CV and Research Statement
`
`Markus Jakobsson
`www.linkedin.com/in/markusjakobsson
`www.markus-jakobsson.com
`
`1 At a Glance
`• Focus. Identification of security problems, trends and solution along four
`axes – computational, structural, physical and social; quantitative and
`qualitative fraud analysis; development of disruptive security technologies.
`• Education. PhD (Computer Science/Cryptography, University of Cali-
`fornia at San Diego, 1997); MSc (Computer Science, University of Cali-
`fornia at San Diego, 1994); MSc (Computer Engineering, Lund Institute
`of Technology, Sweden, 1993).
`• Large research labs. San Diego Supercomputer Center (Researcher,
`1996-1997); Bell Labs (Member of Technical Staff, 1997-2001); RSA Labs
`(Principal Research Scientist, 2001-2004); Xerox PARC (Principal Scien-
`tist, 2008-2010); PayPal (Principal Scientist of Consumer Security, Di-
`rector, 2010-2013); Qualcomm (Senior Director, 2013-2015); Agari (Chief
`Scientist, 2016–2018); Amber Solutions Inc (Chief of Security and Data
`Analytics, 2018 – 2019); ByteDance (Principal Scientist, 2020-2021)
`• Academia. New York University (Adjunct Associate Professor, 2002-
`2004); Indiana University (Associate Professor & Associate Director, 2004-
`2008; Adjunct Associate Professor, 2008-2016).
`• Entrepreneurial activity. ZapFraud (Anti-scam technology; CTO and
`founder, 2012-current); RavenWhite Security (Authentication solutions;
`CTO and founder, 2005-); RightQuestion (Consulting; Founder, 2007-
`current); FatSkunk (Malware detection; CTO and founder, 2009-2013 –
`FatSkunk was acquired by Qualcomm); LifeLock (Id theft protection;
`Member of fraud advisory board, 2009-2013); CellFony (Mobile security;
`Member of technical advisory board, 2009-2013); PopGiro (User Reputa-
`tion; Member of technical advisory board, 2012-2013); MobiSocial (Social
`networking, Member of technical advisory board, 2013); Cequence Security
`(Anti-fraud, Member of technical advisory board, 2013–current)
`• Anti-fraud consulting. KommuneData [Danish govt. entity] (1996);
`J.P. Morgan Chase (2006-2007); PayPal (2007-2011); Boku (2009-2010);
`Western Union (2009-2010).
`
`1
`
`Microsoft Ex. 1004, p. 1
`Microsoft v. Daedalus Blue
`IPR2021-00832
`
`

`

`• Intellectual Property, Testifying Expert Witness. Inventor of 100+
`patents; expert witness in 25+ patent litigation cases (McDermott, Will
`& Emery; Bereskin & Parr; WilmerHale; Hunton & Williams; Quinn
`Emanuel Urquhart & Sullivan; Freed & Weiss; Berry & Domer; Fish &
`Richardson; DLA Piper; Cipher Law Group; Keker & Van Nest). Details
`and references upon request.
`• Publications. Books: Phishing and Countermeasures: Understanding
`the Increasing Problem of Electronic Identity Theft (Wiley, 2006); Crime-
`ware: Understanding New Attacks and Defenses (Symantec Press, 2008);
`Towards Trustworthy Elections: New Directions in Electronic Voting (Springer
`Verlag, 2010); Mobile Authentication: Problems and Solutions )Springer
`Verlag, 2012); The Death of the Internet (Wiley, 2012); Understanding
`Social Engineering (Springer Verlag, 2016); Security, Privacy and User
`Interaction (Springer Verlag, 2020); 100+ peer-reviewed publications
`
`2 At a Glance
`Ten years before Bitcoin was created, I formalized the notion of Proof of Work
`and described its use for mining of crypto payments. I later developed energy-
`efficient alternatives to this paradigm, and showed how to enable mining on
`mobile devices, which is not possible for Bitcoin. I am the founder of the aca-
`demic discipline of phishing and have developed techniques to predict fraud
`trends years before they emerge, enabling countermeasures to be developed be-
`fore they are needed. I developed the notion of implicit authentication, which
`is now ubiquitous; I also founded a company that developed the first retroac-
`tive virus detection technology, with guarantees of detection; the company was
`acquired by Qualcomm in 2013.
`I have worked as chief scientist and similar
`positions in startups as well as industry behemoths, such as PayPal.
`I have
`several hundred patents to my name and am a prominent security researcher
`with hundreds of peer reviewed publications and an array of textbooks. My
`1997 PhD thesis, from University of California at San Diego, was on distributed
`electronic payment systems with revocable privacy.
`
`3 Work History (Highlights)
`
`1. Member of Technical Staff, Bell Labs (1997-2001). Markus was
`part of the security research group at Bell Labs. He formalized the notion
`of proof of work, later an integral part of BitCoin.
`
`2. Principal Scientist, RSA Labs (2001-2005). Markus posited that
`phishing would become a mainstream problem, and developed ethical tech-
`niques for identifying likely trends based on human subject experiments.
`
`3. Associate Professor, Indiana University (2005-2008). Markus was
`hired to lead the newly formed security group at Indiana University, and
`
`2
`
`Microsoft Ex. 1004, p. 2
`Microsoft v. Daedalus Blue
`IPR2021-00832
`
`

