פרופ' אמיר הרצברג

פרופ'
מרכז תחום התמחות באבטחה ותקשורת
פרופ' אמיר הרצברג
טלפון: 
פקס: 
דוא"ל: 
משרד: 
שעות קבלה: 

פירסומים

Referred Journals 

[1] Nethanel Gelernter and Amir Herzberg. Gossip latin square and the meet-all gossipers problem. Information Processing Letters, (0):–, 2015.

[2] Amir Herzberg and Haya Shulman. Cipher-suite negotiation for DNSSEC: Hop-byhop or end-to-end? IEEE Internet Computing, 19(1):80–84, 2015.

[3] Yossi Gilad and Amir Herzberg. Off-Path TCP Injection Attacks. ACM Transactions on Information and System Security (TISSEC), April 2014. This work extends the results of two preliminary papers that appeared in WOOT 2012 and WWW 2013.

[4] Amir Herzberg and Haya Shulman. Retrofitting security into network protocols: The case of DNSSEC. IEEE Internet Computing, 18(1):66–71, January 2014.

[5] Yossi Gilad, Amir Herzberg, and Ari Trachtenberg. Securing smartphones: A µtcb approach. Pervasive Computing, IEEE, 13(4):72–79, 2014.

6] Yossi Gilad, Amir Herzberg, and Haya Shulman. Off-path hacking: The illusion of challenge-response authentication. IEEE Security & Privacy, 12(5):68–77, 2014. 

[7] Yuval Elovici, Michael Fire, Amir Herzberg, and Haya Shulman. Ethical considerations when employing fake identities in online social networks for research. Science and Engineering Ethics, 20(4):1027–1043, 2014.

8] M. Geva, A. Herzberg, and Y. Gev. Bandwidth distributed denial of service: Attacks and defenses. IEEE Security & Privacy, 12(1):54–61, January 2014. 

[9] Raz Abramov and Amir Herzberg. TCP Ack Storm DoS Attacks. Computers & Security, 33:12–27, 2013.

[10] Amir Herzberg and Haya Shulman. Oblivious and fair server-aided two-party computation. Information Security Technical Report, 17(4):210–226, 2013.

[11] Yossi Gilad and Amir Herzberg. Fragmentation Considered Vulnerable. ACM Transactions on Information and System Security (TISSEC), 15(4):16:1–16:31, April 2013. A preliminary version appeared in WOOT 2011.

[12] Amir Herzberg and Ronen Margulies. Forcing Johnny to login safely. Journal of Computer Security, 21(3):393–424, 2013. Extended version of the Esorics’11 paper. 

[13] Amir Herzberg and Ronen Margulies. Training johnny to authenticate (safely). IEEE Security & Privacy, 10(1):37–45, 2012. Special issue on ‘Developments in Authentication Technologies’.

14] Yossi Gilad and Amir Herzberg. LOT: A Defense Against IP Spoofing and Flooding Attacks. ACM Transactions on Information and System Security, 15(2):6:1–6:30, July 2012. 

[15] Christian S. Collberg, Jack W. Davidson, Roberto Giacobazzi, Yuan Xiang Gu, Amir Herzberg, and Fei-Yue Wang. Toward digital asset protection. IEEE Intelligent Systems, 26(6):8–13, 2011.

[16] A. Herzberg. DNS-based email sender authentication mechanisms: A critical review. Computers & Security, 28(8):731–742, 2009. 

[17] A. Herzberg. Folklore, practice and theory of robust combiners. Journal of Computer Security, 17(2):159–189, 2009.

 [18] Amir Herzberg and Igal Yoffe. The layered games framework for specifications and analysis of security protocols. IJACT, 1(2):144–159, 2008.

[19] Amir Herzberg. Why Johnny can’t surf (safely)? Attacks and defenses for web users. Computers & Security, 28:63–71, February 2008. 

