Publications
- Emil Sit, Kevin Fu. "Web
Cookies: Not Just a Privacy Risk," Communications of the
ACM, volume 44, issue 9, September 2001. [HTML]
- USENIX Security Symposium presentation, August 16, 2001.
[PS.gz,
PDF]
- Kevin Fu, Emil Sit, Kendra Smith, and Nick Feamster.
"Dos and Don'ts of Client Authentication on the Web,"
MIT Tech Report 818, May 2001. [revised September 7, 2001]
[abstract,
PS,
PDF]
- Kevin Fu, Emil Sit, Kendra Smith, and Nick Feamster.
"Dos and Don'ts of Client Authentication on the Web,"
in Proceedings of the 10th USENIX Security Symposium,
Washington, D.C., August 2001.
[abstract,
PS,
HTML,
PDF]
[An extended version appears in tech report 818]
- The fasterlogin.pl script
would create valid authenticators to login as any WSJ user.
- The cryptquery.pl script
would determine the WSJ server's secret key with an adaptive
chosen plaintext attack.
- Kooky Authentication Scheme v0.1a.
Our Web authentication source code and benchmarking tools
[Home]
[Publications]
[Cookie encyclopedia]
[Mailing list]
[FAQ]
[Contact us]