`

`created a research group comprising approximately 10 professors and 30
`students, studying social engineering and fraud.
`
`4. Principal Scientist, Xerox PARC (2008-2010). Markus was hired to
`lead the research efforts of the Xerox PARC security group, and developed
`the notion of implicit authentication, a technology that is now ubiquitous.
`
`5. Principal Scientist, PayPal (2010-2013). Markus did research on
`security and user interfaces, and developed techniques to reduce the losses
`associated with liar buyer fraud.
`
`6. Senior Director, Qualcomm (2013-2016). Qualcomm acquires FatSkunk,
`a company founded by Markus. At FatSkunk, Markus developed retroac-
`tive malware detection with provable security guarantees. A simplified
`version of this is now deployed with almost all Qualcomm chipsets.
`
`7. Chief Scientist, Agari (2016-2018). Markus developed a technique to
`acquire fraudster intelligence by compromising scammer email accounts –
`while staying within the law – resulting in the extradition of several African
`scam lords to the U.S.
`
`8. Chief of Security and Data Analytics, Amber Solutions (2018-
`2020). Markus developed usable configuration methods supporting im-
`proved security and privacy for IoT installations.
`
`9. Chief Scientist, ByteDance (2020-2021). Markus oversaw the estab-
`lishment of a research group and a research agenda at ByteDance, and
`contributed to their intellectual property and product security.
`
`4 Publication List
`
`Books (1-8); book chapters, journals, conference publications and other scientific
`publications (9-147), issued /published U.S. patents (148-234). For an updated
`list, and for international patents, please see www.markus-jakobsson.com/publications
`and appropriate patent search engines.
`
`References
`
`[1] M. Jakobsson, Security, Privacy and User Interaction, ISBN 978-3-030-
`43753-4, 110 pages, 2020.
`
`[2] M. Jakobsson, Understanding Social Engineering Based Scams, ISBN 978-
`1-4939-6457-4, 130 pages, Springer, 2016.
`
`[3] M. Jakobsson, Mobile Authentication: Problems and Solutions, ISBN
`1461448778, 125 pages, Springer, 2013.
`
`3
`
`Microsoft Ex. 1004, p. 3
`Microsoft v. Daedalus Blue
`IPR2021-00832
`
`

`

`[4] M. Jakobsson, (editor) The Death of the Internet, ASIN B009CN2JVE, 359
`pages, IEEE Computer Society Press, 2012.
`
`[5] D. Chaum, M. Jakobsson, R. L. Rivest, P. Y. Ryan, J. Benaloh, and M.
`Kutylowski, (editors), Towards Trustworthy Elections: New Directions in
`Electronic Voting, 411 pages, (Vol. 6000), Springer, 2010.
`
`[6] M. Jakobsson and Z. Ramzan (editors), Crimeware: Trends in Attacks
`and Countermeasures, ISBN 0321501950, Hardcover, 582 pages, Symantec
`Press / Addison Wesley, 2008.
`
`[7] M. Jakobsson and S. A. Myers (editors), Phishing and Countermeasures:
`Understanding the Increasing Problem of Electronic Identity Theft, ISBN
`0-471-78245-9, Hardcover, 739 pages, Wiley, 2006.
`
`[8] M. Jakobsson, M. Yung, J. Zhou, Applied Cryptography and Network Se-
`curity: Second International Conference , Yellow Mountain, China, 2004,
`511 pages, Lecture Notes in Computer Science (Book 3089), 2004.
`
`[9] M. Jakobsson, “Permissions and Privacy,” in IEEE Security & Privacy, vol.
`18, no. 2, pp. 46-55, March-April 2020
`
`[10] M. Jakobsson, “The Rising Threat of Launchpad Attacks,” in IEEE Secu-
`rity & Privacy, vol. 17, no. 5, pp. 68-72, Sept.-Oct. 2019
`
`[11] J Koven, C Felix, H Siadati, M Jakobsson, E Bertini, “Lessons learned
`developing a visual analytics solution for investigative analysis of scamming
`activities,” IEEE transactions on visualization and computer graphics 25
`(1), 225-234
`
`[12] M Jakobsson, “Two-factor inauthentication?the rise in SMS phishing at-
`tacks” Computer Fraud & Security 2018 (6), 6-8
`
`[13] M. Dhiman, M. Jakobsson, T.-F. Yen, “Breaking and fixing content-based
`filtering,” 2017 APWG Symposium on Electronic Crime Research (eCrime),
`52-56
`
`[14] M. Jakobsson, “Addressing sophisticated email attacks,” 2017 International
`Conference on Financial Cryptography and Data Security, 310-317
`
`[15] M. Jakobsson, “User trust assessment: a new approach to combat decep-
`tion,” Proceedings of the 6th Workshop on Socio-Technical Aspects in Se-
`curity and Trust, 2016, pages 73-78
`
`[16] H. Siadati, T. Nguyen, P. Gupta, M. Jakobsson, “Mind your SMSes: Miti-
`gating social engineering in second factor authentication,” Computers and
`Security, 2016
`
`[17] M. Jakobsson, W. Leddy, “Could you fall for a scam? Spam filters are
`passe. What we need is software that unmasks fraudsters,” IEEE Spectrum
`53 (5), 2016, 40-55
`
`4
`
`Microsoft Ex. 1004, p. 4
`Microsoft v. Daedalus Blue
`IPR2021-00832
`
`

