@inproceedings{Jaggard2017a,
  author = {Aaron D. Jaggard and Paul Syverson},
  title = {Oft Target},
  booktitle = {HotPETs},
  year = {2017},
  url = {https://petsymposium.org/2017/papers/hotpets/oft-target-1707.pdf},
}
@inproceedings{Jansen2012a,
  author = {Rob Jansen and Nicholas Hopper},
  title = {{Shadow}: Running {Tor} in a Box for Accurate and Efficient Experimentation},
  booktitle = {NDSS},
  year = {2012},
  publisher = {Internet Society},
  url = {http://www.robgjansen.com/publications/shadow-ndss2012.pdf},
  note = {(visited on 2017-05-09)},
}
@misc{Dingledine2014a,
  author = {Roger Dingledine},
  title = {{Tor} security advisory: ``relay early'' traffic confirmation attack},
  month = {July},
  year = {2014},
  url = {https://blog.torproject.org/blog/tor-security-advisory-relay-early-traffic-confirmation-attack/},
  note = {(visited on 2017-05-09)},
}
@article{Goldberg2013a,
  author = {Ian Goldberg and Douglas Stebila and Berkant Ustaoglu},
  title = {Anonymity and one-way authentication in key exchange protocols},
  journal = {Designs, Codes and Cryptography},
  volume = {67},
  number = {2},
  year = {2013},
  pages = {245--269},
  note = {(visited on 2017-05-09)},
}
@inproceedings{Coppersmith1996a,
  author = {Don Coppersmith},
  title = {Finding a Small Root of a Bivariate Integer Equation; Factoring with High Bits Known},
  booktitle = {EUROCRYPT},
  publisher = {Springer},
  year = {1996},
  pages = {178--189},
  note = {(visited on 2017-05-09)},
}
@article{Coppersmith1997a,
  author = {Don Coppersmith},
  title = {Small Solutions to Polynomial Equations, and Low Exponent {RSA} Vulnerabilities},
  journal = {Journal of Cryptology},
  volume = {10},
  number = {4},
  year = {1997},
  pages = {233--260},
  url = {https://www.di.ens.fr/~fouque/ens-rennes/coppersmith.pdf},
  note = {(visited on 2017-05-09)},
}
@inproceedings{Biryukov2013a,
  author = {Alex Biryukov and Ivan Pustogarov and Ralf-Philipp Weinmann},
  title = {Trawling for {Tor} Hidden Services: Detection, Measurement, Deanonymization},
  booktitle = {Security and Privacy},
  publisher = {IEEE},
  year = {2013},
  url = {http://www.ieee-security.org/TC/SP2013/papers/4977a080.pdf},
  note = {(visited on 2017-05-09)},
}
@inproceedings{Heninger2012a,
  author = {Nadia Heninger and Zakir Durumeric and Eric Wustrow and J. Alex Halderman},
  title = {Mining Your {Ps} and {Qs}: Detection of Widespread Weak Keys in Network Devices},
  booktitle = {USENIX Security},
  publisher = {USENIX},
  year = {2012},
  url = {https://factorable.net/weakkeys12.extended.pdf},
  note = {(visited on 2017-05-09)},
}
@misc{tormetrics,
  author = {{The Tor Project}},
  title = {Servers -- {Tor} metrics},
  url = {https://metrics.torproject.org/networksize.html},
  note = {(visited on 2017-05-09)},
}
@misc{torspec,
  author = {Roger Dingledine and Nick Mathewson},
  title = {{Tor} Protocol Specification},
  url = {https://gitweb.torproject.org/torspec.git/tree/tor-spec.txt},
  note = {(visited on 2017-05-09)},
}
@misc{collector,
  author = {{The Tor Project}},
  title = {{CollecTor}},
  url = {https://collector.torproject.org},
  note = {(visited on 2017-05-09)},
}
@inproceedings{Hastings2016a,
  author = {Marcella Hastings and Joshua Fried and Nadia Heninger},
  title = {Weak Keys Remain Widespread in Network Devices},
  booktitle = {IMC},
  publisher = {ACM},
  year = {2016},
  url = {https://www.cis.upenn.edu/~nadiah/papers/weak-keys/weak-keys.pdf},
  note = {(visited on 2017-05-09)},
}
@inproceedings{Valenta2016a,
  author = {Luke Valenta and Shaanan Cohney and Alex Liao and Joshua Fried and Satya Bodduluri and Nadia Heninger},
