springer Advances in Intelligent Systems and Computing 881, Cham (2018), pp.324-341 (https://doi.org/10.1007/978-3-030-02683-7_23). [A preliminary version was posted on arXiv in January 2018 as: arXiv:1801.06730 [cs.CR].]
[P150] W. Li, C. J. Mitchell and T. Chen, 'OAuthGuard: Protecting User Security and Privacy with OAuth 2.0 and OpenID Connect', in: Proceedings of the 5th ACM Workshop on Security Standardisation Research (SSR 2019, an ACM CCS 2019 Workshop), London, November 11 2019, ACM Press (2019), pp.35-44 (https://doi.org/10.1145/3338500.3360331). [A preliminary version was posted on arXiv in January 2019 as: arXiv:1901.08960 [cs.CR].]
[P151] W. Li and C. J. Mitchell, 'User Access Privacy in OAuth 2.0 and OpenID Connect', in: Proceedings of 2020 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), IEEE Press (2020), pp.664-672 (https://doi.org/10.1109/EuroSPW51379.2020.00095).
[P152] G. Pradel and C. J. Mitchell, 'Post-quantum certificates for electronic travel documents', in: I. Boureanu, C. Dragan, M. Manulis, T. Giannetsos, C. Dadoyan, P. Gouvas, R. A. Hallman, S. Li, V. Chang, F. Pallas, J. Pohle and A. M. Sasse (eds.), Computer Security - ESORICS 2020 International Workshops, DETIPS, DeSECSys, MPS, and SPOSE, Guildford, UK, September 17-18, 2020, Revised Selected Papers, Springer LNCS 12580, Berlin (2020), pp.56-73 (https://doi.org/10.1007/978-3-030-66504-3_4).
[P153] C. J. Mitchell, 'Provably insecure group authentication: Not all security proofs are what they claim to be', in: P. Stanica, S. Gangopdhyay and S. K. Debnath (editors), Security and Privacy: Select Proceedings of ICSP 2020, Springer LNEE 744, Singapore (2021), pp.151-162 (https://doi.org/10.1007/978-981-33-6781-4_13). [See also the presentation given at ICSP 2020]. [A preliminary version was posted on arXiv in May 2020 as: arXiv:2005.05376 [cs.CR]. Subsequent to publication, a significant error in the paper was discovered - a corrected version of the paper has been uploaded to arXiv - see arXiv:2005.05376 [cs.CR].]
[P154] M. Sel and C. J. Mitchell, 'Automating the evaluation of trustworthiness', in: S. Fischer-Huebner, C. Lambrinoudakis, G. Kotsis, A. Min Tjoa and I. Khalil (editors), Trust, Privacy and Security in Digital Business - 18th International Conference, TrustBus 2021, Virtual Event, September 27-30, 2021, Proceedings, Springer LNCS 12927, Cham (2021), pp.18-31 (https://doi.org/10.1007/978-3-030-86586-3_2).
[P155] G. Pradel and C. J. Mitchell, 'Privacy-preserving biometric matching using homomorphic encryption' [corrected version], in: L. Zhao, N. Kumar, R. C. Hsu and Z. Zou (editors), Proceedings: 2021 IEEE 20th International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2021, Shenyang, China, IEEE Computer Society, Los Alamitos (2021), pp.494-505 (https://doi.org/10.1109/TrustCom53373.2021.00079).
[C1] C. J. Mitchell and F. C. Piper, 'Cryptography and Cryptanalysis', Chapter 3 of the Handbook of Applicable Mathematics: Supplement (John Wiley and Sons, Chichester, 1990), edited by W. Ledermann, E. Lloyd, S. Vajda and C. Alexander, pp. 53-92.
[C2] C. J. Mitchell, F. C. Piper and P. R. Wild, 'Digital signatures', Chapter 6 of Contemporary cryptology: The science of information integrity (IEEE Press, Piscataway NJ, 1992), edited by G. J. Simmons, pp. 325-378.
[C3] C. J. Mitchell, 'Management of secure systems and security within OSI', Chapter 4 of Information Security (Chapman and Hall, London, 1993), edited by J. E. Ettinger, pp. 47-60.
[C4] C. J. Mitchell and L. Chen, 'Security in future mobile multimedia networks', Chapter 11 of Insights into Mobile Multimedia Communications (Academic Press, 1999), edited by D. R. Bull, C. N. Canagarajah and A. R. Nix, pp. 177-190.
[C5] C. J. Mitchell, 'Developments in security mechanism standards', Chapter 8 of Internet and Intranet Security Management: Risks and Solutions (Idea Group Publishing, 2000), edited by L. J. Janczewski, pp. 185-246.
[C6] F. C. Piper and C. J. Mitchell, 'Security: a technical approach', Section 9:3 of the E-commerce Handbook (Gee Publishing, 2000), edited by G. Clapperton, pp.9/11-9/20.
[C7] C. J. Mitchell, 'Cryptography for mobile security', Chapter 1 of Security for Mobility (IEE, London, 2004), edited by C. J. Mitchell, pp.3-10.
[C8] C. J. Mitchell and R. Schaffelhofer, 'The personal PKI', Chapter 3 of Security for Mobility (IEE, London, 2004), edited by C. J. Mitchell, pp.35-61.
[C9] C. J. Mitchell, 'What is trusted computing?', Chapter 1 of Trusted Computing (IEE, London, 2005), edited by C. J. Mitchell, pp.1-10.
[C10] A. Pashalidis and C. J. Mitchell, 'Single sign-on using TCG-conformant platforms', Chapter 6 of Trusted Computing (IEE, London, 2005), edited by C. J. Mitchell, pp.175-193.