`

`[18] N. Sae-Bae, M. Jakobsson, Hand Authentication on Multi-Touch Tablets,
`HotMobile 2014
`
`[19] Y. Park, J. Jones, D. McCoy, E. Shi, M. Jakobsson, Scambaiter: Under-
`standing Targeted Nigerian Scams on Craigslist, NDSS 2014
`
`[20] D. Balfanz, R. Chow, O. Eisen, M. Jakobsson, S. Kirsch, S. Matsumoto, J.
`Molina, and P. van Oorschot, “The future of authentication,” Security &
`Privacy, IEEE, 10(1), 22-27, 2012.
`
`[21] M. Jakobsson, and H. Siadati, Improved Visual Preference Authentication:
`Socio-Technical Aspects in Security and Trust, (STAST), 2012 Workshop
`on IEEE, 27–34, 2012.
`
`[22] M. Jakobsson, R. I. Chow, and J. Molina, “Authentication-Are We Do-
`ing Well Enough?[Guest Editors’ Introduction]” Security & Privacy, IEEE,
`10(1), 19-21, 2012.
`
`[23] E. Shi, Y. Niu, M. Jakobsson, and R. Chow, “Implicit authentication
`through learning user behavior,” Information Security, 99-113, Springer
`Berlin Heidelberg, 2011.
`
`[24] M. Jakobsson and K. Johansson, “Practical and Secure Software-Based
`Attestation,” Lightweight Security & Privacy: Devices, Protocols and Ap-
`plications (LightSec), 1–9, 2011.
`
`[25] A. Juels, D. Catalano, and M.Jakobsson, Coercion-resistant electronic elec-
`tions: Towards Trustworthy Elections, 37–63, Springer Berlin Heidelberg,
`2010.
`
`[26] M. Jakobsson and F. Menczer, “Web Forms and Untraceable DDoS At-
`tacks,” in Network Security, Huang, S., MacCallum, D., and Du, D. Z.,
`Eds.,77–95, Springer, 2010.
`
`[27] R. Chow, M. Jakobsson, R. Masuoka, J. Molina, Y. Niu, E. Shi, and Z.
`Song, “Authentication in the Clouds: A Framework and its Application to
`Mobile Users,” 2010.
`
`[28] X. Wang, P. Golle, M. Jakobsson, and A. Tsow, “Deterring voluntary trace
`disclosure in re-encryption mix-networks,” ACM Trans. Inf. Syst. Secur.,
`13(2), 1-24, 2010.
`
`[29] X. Wang, P. Golle, M. Jakobsson, A.Tsow, “Deterring voluntary trace dis-
`closure in re-encryption mix-networks,” ACM Trans. Inf. Syst. Secur. 13(2):
`(2010)
`
`[30] M. Jakobsson, and C. Soghoian, “Social Engineering in Phishing,” Infor-
`mation Assurance, Security and Privacy Services, 4, 2009.
`
`[31] M. Jakobsson, C. Soghoian and S. Stamm, “Phishing,” Handbook of Fi-
`nancial Cryptography (CRC press, 2008)
`
`5
`
`Microsoft Ex. 1004, p. 5
`Microsoft v. Daedalus Blue
`IPR2021-00832
`
`

`

`[32] M. Jakobsson and A. Tsow, “Identity Theft,” In John R. Vacca, Edi-
`tor, “Computer And Information Security Handbook” (Morgan Kaufmann,
`2008)
`
`[33] S. Srikwan and M. Jakobsson, “Using Cartoons to Teach Internet Security,”
`Cryptologia, vol. 32, no. 2, 2008
`
`[34] M. Jakobsson, N. Johnson and P. Finn, “Why and How to Perform Fraud
`Experiments,” IEEE Security and Privacy, March/April 2008 (Vol. 6, No.
`2) pp. 66-68
`
`[35] M. Jakobsson and S. Myers, “Delayed Password Disclosure,” International
`Journal of Applied Cryptography, 2008, pp. 47-59.
`
`[36] M. Jakobsson and S. Stamm, “Web Camouflage: Protecting Your Clients
`from Browser Sniffing Attacks,” IEEE Security & Privacy Magazine.
`November/December 2007
`
`[37] P. Finn and M. Jakobsson, “Designing and Conducting Phishing Experi-
`ments,” IEEE Technology and Society Magazine, Special Issue on Usability
`and Security
`
`[38] T. Jagatic, N. Johnson, M. Jakobsson and F. Menczer. “Social Phishing,”
`The Communications of the ACM, October 2007
`
`[39] A. Tsow, M. Jakobsson, L. Yang and S. Wetzel, “Warkitting: the Drive-by
`Subversion of Wireless Home Routers,” Anti-Phishing and Online Fraud,
`Part II Journal of Digital Forensic Practice, Volume 1, Special Issue 3,
`November 2006
`
`[40] M. Gandhi, M. Jakobsson and J. Ratkiewicz, “Badvertisements: Stealthy
`Click-Fraud with Unwitting Accessories,” Anti-Phishing and Online Fraud,
`Part I Journal of Digital Forensic Practice, Volume 1, Special Issue 2,
`November 2006
`
`[41] N. Ben Salem, J.-P. Hubaux and M. Jakobsson. “Reputation-based Wi-Fi
`Deployment,” Mobile Computing and Communications Review, Volume 9,
`Number 3 (Best papers of WMASH 2004)
`
`[42] N. Ben Salem, J. P. Hubaux, and M. Jakobsson. “Node Cooperation in
`Hybrid Ad hoc Networks,” IEEE Transactions on Mobile Computing, Vol.
`5, No. 4, April 2006.
`
`[43] P. MacKenzie, T. Shrimpton, and M. Jakobsson. “Threshold Password-
`Authenticated Key Exchange,” Journal of Cryptology, 2005
`
`[44] A. Juels, M. Jakobsson, E. Shriver, and B. Hillyer. “How To Turn Loaded
`Dice Into Fair Coins.” IEEE Transactions on Information Theory, vol.
`46(3). May 2000. pp. 911–921.
`
`6
`
`Microsoft Ex. 1004, p. 6
`Microsoft v. Daedalus Blue
`IPR2021-00832
`
`

