Matthew Blaze
`
`e-mail: mab@mattblaze.org
`
`2202 18th St NW #427
`Washington, DC 20009
`
`Research Interests
`
`Computer and Network Security, Cryptographic Protocols, Applications of Cryptography,
`Secure Hardware, Privacy, Surveillance, Public Policy.
`
`Education
`
`Princeton University, Ph.D., Computer Science, January 1993.
`Thesis: Caching in Large-Scale Distributed File Systems
`
`Princeton University, M.A., Computer Science, June 1989.
`
`Columbia University, M.S., Computer Science, May 1988.
`
`City University of New York (CUNY Baccalaureate / Hunter College) B.S., Summa Cum
`Laude, January 1986.
`
`Professional Experience
`
`Georgetown University, Washington, DC. January 2019 – Present. Professor and Robert L.
`McDevitt, K.S.G., K.C.H.S. and Catherine H. McDevitt L.C.H.S. Chair in Computer Science
`and Law. Conduct interdisciplinary research and graduate and undergraduate teaching across
`the computer science department and law school.
`
`University of Pennsylvania, Philadelphia, PA. January, 2004 – December, 2018. Professor
`(previously Associate Professor) of Computer and Information Science. Conducted research
`and graduate and undergraduate teaching.
`
`AT&T Bell Laboratories / AT&T Research, NJ. September 1992 – December 2003. Research
`Consultant / Distinguished Member of Technical Staff. Conducted research in cryptology and
`security, with emphasis on systems and architectural aspects of security and trust in large-
`scale computing and communication systems. Conceived of, initiated, and was first member
`of Secure Systems Research Department, which has grown to include eight researchers. Served
`as technical advisor to AT&T management and various government and legislative offices on
`cryptology and network security policy.
`
`University of Pennsylvania, Philadelphia, PA. June 1998 – December 2003. Adjunct Associate
`Professor of Computer and Information Sciences. Conducted graduate courses in security and
`cryptography; thesis advisor for PhD students.
`
`Columbia University, New York, NY. January 1994 – May 1997. Adjunct Faculty in Com-
`puter Science. Conducted graduate courses in secure systems and computer networking.
`
`Bellcore, Morristown, NJ. July 1986 – September 1988. Summer Member of Technical Staff
`and Consultant.
`
`BlackBerry Corporation Exhibit 1003, pg. 1
`
`

`

`Hunter College, New York, NY. February 1986 – June 1988. Adjunct Lecturer of Computer
`Science.
`
`Recent Professional Distinctions and Government Service
`
`Chairman, Board of Directors. The Tor Project.
`
`Written and Oral Testimony on Electronic Voting Risks and Vulnerabilities. Committee on
`Government Reform, US House of Representatives. November 2017.
`
`Invited Witness, Study Committee on the Future of Voting. National Academies of Science,
`Engineering, and Medicine. October 2017.
`
`Invited lecture, “Encryption, Law Enforcement and National Security”. US Naval Academy.
`October 2017.
`
`Invited Witness. Study Committee on Law Enforcement and Intelligence Access to Plaintext
`Information. National Academies of Science, Engineering and Medicine. November 2016.
`
`Invited Witness. Workshop on Encryption and Mechanisms for Authorized Government
`Access to Plaintext. National Academies of Science, Engineering and Medicine. June 2016.
`
`Gave written and oral testimony before the Committee on Energy and Commerce, US House
`of Representatives, April, 2016.
`
`Petitioned for and Granted DMCA exemption to permit software security research, US Copy-
`right Office, Library of Congress, 2015.
`
`Gave written and oral testimony before the Committee on Government Reform, US House of
`Representatives. April 2015.
`
`Special consultant to the US Federal Trade Commission. 2014-present.
`
`Gave written and oral testimony before the Committee on the Judiciary, US House of Rep-
`resentatives. April 2013.
`
`Gave written testimony before the Committee on the Judiciary, U.S. Senate. July, 2011.
`
`Gave written and oral testimony before the Subcommittee on the Constitution, Civil Rights
`and Civil Liberties, Committee on the Judiciary, U.S. House of Representatives. June, 2010.
`
`Steering Committee, USENIX Security conference. 2012-present.
`
`Board of Directors, USENIX Association, 2004-2012.
`
`Review Team Leader, Ohio Review of ES&S Voting system, 2007-2008.
`
`Review Team Leader, California “Top to Bottom Review” of Sequoia Voting System source
`code, 2007.
`
`Panel member, National Academy of Sciences / National Research Council study on the FBI
`Trilogy system, 2003-2004.
`
`Recent Media
`
`Featured Guest. WHYY Radio Times. September 2017.
`
`Featured Guest. WHYY Radio Times. March 2017.
`
`BlackBerry Corporation Exhibit 1003, pg. 2
`
`