[20] Amir Herzberg and Ahmad Jbara. Security and identification indicators for browsers against spoofing and phishing attacks. ACM Trans. Internet Techn., 8(4):16:1–16:36, October 2008

[21] Gal Badishi, Amir Herzberg, and Idit Keidar. Keeping denial-of-service attackers in the dark. IEEE Trans. Dependable Sec. Comput, 4(3):191–204, 2007.

[22] Amir Herzberg and Ahmad Jbara. Save the phish: (re)-establishing trust in the web. Dr. Dobbs Journal, October 2005.

[23] Amir Herzberg and Yosi Mass. Relying party credentials framework. Electronic Commerce Research, 4(1-2):23–39, 2004.

[24] Amir Herzberg. Payments and banking with mobile personal devices. Commun. ACM, 46(5):53–58, 2003.

25] Amotz Bar-Noy, Juan A. Garay, and Amir Herzberg. Sharing video on demand. Discrete Applied Mathematics, 129(1):3–30, 2003. 

[26] Amir Herzberg. Securing XML. Dr. Dobbs Journal, 27(3):56, 59–62, mar 2002

[27] Ran Canetti, Shai Halevi, and Amir Herzberg. Maintaining authenticated communication in the presence of break-ins. J. Cryptology, 13(1):61–105, 2000. 

[28] M. Bellare, J. A. Garay, R. Hauser, A. Herzberg, H. Krawczyk, M. Steiner, G. Tsudik, E. Van Herreweghen, and M. Waidner. Design, implementation, and deployment of the iKP secure electronic payment system. IEEE Journal of Selected Area in Communications, 18(4):611–627, April 2000. 

29] Amir Herzberg and Shay Kutten. Early detection of message forwarding faults. SIAM J. Comput., 30(4):1169–1196, 2000. 

[30] Giuseppe Ateniese, Amir Herzberg, Hugo Krawczyk, and Gene Tsudik. Untraceable mobility or how to travel incognito. Computer Networks, 31(8):871–884, 1999. 

[31] Pau-Chen Cheng, Juan A. Garay, Amir Herzberg, and Hugo Krawczyk. A security architecture for the internet protocol. IBM Systems Journal, 37(1):42–60, 1998.

32] Amir Herzberg and Dalit Naor. Surf’n’sign: Client signatures on web documents. IBM Systems Journal, 37(1):61–71, 1998. 

33] Carlo Blundo, Alfredo De Santis, Amir Herzberg, Shay Kutten, Ugo Vaccaro, and Moti Yung. Perfectly secure key distribution for dynamic conferences. Inf. Comput., 146(1):1–23, 1998. 

[34] Amir Herzberg. Safeguarding digital library contents: Charging for online content. D-Lib Magazine, January 1998.

35] Amir Herzberg and Hilik Yochai. Minipay: Charging per plick on the web. Computer Networks, 29(8-13):939–951, 1997.

[36] Ran Canetti, Rosario Gennaro, Amir Herzberg, and Dalit Naor. Proactive security: Long-term protection against break-ins. RSA CryptoBytes, 3(1):1–8, August 1997. 

[37] Hagit Attiya, Amir Herzberg, and Sergio Rajsbaum. Optimal clock synchronization under different delay assumptions. SIAM J. Comput., 25(2):369–389, 1996.

38] Ray Bird, Inder S. Gopal, Amir Herzberg, Philippe A. Janson, Shay Kutten, Re- fik Molva, and Moti Yung. The kryptoknight family of light-weight protocols for authentication and key distribution. IEEE/ACM Trans. Netw., 3(1):31–41, 1995.

[39] Yair Frankel, Amir Herzberg, Paul A. Karger, Hugo K. Krawczyk, Charles A. Kunzinger, and Moti Yung. Security issues in a CDPD wireless network. IEEE Personal Communications, 2(4):16–27, 1995. 

[40] Ray Bird, Inder S. Gopal, Amir Herzberg, Philippe A. Janson, Shay Kutten, Refik Molva, and Moti Yung. Systematic design of a family of attack-resistant authentication protocols. IEEE Journal on Selected Areas in Communications, 11(5):679–693, 1993. 