`

`[45] M. Jakobsson, P. MacKenzie, and J.P. Stern. “Secure and Lightweight Ad-
`vertising on the Web,” Journal of Computer Networks, vol. 31, issue 11–16,
`Elsevier North-Holland, Inc., 1999. pp. 1101–1109.
`
`[46] M. Jakobsson, “Cryptographic Protocols,” Chapter from The Handbook
`of Information Security. Hossein Bidgoli, Editor-in-Chief. Copyright John
`Wiley & Sons, Inc., 2005, Hoboken, N.J.
`
`[47] M. Jakobsson, “Cryptographic Privacy Protection Techniques,” Chapter
`from The Handbook of Information Security. Hossein Bidgoli, Editor-in-
`Chief. Copyright John Wiley & Sons, Inc., 2005, Hoboken, N.J.
`
`[48] M. Jakobsson, E. Shi, P. Golle, R. Chow, “Implicit authentication for mo-
`bile devices,” 4th USENIX Workshop on Hot Topics in Security (HotSec
`’09); 2009 August 11; Montreal, Canada.
`
`[49] R. Chow, P. Golle, M. Jakobsson, E. Shi, J. Staddon, R. Masuoka, J.
`Molina, “Controlling data in the cloud: outsourcing computation without
`outsourcing control,” Proceedings of the 2009 ACM Workshop on Cloud
`Computing Security (CCSW 2009); 2009 November 13; Chicago, IL. NY:
`ACM; 2009; pp. 85–90.
`
`[50] M. Jakobsson, H. Siadati, M. Dhiman, “Liar Buyer Fraud, and How to
`Curb It,” NDSS, 2015
`
`[51] M. Jakobsson, T.-F. Yen, “How Vulnerable Are We To Scams?,” BlackHat,
`2015
`
`[52] M. Jakobsson, “How to Wear Your Password,” BlackHat, 2014
`
`[53] M. Jakobsson and G. Stewart, “Mobile Malware: Why the Traditional
`AV Paradigm is Doomed, and How to Use Physics to Detect Undesirable
`Routines,” in BlackHat, 2013.
`
`[54] M. Jakobsson, and H. Siadati,“SpoofKiller: You Can Teach People How to
`Pay, but Not How to Pay Attention” in Socio-Technical Aspects in Security
`and Trust (STAST), 2012 Workshop on, 3-10, 2012.
`
`[55] M. Jakobsson, and M. Dhiman,“The benefits of understanding passwords,”
`in Proceedings of the 7th USENIX conference on Hot Topics in Security,
`Berkeley, CA, USA, 2012.
`
`[56] M. Jakobsson, and S. Taveau, “The Case for Replacing Passwords with
`Biometrics,” Mobile Security Technologies, 2012.
`
`[57] M. Jakobsson and D. Liu, “Bootstrapping mobile PINs using passwords,”
`W2SP, 2011.
`
`[58] M. Jakobsson and R. Akavipat, “Rethinking passwords to adapt to con-
`strained keyboards,” 2011.
`
`7
`
`Microsoft Ex. 1004, p. 7
`Microsoft v. Daedalus Blue
`IPR2021-00832
`
`

`

`[59] Y. Niu, E. Shi, R. Chow, P. Golle, and M. Jakobsson, “One Experience
`Collecting Sensitive Mobile Data,” In USER Workshop of SOUPS, 2010.
`
`[60] E. Shi, Y. Niu, M. Jakobsson, and R. Chow, “Implicit Authentication
`through Learning User Behavior,” 2010.
`
`[61] M. Jakobsson and K. Johansson, Assured Detection of Malware With Ap-
`plications to Mobile Platforms, 2010.
`
`[62] M. Jakobsson and K. Johansson, “Retroactive Detection of Malware With
`Applications to Mobile Platforms,” in HotSec 2010, Washington, DC, 2010.
`
`[63] M. Jakobsson, A Central Nervous System for Automatically Detecting Mal-
`ware, 2009.
`
`[64] R. Chow, P. Golle, M. Jakobsson, R. Masuoka, J. Molina, E. Shi, and J.
`Staddon, “Controlling data in the cloud: outsourcing computation with-
`out outsourcing control,” ACM workshop on Cloud computing security
`(CCSW), 2009.
`
`[65] M. Jakobsson and A. Juels, “Server-Side Detection of Malware Infection,”
`in New Security Paradigms Workshop (NSPW), Oxford, UK, 2009.
`
`[66] M. Jakobsson, “Captcha-free throttling,” Proceedings of the 2nd ACM
`workshop on Security and artificial intelligence, 15–22, 2009.
`
`[67] M. Jakobsson, E. Shi, P. Golle, and R. Chow, “Implicit authentication for
`mobile devices,” Proceedings of the 4th USENIX conference on Hot topics
`in security, 9–9, 2009.
`
`[68] C. Soghoian, O. Friedrichs and M. Jakobsson, “The Threat of Political
`Phishing,” International Symposium on Human Aspects of Information
`Security & Assurance (HAISA 2008)
`
`[69] R. Chow, P. Golle, M. Jakobsson, L. Wang and X. Wang, “Making
`CAPTCHAs Clickable,” In proc. of HotMobile 2008.
`
`[70] M. Jakobsson, A. Juels, and J. Ratkiewicz, “Privacy-Preserving History
`Mining for Web Browsers,” Web 2.0 Security and Privacy, 2008.
`
`[71] M. Jakobsson, E. Stolterman, S. Wetzel, L. Yang, “Love and Authenti-
`cation,” (Notes) ACM Computer/Human Interaction Conference (CHI),
`2008. Also see www.I-forgot-my-password.com
`
`[72] M. Jakobsson and S. Myers, “Delayed Password Disclosure,” Proceedings
`of the 2007 ACM workshop on Digital Identity Management
`
`[73] M. Jakobsson, S. Stamm, Z. Ramzan, “JavaScript Breaks Free,” W2SP ’07
`
`[74] A. Juels, S. Stamm, M. Jakobsson, “Combatting Click Fraud via Premium
`Clicks,” USENIX Security 2007
`
`8
`
`Microsoft Ex. 1004, p. 8
`Microsoft v. Daedalus Blue
`IPR2021-00832
`
`