`

`Featured Guest. WHYY Radio Times. October 2016.
`
`Featured on Last Week Tonight with John Oliver, March 2016.
`
`Profiled in Politico (“The Crypto Warrior”), December 2015.
`
`Named and profiled among 2015 “Internet Heroes” by Daily Dot.
`
`Featured Guest. Science Friday. Public Radio International. November 2015.
`
`Quoted and used as source on computer security and policy by numerous publications, in-
`cluding the New York Times, Washington Post, The Economist, etc.
`
`Current and Recent External Research Funding
`
`LASSES (DARPA). ”Leveraging Anomalous System Signals to Enable Security”. DARPA
`LADS. PI. $1,515,643. 2016-2020.
`
`SAFER (DARPA). ”Selectable Anonymity for enabling SAFER Telecommunications (SAFEST)”.
`$3,531,898. Co-PI (w/ J. Smith); joint with Georgetown. 2010-2014
`
`TRUST (Google/Motorola). ”Trust Anchor”. Google/Motorola Multi-University Research
`Agreement. (PI) $380,000. 2014.
`
`TELECOM (NSF). ”Security Services in Open Telecom Networks”. (Penn PI, with Patrick
`McDaniel at Penn State). CNS-0905434. ˜$500,000. 2009-2013.
`
`QTM (ONR). ”Foundational and Systems Support for Quantitative Trust Management.”
`ONR MURI. $3,831,157. Senior Personnel (PI: S. Kannan). 2007-2012.
`
`A3 (NSF). ”Application-aware Anonymity for the Masses (A3)”. NSF Cybertrust. (CNS-
`0831376). (Co-PI w/ B. Loo). $400,000. 2008-2011.
`
`ISOTROPIC (NSF). ”Isotropic Cryptography). NSF Cybertrust (CNS-0627579). (PI). $300,000.
`2006-2009.
`
`TNEC (NSF). ”Trustworthy Network Eavesdropping and Countermeasures. NSF Cybertrust
`(CNS-0524047). (PI). $425,000. 2005-2009.
`
`Recent PhD Advisees and Graduates
`
`Saender Clark (PhD, 2017). Now at Apple. (Funded under TRUST and SAFER.)
`
`Adam Aviv (PhD, 2012). Now Assistant Professor, US Naval Academy. (Funded under QTM
`and A3).
`
`Micah Sherr (PhD, 2009). Now Associate Professor, Georgetown. (Funded under ISOTROPIC,
`TNEC and A3.)
`
`Gaurav Shah (PhD, 2009). Now at Google. (Funded under ISOTROPIC and TNEC).
`
`Vineetha Paruchuri (Admitted 2017). (Funded under LASSES.)
`
`Eric Cronin (Currently on leave). Now at NSA (Funded under ISOTROPIC and TNEC).
`
`Perry Metzger (Currently on leave). Consultant. (Funded under TELECOM and TRUST).
`
`BlackBerry Corporation Exhibit 1003, pg. 3
`
`