[41] Amir Herzberg and Shlomit S. Pinter. Public protection of software. ACM Trans. Comput. Syst., 5(4):371–393, 1987. 

 

Referred Book Chapters

[1] Amir Herzberg. Cryptographic protocols for controlling spam. In Wenbo Mao and
Markus Jacobsson, editors, Cryptographic Protocols. Prentice-Hall, 2005.

[2] Amir Herzberg. Payments and banking with mobile personal devices. In Steven R.
Gordon, editor, Information technology and e-Business in the Financial Services,
pages 341{354. Ivy League Publishing, 2004. ISBN 0-9648382-5-7.

[3] Amir Herzberg. Micropayments. In Weidong Kou, editor, Payment Technologies
for E-Commerce, pages 245{280. Springer-Verlag, 2003. Chapter 12, ISBN 3-540-
44007-0.

[4] Amir Herzberg andWolfgang Franke. Charging for content - the IBMmicro payment
system. In Friedrich Thiessen, editor, Bezahlsysteme im Internet, pages 208{220.
Fritz Kanpp Verlag, 1999. ISBN 3-7819-0642-6.

[5] Amir Herzberg. Microcomputer software protection. In Allen Kent, James G.
Williams, and Rosalind Kent, editors, Encyclopedia of Microcomputers, volume 11,
pages 129{140. Marcel Dekker Inc., 1992.

 

Patents

[1] A. Herzberg and Y. Mass. User policy for trusting web sites, April 2006. US Patent
7,024,691.

[2] A. Herzberg, Y. Yochai, E. Shai, and B. Binnun. Micro payment-based advertising,
October 2006. US Patent 7,124,115.

[3] A. Herzberg, D. Naor, E. Shai, and B. Barak. Method for operating proactively
secured applications on an insecure system, February 2006. US Patent 7,003,677.

[4] R. Canetti and A. Herzberg. Method for session key generation and updating in a
distributed communication network, July 2003. EP Patent 0,670,645.

[5] Y. Mass and A. Herzberg. System for continuous display and navigation in a virtualreality
world, April 2002. US Patent 6,380,952.

[6] A. Herzberg, H.M. Krawczyk, S. Kutten, L.A. Van, S.M. Matyas, and M.M. Yung.
Method and system for the secured distribution of programs, August 2001. EP Patent
0,717,337.

[7] A. Herzberg, H.M. Krawczyk, S. Kutten, A. Van Le, S.M. Matyas, and M.M. Yung.
Method and system for the secured distribution of multimedia titles, April 1998. US
Patent 5,745,678.

[8] A. Herzberg, S.M. Jarecki, H.M. Krawczyk, and M.M. Yung. Method and system
for a public key cryptosystem having proactive, robust, and recoverable distributed
threshold secret sharing, April 1997. US Patent 5,625,692.

[9] R.E. Bjorklund, F. Bauchot, M.M. Wetterwald, S. Kutten, and A. Herzberg. Method
and system for key distribution and authentication in a data communication network,
July 1996. US Patent 5,539,824.

[10] D. Bantz, F. Bauchot, E.D. Bello, S. Kutten, H. Krawczyk, A. Herzberg, and
Y. Mansour. Exchange certi cate for one way validation of information, May 1996.
US Patent 5,515,439.

[11] R. Canetti and A. Herzberg. Method for secure communication and key distribution
in a distributed network. EP Patent 0,670,644, September 1995.

[12] A. Herzberg, H.M. Krawczyk, S. Kutten, and Y. Mansour. Secure message authentication
for binary additive stream cipher systems., March 1995. EP Patent 0,644,676.

[13] D. Bantz, F. Bauchot, S. Kutten, A. Herzberg, B.E. Dal, H. Krawczyck, and Y. Mansour.
System and method for the transmission and validation of an updated encryption
key between two users., Junny 1995. EP Patent 0,656,708.

[14] R.E. Bjorklund, F. Bauchot, M.M. Wetterwald, S. Kutten, and A. Herzberg. A
method and system for key distribution and authentication in a data communication
network., June 1995. EP Patent 0,658,021.