`

`[75] R. Chow, P. Golle, M. Jakobsson, X. Wang, “Clickable CAPTCHAs,” Ad-
`Fraud ’07 Workshop; 2007 September 14; Stanford, CA, USA
`
`[76] S. Stamm, Z. Ramzan, and M. Jakobsson, “Drive-by Pharming,” In Pro-
`ceedings of Information and Communications Security, 9th International
`Conference, ICICS 2007
`
`[77] M. Jakobsson, A. Tsow, A. Shah, E. Blevis, Y.-K. Lim, “What Instills
`Trust? A Qualitative Study of Phishing,” USEC ’07.
`
`[78] R. Akavipat, V. Anandpara, A. Dingman, C. Liu, D. Liu, K. Pongsanon,
`H. Roinestad and M. Jakobsson, “Phishing IQ Tests Measure Fear, not
`Ability,” USEC ’07.
`
`[79] M. Jakobsson, “The Human Factor in Phishing,” American Conference
`Institute’s Forum on Privacy & Security of Consumer Information, 2007
`
`[80] S. Srikwan, M. Jakobsson, A. Albrecht and M. Dalkilic, “Trust Establish-
`ment in Data Sharing: An Incentive Model for Biodiversity Information
`Systems,” TrustCol 2006
`
`[81] J.Y. Choi, P. Golle, M. Jakobsson, “Tamper-Evident Digital Signatures:
`Protecting Certification Authorities Against Malware,” DACS ’06
`
`[82] L. Yang, M. Jakobsson, S. Wetzel, “Discount Anonymous On Demand
`Routing for Mobile Ad hoc Networks,” SECURECOMM ’06
`
`[83] P. Golle, X. Wang, M. Jakobsson, A. Tsow, “Deterring Voluntary Trace
`Disclosure in Re-encryption Mix Networks.” IEEE S&P ’06
`
`[84] M. Jakobsson, A. Juels, T. Jagatic, “Cache Cookies for Browser Authenti-
`cation (Extended Abstract),” IEEE S&P ’06
`
`[85] M. Jakobsson and J. Ratkiewicz, “Designing Ethical Phishing Experiments:
`A study of (ROT13) rOnl auction query features.”, WWW ’06
`
`[86] M. Jakobsson and S. Stamm. “Invasive Browser Sniffing and Countermea-
`sures,” WWW ’06
`
`[87] J.Y. Choi, P. Golle and M. Jakobsson. “Auditable Privacy: On Tamper-
`Evident Mix Networks,” Financial Crypto ’06
`
`[88] A. Juels, D. Catalano and M. Jakobsson. “Coercion-Resistant Electronic
`Elections,” WPES ’05
`
`[89] V. Griffith and M. Jakobsson. “Messin’ with Texas, Deriving Mother’s
`Maiden Names Using Public Records,” ACNS ’05, 2005.
`
`[90] M. Jakobsson and L. Yang. “Quantifying Security in Hybrid Cellular Net-
`works,” ACNS ’05, 2005
`
`9
`
`Microsoft Ex. 1004, p. 9
`Microsoft v. Daedalus Blue
`IPR2021-00832
`
`