`

`Patents
`
`1. Matthew A. Blaze, John Ioannidis, Angelos Keromytis. “Microbilling using a trust
`management system.” US Patent No. 7,650,313 (Jan. 19, 2010).
`
`2. Matthew A. Blaze, John Ioannidis, Angelos Keromytis. “System and method for micro-
`billing using a trust management system.” US Patent No. 6,789,068 (Sept. 7, 2004).
`
`3. Matthew A. Blaze, Joan Feigenbaum, Martin Strauss. “Method and apparatus for
`compliance checking in a trust management system.” US Patent No. 6,256,734 (July 3,
`2001).
`
`4. Matthew A. Blaze. “ System and method for constructing block ciphers.” US Patent
`No. 6,005,944 (Dec. 21, 1999).
`
`5. Matthew A. Blaze, “System and method for constructing a cryptographic pseudo random
`bit generator.” US Patent No. 5,909,494 (June 1, 1999).
`
`6. Matthew A. Blaze. “Escrow key management system for accessing encrypted data with
`portable cryptographic modules.” US Patent No. 5,721,777 (Feb. 24, 1998).
`
`7. Matthew A. Blaze. “High-bandwidth encryption system with low-bandwidth crypto-
`graphic modules.” US Patent No. 5,696,823 (Dec. 9, 1997).
`
`8. Matthew A. Blaze. “Translation indicator for database-queried communications ser-
`vices.” US Patent No. 5,574,781 (Nov. 12, 1996).
`
`Selected Written Testimony, Op-eds, and Special Reports
`
`1. Blaze, M. Cybersecurity of Voting Systems. Written and Oral Testimony, Committee on
`Government Reform, US House of Representatives. November 29, 2017.
`
`2. Blaze, M. Deciphering the Debate over Encryption. Written and oral testimony before
`the Committee on Energy and Commerce, US House of Representatives. April 19, 2016.
`
`3. Blaze, M. Bolstering Computer Security is Vital. In Room for Debate, The New York
`Time. March 30, 2016.
`
`4. Blaze, M. A Key Under the Doormat Isn’t Safe. The Washington Post. December 15,
`2015.
`
`5. Blaze, M. Software Design Mandates and Backdoors. Written and oral testimony before
`the Committee on Government Reform, US House of Representatives April 2015.
`
`6. Blaze, M. NSA Revelations: the Middle Ground. The Guardian. January 6 2014.
`
`7. Blaze, M. How Worried Should We Be About NSA-RSA Scheming? Wired. December
`27, 2013.
`
`8. Blaze, M. The NSA is Just Collecting Metadata (And You Should Still Worry). Wired.
`June 19, 2013.
`
`9. Adida, et al. CALEA II: Risks of Wiretap Modifications to Endpoints. CDT Report.
`May 2013.
`
`BlackBerry Corporation Exhibit 1003, pg. 4
`
`

`

`10. Blaze, M. and Landau, S. The FBI Needs Hackers, Not Backdoors. Wired. January 14,
`2013.
`
`11. Blaze, M. ECPA Reform and Geolocation.. Written and oral testimony before the Com-
`mittee on the Judiciary, US House of Representatives. April 2013.
`
`12. Blaze, M. Embarrassing the Wrong People. Wired. November 27, 2012.
`
`13. Blaze, M. Location-Based Technologies. Written testimony before the Committee on the
`Judiciary, U.S. Senate. July, 2011.
`
`14. Blaze, M. ECPA Reform and the Revolution in Location-Based Technologies and Ser-
`vices. Written and oral testimony before the Subcommittee on the Constitution, Civil
`Rights and Civil Liberties, Committee on the Judiciary, U.S. House of Representatives.
`June 24, 2010.
`
`15. McDaniel, P., Blaze, M. and Vigna, G. (Team Leads) et al. EVEREST: Evaluation
`and Validation of Election-Related Equipment, Standards and Testing. State of Ohio
`Secretary of State. December 2007.
`
`16. Blaze, M. et al Source Code Review of the Sequoia Voting System. California Secretary
`of State. July 2007.
`
`17. J. McGroddy and H. Lin (eds). A Review of the FBI’s Trilogy Information Technology
`Modernization Program. National Research Council. National Academies Press. 2004.
`
`18. Blaze, M. (ed). Proceedings, USENIX Security 2004. USENIX 2004.
`
`19. Blaze, M. (ed). Proceedings, Financial Cryptography 2002.. LNCS 2357, 2003.
`
`20. Blaze, M., Feigenbaum, J., Ioannidis, J., and Keromytis, A. “The Role of Trust Man-
`agement in Distributed Systems Security.” Chapter in Secure Internet Programming:
`Security Issues for Mobile and Distributed Objects. (Vitek and Jensen, eds.) Springer-
`Verlag, 1999.
`
`21. Blaze, M. “Cryptography is not Security.” Appeared as “Afterward” in Schneier, B.
`Applied Cryptography, 2/e. Wiley, 1996.
`
`22. Blaze, M. “Protocol Failure in the Escrowed Encryption Standard.” In Building in Big
`Brother. L. Hoffman, ed. Springer, 1995..
`
`BlackBerry Corporation Exhibit 1003, pg. 5
`
`