[15] R. Canetti and A. Herzberg. Mechanism for keeping a key secret from mobile
eavesdroppers, May 1995. US Patent 5,412,723.

[16] R. Canetti and A. Herzberg. Secure communication and computation in an insecure
environment, November 1995. US Patent 5,469,507.

[17] R.F. Bird, A. Herzberg, P.A. Janson, S. Kutten, R.A. Molva, and M.M. Yung.
Multi-party secure session/conference, November 1994. US Patent 5,369,705.

[18] A. Herzberg, H.M. Krawczyk, S. Kutten, and Y. Mansour. Secure message authentication
for binary additive stream cipher systems, September 1994. US Patent
5,345,507.

[19] D. Coppersmith, A. Herzberg, H.M. Krawczyk, S. Kutten, and Y. Mansour. A
shrinking generator for cryptosystems., October 1994. EP Patent 0,619,659.

[20] A. Herzberg, S. Kutten, and M.M. Yung. Method and apparatus for authenticating
users of a communication system to each other. US Patent 5,202,921, April 1993.

[21] Amir Herzberg, Shay Kutten, and Moti Yung. Method and apparatus for authenticating
users of a communication system to each other. EP Patent 0,511,483, November
1992.

 

Proceedings of Referred Conferences

[1] Nethanel Gelernter and Amir Herzberg. Tell me about yourself: The malicious
CAPTCHA attack. In Proceedings of World Wide Web Conference, April 2016.

[2] Yossi Gilad, Amir Herzberg, Michael Sudkovitch, and Michael Goberman. CDNon-
Demand: an a ordable DDoS defense via untrusted clouds. In Network and
Distributed Systems Security (NDSS), February 2016.

[3] Avichai Cohen, Yossi Gilad, Amir Herzberg, and Michael Schapira. One hop for
RPKI, one giant leap for BGP security. In HotNets, 2015.

[4] Nethanel Gelernter, Yoel Grinstein, and Amir Herzberg. Remote framing attacks.
In Annual Computer Security Applications Conference (ACSAC), December 2015.

[5] Nethanel Gelernter and Amir Herzberg. Cross-site search attacks. In ACM Com-
puter and Communication Security (CCS), 2015.

[6] Amir Herzberg and Haya Shulman. DNS Authentication as-a-Service Against Ampli
cation Attacks. In Computer Security Applications Conference, 2014. AC-
SAC'14. Annual. IEEE, 2014.

[7] Amir Herzberg, Haya Shulman, and Bruno Crispo. Less is More: Cipher-Suite
Negotiation for DNSSEC. In Computer Security Applications Conference, 2014.
ACSAC'14. Annual. IEEE, 2014.

[8] Daniel Demmler, Amir Herzberg, and Thomas Schneider. RAID-PIR: Practical
multi-server PIR. In ACM Cloud Computing Security Worshop (CCSW), November
2014.

[9] Amir Herzberg and Haya Shulman. DNS security: Past, present and future. In
Future Security Conference, September 2014.

[10] Amir Herzberg and Haya Shulman. Right-signing: Ecient distribution of signed
data for DNSSEC, WSNs and beyond. In Conference on Cryptology and Network
Security (CANS), 2014.

[11] Amir Herzberg and Haya Shulman. Socket Overloading for Fun and Cache Poisoning.
In ACM Annual Computer Security Applications Conference (ACM ACSAC),
December 2013.

[12] Nethanel Gelernter and Amir Herzberg. On the limits of provable anonymity. In
Proceedings of the 12th annual ACM workshop on Privacy in the electronic society,
WPES '13, 2013.

[13] Amir Herzberg, Haya Shulman, Johanna Ullrich, and Edgar Weippl. Cloud Scouting:
Services Discovery and Topology Mapping. In Proceedings of the fth ACM
workshop on Cloud computing security workshop (CCSW). ACM, 2013.

[14] Amir Herzberg and Haya Shulman. Fragmentation Considered Poisonous: or onedomain-
to-rule-them-all.org. In CNS 2013. The Conference on Communications
and Network Security. IEEE. IEEE, 2013.

