33 Publications

Mark all

[33]
2019 | Conference Paper | LibreCat-ID: 15908
Müller J, Brinkmann M, Poddebniak D, et al. “Johnny, you are fired!” -- Spoofing OpenPGP and S/MIME Signatures in Emails. In: 28th {USENIX} Security Symposium ({USENIX} Security 19). Santa Clara, CA: {USENIX} Association; 2019:1011-1028.
LibreCat | Download (ext.)
 
[32]
2019 | Conference Paper | LibreCat-ID: 15910
Engelbertz N, Mladenov V, Somorovsky J, Herring D, Erinola N, Schwenk J. Security Analysis of XAdES Validation in the CEF Digital Signature Services (DSS). In: Roßnagel H, Wagner S, Hühnlein D, eds. Open Identity Summit 2019. Gesellschaft für Informatik, Bonn; 2019:95-106.
LibreCat
 
[31]
2019 | Conference Paper | LibreCat-ID: 15909
Merget R, Somorovsky J, Aviram N, et al. Scalable Scanning and Automatic Classification of TLS Padding Oracle Vulnerabilities. In: 28th {USENIX} Security Symposium ({USENIX} Security 19). Santa Clara, CA: {USENIX} Association; 2019:1029-1046.
LibreCat | Download (ext.)
 
[30]
2018 | Conference Paper | LibreCat-ID: 15893
Poddebniak D, Somorovsky J, Schinzel S, Lochter M, Rosler P. Attacking Deterministic Signature Schemes Using Fault Attacks. In: 2018 IEEE European Symposium on Security and Privacy (EuroS&P). ; 2018. doi:10.1109/eurosp.2018.00031
LibreCat | DOI
 
[29]
2018 | Conference Paper | LibreCat-ID: 15906
Böck H, Somorovsky J, Young C. Return Of Bleichenbacher\textquoterights Oracle Threat (ROBOT). In: 27th {USENIX} Security Symposium ({USENIX} Security 18). Baltimore, MD: {USENIX} Association; 2018:817-849.
LibreCat | Download (ext.)
 
[28]
2018 | Conference Paper | LibreCat-ID: 15894
Detering D, Somorovsky J, Mainka C, Mladenov V, Schwenk J. On The (In-)Security Of JavaScript Object Signing And Encryption. In: Proceedings of the 1st Reversing and Offensive-Oriented Trends Symposium on - ROOTS. ; 2018. doi:10.1145/3150376.3150379
LibreCat | DOI
 
[27]
2018 | Conference Paper | LibreCat-ID: 15914
Engelbertz N, Erinola N, Herring D, Somorovsky J, Mladenov V, Schwenk J. Security Analysis of eIDAS -- The Cross-Country Authentication Scheme in Europe. In: 12th {USENIX} Workshop on Offensive Technologies ({WOOT} 18). Baltimore, MD: {USENIX} Association; 2018.
LibreCat | Download (ext.)
 
[26]
2018 | Conference Paper | LibreCat-ID: 15892
Albrecht MR, Massimo J, Paterson KG, Somorovsky J. Prime and Prejudice: Primality Testing Under Adversarial Conditions. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. ; 2018. doi:10.1145/3243734.3243787
LibreCat | DOI | Download (ext.)
 
[25]
2018 | Conference Paper | LibreCat-ID: 15905
Poddebniak D, Dresen C, Müller J, et al. Efail: Breaking S/MIME and OpenPGP Email Encryption using Exfiltration Channels. In: 27th {USENIX} Security Symposium ({USENIX} Security 18). Baltimore, MD: {USENIX} Association; 2018:549-566.
LibreCat | Download (ext.)
 
[24]
2017 | Conference Paper | LibreCat-ID: 15895
Muller J, Mladenov V, Somorovsky J, Schwenk J. SoK: Exploiting Network Printers. In: 2017 IEEE Symposium on Security and Privacy (SP). ; 2017. doi:10.1109/sp.2017.47
LibreCat | DOI | Download (ext.)
 