`

`[91] Y.-C. Hu, M. Jakobsson, and A. Perrig. “Efficient Constructions for One-
`way Hash Chains,” ACNS ’05, 2005
`
`[92] M. Jakobsson. “Modeling and Preventing Phishing Attacks,” Phishing
`Panel in Financial Cryptography ’05. 2005, abstract in proceedings.
`
`[93] N. Ben Salem, J.-P. Hubaux, and M. Jakobsson. “Reputation-based Wi-
`Fi Deployment Protocols and Security Analysis,” In WMASH ’04. ACM
`Press, 2004. pp. 29–40.
`
`[94] M. Jakobsson and S. Wetzel. “Efficient Attribute Authentication with Ap-
`plications to Ad Hoc Networks,” In VANET ’04. ACM Press, 2004. pp.
`38–46.
`
`[95] M. Jakobsson, X. Wang, and S. Wetzel. “Stealth Attacks in Vehicular Tech-
`nologies,” Invited paper. In Proceedings of IEEE Vehicular Technology
`Conference 2004 Fall (VTC-Fall 2004). IEEE, 2004.
`
`[96] A. Ambainis, H. Lipmaa, and M. Jakobsson. “Cryptographic Randomized
`Response Technique,” In PKC ’04. LNCS 2947. Springer-Verlag, 2004. pp.
`425–438.
`
`[97] P. Golle, M. Jakobsson, A. Juels, and P. Syverson. “Universal Re-
`encryption for Mixnets,” In CT-RSA ’04. LNCS 2964. Springer-Verlag,
`2004. pp. 163–178.
`
`[98] P. Golle and M. Jakobsson. “Reusable Anonymous Return Channels,” In
`WPES ’03. ACM Press, 2003. pp. 94–100.
`
`[99] M. Jakobsson, S. Wetzel, B. Yener. “Stealth Attacks on Ad-Hoc Wireless
`Networks,” In IEEE VTC ’03, 2003.
`
`[100] N. Ben Salem, L. Buttyan, J.-P. Hubaux, and M. Jakobsson. “A Charg-
`ing and Rewarding Scheme for Packet Forwarding in Multi-hop Cellular
`Networks,” In ACM MobiHoc ’03. ACM Press, 2003. pp. 13–24.
`
`[101] M. Jakobsson, J.-P.Hubaux and L. Buttyan. “A Micro-Payment Scheme
`Encouraging Collaboration in Multi-Hop Cellular Networks,” In FC ’03.
`LNCS 2742. Springer-Verlag, 2003. pp. 15–33.
`
`[102] M. Jakobsson, T. Leighton, S. Micali and M. Szydlo. “Fractal Merkle Tree
`Representation and Traversal,” In RSA-CT ’03 2003.
`
`[103] A. Boldyreva and M Jakobsson. “Theft protected proprietary certificates,”
`In DRM ’02. LNCS 2696, 2002. pp. 208–220.
`
`[104] P. Golle, S. Zhong, M. Jakobsson, A. Juels, and D. Boneh. “Optimistic
`Mixing for Exit-Polls,” In Asiacrypt ’02. LNCS 2501. Springer-Verlag, 2002.
`pp. 451–465.
`
`10
`
`Microsoft Ex. 1004, p. 10
`Microsoft v. Daedalus Blue
`IPR2021-00832
`
`

`

`[105] P. MacKenzie, T. Shrimpton, and M. Jakobsson. “Threshold Password-
`Authenticated Key Exchange,” In CRYPTO ’02. LNCS 2442. Springer-
`Verlag, 2002. pp. 385–400.
`
`[106] M. Jakobsson. “Fractal Hash Sequence Representation and Traversal,” In
`Proceedings of the 2002 IEEE International Symposium on Information
`Theory (ISIT ‘02). 2002. pp. 437–444.
`
`[107] M. Jakobsson, A. Juels, and R. Rivest. “Making Mix Nets Robust For
`Electronic Voting By Randomized Partial Checking,” In Proceedings of
`the 11th USENIX Security Symposium. USENIX Association, 2002. pp.
`339–353.
`
`[108] D. Coppersmith and M. Jakobsson. “Almost Optimal Hash Sequence
`Traversal,” In Financial Crypto ’02. 2002.
`
`[109] M. Jakobsson. “Financial Instruments in Recommendation Mechanisms,”
`In Financial Crypto ’02. 2002.
`
`[110] J. Garay, and M. Jakobsson. “Timed Release of Standard Digital Signa-
`tures,” In Financial Crypto ’02. 2002.
`
`[111] F. Menczer, N. Street, N. Vishwakarma, A. Monge, and M. Jakobsson.
`“Intellishopper: A Proactive, Personal, Private Shopping Assistant,” In
`AAMAS ’02. ACM Press, 2002. pp. 1001–1008.
`
`[112] M. Jakobsson, A. Juels, and P. Nguyen. “Proprietary Certificates,” In
`CT-RSA ’02. LNCS 2271. Springer-Verlag, 2002. pp. 164–181.
`
`[113] M. Jakobsson and A. Juels. “An Optimally Robust Hybrid Mix Network,”
`In PODC ’01. ACM Press. 2001. pp. 284–292.
`
`[114] M. Jakobsson and M. Reiter. “Discouraging Software Piracy Using Soft-
`ware Aging,” In DRM ’01. LNCS 2320. Springer-Verlag, 2002. pp. 1–12.
`
`[115] M. Jakobsson and S. Wetzel. “Security Weaknesses in Bluetooth,” In CT–
`RSA ’01. LNCS 2020. Springer-Verlag, 2001. pp. 176–191.
`
`[116] M. Jakobsson and D. Pointcheval. “Mutual Authentication for Low-Power
`Mobile Devices,” In Financial Crypto ’01. LNCS 2339. Springer-Verlag,
`2001. pp. 178–195.
`
`[117] M. Jakobsson, D. Pointcheval, and A. Young. “Secure Mobile Gambling,”
`In CT–RSA ’01. LNCS 2020. Springer-Verlag, 2001. pp. 110–125.
`
`[118] M. Jakobsson and S.Wetzel. “Secure Server-Aided Signature Generation,”
`In PKC ’01. LNCS 1992. Springer-Verlag, 2001. pp. 383–401.
`
`[119] M. Jakobsson and A. Juels. “Addition of ElGamal Plaintexts,” In T.
`Okamoto, ed., ASIACRYPT ’00. LNCS 1976. Springer-Verlag, 2000. pp.
`346–358.
`
`11
`
`Microsoft Ex. 1004, p. 11
`Microsoft v. Daedalus Blue
`IPR2021-00832
`
`