`

`Journal Articles
`
`1. Bellovin, S., Blaze, M., Landau, S. and Pell, S. “It’s Too Complicated: How the Internet
`Upends Katz, Smith, and Electronic Surveillance Law” Harvard Journal of Law and
`Technology. Vol 30, No 1. Fall, 2016.
`
`2. Bellovin, S., Blaze, M. and Landau, S. “Insecure Surveillance: Technical Issues with
`Remote Computer Searches.” IEEE Computer. March, 2016.
`
`3. Abelson, H., Anderson, R., Bellovin, S., Benaloh, J., Blaze, M., Diffie, W., Gilmore, J.
`Green, M., Landau, S., Neumann, P., Rivest, R., Schiller, J., Schneier, B., Specter, M.,
`Weitzner, D. “Keys Under Doormats.” J. Cybersecurity. November, 2015.
`
`4. Abelson, H., Anderson, R., Bellovin, S., Benaloh, J., Blaze, M., Diffie, W., Gilmore, J.
`Green, M., Landau, S., Neumann, P., Rivest, R., Schiller, J., Schneier, B., Specter, M.,
`Weitzner, D. “Inside Risks: Cryptographic Backdoors.” CACM. October, 2015.
`
`5. Aviv, A., Sherr, M., Blaze, M., Smith, J. “Privacy-Aware Message Exchanges for Hu-
`maNets.” Computer Communication. June 2014.
`
`6. Sherr, M., Gill, H., Saeed, T., Mao, A., Marczak, W., Zhou, W., Loo, B., and Blaze,
`M.. “The Design and Implementation of the A3 Application-Aware Anonymity System.”
`Computer Networks. Feb. 2014.
`
`7. Bellovin, S., Blaze, M. Clark, S., Landau, S. “Lawful Hacking: Using Existing Vulnerabil-
`ities for Wiretapping on the Internet.”. Northwestern University Journal of Technology
`and Intellectual Property. Vol 12, Issue 1. February 2014.
`
`8. Bellovin, S., Blaze, M. Clark, S., Landau, S. “Going Bright: Wiretapping Without
`Weakening Infrastructure.” IEEE Security and Privacy. Jan/Feb 2013.
`
`9. Blaze. M. Ioannidis, J., Kermomytis, A., Malkin, T., and Rubin, A. Anonymity in
`Wireless Broadcast Networks. International Journal of Network Security (IJNS), vol.
`8, no. 1, pp. 37 - 51, January 2009.
`
`10. Blaze, M., Kannan, S., Lee I., Sokolsky, O., Smith, J., Keromytis, A. and Lee, W.
`“Dynamic Trust Management.” IEEE Computer. vol. 42, no. 2, pp. 44 - 52, February
`2009.
`
`11. Bellovin, S., Blaze, M., Diffie, W., Landau S., Neumann, P., and Rexford, J. Risking
`Communications Security: Potential Hazards of the Protect America Act. IEEE Security
`and Privacy. Vol. 6, No. 1, January/February 2008. pp. 24-33.
`
`12. Cronin, E., Sherr, M. and Blaze, M. “On the Reliability of Current Generation Network
`Eavesdropping Tools.” International Journal of Security and Networks. 3(2):103-113,
`2008.
`
`13. Bellovin, S., Blaze, M., Diffie, W., Landau S., Neumann, P., and Rexford, J. Internal
`Surveillance, External Risks. Communications of the ACM. Vol. 50, No. 12, December
`2007, Inside Risks.
`
`14. Sherr, M., Cronin, E., Clark, S. and Blaze, M. “Signaling vulnerabilities in wiretapping
`systems.” IEEE Security and Privacy. November/December 2005.
`
`BlackBerry Corporation Exhibit 1003, pg. 6
`
`