[23]
2017 | Conference Paper | LibreCat-ID: 15912
Grothe M, Niemann T, Somorovsky J, Schwenk J. Breaking and Fixing Gridcoin. In: 11th {USENIX} Workshop on Offensive Technologies ({WOOT} 17). Vancouver, BC: {USENIX} Association; 2017.
LibreCat | Download (ext.)
 
[22]
2016 | Conference Paper | LibreCat-ID: 15913
Böck H, Zauner A, Devlin S, Somorovsky J, Jovanovic P. Nonce-Disrespecting Adversaries: Practical Forgery Attacks on GCM in TLS. In: 10th {USENIX} Workshop on Offensive Technologies ({WOOT} 16). Austin, TX: {USENIX} Association; 2016.
LibreCat | Download (ext.)
 
[21]
2016 | Conference Paper | LibreCat-ID: 15907
Aviram N, Schinzel S, Somorovsky J, et al. DROWN: Breaking TLS Using SSLv2. In: 25th {USENIX} Security Symposium ({USENIX} Security 16). Austin, TX: {USENIX} Association; 2016:689-706.
LibreCat | Download (ext.)
 
[20]
2016 | Conference Paper | LibreCat-ID: 15896
Somorovsky J. Systematic Fuzzing and Testing of TLS Libraries. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security - CCS’16. ; 2016. doi:10.1145/2976749.2978411
LibreCat | DOI | Download (ext.)
 
[19]
2015 | Conference Paper | LibreCat-ID: 15898
Jager T, Schwenk J, Somorovsky J. On the Security of TLS 1.3 and QUIC Against Weaknesses in PKCS#1 v1.5 Encryption. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security - CCS ’15. ; 2015. doi:10.1145/2810103.2813657
LibreCat | DOI | Download (ext.)
 
[18]
2015 | Book Chapter | LibreCat-ID: 15899
Jager T, Schwenk J, Somorovsky J. Practical Invalid Curve Attacks on TLS-ECDH. In: Computer Security -- ESORICS 2015. Cham; 2015. doi:10.1007/978-3-319-24174-6_21
LibreCat | DOI | Download (ext.)
 
[17]
2015 | Conference Paper | LibreCat-ID: 15911
Kupser D, Mainka C, Schwenk J, Somorovsky J. How to Break XML Encryption -- Automatically. In: 9th {USENIX} Workshop on Offensive Technologies ({WOOT} 15). Washington, D.C.: {USENIX} Association; 2015.
LibreCat | Download (ext.)
 
[16]
2015 | Book Chapter | LibreCat-ID: 15897
Altmeier C, Mainka C, Somorovsky J, Schwenk J. AdIDoS – Adaptive and Intelligent Fully-Automatic Detection of Denial-of-Service Weaknesses in Web Services. In: Data Privacy Management, and Security Assurance - 10th International Workshop, {DPM} 2015, and 4th International Workshop, {QASA} 2015. Lecture Notes in Computer Science 9481. Cham; 2015. doi:10.1007/978-3-319-29883-2_5
LibreCat | DOI
 
[15]
2015 | Conference Paper | LibreCat-ID: 15900
Niemietz M, Somorovsky J, Mainka C, Schwenk J. Not so Smart: On Smart TV Apps. In: International Workshop on Secure Internet of Things (SIoT). ; 2015. doi:10.1109/siot.2015.13
LibreCat | DOI
 
[14]
2014 | Conference Paper | LibreCat-ID: 15904
Meyer C, Somorovsky J, Weiss E, Schwenk J, Schinzel S, Tews E. Revisiting SSL/TLS Implementations: New Bleichenbacher Side Channels and Attacks. In: 23rd {USENIX} Security Symposium ({USENIX} Security 14). San Diego, CA: {USENIX} Association; 2014:733-748.
LibreCat | Download (ext.)
 
[13]
2013 | Dissertation | LibreCat-ID: 15901
Somorovsky J. On the Insecurity of XML Security.; 2013. doi:10.1515/itit-2014-1045
LibreCat | DOI
 
[12]
2013 | Conference Paper | LibreCat-ID: 15918
Jager T, Paterson KG, Somorovsky J. One Bad Apple: Backwards Compatibility Attacks on State-of-the-Art Cryptography. In: 20th Annual Network and Distributed System Security Symposium, NDSS 2013, San Diego, California, USA, February 24-27, 2013. ; 2013.
LibreCat | Download (ext.)
 