[C11] A. Gajparia and C. J. Mitchell, 'Enhancing user privacy using trusted computing', Chapter 8 of Trusted Computing (IEE, London, 2005), edited by C. J. Mitchell, pp.239-250.
[C12] S. Balfe, E. Gallery, C. J. Mitchell and K. G. Paterson, 'Crimeware and trusted computing' (pdf), Chapter 15 of Crimeware: Understanding New Attacks and Defenses (Addison-Wesley, 2008), edited by M. Jakobsson and Z. Ramzan, pp.457-472.
[C13] A. Leung, P.-W. Yau and C. J. Mitchell, 'Using trusted computing to secure mobile ubiquitous environments' (pdf), in: Security and Privacy in Mobile & Wireless Networking (Troubador Publishing, Leicester, 2009), edited by S. Gritzalis, T. Karygiannis and C. Skianis, pp.303-335.
[C14] A. Pashalidis and C. J. Mitchell, 'Privacy in identity and access management systems', Chapter 16 of: Digital Identity and Access Management: Technologies and Frameworks (IGI Global, 2012), edited by R. Sharman, S. D. Smith and M. Gupta, pp.316-328.
[C15] C. J. Mitchell, Privacy, compliance and the cloud, Chapter 1 of: Guide to Security Assurance for Cloud Computing (Springer International, 2015), edited by S. Y. Zhu, R. Hill and M. Trovati, pp.3-14.
[E1] C. J. Mitchell (editor), Cryptography and Coding II: Proceedings of the second IMA Cryptography and Coding Conference, Cirencester, December 1989 (Oxford University Press, Oxford, 1992), 301 pages.
[E2] C. J. Mitchell and V. Stavridou (editors), Mathematics of Dependable Systems: Proceedings of the first IMA Conference, Royal Holloway, September 1993 (Oxford University Press, Oxford, 1995), 295 pages.
[E3] C. J. Mitchell (editor), Applications of Combinatorial Mathematics: Proceedings of the IMA Conference, Oxford, December 1994 (Oxford University Press, Oxford, 1997), 241 pages.
[E4] C. J. Mitchell (editor), Security for Mobility (IEE, London, 2004), 440 pages.
[E5] C. J. Mitchell (editor), Trusted Computing (IEE, London, 2005), 313 pages.
[E6] L. Chen, C. J. Mitchell and A. Martin (editors), Trusted Computing, Second International Conference, Trust 2009, Oxford, UK, April 6-8, 2009, Proceedings (Springer, Lecture Notes in Computer Science 5471, 2009), 263 pages.
[E7] O. Markowitch, A. Bilas, J.-H. Hoepman, C. J. Mitchell and J.-J. Quisquater (editors), Information Security Theory and Practice: Smart Devices, Pervasive Systems, and Ubiquitous Networks, Third IFIP WG11.2 International Workshop, WISTP 2009, Brussels, Belgium, September 1-4, 2009, Proceedings (Springer, Lecture Notes in Computer Science 5746, 2009), 167 pages.
[E8] S. Qing, C. J. Mitchell, and G. Wang (editors), Information and Communications Security: 11th International Conference, ICICS 2009, Beijing, China, December 2009, Proceedings (Springer, Lecture Notes in Computer Science 5927, 2009), 504 pages.
[E9] C. J. Mitchell and A. Tomlinson (editors), Trusted Systems: 4th International Conference, InTrust 2012, London, UK, December 2012, Proceedings (Springer, Lecture Notes in Computer Science 7711, 2012), 117 pages.
[E10] S. Fischer-Hübner, E. de Leeuw, and C. J. Mitchell (editors), Policies and Research in Identity Management, Third IFIP WG 11.6 Working Conference, IDMAN 2013, London, UK, April 2013, Proceedings (Springer, IFIP Advances in Information and Communication Technology 396, 2013), 161 pages.
[E11] S. De Capitani di Vimercati and C. J. Mitchell (editors), Public Key Infrastructures, Services and Applications, 9th European Workshop, EuroPKI 2012, Pisa, Italy, September 13-14, 2012, Revised Selected Papers (Springer, Lecture Notes in Computer Science 7868, 2013), 195 pages.
[E12] L. Chen and C. J. Mitchell (editors), Security Standardisation Research, First International Conference, SSR 2014, London, UK, December 16-17, 2014. Proceedings (Springer, Lecture Notes in Computer Science 8893, 2014), 257 pages.
[E13] J. Lopez and C. J. Mitchell (editors), Information Security, 18th International Conference, ISC 2015. Trondheim, Norway, September 9-11, 2015. Proceedings. (Springer, Lecture Notes in Computer Science 9290, 2015), 570 pages.
[E14] L. Chen, D. A. McGrew and C. J. Mitchell (editors), Security Standardisation Research - Third International Conference, SSR 2016, Gaithersburg, MD, USA, December 5-6, 2016, Proceedings (Springer, Lecture Notes in Computer Science 10074, 2016), 275 pages.
[E15] G. Livraga and C. J. Mitchell (editors), Security and Trust Management - 13th International Workshop, STM 2017, Oslo, Norway, September 14-15, 2017, Proceedings (Springer, Lecture Notes in Computer Science 10547, 2017), 233 pages.
[E16] S. Qing, C. J. Mitchell, L. Chen and D. Liu (editors), Information and Communications Security: 19th International Conference, ICICS 2017, Beijing, China, December 6-8, 2017, Proceedings (Springer, Lecture Notes in Computer Science 10631, 2018), 689 pages.