`

`[120] M. Jakobsson, and A. Juels. “Mix and Match: Secure Function Evaluation
`via Ciphertexts,” In ASIACRYPT ’00. LNCS 1976. Springer-Verlag, 2000.
`pp. 162–177.
`
`[121] R. Arlein, B. Jai, M. Jakobsson, F. Monrose, and M. Reiter. “Privacy-
`Preserving Global Customization,” In ACM E-Commerce ’00. ACM Press,
`2000. pp. 176–184.
`
`[122] C.-P. Schnorr and M. Jakobsson. “Security of Signed ElGamal Encryp-
`tion,” In ASIACRYPT ’00. LNCS 1976. Springer-Verlag, 2000. pp. 73–89.
`
`[123] P. Bohannon, M. Jakobsson, and S. Srikwan. “Cryptographic Approaches
`to Privacy in Forensic DNA Databases,” In Public Key Cryptography ’00.
`LNCS 1751. Springer-Verlag, 2000, pp. 373–390.
`
`[124] J. Garay, M. Jakobsson, and P. MacKenzie. “Abuse-free Optimistic Con-
`tract Signing,” In CRYPTO ’99. LNCS 1666. Springer-Verlag, 1999. pp.
`449–466.
`
`[125] M. Jakobsson. “Flash Mixing,” In PODC ’99. ACM Press, 1999. pp. 83–
`89.
`
`[126] G. Di Crescenzo, N. Ferguson, R. Impagliazzo, and M. Jakobsson. “How
`To Forget a Secret,” In STACS ’99. LNCS 1563. Springer-Verlag, 1999. pp.
`500–509.
`
`[127] M. Jakobsson, D. M’Raihi, Y. Tsiounis, and M. Yung. “Electronic Pay-
`ments: Where Do We Go from Here?,” In CQRE (Secure) ’99. LNCS 1740.
`Springer-Verlag, 1999. pp. 43–63.
`
`[128] C.P. Schnorr and M. Jakobsson. “Security Of Discrete Log Cryptosystems
`in the Random Oracle + Generic Model,” In Conference on The Mathe-
`matics of Public-Key Cryptography. 1999.
`
`[129] M. Jakobsson and A. Juels “Proofs of Work and Breadpudding Protocols,”
`In CMS ’99. IFIP Conference Proceedings, Vol. 152. Kluwer, B.V., 1999.
`pp. 252 – 272.
`
`[130] M. Jakobsson and C-P Schnorr. “Efficient Oblivious Proofs of Correct Ex-
`ponentiation,” In CMS ’99. IFIP Conference Proceedings, Vol. 152. Kluwer,
`B.V., 1999. pp. 71–86.
`
`[131] M. Jakobsson, P. MacKenzie, and J.P. Stern. “Secure and Lightweight
`Advertising on the Web,” In World Wide Web ’99
`
`[132] M. Jakobsson, J.P. Stern, and M. Yung. “Scramble All, Encrypt Small,”
`In Fast Software Encryption ’99. LNCS 1636. Springer-Verlag, 1999. pp.
`95–111.
`
`12
`
`Microsoft Ex. 1004, p. 12
`Microsoft v. Daedalus Blue
`IPR2021-00832
`
`

`

`[133] M. Jakobsson and J. Mueller. “Improved Magic Ink Signatures Using
`Hints,” In Financial Cryptography ’99. LNCS 1648. Springer-Verlag, 1999.
`pp. 253–268.
`
`[134] M. Jakobsson. “Mini-Cash: A Minimalistic Approach to E-Commerce,”
`In Public Key Cryptography ’99. LNCS 1560. Springer-Verlag, 1999. pp.
`122–135.
`
`[135] M. Jakobsson. “On Quorum Controlled Asymmetric Proxy Re-
`encryption,” In Public Key Cryptography ’99. LNCS 1560. Springer-Verlag,
`1999. pp. 112–121.
`
`[136] M. Jakobsson and A. Juels. “X-Cash: Executable Digital Cash,” In Fi-
`nancial Cryptography ’98. LNCS 1465. Springer-Verlag, 1998. pp. 16–27.
`
`[137] M. Jakobsson and D. M’Raihi. “Mix-based Electronic Payments,” In Pro-
`ceedings of the Selected Areas in Cryptography. LNCS 1556. Springer-
`Verlag, 1998. pp. 157173.
`
`[138] M. Jakobsson, E. Shriver, B. Hillyer, and A. Juels. “A Practical Secure
`Physical Random Bit Generator,” In CCS ’98: Proceedings of the 5th ACM
`conference on Computer and communications security. ACM Press, 1998.
`pp. 103–111.
`
`[139] M. Jakobsson. “A Practical Mix,” In Advances in Cryptology – EuroCrypt
`’98. LNCS 1403. Springer-Verlag, 1998. pp. 448–461.
`
`[140] M. Jakobsson and M. Yung. “On Assurance Structures for WWW Com-
`merce,” In Financial Cryptography ’98. LNCS 1465. Springer-Verlag, 1998.
`pp. 141–157.
`
`[141] E. Gabber, M. Jakobsson, Y. Matias, and A. Mayer. “Curbing Junk E-
`Mail via Secure Classification,” In Financial Cryptography ’98. LNCS 1465.
`Springer-Verlag, 1998. pp. 198–213.
`
`[142] M. Jakobsson and M. Yung. “Distributed ‘Magic Ink’ Signatures,” In Ad-
`vances in Cryptology – EuroCrypt ’97. LNCS 1233. Springer-Verlag, 1997.
`pp. 450–464.
`
`[143] M. Jakobsson and M. Yung. “Applying Anti-Trust Policies to Increase
`Trust in a Versatile E-Money System,” In Financial Cryptography ’97.
`LNCS 1318. Springer-Verlag, 1997. pp. 217–238.
`
`[144] A. Herzberg, M. Jakobsson, S. Jarecki, H. Krawczyk, and M. Yung.
`“Proactive public-key and signature schemes,” In Proceedings of the 4th
`Annual Conference on Computer Communications Security. ACM Press,
`1997. pp. 100–110.
`
`13
`
`Microsoft Ex. 1004, p. 13
`Microsoft v. Daedalus Blue
`IPR2021-00832
`
`

