[{"publication":"Proceedings on Privacy Enhancing Technologies","type":"conference","status":"public","file":[{"file_size":535700,"access_level":"closed","file_id":"58802","file_name":"foci-2025-0002.pdf","date_updated":"2025-02-24T08:07:59Z","creator":"flange","date_created":"2025-02-24T08:07:59Z","success":1,"relation":"main_file","content_type":"application/pdf"}],"abstract":[{"lang":"eng","text":"Iran employs one of the most prominent Internet censors in the world. An important part of Iran’s censorship apparatus is its analysis of unencrypted protocols such as HTTP and DNS. During routine evaluations of Iran’s HTTP and DNS censorship, we noticed several properties we believe to be unknown today. For instance, we found injections of correct static IPs for some domains such as google.com on the DNS level, unclear HTTP version parsing, and correlations between DNS and HTTP censorship. In this paper, we present our findings to the community and discuss possible takeaways for affected people and the censorship circumvention community. As some of our findings left us bewildered, we hope to ignite a discussion about Iran’s censorship behavior. We aim to use the discussion of our work to execute a thorough analysis and explanation of Iran’s censorship behavior in the future."}],"department":[{"_id":"632"}],"user_id":"63563","_id":"58801","file_date_updated":"2025-02-24T08:07:59Z","language":[{"iso":"eng"}],"ddc":["006"],"has_accepted_license":"1","quality_controlled":"1","citation":{"ama":"Lange F, Niere N, von Niessen J, Suermann D, Heitmann N, Somorovsky J. I(ra)nconsistencies: Novel Insights into Iran’s Censorship. In: Proceedings on Privacy Enhancing Technologies. ; 2025.","ieee":"F. Lange, N. Niere, J. von Niessen, D. Suermann, N. Heitmann, and J. Somorovsky, “I(ra)nconsistencies: Novel Insights into Iran’s Censorship,” presented at the Free and Open Communications on the Internet, Virtual, 2025.","chicago":"Lange, Felix, Niklas Niere, Jonathan von Niessen, Dennis Suermann, Nico Heitmann, and Juraj Somorovsky. “I(Ra)Nconsistencies: Novel Insights into Iran’s Censorship.” In Proceedings on Privacy Enhancing Technologies, 2025.","apa":"Lange, F., Niere, N., von Niessen, J., Suermann, D., Heitmann, N., & Somorovsky, J. (2025). I(ra)nconsistencies: Novel Insights into Iran’s Censorship. Proceedings on Privacy Enhancing Technologies. Free and Open Communications on the Internet, Virtual.","bibtex":"@inproceedings{Lange_Niere_von Niessen_Suermann_Heitmann_Somorovsky_2025, title={I(ra)nconsistencies: Novel Insights into Iran’s Censorship}, booktitle={Proceedings on Privacy Enhancing Technologies}, author={Lange, Felix and Niere, Niklas and von Niessen, Jonathan and Suermann, Dennis and Heitmann, Nico and Somorovsky, Juraj}, year={2025} }","short":"F. Lange, N. Niere, J. von Niessen, D. Suermann, N. Heitmann, J. Somorovsky, in: Proceedings on Privacy Enhancing Technologies, 2025.","mla":"Lange, Felix, et al. “I(Ra)Nconsistencies: Novel Insights into Iran’s Censorship.” Proceedings on Privacy Enhancing Technologies, 2025."},"year":"2025","author":[{"first_name":"Felix","last_name":"Lange","full_name":"Lange, Felix","id":"67893"},{"id":"63563","full_name":"Niere, Niklas","last_name":"Niere","first_name":"Niklas"},{"first_name":"Jonathan","last_name":"von Niessen","full_name":"von Niessen, Jonathan"},{"last_name":"Suermann","full_name":"Suermann, Dennis","first_name":"Dennis"},{"first_name":"Nico","orcid":"0009-0003-7687-7044","last_name":"Heitmann","full_name":"Heitmann, Nico","id":"74619"},{"orcid":"0000-0002-3593-7720","last_name":"Somorovsky","full_name":"Somorovsky, Juraj","id":"83504","first_name":"Juraj"}],"date_created":"2025-02-24T08:09:56Z","date_updated":"2025-05-06T13:48:32Z","oa":"1","conference":{"location":"Virtual","end_date":"2025-02-20","start_date":"2025-02-20","name":"Free and Open Communications on the Internet"},"main_file_link":[{"url":"https://www.petsymposium.org/foci/2025/foci-2025-0002.pdf","open_access":"1"}],"title":"I(ra)nconsistencies: Novel Insights into Iran’s Censorship"},{"year":"2025","citation":{"ama":"Niere N, Lange