Faculty Publications - David Wagner

Books

• B. Schneier, J. Kelsey, D. Whiting, D. Wagner, C. Hall, and N. Ferguson, The Twofish Encryption Algorithm: A 128-Bit Block Cipher, New York: J. Wiley, 1999.
• D. L. Oppenheimer, D. Wagner, and M. D. Crabb, System Security: A Management Perspective, Short Topics in System Administration, Vol. 3, Berkeley, CA: USENIX Association, 1997.

Book chapters or sections

• M. Johnson, D. Wagner, and K. Ramchandran, "On compressing encrypted data without the encryption key," in Theory of Cryptography: Proc. 1st Theory of Cryptography Conf. (TCC 2004), M. Naor, Ed., Lecture Notes in Computer Science, Vol. 2951, Berlin, Germany: Springer-Verlag, 2004, pp. 491-504.
• S. Crosby, I. Goldberg, R. Johnson, D. Song, and D. Wagner, "A cryptanalysis of the High-Bandwidth Digital Content Protection system," in Security and Privacy in Digital Right Management: Proc. Workshop 2001 Workshop on Security and Privacy in Digital Rights Management, Revised Papers, T. Sander, Ed., Lecture Notes in Computer Science, Vol. 2320, Berlin, Germany: Springer-Verlag, 2002, pp. 159-182.

Articles in journals or magazines

• R. C., W. Phan, and D. Wagner, "Security considerations for incremental hash functions based on pair block chaining," Computers & Security, Jan. 2006.

Articles in conference proceedings

• C. Karlof, J. Tygar, D. Wagner, and U. Shankar, "Dynamic Pharming Attacks and Locked Same-origin Policies for Web Browsers," in ACM CCS 2007, 2007.
• K. Chen and D. Wagner, "Large-Scale Analysis of Format String Vulnerabilities in Debian Linux," in ACM SIGPLAN Workshop on Programming Languages and Analysis for Security (PLAS 2007), 2007.
• P. Golle and D. Wagner, "Cryptanalysis of a Cognitive Authentication Scheme (Extended Abstract)," in IEEE Security & Privacy 2007, 2007.
• N. Hopper, D. Molnar, and D. Wagner, "From Weak to Strong Watermarking," in TCC 2007, 2007.
• K. Yee, D. Wagner, M. Hearst, and S. M. Bellovin, "Prerendered User Interfaces for Higher-Assurance Electronic Voting," in USENIX/ACCURATE Electronic Voting Technology Workshop, 2006.
• N. Sastry, T. Kohno, and D. Wagner, "Designing voting machines for verification," in Usenix Security 2006, 2006.
• A. Cordero, D. Wagner, and D. Dill, "The Role of Dice in Election Audits -- Extended Abstract," in IAVoSS Workshop On Trustworthy Elections (WOTE 2006), 2006.
• D. Wagner and U. Shankar, "Preventing Secret Leakage from fork(): Securing Privilege-Separated Applications," in Network Security and Information Assurance Symposium, 2006.
• D. Molnar, T. Kohno, N. Sastry, and D. Wagner, "Tamper-Evident, History-Independent, Subliminal-Free Data Structures on PROM Storage -or- How to Store Ballots on a Voting Machine (Extended Abstract)," in 2006 IEEE Symposium on Security and Privacy, 2006.
• C. Crutchfield, D. Molnar, D. Turner, and D. Wagner, "Generic On-line/Off-line Threshold Signatures," in Public Key Cryptography (PKC) 2006, 2006.
• B. Schwarz, H. Chen, D. Wagner, G. Morrison, J. West, J. Lin, and W. Tu, "Model checking an entire Linux distribution for security violations," in Proc. 21st Annual Computer Security Applications Conf., Los Alamitos, CA: IEEE Computer Society, 2005, pp. 13-22.
• A. Juels, D. Molnar, and D. Wagner, "Security and privacy issues in e-passports," in Proc. 1st Intl. Conf. on Security and Privacy for Emerging Areas in Communications Networks, Los Alamitos, CA: IEEE Computer Society, 2005, pp. 74-85.
• H. Chen, D. Wagner, and D. Dean, "Setuid demystified," in Proc. 11th USENIX Security Symp., Berkeley, CA: USENIX Association, 2002, pp. 171-190.
• N. Borisov, I. Goldberg, and D. Wagner, "Intercepting mobile communications: The insecurity of 802.11," in Proc. 7th Annual Intl. Conf. on Mobile Computing and Networking, New York, NY: ACM Press, 2001, pp. 180-189.
• D. Wagner, J. S. Foster, E. Brewer, and A. Aiken, "A first step towards automated detection of buffer overrun vulnerabilities," in Proc. Network and Distributed System Security Symp., Reston, VA: Internet Society, 2000, pp. 15 pp..