`

`15. Aiello, W., Bellovin, S.M., Blaze, M., Canetti, R., Ioannidis, J., Keromytis, A., and
`Reingold, O. “Just Fast Keying: Secure Key Exchange for a Hostile Internet.” ACM
`Transactions on Information and System Security (TISSEC). Vol 7. no 2, pp. 1 - 32,
`May 2004. (Special invited submission from CCS 2002 paper.)
`
`16. Blaze, M. “Cryptology and Physical Security: Rights Amplification in Master-Keyed
`Mechanical Locks.” IEEE Security and Privacy. March-April 2003.
`
`17. Blaze, M., Ioannidis, J, Keromytis, A. “Trust Management for IPsec.” ACM Transac-
`tions on Information and System Security (TISSEC). vol. 5, no. 2, pp. 1 - 24, May
`2002. (Special invited submission from NDSS 2001 paper.)
`
`18. Blaze, M. and Bellovin, S.M. “Tapping, Tapping on my Network Door.” Inside Risks
`124, CACM. October 2000.
`
`19. Abelson, H., Anderson, R., Bellovin, S., Benaloh, J., Blaze, M., Diffie, W., Gilmore, J.,
`Neumann, P., Rivest, R., Schiller, J., and Schneier, B. “The Risks of Key Recovery, Key
`Escrow and Trusted Third Party Encryption.” CDT Policy Paper. May 1997. (report
`editor). Appeared in World Wide Web Journal (1997).
`
`20. Blaze, M., Feigenbaum, J., Resnick, P., and Strauss, M. “Managing Trust in an Information-
`Labeling System.” European Transactions on Telecommunications 8 (1997). (Special
`issue of selected papers from the 1996 Amalfi Conference on Secure Communication in
`Networks.)
`
`21. Feigenbaum, J., Rudich, S., Blaze, M., and McCurley, K. “Security and Privacy in the
`Information Economy.” Proceedings of the National Academy of Sciences, 94 (1997),
`pp. 2789-2792.
`
`22. Blaze, M., Lacy, J., London, T.B., and Reiter, M. “Issues and Mechanisms for Trust-
`worthy Systems: Creating Transparent Mistrust.” AT&T Tech. J. September/October
`1994.
`
`23. Robinson, V.B., Frank, A., and Blaze, M. “Expert Systems and Geographic Information
`Systems.” J. Surveying Engineering. October 1986.
`
`BlackBerry Corporation Exhibit 1003, pg. 7
`
`