[15] Amir Herzberg and Haya Shulman. Vulnerable Delegation of DNS Resolution. In
Computer Security - ESORICS 2013 - 18th European Symposium on Research in
Computer Security, September, 2013. Proceedings, Lecture Notes in Computer Science.
Springer, 2013.

[16] Yossi Gilad and Amir Herzberg. Plug-and-play ip security: Anonymity infrastructure
instead of pki. In Jason Crampton, Sushil Jajodia, and Keith Mayes, editors,
Esorics, volume 8134 of LNCS, pages 255{272, September 2013.

[17] Boaz Catane and Amir Herzberg. Secure second price auctions with a rational auctioneer.
In The 10-th SECRYPT International Conference on Security and Cryp-
tography, 2013.

[18] Boaz Catane and Amir Herzberg. Massive group message authentication with revocable
anonymity. In The 10-th SECRYPT International Conference on Security
and Cryptography, 2013.

[19] Yossi Gilad and Amir Herzberg. When Tolerance Becomes Weakness: The Case of
Injection-Friendly Browsers. In Proceedings of the International World Wide Web
Conference, May 2013.

[20] Ronen Margulies and Amir Herzberg. Conducting ethical yet realistic usable security
studies. In Cyber-security Research Ethics Dialog and Strategy Workshop (CREDS
2013), May 2013.

[21] Christian Collberg, Aaron Gibson, Amir Herzberg, Sam Martin, Nitin Shinde, and
Haya Shulman. Exposing the Exposers: Identifying Sources of Leaked Documents.
In IEEE CNS 2013. The Conference on Communications and Network Security.,
2013.

[22] Amir Herzberg and Haya Shulman. DNSSEC: Security and Availability Challenges.
In IEEE CNS 2013. The Conference on Communications and Network Security.,
2013.

[23] Yehoshua Gev, Moti Geva, and Amir Herzberg. Backward trac throttling to
mitigate bandwidth 
oods. In Globecom 2012 - Communication and Information
System Security Symposium (GC12 CISS), Anaheim, CA, USA, December 2012.

[24] Amir Herzberg and Haya Shulman. Security of Patched DNS. In Sara
Foresti, Moti Yung, and Fabio Martinelli, editors, Computer Security - ES-
ORICS 2012 - 17th European Symposium on Research in Computer Security,
Pisa,conf/esorics/HerzbergS12 Italy, September 10-12, 2012. Proceedings, volume
7459 of Lecture Notes in Computer Science, pages 271{288. Springer, 2012.

[25] Moti Geva and Amir Herzberg. DOT-COM: Decentralized Online Trading and
COMmerce. In 8th International Workshop on Security and Trust Management
(STM 2012), September 2012.

[26] Yossi Gilad and Amir Herzberg. O -path attacking the web. In Proc. of 2012
USENIX Workshop on O ensive Technologies (WOOT), pages 41 { 52, Aug 2012.

[27] Yossi Gilad and Amir Herzberg. Spying in the Dark: TCP and Tor Trac Analysis.
In Simone Fischer-Hubner and Matthew Wright, editors, Privacy Enhancing
Technologies Symposium, volume 7384 of Lecture Notes in Computer Science, pages
100{119. Springer, 2012.

[28] Amir Herzberg and Haya Shulman. Antidotes for DNS Poisoning by O -Path Adversaries.
In The seventh International Conference on Availability, Reliability and
Security (ARES), pages 262{267, September 2012.

[29] A. Herzberg and H. Shulman. Oblivious and Fair Server-Aided Two-Party Computation.
In Seventh International Conference on Availability, Reliability and Security
(ARES), 2012, pages 75{84. IEEE, September 2012. Best paper award.

[30] Amir Herzberg and Ronen Margulies. Forcing Johnny to login safely. In Claudia
Diaz Vijay Atluri, editor, ESORICS, Lecture Notes in Computer Science.
Springer, September 2011.