[E17] L. Chen, C. J. Mitchell, T. Giannetsos and D. Sgandurra (editors), Proceedings of the 1st ACM Workshop on Cyber-Security Arms Race, CYSARM@CCS 2019, London, UK, November 15, 2019 (ACM, 2019), 53 pages.
[E18] T. van der Merwe, C. J. Mitchell and M. Mehrnezhad (editors), Security Standardisation Research, 6th International Conference, SSR 2020, London, UK, November 30 – December 1, 2020, Proceedings (Springer, Lecture Notes in Computer Science 12529, 2020), 169 pages.
[O1] C. J. Mitchell, 'Divisions and decompositions of 1-designs', Ph.D. thesis, Westfield College, University of London, 1979. Available for download as zipped pdf in four parts: pages 1-24, 25-55, 56-80, 81-121. A separate abstract is also available, as is a (short, and no doubt very incomplete) list of corrections and additions.
[O2] J. Burns and C. J. Mitchell, 'Coding schemes for two-dimensional position sensing' (pdf), HP Laboratories Bristol, Technical Report HPL-92-19, January 1992.
[O3] C. J. Mitchell, 'Cryptography: Key distribution, Trusted Third Parties and Warranted Interception', Global Transformation Research Group, London, 1999 Series no. 2, 26 pages.
[O4] C. J. Mitchell, 'Simple PIN recovery attack on a standardised financial transaction protocol', preprint, 6 pages.
[O5] C. J. Mitchell, 'Breaking the simple authenticated key agreement protocol', Department of Mathematics, Royal Holloway, University of London Technical Report RHUL-MA-2001-2, August 2001, 2 pages.
[O6] C. J. Mitchell, 'The security of the GSM air interface protocol', Department of Mathematics, Royal Holloway, University of London Technical Report RHUL-MA-2001-3, August 2001, 15 pages.
[O7] C. J. Mitchell, 'Remarks on the security of the Alpha1 stream cipher, Department of Mathematics, Royal Holloway, University of London Technical Report RHUL-MA-2001-8, December 2001, 5 pages.
[O8] C. J. Mitchell, 'An attack on an ID-based multisignature scheme, Department of Mathematics, Royal Holloway, University of London Technical Report RHUL-MA-2001-9, December 2001, 2 pages.
[O9] C. J. Mitchell, 'Security for mobility, Electronics and Communication Engineering Journal, 14 (2002) 178. [Editorial for the special issue on 'Security for mobility'].
[O10] C. J. Mitchell, Secure communications: applications and management (Book review), Electronics and Communication Engineering Journal, 14 (2002) 295.
[O11] C. J. Mitchell, Public key encryption using block ciphers, Department of Mathematics, Royal Holloway, University of London Technical Report RHUL-MA-2003-6, September 2003, 6 pages.
[O12] C. J. Mitchell, Some observations on the Bit-Search Generator, Department of Mathematics, Royal Holloway, University of London Technical Report RHUL-MA-2004-3, October 2004, 6 pages.
[O13] C. J. Mitchell and Q. Tang, Cryptanalysis of the Yeh-Sun password-based authentication protocols, Department of Mathematics, Royal Holloway, University of London Technical Report RHUL-MA-2004-4, November 2004, 6 pages.
[O14] Q. Tang and C. J. Mitchell, 'Rethinking the security of some authenticated group key agreement schemes', Cryptology ePrint Archive, Report 2004/363, 2004.
[O15] C. J. Mitchell and Q. Tang, Security of the Lin-Lai smart card based user authentication scheme, Department of Mathematics, Royal Holloway, University of London Technical Report RHUL-MA-2005-1, January 2005, 10 pages.
[O16] Q. Tang and C. J. Mitchell, 'Cryptanalysis of an anonymous wireless authentication and conference key distribution scheme', Cryptology ePrint Archive, Report 2005/047, 2005.
[O17] C. J. Mitchell, Timestamps and authentication protocols, Department of Mathematics, Royal Holloway, University of London Technical Report RHUL-MA-2005-3, February 2005, 8 pages.
[O18] Q. Tang and C. J. Mitchell, Cryptanalysis of a technique to transform discrete logarithm based cryptosystems into identity-based cryptosystems, Department of Mathematics, Royal Holloway, University of London Technical Report RHUL-MA-2005-4, March 2005, 4 pages.
[O19] Q. Tang and C. J. Mitchell, 'Enhanced password-based key establishment protocol', Cryptology ePrint Archive, Report 2005/141, 2005.
[O20] Q. Tang and C. J. Mitchell, 'Weaknesses in a leakage-resilient authenticated key transport protocol', Cryptology ePrint Archive, Report 2005/173, 2005.
[O21] C. J. Mitchell and S.-L. Ng, 'Comments on the security of the SPAPA strong password authentication protocol, Department of Mathematics, Royal Holloway, University of London Technical Report RHUL-MA-2007-8, August 2007, 4 pages.
[O22] S. Balfe, E. Gallery, C. J. Mitchell and K. G. Paterson, 'Challenges for Trusted Computing', Department of Mathematics, Royal Holloway, University of London Technical Report RHUL-MA-2008-14, February 2008, 23 pages.
[O23] L. Chen and C. J. Mitchell, 'Parsing ambiguities in authentication and key establishment protocols', Cryptology ePrint Archive, Report 2008/419, 2008.
[O24] H. Al-Sinani and C. J. Mitchell, 'Using CardSpace as a Password-based Single Sign-On System', Department of Mathematics, Royal Holloway, University of London Technical Report RHUL-MA-2011-14, August 2011, 24 pages.
[O25] C. J. Mitchell, 'The Hsu-Harn-Mu-Zhang-Zhu group key establishment protocol is insecure', arXiv:1803.05365 [cs.CR], March 2018, 6 pages.