F, Heitmann N, Somorovsky J. Encrypted Client Hello (ECH) in Censorship Circumvention. In: ; 2025.","chicago":"Niere, Niklas, Felix Lange, Nico Heitmann, and Juraj Somorovsky. “Encrypted Client Hello (ECH) in Censorship Circumvention,” 2025.","ieee":"N. Niere, F. Lange, N. Heitmann, and J. Somorovsky, “Encrypted Client Hello (ECH) in Censorship Circumvention,” presented at the Free and Open Communications on the Internet, Washington, D.C., 2025.","apa":"Niere, N., Lange, F., Heitmann, N., & Somorovsky, J. (2025). Encrypted Client Hello (ECH) in Censorship Circumvention. Free and Open Communications on the Internet, Washington, D.C.","bibtex":"@inproceedings{Niere_Lange_Heitmann_Somorovsky_2025, title={Encrypted Client Hello (ECH) in Censorship Circumvention}, author={Niere, Niklas and Lange, Felix and Heitmann, Nico and Somorovsky, Juraj}, year={2025} }","mla":"Niere, Niklas, et al. Encrypted Client Hello (ECH) in Censorship Circumvention. 2025.","short":"N. Niere, F. Lange, N. Heitmann, J. Somorovsky, in: 2025."},"has_accepted_license":"1","title":"Encrypted Client Hello (ECH) in Censorship Circumvention","conference":{"name":"Free and Open Communications on the Internet","start_date":"2025-07-14","end_date":"2025-07-14","location":"Washington, D.C."},"main_file_link":[{"open_access":"1","url":"https://www.petsymposium.org/foci/2025/foci-2025-0016.pdf"}],"date_updated":"2025-10-23T14:26:38Z","oa":"1","author":[{"full_name":"Niere, Niklas","id":"63563","last_name":"Niere","first_name":"Niklas"},{"first_name":"Felix","last_name":"Lange","full_name":"Lange, Felix","id":"67893"},{"full_name":"Heitmann, Nico","id":"74619","orcid":"0009-0003-7687-7044","last_name":"Heitmann","first_name":"Nico"},{"last_name":"Somorovsky","orcid":"0000-0002-3593-7720","id":"83504","full_name":"Somorovsky, Juraj","first_name":"Juraj"}],"date_created":"2025-07-03T07:14:00Z","abstract":[{"lang":"eng","text":"Censors have long censored Transport Layer Security (TLS) traffic by inspecting the domain name in the unencrypted Server Name Indication (SNI) extension. By encrypting the SNI extension, the Encrypted ClientHello (ECH) prevents censors from blocking TLS traffic to certain domains. Despite this promising outlook, ECH’s current capability to contest TLS censorship is unclear; for instance, Russia has started censoring ECH connections successfully. This paper clarifies ECH’s current role for TLS censorship. To this end, we evaluate servers’ support for ECH and its analysis and subsequent blocking by censors. We determine Cloudflare as the only major provider supporting ECH. Additionally, we affirm previously known ECH censorship in Russia and uncover indirect censorship of ECH through encrypted DNS censorship in China and Iran. Our findings suggest that ECH’s contribution to censorship circumvention is currently limited: we consider ECH’s dependence on encrypted DNS especially challenging for ECH’s capability to circumvent censorship. We stress the importance of censorship-resistant ECH to solve the long-known problem of SNI-based TLS censorship."}],"status":"public","file":[{"date_updated":"2025-10-23T14:26:38Z","date_created":"2025-07-03T07:11:14Z","creator":"nniklas","file_size":755171,"file_name":"foci-2025-0016.pdf","access_level":"open_access","file_id":"60505","content_type":"application/pdf","relation":"main_file"}],"type":"conference","keyword":["censorship","circumvention","ECH","TLS"],"ddc":["006"],"language":[{"iso":"eng"}],"file_date_updated":"2025-10-23T14:26:38Z","_id":"60503","user_id":"63563"},{"author":[{"first_name":"Nico","last_name":"Heitmann","id":"74619","full_name":"Heitmann, Nico"},{"first_name":"Hendrik","last_name":"Siewert","full_name":"Siewert, Hendrik"},{"first_name":"Sven","last_name":"Moog","full_name":"Moog, Sven"},{"full_name":"Somorovsky, Juraj","id":"83504","last_name":"Somorovsky","orcid":"0000-0002-3593-7720","first_name":"Juraj"}],"date_created":"2024-05-23T11:15:39Z","date_updated":"2024-05-23T11:20:29Z","publisher":"Springer Nature Switzerland","main_file_link":[{"url":"https://link.springer.com/content/pdf/10.1007/978-3-031-54776-8_8.pdf"}],"conference":{"start_date":"2024-03-05","location":"Abu