[31] Raz Abramov and Amir Herzberg. TCP ACK Storm DoS Attacks. In Proceedings
of The IFIP 26th International Information Security Conference, IFIP SEC 2011,
pages 29{40, June 2011.

[32] M. Geva and A. Herzberg. QoSoDoS: If you can't beat them, join them! In
INFOCOM, 2011 Proceedings IEEE, pages 1278 {1286, April 2011.

[33] Yossi Gilad and Amir Herzberg. Fragmentation Considered Vulnerable: Blindly
Intercepting and Discarding Fragments. In Proc. USENIX Workshop on O ensive
Technologies, Aug 2011.

[34] Amir Herzberg and Haya Shulman. Unilateral antidotes to DNS cache poisoning. In
Security and Privacy in Communication Networks - 7th International ICST Con-
ference (SecureComm). Springer, September 2011.

[35] Amir Herzberg, Ely Porat, Nir So er, and ErezWaisbard. Camou
aged private communication.
In PASSAT/SocialCom 2011, IEEE Third International Conference on
Privacy, Security, Risk and Trust (PASSAT), and IEEE Third International Con-
fernece on Social Computing (SocialCom), pages 1159{1162. IEEE, October 2011.

[36] Amir Herzberg and Haya Shulman. Stealth DoS Attacks on Secure Channels. In
Proceedings of Network and Distributed Systems Security (NDSS). Internet Society,
Feb. 2010.

[37] Yossi Gilad and Amir Herzberg. Lightweight opportunistic tunneling (LOT). In
Michael Backes and Peng Ning, editors, Computer Security - ESORICS 2009,
14th European Symposium on Research in Computer Security, Saint-Malo, France,
September 21-23, 2009. Proceedings, volume 5789 of Lecture Notes in Computer
Science, pages 104{119. Springer, 2009.

[38] Amir Herzberg. Combining authentication, reputation and classi cation to make
phishing unpro table. In Proceedings of The IFIP 24th International Information
Security Conference, IFIP SEC 2009, pages 13{24. Springer, May 2009.

[39] Amir Herzberg, Haya Shulman, Amitabh Saxena, and Bruno Crispo. Towards a
theory of white-box security. In Dimitris Gritzalis and Javier Lopez, editors, Pro-
ceedings of The IFIP 24th International Information Security Conference, IFIP SEC
2009, volume 297, pages 342{352. Springer, May 2009. 

[40] Amir Herzberg and Igal Yo e. The layered games framework for speci cations and
analysis of security protocols. In Ran Canetti, editor, Theory of Cryptography, Fifth
Theory of Cryptography Conference, TCC 2008, New York, USA, March 19-21,
2008, volume 4948 of Lecture Notes in Computer Science, pages 125{141. Springer,
2008.

[41] G. Badishi, A. Herzberg, I. Keidar, O. Romanov, and A. Yachin. An Empirical Study
of Denial of Service Mitigation Techniques. In 27th IEEE Int'l Symp. on Reliable
Distributed Systems (SRDS'08), Naples, Italy, pages 115{124, October 2008.

[42] Amir Herzberg and Haya Shulman. Robust combiners for white-box security. In
First International Workshop on Remote Entrusting, 2008.

[43] Amir Herzberg and Haya Shulman. Provably-secure programs execution in hostile
environment. In First International Workshop on Remote Entrusting, 2008.

[44] Amir Herzberg. Defending against phishing without client-side code. In OWASP
conference, 2008.

[45] Gal Badishi, Idit Keidar, Amir Herzberg, Oleg Romanov, and Avital Yachin. Denial
of service protection with beaver. In Christian Cachin, Felix C. Freiling, and Jaap-
Henk Hoepman, editors, From Security to Dependability, number 06371 in Dagstuhl
Seminar Proceedings, Dagstuhl, Germany, 2007. Internationales Begegnungs- und
Forschungszentrum fur Informatik (IBFI), Schloss Dagstuhl, Germany.

[46] Amir Herzberg and Haya Shulman. White-box remote procedure call. In Re-Trust
Workshop, 2007.