[11]
2013 | Conference Paper | LibreCat-ID: 15902
Falkenberg A, Mainka C, Somorovsky J, Schwenk J. A New Approach towards DoS Penetration Testing on Web Services. In: 2013 IEEE 20th International Conference on Web Services. ; 2013. doi:10.1109/icws.2013.72
LibreCat | DOI
 
[10]
2013 | Journal Article | LibreCat-ID: 15903
Mainka C, Mladenov V, Somorovsky J, Schwenk J. Penetration test tool for XML-based web services. CEUR Workshop Proceedings. 2013;965:31-35.
LibreCat
 
[9]
2012 | Conference Paper | LibreCat-ID: 15888
Somorovsky J, Mayer A, Schwenk J, Kampmann M, Jensen M. On Breaking SAML: Be Whoever You Want to Be. In: Presented as Part of the 21st {USENIX} Security Symposium ({USENIX} Security 12). Bellevue, WA: {USENIX}; 2012:397-412.
LibreCat | Download (ext.)
 
[8]
2012 | Conference Paper | LibreCat-ID: 15890
Somorovsky J, Schwenk J. Technical Analysis of Countermeasures against Attack on XML Encryption -- or -- Just Another Motivation for Authenticated Encryption. In: 2012 IEEE Eighth World Congress on Services. ; 2012. doi:10.1109/services.2012.6
LibreCat | DOI
 
[7]
2012 | Book Chapter | LibreCat-ID: 15891
Jager T, Schinzel S, Somorovsky J. Bleichenbacher’s Attack Strikes again: Breaking PKCS#1 v1.5 in XML Encryption. In: Computer Security – ESORICS 2012. Berlin, Heidelberg; 2012. doi:10.1007/978-3-642-33167-1_43
LibreCat | DOI
 
[6]
2012 | Conference Paper | LibreCat-ID: 15917
Somorovsky J, Meyer C, Tran T, Sbeiti M, Schwenk J, Wietfeld C. Sec2: Secure Mobile Solution for Distributed Public Cloud Storages. In: ; 2012.
LibreCat
 
[5]
2011 | Conference Paper | LibreCat-ID: 15887
Jensen M, Meyer C, Somorovsky J, Schwenk J. On the effectiveness of XML Schema validation for countering XML Signature Wrapping attacks. In: 2011 1st International Workshop on Securing Services on the Cloud (IWSSC). ; 2011. doi:10.1109/iwsscloud.2011.6049019
LibreCat | DOI
 
[4]
2011 | Conference Paper | LibreCat-ID: 15915
Jager T, Somorovsky J. How to break XML encryption. In: Proceedings of the 18th ACM Conference on Computer and Communications Security - CCS ’11. ; 2011. doi:10.1145/2046707.2046756
LibreCat | DOI | Download (ext.)
 
[3]
2011 | Conference Paper | LibreCat-ID: 15916
Meyer C, Somorovsky J, Driessen B, Schwenk J, Tran T, Wietfeld C. Sec2: Ein mobiles Nutzer-kontrolliertes Sicherheitskonzept für Cloud-Storage. In: ; 2011.
LibreCat
 
[2]
2011 | Conference Paper | LibreCat-ID: 15885
Somorovsky J, Heiderich M, Jensen M, Schwenk J, Gruschka N, Lo Iacono L. All your clouds are belong to us: security analysis of cloud management interfaces. In: Proceedings of the 3rd ACM Workshop on Cloud Computing Security Workshop - CCSW ’11. ; 2011. doi:10.1145/2046660.2046664
LibreCat | DOI | Download (ext.)
 