`

`Refereed Conference and Refereed Workshop Publications
`
`1. Bellovin, S., Blaze, M., Landau, S. and Pell, S. “It’s Complicated: Separating Metadata
`from Content in Modern Communications Systems.” Privacy Law Scholars Conference.
`May 2015.
`2. S. Clark, M. Collis, M. Blaze and J. Smith. Smearing Fingerprints: Changing the Game
`of Web Tracking with Differential Privacy. Security Protocols Workshop (SPW). April
`2015.
`3. S. Clark, M. Collis, M. Blaze and J. Smith. Moving Targets: Security and Rapid Release
`in Firefox. ACM CCS 2014. November 2014.
`4. A. Aviv, B. Sapp, M. Blaze and J. Smith. Practicality of Accelerometer Side Channels
`on Smartphones. ACSAC 2012. December 2012.
`5. A. Aviv, M. Sherr, M. Blaze and J. Smith. Privacy-Aware Message Exchanges for
`Geographically-Routed Human Movement Networks. ESORICS 2012. September 2012.
`6. S. Clark, C. Wacek, M. Blaze, B. Loo, M. Sherr, C. Shields, J. Smith. Collaborative
`Red Teaming for Anonymity System Evaluation. CSET 2012. August 2012.
`7. S. Clark, M. Blaze and J. Smith,.The Casino and the OODA Loop: Why our protocols
`always fail. Security Protocols 2012. April 2012. (Winner of Rodger Needham memorial
`best paper award).
`8. M. Blaze. Key Escrow from a Safe Distance. ACSAC 2011. (Special invited ”Classic
`Paper Retrospective” submission.)
`9. S. Clark, T. Goodspeed. P. Metzger, Z Wasserman, Kevin Xu, and M. Blaze. Why
`(Special Agent) Johnny (Still) Can’t Encrypt: A Security Analysis of the APCO P25
`Two-Way Radio System. Usenix Security 2011. San Francisco. August 2011. (Winner
`of ”Outstanding Paper” award.)
`10. S. Clark, T. Goodspeed, P. Metzger, and M. Blaze. One-Way Cryptography. Security
`Protocols Workshop (SPW ’11). Cambridge, UK. April 2011.
`11. S. Clark. S. Frei, M. Blaze and J. Smith. Familiarity Breeds Contempt: The Honeymoon
`Effect and the Role of Legacy Code in Zero-Day Vulnerabilities. ACSAC 2010. Austin,
`TX. December 2010.
`12. A. Aviv, M. Sherr, M. Blaze, and J. Smith. Evading Cellular Data Monitoring with
`Human Movement Networks. 5th Usenix Workshop on Hot Topics in Security (Hotsec
`2010). Washington, DC. August 2010.
`13. A. Aviv, K. Gibson, E. Mossop, M. Blaze, and J. Smith. Smudge Attacks on Smart-
`phone Touch Screens. 4th Usenix Workshop on Offensive Technology (WOOT 2010).
`Washington, DC. August 2010.
`Is There a Honeymoon Effect for Protocols? Security
`14. S. Clark, M. Blaze, J. Smith.
`Protocols Workshop (SPW ’10). Cambridge, UK. April 2010.
`15. M. Sherr, A. Mao, W. Marczak, W. Zhou, M. Blaze, B. Loo. A3: An Extensible Plat-
`form for Application-Aware Anonymity. 17th Network and Distributed Systems Security
`Symposium (NDSS). San Diego. February 2010.
`
`BlackBerry Corporation Exhibit 1003, pg. 8
`
`

`

`16. M. Sherr, G. Shah, E. Cronin, S. Clark and M. Blaze. Can They Hear Me Now? A
`Security Analysis of Law-Enforcement Wiretaps. 16th ACM Conference on Computer
`and Communications Security (CCS). Chicago. November 2009.
`
`17. M. Sherr and M. Blaze. Application Containers without Virtual Machines. 2nd Work-
`shop on Virtual Machine Security (VMSec). Chicago. November 2009.
`
`18. G. Shah and M. Blaze. Covert Channels through External Interference. 3rd USENIX
`Workshop on Offensive Technology (WOOT 2009). Montreal. August 2009.
`
`19. M. Sherr, M. Blaze, B. Loo. Scalable Link-Based Relay Selection for Anonymous Rout-
`ing. 9th Privacy Enhancing Technologies Symposium (PETS 2009). August 2009.
`
`20. M. Sherr, M. Blaze, B. Loo. Veracity: Practical Secure Network Coordinates via Vote-
`Based Agreements. USENIX Annual Technical Conference. San Diego. June 2009.
`
`21. A. West, A. Aviv, J. Chang, V. Prabhu, M. Blaze, S. Kannan, I. Lee, J. Smith, O.
`Sokolsky. QuanTM: A Quantified Trust Management System. Proc. EuroSec 09. pp
`28-35. Nuremburg, Germany.
`
`22. Aviv, A., et al. Security Evaluation of the ES&S Voting Machines and Election Man-
`agement System. Third USENIX/ACCURATE Electronic Voting Technology Workshop
`(EVT ’08). August 2008.
`
`23. Sherr, M., Loo, B., and Blaze, M. Veracity: A Fully Decentralized Service for Securing
`Network Coordinate Systems. 7th International Workshop on Peer-to-Peer Systems
`(IPTPS 2008). February 2008.
`
`24. Sherr, M., Loo, B., and Blaze, M. Towards Application-Aware Anonymous Routing.
`Second Workshop on Hot Topics in Security (HotSec07). August 2007.
`
`25. Sherr, M. Cronin, E. and Blaze, M. Measurable Security through Isotropic Channels.
`15th Security Protocols Workshop. April 2007 (LNCS).
`
`26. Shah, G., Molina, A., and Blaze, M. “Keyboards and Covert Channels.” USENIX
`Security 2006. Vancouver, BC. August 2006. (awarded best student paper.)
`
`27. Anand, M, Cronin, E., Sherr, M., Blaze, M. and Ives, Z. “Sensor Network Security:
`More Interesting Than You Think.” HotSec 2006. Vancouver, BC. August 2006.
`
`28. Cronin, E., Sherr, M., and Blaze, M. “Toward Compose-able Security Metrics.” Proc.
`2006 Security Protocols Workshop. Cambridge 2006.
`
`29. Cronin, E., Sherr, M. and Blaze, M. “On the Reliability of Current Generation Net-
`work Eavesdropping Tools.” Second Annual IFIP WG 11.9 International Conference on
`Digital Forensics, Orlando, Florida. January 2006. (Selected for invited submission for
`International Journal of Security and Networks, special issue on Network Forensics.)
`
`30. Cronin, E., Sherr, M., and Blaze, M. “Listen too closely and you will be confused.” Proc.
`2005 Security Protocols Workshop. Cambridge 2005 (LNCS).
`
`31. Blaze, M. “Toward a broader view of security protocols.” 12th Cambridge Security
`Protocols Workshop. April, 2004 (LNCS).
`
`BlackBerry Corporation Exhibit 1003, pg. 9
`
`