[O26] C. J. Mitchell, 'The Saeed-Liu-Tian-Gao-Li authenticated key agreement protocol is insecure', arXiv:1906.09330 [cs.CR], June 2019, 5 pages.
[O27] C. J. Mitchell, 'Who needs trust for 5G?', arXiv:2005.00862 [cs.CR], May 2020, 15 pages.
[O28] C. J. Mitchell, 'How not to secure wireless sensor networks revisited: Even if you say it twice it's still not secure', arXiv:2005.04434 [cs.CR], May 2020, 5 pages.
[O29] C. J. Mitchell, 'Two closely related insecure noninteractive group key establishment schemes', arXiv:2009.09278 [cs.CR], September 2020, 6 pages.
[O30] C. J. Mitchell, 'The (in)security of some recently proposed lightweight key distribution schemes', arXiv:2101.08132 [cs.CR], January 2021, 15 pages.
[O31] M. Mehrnezhad, T. van der Merwe and C. J. Mitchell, 'Guest Editorial: Security and Privacy', IEEE Communications Standards Magazine 5 no 3 (September 2021) 10-11 (https://doi.org/10.1109/MCOMSTD.2021.9579395).
[O32] H. Al-Sinani and C. J. Mitchell, 'Unleashing AI in ethical hacking: A preliminary experimental study'. Technical Report, January 2024.
[O33] C. J. Mitchell, 'Integrity-protecting block cipher modes — Untangling a tangled web', arXiv:2403.03654 [cs.CR], March 2024, 20 pages.
[S1] C. J. Mitchell, 'Security in mobile systems', New roles for software in mobile networks, DTI/EPSRC Software Technology Outreach seminar, 12th December 2001, London.
[S2] C. J. Mitchell, 'The security of two-key DESX', COSIC Seminar, Katholieke Universiteit Leuven, 15th March 2002, Leuven, Belgium.
[S3] C. J. Mitchell, 'PKI standards', PKI Club meeting, 2nd May 2002, Royal Holloway, University of London.
[S4] C. J. Mitchell, 'Safe payments on the net', International Chamber of Commerce (ICC), 2nd Annual Workshop for Business on Corporate Crime in the Digital Age, 23rd-27th June 2002, Sundridge Park Conference Centre, Kent, UK.
[S5] C. J. Mitchell, 'ISG - The group and recent research', Presentation at DoCoMo Euro Labs, Munich, 3rd September 2002.
[S6] C. J. Mitchell, 'Security for networks of mobile and personal devices', The Critical Systems Conference 2002, 15th-16th October 2002, Brighton, UK. [Organised by The Safety Critical Systems Club].
[S7] C. J. Mitchell, 'The dangers of using web browsers to provide secure communications', COSIC Seminar, Katholieke Universiteit Leuven, 4th December 2002, Leuven, Belgium, and 7th January 2003, Centre for Quantifiable Quality of Service in Communication Systems, NTNU, Trondheim, Norway.
[S8] C. J. Mitchell, 'On the security of CBC-MAC schemes', Thematic Strategic Research Programme Workshop on Information Security, 14th/15th October 2003, Singapore. [Organised by A*STAR].
[S9] C. J. Mitchell, 'Security for real-world Internet payment systems', The Critical Systems Conference 2003, 22nd-23rd October 2003, Oxford, UK. [Organised by The Safety Critical Systems Club].
[S10] C. J. Mitchell, 'Keeping secrets - Security for mobile software', CBI South East: Best of British - Brains & Business, Royal Holloway, University of London, Egham, UK, 20th November 2003.
[S11] C. J. Mitchell, 'Secure payments in the virtual world', Security in the financial sector - Trends, visions & challenges, Kinepolis, Brussels, Belgium, 27th November 2003. [Organised by L-SEC].
[S12] C. J. Mitchell, 'Universal cycles of permutations', Discrete Mathematics Seminar, Simon Fraser University, Vancouver, Canada, 1st March 2004.
[S13] C. J. Mitchell, 'Interoperation between a PKI and an ID-based infrastructure', School of Computing Science seminar, University of Newcastle-upon-Tyne, UK, 14th April 2004, and Seminar at the Nanyang Technological University, Singapore, 21st April 2004.
[S14] C. J. Mitchell, 'Identification, authentication and trust in a ubiquitous computing environment', 2nd UK-UbiNet Workshop: Security, trust, privacy and theory for ubiquitous computing, University of Cambridge, 5th-7th May 2004.
[S15] C. J. Mitchell, 'Security for ubiquitous and mobile computing', 1st UK-UbiNet Summer School, National e-Science Centre, Edinburgh, 13-15th September 2004.
[S16] C. J. Mitchell and A. W. Dent, 'International standards for stream ciphers: A progress report' (pdf), SASC - The State of the Art of Stream Ciphers, Novotel Brugge Centrum, Brugge, Belgium, 14th-15th October 2004. [A copy of the PowerPoint presentation made at the conference is also available].
[S17] C. J. Mitchell, 'Web security', Lecture 4 (out of 11) on course SC3, one quarter of the core component of the M.Sc. in Secure Electronic Commerce at Royal Holloway, University of London. [Lecture given on 26th October 2004].
[S18] C. J. Mitchell, 'Trusted computing and mobile systems', Seminar given at the Centre for Communication Systems Research, School of Electronics and Physical Sciences, University of Surrey, Guildford, UK, 3rd November 2004.
[S19] C. J. Mitchell, 'Communications security research at the ISG', Presentation given to the Taiwanese Mobile Communications Mission to the UK, London, 30th November 2004.