  title = {Factoring as a Service},
  booktitle = {Financial Cryptography},
  publisher = {ACM},
  year = {2016},
  url = {https://eprint.iacr.org/2015/1000.pdf},
  note = {(visited on 2017-05-09)},
}
@misc{Bernstein04,
  author = {Daniel J. Bernstein},
  title = {How to find smooth parts of integers},
  year = {2004},
  url = {https://cr.yp.to/factorization/smoothparts-20040510.pdf},
  note = {(visited on 2017-05-09)},
}
@inproceedings{Bernstein2013a,
  author = {Daniel J. Bernstein and Yun-An Chang and Chen-Mou Cheng and Li-Ping Chou and Nadia Heninger and Tanja Lange and Nicko Someren},
  title = {Factoring {RSA} keys from certified smart cards: {Coppersmith} in the wild},
  booktitle = {ASIACRYPT},
  publisher = {Springer},
  year = {2013},
  url = {https://smartfacts.cr.yp.to/smartfacts-20130916.pdf},
  note = {(visited on 2017-05-09)},
}
@inproceedings{Lenstra2012a,
  author = {Arjen K. Lenstra and James P. Hughes and Maxime Augier and Joppe W. Bos and Thorsten Kleinjung and Christophe Wachter},
  title = {Public Keys},
  booktitle = {CRYPTO},
  publisher = {Springer},
  year = {2012},
  note = {(visited on 2017-05-09)},
}
@misc{fastgcd,
  author = {Nadia Heninger and J. Alex Halderman},
  title = {fastgcd},
  url = {https://factorable.net/fastgcd-1.0.tar.gz},
  note = {(visited on 2017-05-09)},
}
@article{Boneh1999a,
  author = {Dan Boneh},
  title = {Twenty Years of Attacks on the {RSA} Cryptosystem},
  journal = {Notices of the American Mathematical Society},
  volume = {46},
  number = {2},
  year = {1999},
  url = {http://crypto.stanford.edu/~dabo/pubs/papers/RSA-survey.pdf},
  note = {(visited on 2017-05-09)},
}
@misc{scallion,
  author = {Eric Swanson},
  title = {{Scallion} -- {GPU}-based Onion Hash generator},
  url = {https://github.com/lachesis/scallion},
  note = {(visited on 2017-05-09)},
}
@misc{stem,
  author = {Damian Johnson},
  title = {{Stem} Docs},
  url = {https://stem.torproject.org},
  note = {(visited on 2017-05-09)},
}
@misc{pycrypto,
  author = {Dwayne Litzenberger},
  title = {{PyCrypto} -- The {Python} Cryptography Toolkit},
  url = {https://www.dlitz.net/software/pycrypto/},
  note = {(visited on 2017-05-09)},
}
@misc{ahmia,
  author = {Juha Nurmi},
  title = {Ahmia -- Search {Tor} Hidden Services},
  url = {https://ahmia.fi/onions/},
  note = {(visited on 2017-05-09)},
}
@inproceedings{Winter2016a,
  author = {Philipp Winter and Roya Ensafi and Karsten Loesing and Nick Feamster},
  title = {Identifying and characterizing {Sybils} in the {Tor} network},
  booktitle = {USENIX Security},
  publisher = {USENIX},
  year = {2016},
  url = {https://nymity.ch/sybilhunting/pdf/sybilhunting-sec16.pdf},
  note = {(visited on 2017-05-09)},
}
@misc{OCearbhaill2013a,
  author = {Donncha O'Cearbhaill},
  title = {Trawling {Tor} Hidden Service -- Mapping the {DHT}},
  year = {2013},
  url = {https://donncha.is/2013/05/trawling-tor-hidden-services/},
  note = {(visited on 2017-05-09)},
}
@misc{vanity-domains,
  author = {Philipp Winter},
  title = {Are vanity onion domains a good idea?},
  year = {2015},
  month = {October},
  url = {https://moderncrypto.org/mail-archive/messaging/2015/001928.html},
  note = {(visited on 2017-05-09)},
}
@misc{facebook,
  author = {Alec Muffett},
  title = {Facebook brute forcing hidden services},
  year = {2014},
  month = {October},
  url = {https://lists.torproject.org/pipermail/tor-talk/2014-October/035413.html},
  note = {(visited on 2017-05-09)},
}
@article{Rivest1978a,
  author = {Ronald L. Rivest and Adi Shamir and Leonard Adleman},
  title = {A Method for Obtaining Digital Signatures and Public-Key Cryptosystems},