`

`32. Blaze, M., Ioannidis, J., Ioannidis, S., Keromytis A., Nikander P., and Prevelakis, V.
`“TAPI: Transactions for Accessing Public Infrastructure.” Proceedings of the 8th IFIP
`Personal Wireless Communications (PWC) Conference. pp. 90 - 100. Venice, Italy.
`September 2003.
`
`33. Blaze, M., Ioannidis, J., and Keromytis, A. “Experience with the KeyNote Trust Man-
`agement System: Applications and Future Directions.” Proc. 1st International Confer-
`ence on Trust Management. pp. 284 - 300. Heraclion, Greece. May 2003.
`
`34. Aiello, W., Bellovin, S.M., Blaze, M., Canetti, R., Ioannidis, J., Keromytis, A., and
`Reingold, O. “Efficient, DoS-Resistant, Secure Key Exchange for Internet Protocols.”
`Proc. 9th ACM International Conference on Computer and Communications Security
`(CCS). pp. 48 - 58. Washington, DC. November 2002.
`
`35. Bellovin, S.M., Blaze, M., Ioannidis, J., and Keromytis, A. “JFK: Efficient, DoS Resis-
`tant Secure Key Exchange for the Internet.” Cambridge Workshop on Security Protocols.
`Cambridge UK. April 2001.
`
`36. Blaze, M., Ioannidis, J, and Keromytis, A. “Offline Micropayments without Secure Hard-
`ware.” Proc. Financial Cryptography 2001. Grand Cayman. February 2001.
`
`37. Blaze, M., Ioannidis, J, and Keromytis, A. “Trust Management for IPSEC.” Proc. ISOC
`Symposium on Network and Distributed Systems Security (NDSS) 2001, San Diego, CA.
`February 2001.
`
`38. Blaze, M., Ioannidis, J. and Keromytis, A. “Trust Management and Network-Layer
`Security Protocols.” 1999 Cambridge Protocols Workshop. Cambridge, UK. April 1999.
`
`39. Blaze, M., Feigenbaum, J, and Naor, M. “A Formal Treatment of Remotely Keyed
`Encryption.” Proceedings of EUROCRYPT ’98, Helsinki. May 1998. Lecture Notes in
`Computer Science. Springer, 1998.
`
`40. Blaze, M., Bleumer, G., and Strauss, M. “Atomic Proxy Cryptography and Protocol
`Divertibility.” Proceedings of EUROCRYPT ’98, Helsinki. May 1998. Lecture Notes in
`Computer Science. Springer, 1998.
`
`41. Blaze, M, Feigenbaum, J., and Strauss, M. “Compliance Checking in the PolicyMaker
`Trust Management System.” Proceedings of the 2nd Financial Crypto Conference, An-
`guilla. February 1998. Lecture Notes in Computer Science, Springer, 1998.
`
`42. Blaze, M. “Oblivious Key Escrow.” First International Conference on Information Hid-
`ing. Cambridge, England. June 1996.
`
`43. Blaze, M., Feigenbaum, J., and Lacy, J. “Decentralized Trust Management.” 1996 IEEE
`Conference on Security and Privacy. Oakland, CA, May 1996.
`
`44. Blaze, M. “High-Bandwidth Encryption with Low Bandwidth Smartcards.” Third Cam-
`bridge Conference on Fast Software Encryption. Cambridge, England, February 1996.
`
`45. Blaze, M. and Bellovin, S. “Session-Layer Encryption.” Proc. USENIX Security Symp.
`Salt Lake City, June 1995.
`
`46. Blaze, M. and Schneier, B. “The MacGuffin Block Cipher Algorithm.” 1994 Leuven
`Workshop on Fast Software Encryption. Leuven, Belgium, December 1994.
`
`BlackBerry Corporation Exhibit 1003, pg. 10
`
`