[S20] C. J. Mitchell, ' Secure payments in the electronic world', presented at: BAFTEC, Banking, financial technology and security awareness, Al Bustan Palace Hotel, Oman, 11th/12th December 2004.
[S21] S. Hu and C. J. Mitchell, 'Secure zero configuration in a ubiquitous computing environment' (pdf), 3rd UK-UbiNet Workshop: Designing, evaluating and using ubiquitous computing systems, University of Bath, 9th-11th February 2005.
[S22] C. J. Mitchell, 'Cryptanalysis of methods for combining confidentiality and integrity', Discrete Mathematics Seminar, Simon Fraser University, Vancouver, Canada, 28th February 2005.
[S23] C. J. Mitchell, 'Cryptanalysis of an authenticated encryption technique', GemPlus Director's Day, GemPlus La Vigie, La Ciotat, France, 19th-20th May 2005.
[S24] C. J. Mitchell, 'Security and privacy issues for future mobile systems', Beyond-the-Horizon Security and trust workshop, ENST, Paris, 21st June 2005.
[S25] C. J. Mitchell, Error oracle attacks on CBC mode, Seminar, Macquarie University, Sydney, Australia, 1st July 2005.
[S26] A. Leung and C. J. Mitchell, 'Towards secure zero configuration', presented at WEWoRC 2005, The Western European Workshop on Research in Cryptology, Leuven, Belgium, July 2005.
[S27] Q. Tang and C. J. Mitchell, 'Security vulnerabilities of a password-based key establishment protocol', presented at WEWoRC 2005, The Western European Workshop on Research in Cryptology, Leuven, Belgium, July 2005.
[S28] K. Elmufti and C. J. Mitchell, 'GSM for mobile SSO to protect user privacy', presented at WEWoRC 2005, The Western European Workshop on Research in Cryptology, Leuven, Belgium, July 2005.
[S29] S. Hu and C. J. Mitchell, 'Using trusted computing for IP address autoconfiguration in MANETs', presented at WEWoRC 2005, The Western European Workshop on Research in Cryptology, Leuven, Belgium, July 2005.
[S30] S. Nachtigal and C. J. Mitchell, 'Modelling e-business security using business processes', presented at WEWoRC 2005, The Western European Workshop on Research in Cryptology, Leuven, Belgium, July 2005.
[S31] A. Mohammed and C. J. Mitchell, 'Privacy aspects of wireless protocols', presented at WEWoRC 2005, The Western European Workshop on Research in Cryptology, Leuven, Belgium, July 2005.
[S32] C. J. Mitchell, 'Security research challenges for future mobile systems', Meeting of Research Network for Secure Australia, Queensland University of Technology, Brisbane, 7th July 2005.
[S33] C. J. Mitchell, 'Error oracle attacks and CBC encryption', Computer Algebra/Discrete Mathematics Joint Seminar, Simon Fraser University, Vancouver, Canada, 29th July 2005, and Computer Science Seminar, University of Bristol, 31st October 2005.
[S34] C. J. Mitchell, 'Cryptographic proofs of work', ISG Research Seminar, Royal Holloway, University of London, 15th November 2005.
[S35] C. J. Mitchell, 'Developments in secure mobile systems', presented at: Secure Communications: Developments and Opportunities in the UK, Sophia Antipolis, France, 30th November 2005.
[S36] C. J. Mitchell, Using mobile devices in a secure environment, presented at: BSI/CESG Trusted Computing Workshop, Bonn, Germany, 20th/21st February 2006.
[S37] C. J. Mitchell, Cryptanalysis of the EPBC authenticated encryption mode, COSIC Seminar, Katholieke Universiteit Leuven, 16th May 2006, Leuven, Belgium.
[S38] C. J. Mitchell, 'Mobile Security', ISSS 2006, Information Security Summer School, Taipei, Taiwan, 10th-24th August 2006.
[S39] C. J. Mitchell, 'Trusted Computing', ISSS 2006, Information Security Summer School, Taipei, Taiwan, 10th-24th August 2006.
[S40] C. J. Mitchell, 'Privacy and Identity in a Mobile Pervasive Environment' (invited talk), Security and Privacy in Mobile Health Care 2006, Innsbruck, Austria, 29th November 2006.
[S41] C. J. Mitchell, 'Trusted Computing: A Universal Security Infrastructure?', Seminar: Department of Computer Science and Software Engineering, University of Canterbury, Christchurch, New Zealand, 21st March 2007.
[S42] C. J. Mitchell, 'Generic Collision Attacks on Hash-functions', Seminar: Department of Computing, Macquarie University, Sydney, Australia, 23rd March 2007.
[S43] C. J. Mitchell, 'Trusted Computing: Putting a security module on every desktop', Seminar: New Zealand Information Security Forum, Auckland, New Zealand, 28th March 2007.
[S44] C. J. Mitchell, 'Trusted Computing: A Universal Security Infrastructure?', Seminar: Centre of Digital Enterprise, University of Auckland, New Zealand, 28th March 2007.
[S45] C. J. Mitchell, 'Generic Collision Attacks on Hash-functions', Discrete Mathematics Seminar, Simon Fraser University, Vancouver, Canada, 20th April 2007.
[S45] C. J. Mitchell, 'Generic collision attacks on hash-functions and HMAC' (invited talk), The Claude Shannon Workshop on Coding and Cryptography, University College Cork, Ireland, 21st/22nd May 2007.
[S46] C. J. Mitchell, 'Trusted mobile platforms', ISSS '07, Information Security Summer School, Taipei, Taiwan, 7th August 2007.