[1]
2010 | Conference Paper | LibreCat-ID: 15889
Somorovsky J, Jensen M, Schwenk J. Streaming-Based Verification of XML Signatures in SOAP Messages. In: 2010 6th World Congress on Services. ; 2010. doi:10.1109/services.2010.57
LibreCat | DOI
 

Search

Filter Publications

Display / Sort

Citation Style: AMA

Export / Embed

33 Publications

Mark all

[33]
2019 | Conference Paper | LibreCat-ID: 15908
Müller J, Brinkmann M, Poddebniak D, et al. “Johnny, you are fired!” -- Spoofing OpenPGP and S/MIME Signatures in Emails. In: 28th {USENIX} Security Symposium ({USENIX} Security 19). Santa Clara, CA: {USENIX} Association; 2019:1011-1028.
LibreCat | Download (ext.)
 
[32]
2019 | Conference Paper | LibreCat-ID: 15910
Engelbertz N, Mladenov V, Somorovsky J, Herring D, Erinola N, Schwenk J. Security Analysis of XAdES Validation in the CEF Digital Signature Services (DSS). In: Roßnagel H, Wagner S, Hühnlein D, eds. Open Identity Summit 2019. Gesellschaft für Informatik, Bonn; 2019:95-106.
LibreCat
 
[31]
2019 | Conference Paper | LibreCat-ID: 15909
Merget R, Somorovsky J, Aviram N, et al. Scalable Scanning and Automatic Classification of TLS Padding Oracle Vulnerabilities. In: 28th {USENIX} Security Symposium ({USENIX} Security 19). Santa Clara, CA: {USENIX} Association; 2019:1029-1046.
LibreCat | Download (ext.)
 
[30]
2018 | Conference Paper | LibreCat-ID: 15893
Poddebniak D, Somorovsky J, Schinzel S, Lochter M, Rosler P. Attacking Deterministic Signature Schemes Using Fault Attacks. In: 2018 IEEE European Symposium on Security and Privacy (EuroS&P). ; 2018. doi:10.1109/eurosp.2018.00031
LibreCat | DOI
 
[29]
2018 | Conference Paper | LibreCat-ID: 15906
Böck H, Somorovsky J, Young C. Return Of Bleichenbacher\textquoterights Oracle Threat (ROBOT). In: 27th {USENIX} Security Symposium ({USENIX} Security 18). Baltimore, MD: {USENIX} Association; 2018:817-849.
LibreCat | Download (ext.)
 
[28]
2018 | Conference Paper | LibreCat-ID: 15894
Detering D, Somorovsky J, Mainka C, Mladenov V, Schwenk J. On The (In-)Security Of JavaScript Object Signing And Encryption. In: Proceedings of the 1st Reversing and Offensive-Oriented Trends Symposium on - ROOTS. ; 2018. doi:10.1145/3150376.3150379
LibreCat | DOI
 
[27]
2018 | Conference Paper | LibreCat-ID: 15914
Engelbertz N, Erinola N, Herring D, Somorovsky J, Mladenov V, Schwenk J. Security Analysis of eIDAS -- The Cross-Country Authentication Scheme in Europe. In: 12th {USENIX} Workshop on Offensive Technologies ({WOOT} 18). Baltimore, MD: {USENIX} Association; 2018.
LibreCat | Download (ext.)
 
[26]
2018 | Conference Paper | LibreCat-ID: 15892
Albrecht MR, Massimo J, Paterson KG, Somorovsky J. Prime and Prejudice: Primality Testing Under Adversarial Conditions. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. ; 2018. doi:10.1145/3243734.3243787
LibreCat | DOI | Download (ext.)
 
[25]
2018 | Conference Paper | LibreCat-ID: 15905
Poddebniak D, Dresen C, Müller J, et al. Efail: Breaking S/MIME and OpenPGP Email Encryption using Exfiltration Channels. In: 27th {USENIX} Security Symposium ({USENIX} Security 18). Baltimore, MD: {USENIX} Association; 2018:549-566.
LibreCat | Download (ext.)
 
[24]
2017 | Conference Paper | LibreCat-ID: 15895
Muller J, Mladenov V, Somorovsky J, Schwenk J. SoK: Exploiting Network Printers. In: 2017 IEEE Symposium on Security and Privacy (SP). ; 2017. doi:10.1109/sp.2017.47
LibreCat | DOI | Download (ext.)
 
