Flavio D. Garcia

Senior Lecturer in Computer Security

School of Computer Science

University of Birmingham



Publications

BibTex
Chris McMahon Stone, Tom Chothia and Flavio D. Garcia.
Spinner: Semi-Automatic Detection of Pinning without Hostname Verification.
In 33rd Annual Computer Security Applications Conference (ACSAC 2017).
ACM, 2017.
PDF document
Sam L. Thomas, Tom Chothia, and Flavio D. Garcia.
Stringer: Measuring the Importance of Static Data Comparisons to Detect Backdoors and Undocumented Functionality.
In 22st European Symposium on Research in Computer Security (ESORICS 2017).
Lecture Notes in Computer Science, Vol. 10493, pages 513-531, 2017. Springer.
PDF document
Sam L. Thomas, Flavio D. Garcia, and Tom Chothia.
HumIDIFy: A Tool for Hidden Functionality Detection in Firmware.
In 14th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA 2017). Lecture Notes in Computer Science, Vol. 10327, pages 279-300, 2017. Springer.
PDF document
Tom Chothia, Flavio D. Garcia, Christopher Heppel, and Chris McMahon-Stone.
Why banker Bob (still) can’t get TLS right: A Security Analysis of TLS in Leading UK Banking Apps. In 21st International Conference on Financial Cryptography and Data Security (FC 2017). Lecture Notes in Computer Science, to appear, 2017. Springer.
PDF document
Eduard Marin, Dave Singelée, Flavio D. Garcia, Tom Chothia, Rik Willems and Bart Preneel.
On the (in)security of the Latest Generation Implantable Cardiac Defibrillators and How to Secure Them. In 32nd Annual Computer Security Applications Conference (ACSAC 2016).
ACM, 2016.
PDF document
Andreea-Ina Radu and Flavio D. Garcia.
LeiA: A Lightweight Authentication Protocol for CAN.
In 21st European Symposium on Research in Computer Security (ESORICS 2016).
Lecture Notes in Computer Science, Vol. 9879, pages 283-300, 2016. Springer.
PDF document
Flavio D. Garcia, David Oswald, Timo Kasper and Pierre Pavlidès.
Lock It and Still Lose It - On the (In)Security of Automotive Remote Keyless Entry Systems.
In 25th USENIX Security Symposium (USENIX Security 2016).
USENIX Association, pages 929-944, 2016.
PDF document
Flavio D. Garcia and Bart Jacobs.
The Fall of a Tiny Star.
In P. Ryan, D. Naccache, J.-J. Quisquater, editors,
The New Codebreakers: Essays Dedicated to David Kahn on the Occasion of His 85th Birthday.
Lecture Notes in Computer Science, Vol. 9100, pages 69-87, 2016.
PDF document
Roel Verdult and Flavio D. Garcia.
Cryptanalysis of the Megamos Crypto Automotive Immobilizer.
In USENIX ;login:. USENIX Association, Vol. 40/6, pages 17-22, 2015.
PDF document
Roel Verdult, Flavio D. Garcia and Baris Ege.
Dismantling Megamos Crypto: Wirelessly Lockpicking a Vehicle Immobilizer.
In 22th USENIX Security Symposium (USENIX Security 2013).
USENIX Association, pages 703-718, 2015.
PDF document
Tom Chothia, Flavio D. Garcia, Joeri de Ruiter, Jordi van den Breekel and Matthew Thompson.
Relay Cost Bounding for Contactless EMV Payments.
In 19th Financial Cryptography and Data Security (FC 2015).
Lecture Notes in Computer Science, Vol. 7459, pages 189-206. 2015
PDF document
PDF document
Flavio D. Garcia, Gerhard de Koning Gans and Roel Verdult.
Wirelessly Lockpicking a Smart Card Reader.
In International Journal of Information Security, Springer Verlag, 2014.
PDF document
Flavio D. Garcia, Eric R. Verheul and Bart Jacobs.
Cell-based Privacy-friendly Roadpricing.
In Computers & Mathematics with Applications, Vol. 65/5, pages 774-785, 2013.
PDF document
Gerhard de Koning Gans, Roel Verdult and Flavio D. Garcia.
A Toolbox for RFID Protocol Analysis.
In 4th International EURASIP Workshop on RFID Technology (EURASIP RFID 2012).
IEEE Computer Society, pages 27-34, 2012.
PDF document
Roel Verdult, Flavio D. Garcia and Josep Balasch.
Gone in 360 Seconds: Hijacking with Hitag2.
In 21st USENIX Security Symposium (USENIX Security 2012).
USENIX Association, pages 237-252, 2012.
PDF document
Flavio D. Garcia, Gerhard de Koning Gans, Roel Verdult and Milosch Meriac.
Dismantling iClass and iClass Elite.