[47] Amir Herzberg and Igal Yo e. On secure orders in the presence of faults. In
Roberto De Prisco and Moti Yung, editors, 5th International Conference on Security
and Cryptography for Networks (SCN), volume 4116 of Lecture Notes in Computer
Science, pages 126{140. Springer, 2006.

[48] Amir Herzberg and Igal Yo e. Layered architecture for secure e-commerce applications.
In SECRYPT, pages 118{125, 2006.

[49] Gal Badishi, Idit Keidar, Amir Herzberg, Oleg Romanov, and Avital Yachin. Denial
of service protection with beaver. In From Security to Dependability, 2006.

[50] Amir Herzberg. On tolerant cryptographic constructions. In Alfred Menezes, editor,
Topics in Cryptology - CT-RSA 2005, The Cryptographers' Track at the RSA Con-
ference 2005, volume 3376 of Lecture Notes in Computer Science, pages 172{190.
Springer, 2005.

[51] Gal Badishi, Amir Herzberg, and Idit Keidar. Keeping denial-of-service attackers
in the dark. In Pierre Fraigniaud, editor, 19th International Conference on Dis-
tributed Computing (DISC 2005), Cracow, Poland, volume 3724 of Lecture Notes in
Computer Science, pages 18{32. Springer, 2005.

[52] Amir Herzberg. Fixing the web trust model. In First TIPPI workshop, June 2005.

[53] Amir Herzberg. Controlling spam by secure internet content selection. In Carlo
Blundo and Stelvio Cimato, editors, 4th International Conference on Security in
Communication Networks (SCN 2004), Amal , Italy, volume 3352 of Lecture Notes
in Computer Science, pages 337{350. Springer, 2004.

[54] Amir Herzberg and Yosi Mass. Relying party credentials framework. In CT-RSA,
pages 328{343, 2001.

[55] Amir Herzberg, Yosi Mass, Joris Mihaeli, Dalit Naor, and Yiftach Ravid. Access
control meets public key infrastructure, or: Assigning roles to strangers. In IEEE
Symposium on Security and Privacy, pages 2{14, 2000.

[56] Boaz Barak, Shai Halevi, Amir Herzberg, and Dalit Naor. Clock synchronization
with faults and recoveries (extended abstract). In PODC, pages 133{142, 2000.

[57] Boaz Barak, Amir Herzberg, Dalit Naor, and Eldad Shai. The proactive security
toolkit and applications. In ACM Conference on Computer and Communications
Security, pages 18{27, 1999.

[58] Yosi Mass and Amir Herzberg. VRCommerce - electronic commerce in virtual reality.
In ACM Conference on Electronic Commerce, pages 103{109, 1999.

[59] Amir Herzberg, Markus Jakobsson, Stanislaw Jarecki, Hugo Krawczyk, and Moti
Yung. Proactive public key and signature systems. In ACM Conference on Computer
and Communications Security, pages 100{110, 1997.

[60] Ran Canetti, Shai Halevi, and Amir Herzberg. Maintaining authenticated communication
in the presence of break-ins. In PODC, pages 15{24, 1997.

[61] Amir Herzberg, Stanislaw Jarecki, Hugo Krawczyk, and Moti Yung. Proactive secret
sharing or: How to cope with perpetual leakage. In CRYPTO, pages 339{352, 1995.

[62] Chee-Seng Chow and Amir Herzberg. Network randomization protocol: A proactive
pseudo-random generator. In Proceedings of the 5th Symposium on UNIX Security,
pages 55{64, Berkeley, CA, USA, jun 1995. USENIX Association.

[63] Sudhanshu Aggarwal, Juan A. Garay, and Amir Herzberg. Adaptive video on demand.
In ESA, pages 538{553, 1995.

[64] Pau-Chen Cheng, Juan A. Garay, Amir Herzberg, and Hugo Krawczyk. Securing
the internet protocol (abstract). In PODC, page 257, 1995.