[23]
2017 | Conference Paper | LibreCat-ID: 15912
Grothe M, Niemann T, Somorovsky J, Schwenk J. Breaking and Fixing Gridcoin. In: 11th {USENIX} Workshop on Offensive Technologies ({WOOT} 17). Vancouver, BC: {USENIX} Association; 2017.
LibreCat | Download (ext.)
 
[22]
2016 | Conference Paper | LibreCat-ID: 15913
Böck H, Zauner A, Devlin S, Somorovsky J, Jovanovic P. Nonce-Disrespecting Adversaries: Practical Forgery Attacks on GCM in TLS. In: 10th {USENIX} Workshop on Offensive Technologies ({WOOT} 16). Austin, TX: {USENIX} Association; 2016.
LibreCat | Download (ext.)
 
[21]
2016 | Conference Paper | LibreCat-ID: 15907
Aviram N, Schinzel S, Somorovsky J, et al. DROWN: Breaking TLS Using SSLv2. In: 25th {USENIX} Security Symposium ({USENIX} Security 16). Austin, TX: {USENIX} Association; 2016:689-706.
LibreCat | Download (ext.)
 
[20]
2016 | Conference Paper | LibreCat-ID: 15896
Somorovsky J. Systematic Fuzzing and Testing of TLS Libraries. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security - CCS’16. ; 2016. doi:10.1145/2976749.2978411
LibreCat | DOI | Download (ext.)
 
[19]
2015 | Conference Paper | LibreCat-ID: 15898
Jager T, Schwenk J, Somorovsky J. On the Security of TLS 1.3 and QUIC Against Weaknesses in PKCS#1 v1.5 Encryption. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security - CCS ’15. ; 2015. doi:10.1145/2810103.2813657
LibreCat | DOI | Download (ext.)
 
[18]
2015 | Book Chapter | LibreCat-ID: 15899
Jager T, Schwenk J, Somorovsky J. Practical Invalid Curve Attacks on TLS-ECDH. In: Computer Security -- ESORICS 2015. Cham; 2015. doi:10.1007/978-3-319-24174-6_21
LibreCat | DOI | Download (ext.)
 
[17]
2015 | Conference Paper | LibreCat-ID: 15911
Kupser D, Mainka C, Schwenk J, Somorovsky J. How to Break XML Encryption -- Automatically. In: 9th {USENIX} Workshop on Offensive Technologies ({WOOT} 15). Washington, D.C.: {USENIX} Association; 2015.
LibreCat | Download (ext.)
 
[16]
2015 | Book Chapter | LibreCat-ID: 15897
Altmeier C, Mainka C, Somorovsky J, Schwenk J. AdIDoS – Adaptive and Intelligent Fully-Automatic Detection of Denial-of-Service Weaknesses in Web Services. In: Data Privacy Management, and Security Assurance - 10th International Workshop, {DPM} 2015, and 4th International Workshop, {QASA} 2015. Lecture Notes in Computer Science 9481. Cham; 2015. doi:10.1007/978-3-319-29883-2_5
LibreCat | DOI
 
[15]
2015 | Conference Paper | LibreCat-ID: 15900
Niemietz M, Somorovsky J, Mainka C, Schwenk J. Not so Smart: On Smart TV Apps. In: International Workshop on Secure Internet of Things (SIoT). ; 2015. doi:10.1109/siot.2015.13
LibreCat | DOI
 
[14]
2014 | Conference Paper | LibreCat-ID: 15904
Meyer C, Somorovsky J, Weiss E, Schwenk J, Schinzel S, Tews E. Revisiting SSL/TLS Implementations: New Bleichenbacher Side Channels and Attacks. In: 23rd {USENIX} Security Symposium ({USENIX} Security 14). San Diego, CA: {USENIX} Association; 2014:733-748.
LibreCat | Download (ext.)
 
[13]
2013 | Dissertation | LibreCat-ID: 15901
Somorovsky J. On the Insecurity of XML Security.; 2013. doi:10.1515/itit-2014-1045
LibreCat | DOI
 
[12]
2013 | Conference Paper | LibreCat-ID: 15918
Jager T, Paterson KG, Somorovsky J. One Bad Apple: Backwards Compatibility Attacks on State-of-the-Art Cryptography. In: 20th Annual Network and Distributed System Security Symposium, NDSS 2013, San Diego, California, USA, February 24-27, 2013. ; 2013.
LibreCat | Download (ext.)
 