In S. Foresti and M. Yung , editors,
17th European Symposium on Research in Computer Security (ESORICS 2012).
Lecture Notes in Computer Science, Vol. 7459, 2012. Springer Verlag.
PDF document
Flavio D. Garcia, Eric R. Verheul and Bart Jacobs.
Cell-based Roadpricing.
In S. Petkova-Nikova, A. Pashalidis, G. Pernul, editors,
8th European PKI Workshop (EuroPKI 2011)
Lecture Notes in Computer Science, Vol. 7163, pages 106-122, 2012. Springer Heidelberg.
PDF document
Flavio D. Garcia, Gerhard de Koning Gans and Roel Verdult.
Exposing iClass Key Diversification. (Best Paper Award)
In 5th USENIX Workshop on Offensive Technologies (WOOT 2011)
USENIX Association, pages 128-136. 2011.
PDF document
Flavio D. Garcia and Bart Jacobs.
Privacy-friendly Energy-metering via Homomorphic Encryption.
In J. Cuellar, J. Lopez, G. Barthe and A. Pretschner, editors,
6th Workshop on Security and Trust Management (STM 2010)
Lecture Notes in Computer Science, Vol. 6710, pages 226-238, 2011. Springer Verlag.
PDF document
Flavio D. Garcia, Peter van Rossum, Roel Verdult and Ronny Wichers Schreur.
Dismantling SecureMemory, CryptoMemory and CryptoRF.
In 17th ACM Conference on Computer and Communications Security (CCS 2010).
ACM Press, pages 250-259. 2010. ACM.
PDF document
Gerhard de Koning Gans and Flavio D. Garcia.
Towards a Practical Solution to the RFID Desynchronization Problem.
In S.B. Ors Yalcin, editor, 6th Workshop on RFID Security (RFIDSec 2010).
Lecture Notes in Computer Science, Vol. 6370, pages 203-219, 2010. Springer Verlag.
PDF document
Flavio D. Garcia and Peter van Rossum.
Modeling Privacy for Off-line RFID Systems.
In D. Gollmann and J.-L. Lanet, editors,
9th Smart Card Research and Advanced Applications (CARDIS 2010).
Lecture Notes in Computer Science, Vol. 6035, pages 194-208, 2010. Springer Verlag.
PDF document
David Galindo and Flavio D. Garcia.
A Schnorr-like Lightweight Identity Based Signature Scheme.
In B. Preneel, editor, Progress in Cryptology (AFRICACRYPT 2009).
Lecture Notes in Computer Science, Vol. 5580, pages 135-148, 2009. Springer Verlag.
PDF document
PDF document
Flavio D. Garcia, Peter van Rossum, Roel Verdult and Ronny Wichers Schreur.
Wirelessly Pickpocketing a Mifare Classic Card. (Outstanding Paper Award)
In 30th IEEE Symposium on Security and Privacy (S&P 2009), pages 3-15. 2009. IEEE.
PDF document
Flavio D. Garcia, Gerhard de Koning Gans, Ruben Muijrers,
Peter van Rossum, Roel Verdult, Ronny Wichers Schreur and Bart Jacobs.
Dismantling MIFARE Classic.
In S. Jajodia, and J. Lopez, editors,
13th European Symposium on Research in Computer Security (ESORICS 2008).
Lecture Notes in Computer Science, Vol. 5283, pages 97-114, 2008. Springer Verlag.
PDF document PDF document
Flavio D. Garcia and Peter van Rossum.
Sound and Complete Computational Interpretation of Symbolic Hashes in the Standard Model.
In Theoretical Computer Science, Vol. 394/1-2, pages 112-133, 2008.
PDF document
Gerhard de Koning Gans, Jaap-Henk Hoepman and Flavio D. Garcia.
A Practical Attack on the MIFARE Classic.
In G. Grimaud and F.-X. Standaert, editors,
8th Smart Card Research and Advanced Application Conference (CARDIS 2008).
Lecture Notes in Computer Science, Vol. 5189, pages 267-282, 2008. Springer Verlag.
PDF document
David Galindo and Flavio D. Garcia.
A Lightweight Identity Based Signature Scheme.
In 3rd Benelux Workshop on Information and System Security (WISSEC 2008).
Eindhoven, The Netherlands. 2008.
PDF document
David Galindo, Flavio D. Garcia, and Peter van Rossum.
Computational Soundness of Non-Malleable Commitments.
In 4th Information Security Practice and Experience Conference (ISPEC 2008).
Lecture Notes in Computer Science, Vol. 4991, pages 361-376. Sydney, Australia, 2008. Springer Verlag.
PDF document
Flavio D. Garcia and Peter van Rossum.
Sound Computational Interpretation of Symbolic Hashes in the Standard Model.
In H. Yoshiura, K. Sakurai, K. Rannenberg, Y. Murayama, S. Kawamura, editors,
Advances in Information and Computer Security. International Workshop on Security (IWSEC 2006).