[65] Pau-Chen Cheng, Juan A. Garay, Amir Herzberg, and Hugo Krawczyk. Design and
implementation of modular key management protocol and IP secure tunnel on AIX.
In Proceedings of the 5th Symposium on UNIX Security, pages 41{54, Berkeley, CA,
USA, jun 1995. USENIX Association.

[66] Mihir Bellare, Juan A. Garay, Ralf Hauser, Amir Herzberg, Hugo Krawczyk, Michael
Steiner, Gene Tsudik, and Michael Waidner. iKP: A family of secure electronic
payment protocols. In Proceedings of the First USENIX Workshop of Electronic
Commerce, pages 89{106, Berkeley, July 1995. USENIX Association.

[67] Ran Canetti and Amir Herzberg. Maintaining security in the presence of transient
faults. In CRYPTO, pages 425{438, 1994.

[68] Amir Herzberg, Hugo Krawczyk, and Gene Tsudik. On travelling incognito. In
IEEE Workshop on Mobile Computing Systems and Applications, Sata Cruz, CA,
dec 1994.

 [69] Amir Herzberg, Hugo Krawczyk, and Charlie Perkins. Security for mobile IP. In
Proc. of the 13th IETF, pages 356{361, July 1994. Also presented in InterOp 94
(Atlanta).

[70] Hagit Attiya, Amir Herzberg, and Sergio Rajsbaum. Optimal clock synchronization
under di erent delay assumptions (preliminary version). In PODC, pages 109{120,
1993.

[71] Amir Herzberg and Michael Luby. Pubic randomness in cryptography. In CRYPTO,
pages 421{432, 1992.

[72] Carlo Blundo, Alfredo De Santis, Amir Herzberg, Shay Kutten, Ugo Vaccaro, and
Moti Yung. Perfectly-secure key distribution for dynamic conferences. In CRYPTO,
pages 471{486, 1992.

[73] Amir Herzberg. Connection-based communication in dynamic networks (extended
abstract). In PODC, pages 13{24, 1992.

[74] Ray Bird, Inder S. Gopal, Amir Herzberg, Philippe A. Janson, Shay Kutten, Re k
Molva, and Moti Yung. Systematic design of two-party authentication protocols. In
CRYPTO, pages 44{61, 1991.

[75] Baruch Awerbuch, Oded Goldreich, and Amir Herzberg. A quantitative approach
to dynamic networks. In PODC, pages 189{203, 1990.

[76] Amir Herzberg and Shay Kutten. Fast isolation of arbitrary forwarding faults. In
PODC, pages 339{353, 1989.

[77] Oded Goldreich, Amir Herzberg, and Yishay Mansour. Source to destination communication
in the presence of faults. In PODC, pages 85{101, 1989.

[78] Amir Herzberg. Network management in the presence of faults. In ICCC, pages
512{517, 1988.

[79] Amir Herzberg and Shlomit S. Pinter. Public protection of software. In CRYPTO,
pages 158{179, 1985.

[80] A. Herzberg and G. Karmi. On software protection. In Proceedings of the 4th
Jerusalem Conference on Information Technology (JCIT), IEE Computer Society,
1984.

 

Other Cited Publications

[1] Amir Herzberg and Shlomit Pinter. Composite ciphers. Technical Report 576, Dept
of Electrical Engineering, Technion, Haifa, Israel, February 1986.

[2] Ran Canetti, Amir Herzberg, and Benny Pinkas. Distributed computing simulator.
Technical report TR-566, Technion - Israeli Institute of Technology, department of
computer science, jun 1989.

תחומי מחקר

אבטחת תקשורת ובפרט התקפות והגנות לפרוטוקולי האינטרנט (TCP/IP, DNS, routing ), אבטחת סייבר, ובפרט תקשורת וזיהוי פוגענים,  (malware)  קריפטוגרפיה יישומית ופיננסית לרבות אבטחת מסחר ותשלומים,  תקשורת אנונימית וסמויה, התקפות הנדסה-חברתית והגנות על משתמשים אנושיים,  ניהול אמון,  פרוטוקולי תקשורת.