[S47] C. J. Mitchell, 'The CardSpace identity management framework', Seminar, Chaoyang University of Technology, Taiwan, 8th August 2007.
[S48] C. J. Mitchell, 'Cryptanalysis of the EPBC authenticated encryption mode', Seminar, Chaoyang University of Technology, Taiwan, 8th August 2007.
[S49] C. J. Mitchell, 'History of message integrity techniques', MSc in Information Security Seminar, Royal Holloway, University of London, 17th January 2008.
[S50] C. J. Mitchell, 'Cryptanalysis of the EPBC Authenticated Encryption Mode', ISG Research Seminar, Royal Holloway, University of London, 14th February 2008.
[S51] C. J. Mitchell, 'Using passwords for club membership', Seminar, Victoria University of Wellington, New Zealand, 11th April 2008.
[S52] C. J. Mitchell, 'Identity management systems - where are they going?', AIFS 2008, The First Athens International Forum on Information Security, Athens, Greece, 5th-6th May 2008.
[S53] C. J. Mitchell, 'Towards safer security APIs' (invited talk), 2nd International Workshop on Analysis of Security APIs, Carnegie-Mellon University, Pittsburgh, PA, USA, 26th June 2008.
[S54] C. J. Mitchell, 'Interoperation between identity management systems', Half-Day Seminar on Identity and Privacy, City University, London, 30th June 2008. [Sponsored by the EPSRC Interact India Project.]
[S55] C. J. Mitchell, 'Closing the gap between cryptography theory and security practice' (invited talk), NISK 2008, University of Agder, Kristiansand, Norway, 17th-19th November 2008.
[S56] C. J. Mitchell, 'Closing the gap between cryptography theory and security practice', Research Seminar at the University of East London, 24th February 2009.
[S57] C. J. Mitchell, 'Mobile trusted computing', Half-day session, Winter School in Information Security, Finse, Norway, 3rd-8th May 2009.
[S58] C. J. Mitchell, 'A novel stateless authentication protocol', Research Seminar, Department of Computer Science, University of Bristol, 13th May 2009.
[S59] C. J. Mitchell, 'A simple construction for perfect factors in the de Bruijn graph' (invited talk), The Claude Shannon Institute Workshop on Coding and Cryptography, University College Cork, Ireland, 18th/19th May 2009.
[S60] C. J. Mitchell, 'Challenges for trusted computing', Seminar, CESG, Cheltenham, UK, 11th June 2009.
[S61] C. J. Mitchell, 'Does provably secure cryptography guarantee practical security?' (keynote talk), ICGS3 2009, 5th International Conference on Global Security, Safety and Sustainability, University of East London, 1st/2nd September 2009.
[S62] C. J. Mitchell, Information security in the undergraduate curriculum, talk given to a visiting delegation at Royal Holloway, 7th September 2009.
[S63] C. J. Mitchell, Careers using Mathematics: Cryptography, Year 11 Maths Enrichment Event, South Wilts Grammar School, Salisbury, 14th October 2009.
[S64] C. J. Mitchell, New technologies and future security challenges, Cyber Security: A Public-Private Partnership: Government and Industry Working Together to Improve UK Cyber Security, Royal United Services Institute, London, 21st-22nd October 2009.
[S65] C. J. Mitchell, Security: Are things getting better or worse?, Seminar, School of Computing, University of Kent, Canterbury, UK, 2nd February 2010.
[S66] C. J. Mitchell, Is security a lost cause? (invited talk, both the paper and the presentation are available), Information Security Summit 2010 (IS2), Prague, 26th/27th May 2010.
[S67] C. Chen, C. J. Mitchell and S. Tang, 'Ubiquitous one-time password service using generic authentication architecture' (pdf), presented at: WISSec 2010, 5th Benelux Workshop on Information and System Security, 29-30 November 2010, Nijmegen, the Netherlands.
[S68] C. Chen, C. J. Mitchell and S. Tang, 'Extending trusted computing as a security service' (pdf), poster presented at the 21st Hewlett-Packard Colloquium on Information Security, Royal Holloway, University of London, 20th December 2010.
[S69] C. J. Mitchell, 'Trusted computing as a universal security infrastructure', invited presentation given at Trusted Computing - Virtualization and Security, Stockholm-Kista, 20/21 January 2011.
[S70] C. J. Mitchell, 'Building on existing security infrastructures', seminar presentation given at the University of Surrey, UK, 18th May 2011.
[S71] H. Al-Sinani and C. J. Mitchell, 'CardSpace-Shibboleth integration for CardSpace users', industrial track presentation given at ACNS 2011, 9th International Conference on Applied Cryptography and Network Security, Nerja (Malaga), Spain, 7th-10th June 2011. [See also the full version at: Royal Holloway, University of London, Mathematics Department Technical Report RHUL-MA-2011-13, May 2011, 25 pages].
[S72] C. J. Mitchell, 'Using existing security infrastructures', seminar presentation given at the University of Birmingham, UK, 7th July 2011.
[S73] C. J. Mitchell, 'Standardising privacy and security for the cloud', presented at: STEM-UEN & Microsoft Advanced Technology Workshop: Cloud Computing enabling Innovation, Kingston University, 1st November 2011.
[S74] C. J. Mitchell, 'New architectures for identity management - removing barriers to adoption', invited presentation given at SantaCrypt 2011, Prague, 1st/2nd December 2011 (the paper is also available).
[S75] C. J. Mitchell, 'Active client based identity management', seminar presentation given at Wollongong University, 23rd February 2012.
[S76] C. J. Mitchell, 'Active client based identity management', seminar presentation given at Macquarie University, Sydney, 28th February 2012.