Dhabi","end_date":"2024-03-08"},"doi":"10.1007/978-3-031-54776-8_8","title":"Security Analysis of BigBlueButton and eduMEET","publication_status":"published","citation":{"chicago":"Heitmann, Nico, Hendrik Siewert, Sven Moog, and Juraj Somorovsky. “Security Analysis of BigBlueButton and EduMEET.” In Applied Cryptography and Network Security. Cham: Springer Nature Switzerland, 2024. https://doi.org/10.1007/978-3-031-54776-8_8.","ieee":"N. Heitmann, H. Siewert, S. Moog, and J. Somorovsky, “Security Analysis of BigBlueButton and eduMEET,” Abu Dhabi, 2024, doi: 10.1007/978-3-031-54776-8_8.","ama":"Heitmann N, Siewert H, Moog S, Somorovsky J. Security Analysis of BigBlueButton and eduMEET. In: Applied Cryptography and Network Security. Springer Nature Switzerland; 2024. doi:10.1007/978-3-031-54776-8_8","apa":"Heitmann, N., Siewert, H., Moog, S., & Somorovsky, J. (2024). Security Analysis of BigBlueButton and eduMEET. Applied Cryptography and Network Security. https://doi.org/10.1007/978-3-031-54776-8_8","short":"N. Heitmann, H. Siewert, S. Moog, J. Somorovsky, in: Applied Cryptography and Network Security, Springer Nature Switzerland, Cham, 2024.","mla":"Heitmann, Nico, et al. “Security Analysis of BigBlueButton and EduMEET.” Applied Cryptography and Network Security, Springer Nature Switzerland, 2024, doi:10.1007/978-3-031-54776-8_8.","bibtex":"@inproceedings{Heitmann_Siewert_Moog_Somorovsky_2024, place={Cham}, title={Security Analysis of BigBlueButton and eduMEET}, DOI={10.1007/978-3-031-54776-8_8}, booktitle={Applied Cryptography and Network Security}, publisher={Springer Nature Switzerland}, author={Heitmann, Nico and Siewert, Hendrik and Moog, Sven and Somorovsky, Juraj}, year={2024} }"},"place":"Cham","year":"2024","user_id":"74619","department":[{"_id":"632"}],"_id":"54437","language":[{"iso":"eng"}],"type":"conference","publication":"Applied Cryptography and Network Security","status":"public","abstract":[{"lang":"eng","text":"Video conferencing systems have become an indispensable part of our world. Using video conferencing systems implies the expectation that online meetings run as smoothly as in-person meetings. Thus, online meetings need to be just as secure and private as in-person meetings, which are secured against disruptive factors and unauthorized persons by physical access control mechanisms.\r\n\r\nTo show the security dangers of conferencing systems and raise general awareness when using these technologies, we analyze the security of two widely used research and education open-source video conferencing systems: BigBlueButton and eduMEET. Because both systems are very different, we analyzed their architectures, considering the respective components with their main tasks, features, and user roles. In the following systematic security analyses, we found 50 vulnerabilities. These include broken access control, NoSQL injection, and denial of service (DoS). The vulnerabilities have root causes of different natures. While BigBlueButton has a lot of complexity due to many components, eduMEET, which is relatively young, focuses more on features than security. The sheer amount of results and the lack of prior work indicate a research gap that needs to be closed since video conferencing systems continue to play a significant role in research, education, and everyday life."}]},{"abstract":[{"text":"TLS-Attacker is an open-source framework for analyzing Transport\r\nLayer Security (TLS) implementations. The framework allows users\r\nto specify custom protocol flows and provides modification hooks to\r\nmanipulate message contents. Since its initial publication in 2016 by\r\nJuraj Somorovsky, TLS-Attacker has been used in numerous studies\r\npublished at well-established conferences and helped to identify\r\nvulnerabilities in well-known open-source TLS libraries. To enable\r\nautomated analyses, TLS-Attacker has grown into a suite of projects,\r\neach designed as a building block that can be applied to facilitate\r\nvarious analysis methodologies. The framework still undergoes\r\ncontinuous