Bibliography

Abdalla, M., B. Haase, and J. Hesse. 2023. “CPace, a Balanced Composable PAKE.” 2023. https://datatracker.ietf.org/doc/draft-irtf-cfrg-cpace/.

Adams, Douglas. 1979. The Hitchhiker’s Guide to the Galaxy. 1st American ed. New York: Harmony Books.

AgileBits. 2015. “OPVault Design.” August 28, 2015. https://support.1password.com/opvault-design/.

Arciszewski, Scott. 2017. “No Way, JOSE!” March 14, 2017. https://paragonie.com/blog/2017/03/jwt-json-web-tokens-is-bad-standard-that-everyone-should-avoid.

Dechand, Sergej, Dominik Schürmann, Karoline Busse, Yasemin Acar, Sascha Fahl, and Matthew Smith. 2016. “An Empirical Study of Textual Key-Fingerprint Representations.” In 25th USENIX Security Symposium (USENIX Security 16), 193–208. Austin, TX: USENIX Association. https://www.usenix.org/conference/usenixsecurity16/technical-sessions/presentation/dechand.

Free Software Foundation. 1999. “The GNU Privacy Handbook.” The Free Software Foundation. 1999. https://www.gnupg.org/gph/en/manual.html.

Goldberg, Jeffrey. 2013. “You Have Secrets; We Don’t: Why Our Data Format Is Public.” AgileBits. May 6, 2013. https://blog.1password.com/you-have-secrets-we-dont-why-our-data-format-is-public/.

———. 2021. “How Strong Should Your Account Password Be? Here’s What We Learned.” September 27, 2021. https://blog.1password.com/cracking-challenge-update/.

Hunt, Troy. 2019. “Extended Validation Certificates Are (Really, Really) Dead.” August 13, 2019. https://www.troyhunt.com/extended-validation-certificates-are-really-really-dead/.

Jackson, Collin, Daniel R. Simon, Desney S. Tan, and Adam Barth. 2007. “An Evaluation of Extended Validation and Picture-in-Picture Phishing Attacks.” In Financial Cryptography and Data Security, edited by Sven Dietrich and Rachna Dhamija, 281–93. Berlin, Heidelberg: Springer Berlin Heidelberg.

Jones, M. 2015. “JSON Web Key (JWK).” Request for Comments. Internet Engineering Task Force; RFC 7517 (Proposed Standard); IETF. http://www.ietf.org/rfc/rfc7517.txt.

Kivinen, T., and M. Kojo. 2003. “More Modular Exponential (MODP) Diffie-Hellman groups for Internet Key Exchange (IKE).” Request for Comments. Internet Engineering Task Force; RFC 3526 (Proposed Standard); IETF. http://www.ietf.org/rfc/rfc3526.txt.

Knuth, Donald Ervin. 1984. The TeXbook. Reading, Mass.: Addison-Wesley.

Krawczyk, Hugo. 2010. “Cryptographic Extraction and Key Derivation: The HKDF Scheme.” Cryptology ePrint Archive, Report 2010/264.

Marlinspike, Moxie. 2016. “Safety Number Updates.” Open Whisper Systems. November 17, 2016. https://signal.org/blog/safety-number-updates/.

National Institute of Standards and Technology. 2013. FIPS PUB 186-4: Digital Signature Standard (DSS). Gaithersburg, MD, USA: National Institute for Standards; Technology. https://csrc.nist.gov/publications/detail/fips/186/4/final.

Pornin, Thomas. 2015. “The MAKWA Password Hashing Function.” 2015. http://www.bolet.org/makwa/makwa-spec-20150422.pdf.

Rehbehn, K., and D. Fowler. 2000. “Definitions of Managed Objects for Frame Relay Service.” Request for Comments. Internet Engineering Task Force; RFC 2954 (Proposed Standard); IETF. http://www.ietf.org/rfc/rfc2954.txt.

Taylor, D., T. Wu, N. Mavrogiannopoulos, and T. Perrin. 2007. “Using the Secure Remote Password (SRP) Protocol for TLS Authentication.” Request for Comments. Internet Engineering Task Force; RFC 5054 (Informational); IETF. http://www.ietf.org/rfc/rfc5054.txt.

Vaziripour, Elham, Justin Wu, Mark O’Neill, Ray Clinton, Jordan Whitehead, Scott Heidbrink, Kent Seamons, and Daniel Zappala. 2017. “Is That You, Alice? A Usability Study of the Authentication Ceremony of Secure Messaging Applications.” In Symposium on Usable Privacy and Security (SOUPS).

Vaziripour, Elham, Justin Wu, Mark O’Neill, Daniel Metro, Josh Cockrell, Timothy Moffett, Jordan Whitehead, Nick Bonner, Kent Seamons, and Daniel Zappala. 2018. “Action Needed! Helping Users Find and Complete the Authentication Ceremony in Signal.” In Fourteenth Symposium on Usable Privacy and Security (SOUPS 2018), 47–62. Baltimore, MD: USENIX Association. https://www.usenix.org/conference/soups2018/presentation/vaziripour.