[S77] C. J. Mitchell, 'The cybercrime threat on mobile devices' (both the paper and the presentation are available, the former of which appeared in the 2011/12 issue of the ISG newsletter), invited (keynote) presentation given at the inaugural Cyber Crime Symposium, Sydney, Australia, 1st/2nd March 2012.
[S78] C. J. Mitchell, 'Active client based identity management', seminar presentation given at Queensland University of Technology, Brisbane, 16th March 2012.
[S79] C. J. Mitchell, 'Applying combinatorial group testing to trust evaluation in a distributed computing model', Discrete Math seminar given at Simon Fraser University, Vancouver, 27th March 2012.
[S80] C. J. Mitchell, 'Re-using existing security infrastructures', invited (joint) keynote presentation given at the 7th International Workshop on Data Privacy Management (DPM 12) and the 5th International Workshop on Autonomous and Spontaneous Security (SETOP 12), Pisa, 13th/14th September 2012.
[S81] C. J. Mitchell, 'Outsourcing personal data processing to the cloud', presentation given at the Cloud Security Alliance Congress 2012, Orlando, Florida, USA, 7th/8th November 2012.
[S82] C. J. Mitchell, 'Exploiting existing security infrastructures', research seminar given at Khalifa University of Science, Technology and Research, Abu Dhabi Campus, UAE, 9th January 2013.
[S83] C. J. Mitchell, 'Outsourcing personal data processing to the cloud', presentation given at the 8th ETSI Security Workshop, Sophia Antipolis, France, 16th/17th January 2013. A written-up version of this presentation also exists, which was included in the 2012/13 issue of the ISG newsletter.
[S84] C. J. Mitchell, 'Input to Horizon 2020', presentation given at a Horizon 2020 Consultation Workshop on Trustworthy ICT, Russell Hotel, London, 30th January 2013.
[S85] C. J. Mitchell, 'ISO/IEC 27018: Outsourcing personal data processing to the cloud', presentation given at the Special Study Period Meeting on Cloud Computing Security and Privacy, Songdo Convensia, Incheon, Republic of Korea, 20th October 2013.
[S86] C. J. Mitchell, 'Cyber security: Past, present and future', invited lecture given at the official opening of the Centre for Doctoral Training in Cyber Security, University of Oxford, 4th November 2013.
[S87] W. Li and C. J. Mitchell, 'Vulnerabilities in OAuth-based single sign on systems', invited lecture given at the Future of Identity Workshop, City University, London, 13th/14th November 2014.
[S88] C. J. Mitchell, 'Cyber security capacity building: Digging the foundations for privacy', presentation given at the Data Protection Day event (Databeskyttelsesdagen 2015), Industriens Hus, Copenhagen, Denmark, 28th January 2015.
[S89] C. J. Mitchell, 'Disruptive technologies in cyber security', invited (keynote) lecture given at the Cyber Zone of Security & Policing Exhibition 2015, Farnborough, 10th-12th March 2015. A written-up version of this presentation also exists.
[S90] C. J. Mitchell, 'Addressing user privacy issues in mobile telephony', research seminar given at the University of Malaga, Spain, 22nd April 2015.
[S91] C. J. Mitchell, 'Challenges in standardising cryptography', invited public lecture given during the Workshop on the security of symmetric ciphers in network protocols, ICMS, Edinburgh, 25th-29th May 2015.
[S92] C. J. Mitchell, 'New Work Item Proposal: Privacy enhancing data de-identification techniques', invited contribution to the panel session on Standardisation for privacy engineering at the IPEN Workshop 2015, Leuven, Belgium, 5th June 2015.
[S93] W. Li and C. J. Mitchell, 'Real-world security analyses of OAuth 2.0 and OpenID Connect', research seminar given at University College London, 1st October 2015.
[S94] W. Li and C. J. Mitchell, 'Security issues for Google's implementation of OpenID Connect', invited contribution to the tutorial session on Managing Identity in Cloud and Big Data, at the 10th International Conference on System Safety and Cyber Security, Bristol Marriott Royal Hotel, Bristol, UK, 20th October 2015.
[S95] C. J. Mitchell, 'Challenges in standardising cryptography', invited talk given as part of the the International Cyber Security Workshop and Certificate Program, Istanbul Gelisim University, Istanbul, Turkey, 23rd-27th May 2016.
[S96] C. J. Mitchell, 'Triple DES revisited', invited (keynote) lecture given at the 21st Australasian Conference on Information Security and Privacy (ACISP 2016), Melbourne, Australia, 4th-6th July 2016. [This talk is based largely on [95]].
[S97] W. Li and C. J, Mitchell, 'Does the IdP Mix-Up attack really work?', presentation given at the OAuth Security Workshop 2016, Trier, Germany, 14th/15th July 2016.
[S98] C. J. Mitchell, 'Legacy versus security: A cryptographic dilemma', presentation given at Café Scentifique, Salisbury, 5th June 2018.
[S99] C. J. Mitchell, 'Authentication-as-a-service: Theory versus reality', presentation given at the Huawei Security Technology SAB Summit 2018, Munich, Germany, 24th-26th July 2018.
[S100] C. J. Mitchell, 'ISO/IEC 27018 - Code of practice for PII protection in public clouds acting as PII processors', presentation given at the ISO/IEC JTC 1/SC 27 WG 1 Awareness Workshop: ISO/IEC 27002 - Use and relations with other SC 27 standards, Gjovik, Norway, 3rd October 2018.
[S101] C. J. Mitchell, 'How to make 5G security a reality, presentation given at the 2019 Huawei Security Technology SAB Summit, Munich, 10th July 2019. The briefing material for this talk, in the form of a Q&A, is also available.