`

`[145] M. Bellare, M. Jakobsson, and M. Yung. “Round-Optimal Zero-
`Knowledge Arguments Based on any One-Way Function,” In Advances
`in Cryptology – EuroCrypt ’97. LNCS 1233. Springer-Verlag, 1997. pp.
`280–305.
`
`[146] M. Jakobsson and M. Yung. “Proving Without Knowing,” In Crypto ’96.
`LNCS 1109. Springer-Verlag, 1996. pp. 186–200.
`
`[147] M. Jakobsson, K. Sako, and R. Impagliazzo. “Designated Verifier Proofs
`and Their Applications,” In Advances in Cryptology – EuroCrypt ’96.
`LNCS 1070. Springer-Verlag, 1996. pp. 143–154.
`
`[148] M. Jakobsson and M. Yung. “Revokable and Versatile Electronic Money,”
`In CCS ’96: Proceedings of the 3rd ACM conference on Computer and
`communications security. ACM Press, 1996. pp. 76–87.
`
`[149] M. Jakobsson. “Ripping Coins for a Fair Exchange,” In Advances in Cryp-
`tology – EuroCrypt ’95. LNCS 921. Springer-Verlag, 1995. pp. 220–230.
`
`[150] M. Jakobsson. “Blackmailing using Undeniable Signatures,” In Advances
`in Cryptology EuroCrypt ’94. LNCS 950. Springer-Verlag, 1994. pp. 425–
`427.
`
`[151] M. Jakobsson. “Reducing costs in identification protocols,” Crypto ’92,
`1992.
`
`[152] M. Jakobsson. “Machine-Generated Music with Themes,” In International
`Conference on Artificial Neural Networks ’92. Vol 2. Amsterdam: Elsevier,
`1992. pp. 1645–1646
`
`[153] M. Jakobsson, “Social Engineering 2.0: What’s Next,” McAfee Security
`Journal, Fall 2008
`
`[154] M. Jakobsson and S. Myers, “Delayed Password Disclosure,” ACM
`SIGACT News archive, Volume 38, Issue 3 (September 2007), pp. 56 -
`75
`
`[155] V. Griffith and M. Jakobsson. “Messin’ with Texas, Deriving Mother’s
`Maiden Names Using Public Records,” CryptoBytes, 2007.
`
`[156] M. Jakobsson, A. Juels, J. Ratkiewicz, “Remote-Harm Detection,” Beta-
`version available at rhd.ravenwhitedevelopment.com/
`
`[157] S. Stamm, M. Jakobsson, “Social Malware,” Experimental results avail-
`able at www.indiana.edu/ phishing/verybigad/
`
`[158] M. Jakobsson. “Privacy vs. Authenticity,” Ph.D. Thesis, University of
`California at San Diego, 1997
`
`Jakobsson, Automatic PIN creation
`[159] Markus
`US20130125214 A1, 2012.
`
`using
`
`passwords,
`
`14
`
`Microsoft Ex. 1004, p. 14
`Microsoft v. Daedalus Blue
`IPR2021-00832
`
`

`

`[160] Markus Jakobsson, Systems and methods for creating a user credential
`and authentication using the created user credential, US 20130111571 A1,
`2012.
`
`[161] Markus Jakobsson, Password check by decomposing password, US
`20120284783 A1, 2012.
`
`[162] Markus Jakobsson, William Leddy, System and methods for protecting
`users from malicious content, US 20120192277 A1, 2011.
`
`[163] Markus Jakobsson, Karl-Anders R. Johansson, Auditing a device,
`US8370935 B1, 2011.
`
`[164] Markus Jakobsson, Methods and Apparatus for Efficient Computation of
`One-Way Chains in Cryptographic Applications, US20120303969 A1, 2011.
`
`[165] Markus Jakobsson, Automatic PIN creation using password, US
`20120110634 A1, 2011.
`
`[166] Markus Jakobsson, Jim Roy Palmer, Gustavo Maldonado, Interactive
`CAPTCHA, US20130007875 A1, 2011.
`
`[167] Markus Jakobsson, System access determination based on classification of
`stimuli, US 20110314559 A1, 2011.
`
`[168] Markus Jakobsson, System access determination based on classification of
`stimuli, WO 2011159356 A1, 2011.
`
`[169] Markus Jakobsson, Method, medium, and system for reducing fraud by
`increasing guilt during a purchase transaction, US8458041 B1, 2011.
`
`[170] Markus Jakobsson, Visuali