[11]
2013 | Conference Paper | LibreCat-ID: 15902
Falkenberg A, Mainka C, Somorovsky J, Schwenk J. A New Approach towards DoS Penetration Testing on Web Services. In: 2013 IEEE 20th International Conference on Web Services. ; 2013. doi:10.1109/icws.2013.72
LibreCat | DOI
 
[10]
2013 | Journal Article | LibreCat-ID: 15903
Mainka C, Mladenov V, Somorovsky J, Schwenk J. Penetration test tool for XML-based web services. CEUR Workshop Proceedings. 2013;965:31-35.
LibreCat
 
[9]
2012 | Conference Paper | LibreCat-ID: 15888
Somorovsky J, Mayer A, Schwenk J, Kampmann M, Jensen M. On Breaking SAML: Be Whoever You Want to Be. In: Presented as Part of the 21st {USENIX} Security Symposium ({USENIX} Security 12). Bellevue, WA: {USENIX}; 2012:397-412.
LibreCat | Download (ext.)
 
[8]
2012 | Conference Paper | LibreCat-ID: 15890
Somorovsky J, Schwenk J. Technical Analysis of Countermeasures against Attack on XML Encryption -- or -- Just Another Motivation for Authenticated Encryption. In: 2012 IEEE Eighth World Congress on Services. ; 2012. doi:10.1109/services.2012.6
LibreCat | DOI
 
[7]
2012 | Book Chapter | LibreCat-ID: 15891
Jager T, Schinzel S, Somorovsky J. Bleichenbacher’s Attack Strikes again: Breaking PKCS#1 v1.5 in XML Encryption. In: Computer Security – ESORICS 2012. Berlin, Heidelberg; 2012. doi:10.1007/978-3-642-33167-1_43
LibreCat | DOI
 
[6]
2012 | Conference Paper | LibreCat-ID: 15917
Somorovsky J, Meyer C, Tran T, Sbeiti M, Schwenk J, Wietfeld C. Sec2: Secure Mobile Solution for Distributed Public Cloud Storages. In: ; 2012.
LibreCat
 
[5]
2011 | Conference Paper | LibreCat-ID: 15887
Jensen M, Meyer C, Somorovsky J, Schwenk J. On the effectiveness of XML Schema validation for countering XML Signature Wrapping attacks. In: 2011 1st International Workshop on Securing Services on the Cloud (IWSSC). ; 2011. doi:10.1109/iwsscloud.2011.6049019
LibreCat | DOI
 
[4]
2011 | Conference Paper | LibreCat-ID: 15915
Jager T, Somorovsky J. How to break XML encryption. In: Proceedings of the 18th ACM Conference on Computer and Communications Security - CCS ’11. ; 2011. doi:10.1145/2046707.2046756
LibreCat | DOI | Download (ext.)
 
[3]
2011 | Conference Paper | LibreCat-ID: 15916
Meyer C, Somorovsky J, Driessen B, Schwenk J, Tran T, Wietfeld C. Sec2: Ein mobiles Nutzer-kontrolliertes Sicherheitskonzept für Cloud-Storage. In: ; 2011.
LibreCat
 
[2]
2011 | Conference Paper | LibreCat-ID: 15885
Somorovsky J, Heiderich M, Jensen M, Schwenk J, Gruschka N, Lo Iacono L. All your clouds are belong to us: security analysis of cloud management interfaces. In: Proceedings of the 3rd ACM Workshop on Cloud Computing Security Workshop - CCSW ’11. ; 2011. doi:10.1145/2046660.2046664
LibreCat | DOI | Download (ext.)
 
[1]
2010 | Conference Paper | LibreCat-ID: 15889
Somorovsky J, Jensen M, Schwenk J. Streaming-Based Verification of XML Signatures in SOAP Messages. In: 2010 6th World Congress on Services. ; 2010. doi:10.1109/services.2010.57
LibreCat | DOI
 

Search

Filter Publications

Display / Sort

Citation Style: AMA

Export / Embed