[S102] C. J. Mitchell, 'Quantum computing – What will be the real impact on 5G security?', invited (keynote) lecture given at the 15th International Conference on Information Security Practice and Experience (ISPEC 2019), Kuala Lumpur, Malaysia, 26th-28th November 2019.
[S103] C. J. Mitchell, 'Quantum computing – What will be the real impact on 5G security?', seminar given at the National University of Singapore, 29th November 2019.
[S104] C. J. Mitchell, Participated in the Huawei Webinar on Cybersecurity Standards and Testing in Europe, 20th May 2020. The webinar is available on youtube.
[S105] C. J. Mitchell, Chaired panel session on 'Cyber certification and Standards' at the The Cyber Security Summer Hub, 10th/11th June 2020. The panel session I chaired is available on youtube, and all sessions are available here.
[S106] C. J. Mitchell, Participated in the panel session on 'Cyber security standards norms and approach', at WSIS+15 Forum 2020, 7th July 2020. The panel session is available to view here.
[S107] C. J. Mitchell, Failures of security proofs: Examples and recommendations', invited (keynote) lecture given at the 14th International Conference on Provable and Practical Security (ProvSec 2020), Singapore (virtual), 29th November - 1st December 2020. A video of the talk is also available.
[S108] C. J. Mitchell, Failures of security proofs: Examples and recommendations', seminar given at City, University of London, 15th January 2021.
[S109] C. J. Mitchell, Chaired panel session on 'E-commerce and Cyber security', at WSIS Forum 2021, 29th April 2021. The panel session is available to view here.
[S110] C. J. Mitchell, Cyber security: Past, present and future, seminar given to the Royal Holloway Computer Society, 9th November 2021.
[S111] C. J. Mitchell, Cryptography: A brief history and why it is important to cyber security, invited (keynote) talk given at the Elsevier Security Champions Conference, 8th-9th December 2021. A video of the talk is also available.
[S112] C. J. Mitchell, Recent developments in cryptographic standards, presentation given at the ISG Open Day, Royal Holloway, University of London, 5th July 2022.
[S113] A. Alhakim, C. J. Mitchell, J. Szmidt and P. R. Wild, Orientable sequences over nonbinary alphabet'. Abstract of paper to be presented at The 8th International Workshop on Boolean Functions and their Applications (BFA), 3-8 September, 2023, Fleischer’s Hotel, Voss, Norway.
[S114] C. J. Mitchell, Gave a general presentation in cyber security at the Inspire Surrey Teacher Webinar on Cyber Security, 23rd January 2024. The webinar is available to view here.
[J1] C. J. Mitchell, 'OSI and X.400 security', Telecommunications 24 no. 5 (May 1990) pp.49-54.
[J2] C. J. Mitchell, 'Kerckhoffs' principles', Information Security Management, 1 no. 2 (February 2002) p.35.
[J3] C. J. Mitchell, 'Long-term secrecy', Information Security Management, 1 no. 3 (March 2002) p.25.
[J4] C. J. Mitchell, 'The road ahead', Information Security Management, 1 no. 4 (April 2002) p.19.
[J5] C. J. Mitchell, 'The dangers of encryption', Information Security Management, 1 no. 5 (May 2002) p.27.
[J6] E. Humphreys, M. De Soete and C. J. Mitchell, 'Signing e-business' (pdf), ISO Bulletin, 1 no. 1 (January 2004) pp.30-32.
[J7] C. J. Mitchell, 'Choosing algorithms to standardise', Hakin9, Public Key Cryptostructure e-book 1/2012, 2012, pp.18-27. [See also: Department of Mathematics, Royal Holloway, University of London Technical Report RHUL-MA-2012-14, June 2012, 18 pages].
[A1] C. J. Mitchell and P. W. Halliden, 'Card transaction verification', UK patent application GB 20708410 A, filed 19th June 1980.
[A2] A. D. Marshall, C. J. Mitchell and G. J. Proudler, 'Secure Messaging Systems', U.S. Patent No. 4866707, 12th September 1989 (US Patent Application No. 07/162724, filed 1st March 1988); UK Patent Application No. 8704882 (filed 3rd March 1987); European Patent Application No. 88300365.9 (filed 18th January 1988); Japanese Patent Application No. 63-50528 (filed 3rd March 1988).
[A3] A. D. Marshall, C. J. Mitchell and G. J. Proudler, 'Secure Messaging Systems', U.S. Patent No. 4888800, 19th December 1989 (U.S. Patent Application No. 07/162706, filed 1st March 1988); UK Patent Application No. 8704920 (filed 3rd March 1987); European Patent Application No. 88300366.7 (filed 18th January 1988); Japanese Patent Application No. 63-50530 (filed 3rd March 1988).
[A4] A. D. Marshall, C. J. Mitchell and G. J. Proudler, 'Secure Information Storage', UK Patent Application No. 8704883 (filed 3rd March 1987); European Patent Application No. 88300367.5 (filed 18th January 1988); Japanese Patent Application No. 63-50529 (filed 3rd March 1988); U.S. Patent Application No. 07/162725 (filed 1st March 1988).
[A5] C. J. Mitchell, 'Authentication of a remote user to a host in a data communication system', UK patent application filed 3rd November 2001.
[A6] H. Al-Sinani and C. J. Mitchell, 'Method and apparatus for enabling authorised users to access computer resources', UK patent application GB1115866.4, filed 14th September 2011.
Page most recently updated on 7/3/24. Please send all comments and corrections to C.Mitchell@rhul.ac.uk