Lecture Notes in Computer Science, Vol. 4266, pages 33-47. Kyoto, Japan, October 23-24, 2006. Springer Verlag.
PDF document
full: PDF document
Flavio D. Garcia and Peter van Rossum.
Sound and Complete Computational Interpretation of Formal Hashes (Extended Abstract).
In Véronique Cortier and Steve Kremer, editors,
Workshop of Formal and Computational Cryptography (FCC 2006).
Venice, Italy, July 2006.
PDF document
Flavio D. Garcia, Ichiro Hasuo, Wolter Pieters, and Peter van Rossum.
Provable Anonymity.
In Ralf Küsters and John Mitchell, editors,
3rd ACM Workshop on Formal Methods in Security Engineering (FMSE 2005).
ACM Press, pages 63-72. Alexandria , VA, U.S.A., November 2005.
PDF document
Flavio D. Garcia and Jaap-Henk Hoepman.
Off-line Karma: A Decentralized Currency for Peer-to-peer and Grid Applications.
In J. Ioannidis, A. Keromytis, and M. Yung, editors,
3rd Applied Cryptography and Network Security (ACNS 2005),
Lecture Notes in Computer Science, Vol. 3531, pages 364-377. New York, NY, USA, June 7-10 2005. Springer Verlag.
PDF document
Flavio D. Garcia and Jaap-Henk Hoepman.
Off-line Karma: A Decentralized Currency for Static Peer-to-peer and Grid Networks.
In S. Furnell, P. Dowland, G. Kormentazas, editors,
5th International Network Conference (INC 2005),
pages 325-332, Samos, Greece, July 5-7 2005.
PDF document
Flavio D. Garcia, Jaap-Henk Hoepman, and J. van Nieuwenhuizen.
Spam Filter Analysis.
In Y. Deswarte, F. Cuppens, S. Jajodia, and L. Wang, editors,
Security and Protection in Information Processing Systems. IFIP TC11 19th International Information Security Conference (SEC2004), pages 395-410, Toulouse, France, August 2004. Kluwer Academic Publishers.
PDF document

Theses

Flavio D. Garcia.
Formal and Computational Cryptography: Protocols, Hashes and Commitments.
PhD thesis, Radboud University Nijmegen, 2008.
PDF document
Flavio D. Garcia.
Stereovision with Neural Networks (in Spanish)
MSc thesis, Universidad Nacional de Córdoba, 2002.
PDF document

Preprints/Posters/Reports

Roel Verdult, Flavio D. Garcia and Josep Balasch.
Poster: Gone in 360 Seconds: Hijacking with Hitag2.
PDF document
Flavio D. Garcia, Gerhard de Koning Gans and Roel Verdult.
Poster: Dismantling iClass and iClass Elite.
Poster at 21st USENIX Security Symposium (USENIX Security 2012).
PDF document
Flavio D. Garcia, Gerhard de Koning Gans and Roel Verdult.
Tutorial: Proxmark, the Swiss Army Knife for RFID Security Research.
Tutorial at 8th Workshop on RFID Security and Privacy (RFIDSec 2012).
Technical Report, Radboud University Nijmegen, 2012.
PDF document
Ronny Wichers Schreur, Peter van Rossum, Flavio Garcia, Wouter Teepe, Jaap-Henk Hoepman, Bart Jacobs, Gerhard de Koning Gans, Roel Verdult, Ruben Muijrers, Ravindra Kali, and Vinesh Kali.
Security Flaw in MIFARE Classic.
Press release, Digital Security group, Radboud University Nijmegen. March 12, 2008. The Netherlands.
PDF document
Flavio D. Garcia, Peter van Rossum and Ana Sokolova.
Probabilistic anonymity and admissible schedulers.
Arxiv preprint arXiv:0706.1019. 2007.
PDF document
Flavio D. Garcia.
Extending Computational Soundness Further: the case of Non-malleable Commitments.
Technical Report, Radboud University Nijmegen, 2008.
PDF document
Flavio D. Garcia and Peter van Rossum.
Completeness of Formal Hashes in the Standard Model.
Technical Report, Radboud University Nijmegen. 2006.
PDF document
Flavio D. Garcia and Jaap-Henk Hoepman.
Off-line Karma: Towards a Decentralized Currency for Peer-to-peer and Grid Applications (Extended Abstract). In Workshop on Secure Multiparty Computations (SMP), Amsterdam, The Netherlands, October 7-8 2004.
PDF document