`

`47. Blaze, M. “Protocol Failure in the Escrowed Encryption Standard.” Proc. 2nd ACM
`Conference on Computer and Communications Security. Fairfax, VA., November 1994.
`
`48. Blaze, M. “Key Management in an Encrypting File System.” Proc. Summer 1994
`USENIX Tech. Conf. Boston, MA, June 1994.
`
`49. Blaze, M. “A Cryptographic File System for Unix.” Proc. 1st ACM Conference on
`Computer and Communications Security. Fairfax, VA., November 1993
`
`50. Ioannidis, J. and Blaze, M. “Architecture and Implementation of Network-Layer Security
`Under Unix.” Proc. USENIX Security Symp. Santa Clara, CA, October 1993.
`
`51. Blaze, M. “Transparent Mistrust: OS Support for Cryptography-in-the-Large.” Proc.
`4th Workshop on Workstation Operating Systems. Napa, CA, October 1993.
`
`52. Blaze, M. and Alonso, R. “Dynamic Hierarchical Caching in Large-Scale Distributed
`File Systems.” Proc. 12th Intl. Conf. on Distributed Computing Systems. Yokohama,
`Japan, June 1992; also available as CS-TR-353-91, Department of Computer Science,
`Princeton.
`
`53. Blaze, M. “NFS Tracing by Passive Network Monitoring.” Proc. USENIX Winter 1992
`Conference. San Francisco, January 1992.
`
`54. Blaze, M. and Alonso, R. “Long-Term Caching Strategies for Very Large Distributed
`File Systems.” Proc. USENIX Summer 1991 Conference. Nashville, TN, June 1991.
`(Winner of best paper and best student paper awards.)
`
`55. Blaze, M. and Cameron, E.J. “D*: A System for the Automatic Animation of IC*
`Programs.” Proc. CASE ’88. Cambridge, MA, June 1988.
`
`56. Robinson, V.B., Thongs, D., and Blaze, M., “Natural Language in Geographic Data
`Processing Systems.” Proc. Conference on Advanced Technology for Monitoring and
`Processing Global Environmental Data. London, September 1985.
`
`57. Robinson, V.B., Thongs, D., and Blaze, M., “Machine Acquisition and Representation
`of Natural Language Concepts for Geographic Information Systems.” Proc. Pittsburgh
`Conference on Modeling and Simulation. Pittsburgh, April 1985.
`
`BlackBerry Corporation Exhibit 1003, pg. 11
`
`

`

`Internet RFCs
`
`1. Blaze, M., Keroymytis, A., Richardson, M., and Sanchez, L. “IP Security Policy Re-
`quirements.” RFC-3586. IETF. August 2003.
`
`2. Blaze, M., Ioannidis, J, and Keromytis, A. “DSA and RSA Key and Signature Encoding
`for the KeyNote Trust Management System.” RFC-2792. IETF. March 2000.
`
`3. Blaze, M., Feigenbaum, J., Ioannidis, J. and Keromytis, A. “The KeyNote Trust Man-
`agement System, Version 2.” RFC-2704. IETF. September 1999.
`
`4. Ioannidis, J., Blaze, M. and Karn, P. “The swIPe IP Security Protocol.” Internet Draft.
`August 1993.
`
`BlackBerry Corporation Exhibit 1003, pg. 12
`
`