1. Albrecht, M.R., Paterson, K.G., Watson, G.J.: Plaintext recovery attacks against SSH. In: Evans, D., Myers, A. (eds.) 2009 IEEE Symposium on Security and Privacy, Proceedings, pp. 16–26. IEEE Computer Society (2009), http://www.isg.rhul.ac.uk/~kp/SandPfinal.pdf

2. Alfardan, N.J., Paterson, K.G.: Plaintext-recovery attacks against datagram TLS. In: NDSS 2012 (to appear, 2012), http://www.isg.rhul.ac.uk/~kp/dtls.pdf

3. Bacelar Almeida, J., Barbosa, M., Pinto, J.S., Vieira, B.: Formal verification of side channel countermeasures using self-composition. Science of Computer Programming (to appear), http://dx.doi.org/10.1016/j.scico.2011.10.008

4. Apple. iPhone end user licence agreement. Copy distributed inside each iPhone 4; transcribed at http://rxt3ch.wordpress.com/2011/09/27/iphone-end-user-liscence-agreement-quick-refrence/

5. Barker, E., Barker, W., Burr, W., Polk, W., Smid, M.: Recommendation for key management—part 1: General (revised). NIST Special Publication 800-57 (2007), http://csrc.nist.gov/groups/ST/toolkit/documents/SP800-57Part1_3-8-07.pdf