Technical Reports

• C. K. Karlof, U. Shankar, D. Tygar, and D. Wagner, "Dynamic pharming attacks and the locked same-origin policies for web browsers," EECS Department, University of California, Berkeley, Tech. Rep. UCB/EECS-2007-52, May 2007.
• C. K. Karlof, U. Shankar, D. Tygar, and D. Wagner, "Locked cookies: Web authentication security against phishing, pharming, and active attacks," EECS Department, University of California, Berkeley, Tech. Rep. UCB/EECS-2007-25, Feb. 2007.
• D. A. Molnar and D. Wagner, "Catchconv: Symbolic execution and run-time type inference for integer conversion errors," EECS Department, University of California, Berkeley, Tech. Rep. UCB/EECS-2007-23, Feb. 2007.
• K. Yee, D. Wagner, M. Hearst, and S. Bellovin, "Prerendered User Interfaces for Higher-Assurance Electronic Voting," EECS Department, University of California, Berkeley, Tech. Rep. UCB/EECS-2006-35, April 2006.
• A. M. Mettler and D. Wagner, "The Joe-E Language Specification (draft)," EECS Department, University of California, Berkeley, Tech. Rep. UCB/EECS-2006-26, March 2006.
• J. D. Waddle and D. A. Wagner, "Fault Attacks on Dual-Rail Encoded Systems," EECS Department, University of California, Berkeley, Tech. Rep. UCB/CSD-04-1347, Aug. 2004.
• R. Johnson and D. Wagner, "Finding User/Kernel Pointer Bugs With Type Inference," EECS Department, University of California, Berkeley, Tech. Rep. UCB/CSD-04-1308, March 2004.
• N. Sastry, U. Shankar, and D. Wagner, "Secure Verification of Location Claims," EECS Department, University of California, Berkeley, Tech. Rep. UCB/CSD-03-1245, 2003.
• C. Karlof and D. Wagner, "Hidden Markov Model Cryptanalysis," EECS Department, University of California, Berkeley, Tech. Rep. UCB/CSD-03-1244, 2003.
• H. Chen and D. A. Wagner, "MOPS: an Infrastructure for Examining Security Properties of Software," EECS Department, University of California, Berkeley, Tech. Rep. UCB/CSD-02-1197, Sep. 2002.
• D. A. Wagner, "Janus: an Approach for Confinement of Untrusted Applications," EECS Department, University of California, Berkeley, Tech. Rep. UCB/CSD-99-1056, 1999.

Unpublished articles

• J. A. Calandrino, A. J. Feldman, A. Halderman, D. Wagner, H. Yu, and W. P. Zeller, "Source Code Review of the Diebold Voting System," July 2007.
• A. Yasinsac, D. Wagner, M. Bishop, T. Baker, B. de Medeiros, G. Tyson, M. Shamos, and M. Burmester, "Software Review and Security Analysis of the ES&S iVotronic 8.0.1.2 Voting Machine Firmware," Feb. 2007.
• P. Hawthorne, B. Simons, C. Clifton, D. Wagner, S. Bellovin, R. Wright, A. Rosenthal, R. Spencer Poore, L. Coney, R. Gellman, and H. Hochheiser, "Statewide Databases of Registered Voters: Study Of Accuracy, Privacy, Usability, Security, and Reliability Issues," Feb. 2006.
• D. Wagner, D. Jefferson, M. Bishop, C. Karlof, and N. Sastry, "Security Analysis of the Diebold AccuBasic Interpreter," Feb. 2006.