improvements with feature extensions, such as DTLS\r\n1.3 or the addition of new dialects such as QUIC, to continue its\r\neffectiveness and relevancy as a security analysis framework.","lang":"eng"}],"status":"public","type":"conference","publication":"Proceedings of Cybersecurity Artifacts Competition and Impact Award (ACSAC ’24)","keyword":["SSL","TLS","DTLS","Protocol State Fuzzing","Planning Based"],"language":[{"iso":"eng"}],"_id":"57816","user_id":"67893","department":[{"_id":"632"}],"year":"2024","citation":{"short":"F. Bäumer, M. Brinkmann, N. Erinola, S.N. Hebrok, N. Heitmann, F. Lange, M. Maehren, R. Merget, N. Niere, M.M. Radoy, C. Schmidt, J. Schwenk, J. Somorovsky, in: Proceedings of Cybersecurity Artifacts Competition and Impact Award (ACSAC ’24), 2024.","mla":"Bäumer, Fabian, et al. “TLS-Attacker: A Dynamic Framework for Analyzing TLS Implementations.” Proceedings of Cybersecurity Artifacts Competition and Impact Award (ACSAC ’24), 2024.","bibtex":"@inproceedings{Bäumer_Brinkmann_Erinola_Hebrok_Heitmann_Lange_Maehren_Merget_Niere_Radoy_et al._2024, title={TLS-Attacker: A Dynamic Framework for Analyzing TLS Implementations}, booktitle={Proceedings of Cybersecurity Artifacts Competition and Impact Award (ACSAC ’24)}, author={Bäumer, Fabian and Brinkmann, Marcus and Erinola, Nurullah and Hebrok, Sven Niclas and Heitmann, Nico and Lange, Felix and Maehren, Marcel and Merget, Robert and Niere, Niklas and Radoy, Maximilian Manfred and et al.}, year={2024} }","apa":"Bäumer, F., Brinkmann, M., Erinola, N., Hebrok, S. N., Heitmann, N., Lange, F., Maehren, M., Merget, R., Niere, N., Radoy, M. M., Schmidt, C., Schwenk, J., & Somorovsky, J. (2024). TLS-Attacker: A Dynamic Framework for Analyzing TLS Implementations. Proceedings of Cybersecurity Artifacts Competition and Impact Award (ACSAC ’24). Annual Computer Security Applications Conference, Hawaii.","ama":"Bäumer F, Brinkmann M, Erinola N, et al. TLS-Attacker: A Dynamic Framework for Analyzing TLS Implementations. In: Proceedings of Cybersecurity Artifacts Competition and Impact Award (ACSAC ’24). ; 2024.","ieee":"F. Bäumer et al., “TLS-Attacker: A Dynamic Framework for Analyzing TLS Implementations,” presented at the Annual Computer Security Applications Conference, Hawaii, 2024.","chicago":"Bäumer, Fabian, Marcus Brinkmann, Nurullah Erinola, Sven Niclas Hebrok, Nico Heitmann, Felix Lange, Marcel Maehren, et al. “TLS-Attacker: A Dynamic Framework for Analyzing TLS Implementations.” In Proceedings of Cybersecurity Artifacts Competition and Impact Award (ACSAC ’24), 2024."},"quality_controlled":"1","title":"TLS-Attacker: A Dynamic Framework for Analyzing TLS Implementations","conference":{"end_date":"2024-12-13","location":"Hawaii","name":"Annual Computer Security Applications Conference","start_date":"2024-12-09"},"date_updated":"2025-02-27T08:02:30Z","date_created":"2024-12-17T11:25:14Z","author":[{"last_name":"Bäumer","full_name":"Bäumer, Fabian","first_name":"Fabian"},{"last_name":"Brinkmann","full_name":"Brinkmann, Marcus","first_name":"Marcus"},{"last_name":"Erinola","full_name":"Erinola, Nurullah","first_name":"Nurullah"},{"orcid":"0009-0006-1172-1665","last_name":"Hebrok","full_name":"Hebrok, Sven Niclas","id":"55616","first_name":"Sven Niclas"},{"first_name":"Nico","orcid":"0009-0003-7687-7044","last_name":"Heitmann","full_name":"Heitmann, Nico","id":"74619"},{"first_name":"Felix","id":"67893","full_name":"Lange, Felix","last_name":"Lange"},{"first_name":"Marcel","last_name":"Maehren","full_name":"Maehren, Marcel"},{"first_name":"Robert","last_name":"Merget","full_name":"Merget, Robert"},{"first_name":"Niklas","last_name":"Niere","id":"63563","full_name":"Niere, Niklas"},{"first_name":"Maximilian Manfred","last_name":"Radoy","orcid":"0009-0005-3059-6823","full_name":"Radoy, Maximilian Manfred","id":"68826"},{"first_name":"Conrad","full_name":"Schmidt, Conrad","last_name":"Schmidt"},{"first_name":"Jörg","full_name":"Schwenk, Jörg","last_name":"Schwenk"},{"orcid":"0000-0002-3593-7720","last_name":"Somorovsky","id":"83504","full_name":"Somorovsky, Juraj","first_name":"Juraj"}]}]