  journal = {Communications of the ACM},
  volume = {21},
  number = {2},
  pages = {120--126},
  year = {1978},
  publisher = {ACM},
  url = {https://people.csail.mit.edu/rivest/Rsapaper.pdf},
  note = {(visited on 2017-05-09)},
}
@inproceedings{Matic2015a,
  author = {Srdjan Matic and Platon Kotzias and Juan Caballero},
  title = {{CARONTE}: Detecting Location Leaks for Deanonymizing {Tor} Hidden Services},
  booktitle = {CCS},
  publisher = {ACM},
  year = {2015},
  url = {https://software.imdea.org/~juanca/papers/caronte_ccs15.pdf},
  note = {(visited on 2017-05-09)},
}
@misc{torresearch,
  author = {{The Tor Project}},
  title = {{Tor Research Home}},
  url = {https://research.torproject.org},
}
@misc{safety-board,
  author = {{The Tor Project}},
  title = {{Tor} Research Safety Board},
  url = {https://research.torproject.org/safetyboard.html},
  note = {(visited on 2017-05-09)},
}
@misc{prop224,
  author = {Nick Mathewson},
  title = {Next-Generation Hidden Services in {Tor}},
  url = {https://gitweb.torproject.org/torspec.git/tree/proposals/224-rend-spec-ng.txt},
  note = {(visited on 2017-08-01)},
}
@misc{Roberts2017a,
  author = {Laura M. Roberts},
  title = {``Anomalous keys in {Tor} relays'' technical report now available},
  url = {https://lists.torproject.org/pipermail/tor-dev/2017-April/012161.html},
  year = {2017},
  month = {April},
  note = {(visited on 2017-08-02)},
}
@misc{prop250,
  author = {{The Tor Project}},
  title = {{Tor} Shared Random Subsystem Specification},
  url = {https://gitweb.torproject.org/torspec.git/tree/srv-spec.txt},
  note = {(visited on 2017-08-02)},
}
@misc{dir-spec,
  author = {{The Tor Project}},
  title = {{Tor} directory protocol, version 3},
  url = {https://gitweb.torproject.org/torspec.git/tree/dir-spec.txt},
  note = {(visited on 2017-08-02)},
}
@misc{securedrop,
  author = {{Freedom of the Press Foundation}},
  title = {{SecureDrop}},
  url = {https://securedrop.org},
  note = {(visited on 2017-09-19)},
}
@inproceedings{Dorey2017a,
  author = {Kristen Dorey and Nicholas Chang-Fong and Aleksander Essex},
  title = {Indiscreet Logs: {Diffie-Hellman} Backdoors in {TLS}},
  booktitle = {NDSS},
  year = {2017},
  publisher = {Internet Society},
  url = {https://wp.internetsociety.org/ndss/wp-content/uploads/sites/25/2017/09/ndss2017_04A-2_Dorey_paper.pdf},
  note = {(visited on 2017-09-19)},
}
@inproceedings{Valenta2017a,
  author = {Luke Valenta and David Adrian and Antonio Sanso and Shaanan Cohney and Joshua Fried and Marcella Hastings and J. Alex Halderman and Nadia Heninger},
  title = {Measuring small subgroup attacks against {Diffie-Hellman}},
  booktitle = {NDSS},
  year = {2017},
  publisher = {Internet Society},
  url = {https://wp.internetsociety.org/ndss/wp-content/uploads/sites/25/2017/09/ndss2017_04A-1_Valenta_paper_0.pdf},
  note = {(visited on 2017-09-19)},
}
@inproceedings{Adrian2015a,
  author = {David Adrian and Karthikeyan Bhargavan and Zakir Durumeric and Pierrick Gaudry and Matthew Green and J. Alex Halderman and Nadia Heninger and Drew Springall and Emmanuel Thom\'e and Luke Valenta and Benjamin VanderSloot and Eric Wustrow and Santiago Zanella-B\'eguelin and Paul Zimmermann},
  title = {Imperfect Forward Secrecy: How {Diffie-Hellman} Fails in Practice},
  booktitle = {CCS},
  publisher = {ACM},
  year = {2015},
  url = {https://weakdh.org/imperfect-forward-secrecy-ccs15.pdf},
  note = {(visited on 2017-09-22)},
}
@misc{nmapdhscript,
  author = {Jacob Gajek},
  title = {ssl-dh-params},
  url = {https://nmap.org/nsedoc/scripts/ssl-dh-params.html},
  note = {(visited on 2017-09-22)},
}