33 Publications

Mark all

[33]
2019 | Conference Paper | LibreCat-ID: 15908
J. Müller et al., “‘Johnny, you are fired!’ -- Spoofing OpenPGP and S/MIME Signatures in Emails,” in 28th {USENIX} Security Symposium ({USENIX} Security 19), 2019, pp. 1011–1028.
LibreCat | Download (ext.)
 
[32]
2019 | Conference Paper | LibreCat-ID: 15910
N. Engelbertz, V. Mladenov, J. Somorovsky, D. Herring, N. Erinola, and J. Schwenk, “Security Analysis of XAdES Validation in the CEF Digital Signature Services (DSS),” in Open Identity Summit 2019, 2019, pp. 95–106.
LibreCat
 
[31]
2019 | Conference Paper | LibreCat-ID: 15909
R. Merget et al., “Scalable Scanning and Automatic Classification of TLS Padding Oracle Vulnerabilities,” in 28th {USENIX} Security Symposium ({USENIX} Security 19), 2019, pp. 1029–1046.
LibreCat | Download (ext.)
 
[30]
2018 | Conference Paper | LibreCat-ID: 15893
D. Poddebniak, J. Somorovsky, S. Schinzel, M. Lochter, and P. Rosler, “Attacking Deterministic Signature Schemes Using Fault Attacks,” in 2018 IEEE European Symposium on Security and Privacy (EuroS&P), 2018.
LibreCat | DOI
 
[29]
2018 | Conference Paper | LibreCat-ID: 15906
H. Böck, J. Somorovsky, and C. Young, “Return Of Bleichenbacher\textquoterights Oracle Threat (ROBOT),” in 27th {USENIX} Security Symposium ({USENIX} Security 18), 2018, pp. 817–849.
LibreCat | Download (ext.)
 
[28]
2018 | Conference Paper | LibreCat-ID: 15894
D. Detering, J. Somorovsky, C. Mainka, V. Mladenov, and J. Schwenk, “On The (In-)Security Of JavaScript Object Signing And Encryption,” in Proceedings of the 1st Reversing and Offensive-oriented Trends Symposium on - ROOTS, 2018.
LibreCat | DOI
 
[27]
2018 | Conference Paper | LibreCat-ID: 15914
N. Engelbertz, N. Erinola, D. Herring, J. Somorovsky, V. Mladenov, and J. Schwenk, “Security Analysis of eIDAS -- The Cross-Country Authentication Scheme in Europe,” in 12th {USENIX} Workshop on Offensive Technologies ({WOOT} 18), 2018.
LibreCat | Download (ext.)
 
[26]
2018 | Conference Paper | LibreCat-ID: 15892
M. R. Albrecht, J. Massimo, K. G. Paterson, and J. Somorovsky, “Prime and Prejudice: Primality Testing Under Adversarial Conditions,” in Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, 2018.
LibreCat | DOI | Download (ext.)
 
[25]
2018 | Conference Paper | LibreCat-ID: 15905
D. Poddebniak et al., “Efail: Breaking S/MIME and OpenPGP Email Encryption using Exfiltration Channels,” in 27th {USENIX} Security Symposium ({USENIX} Security 18), 2018, pp. 549–566.
LibreCat | Download (ext.)
 
[24]
2017 | Conference Paper | LibreCat-ID: 15895
J. Muller, V. Mladenov, J. Somorovsky, and J. Schwenk, “SoK: Exploiting Network Printers,” in 2017 IEEE Symposium on Security and Privacy (SP), 2017.
LibreCat | DOI | Download (ext.)
 
[23]
2017 | Conference Paper | LibreCat-ID: 15912
M. Grothe, T. Niemann, J. Somorovsky, and J. Schwenk, “Breaking and Fixing Gridcoin,” in 11th {USENIX} Workshop on Offensive Technologies ({WOOT} 17), 2017.
LibreCat | Download (ext.)
 
[22]
2016 | Conference Paper | LibreCat-ID: 15913
H. Böck, A. Zauner, S. Devlin, J. Somorovsky, and P. Jovanovic, “Nonce-Disrespecting Adversaries: Practical Forgery Attacks on GCM in TLS,” in 10th {USENIX} Workshop on Offensive Technologies ({WOOT} 16), 2016.
LibreCat | Download (ext.)
 
[21]
2016 | Conference Paper | LibreCat-ID: 15907
N. Aviram et al., “DROWN: Breaking TLS Using SSLv2,” in 25th {USENIX} Security Symposium ({USENIX} Security 16), 2016, pp. 689–706.
LibreCat | Download (ext.)
 
[20]
2016 | Conference Paper | LibreCat-ID: 15896
J. Somorovsky, “Systematic Fuzzing and Testing of TLS Libraries,” in Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security - CCS’16, 2016.
LibreCat | DOI | Download (ext.)
 
[19]
2015 | Conference Paper | LibreCat-ID: 15898
T. Jager, J. Schwenk, and J. Somorovsky, “On the Security of TLS 1.3 and QUIC Against Weaknesses in PKCS#1 v1.5 Encryption,” in Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security - CCS ’15, 2015.
LibreCat | DOI | Download (ext.)
 
[18]
2015 | Book Chapter | LibreCat-ID: 15899
T. Jager, J. Schwenk, and J. Somorovsky, “Practical Invalid Curve Attacks on TLS-ECDH,” in Computer Security -- ESORICS 2015, Cham, 2015.
LibreCat | DOI | Download (ext.)
 
[17]
2015 | Conference Paper | LibreCat-ID: 15911
D. Kupser, C. Mainka, J. Schwenk, and J. Somorovsky, “How to Break XML Encryption -- Automatically,” in 9th {USENIX} Workshop on Offensive Technologies ({WOOT} 15), 2015.
LibreCat | Download (ext.)
 
[16]
2015 | Book Chapter | LibreCat-ID: 15897
C. Altmeier, C. Mainka, J. Somorovsky, and J. Schwenk, “AdIDoS – Adaptive and Intelligent Fully-Automatic Detection of Denial-of-Service Weaknesses in Web Services,” in Data Privacy Management, and Security Assurance - 10th International Workshop, {DPM} 2015, and 4th International Workshop, {QASA} 2015, Cham, 2015.
LibreCat | DOI
 
[15]
2015 | Conference Paper | LibreCat-ID: 15900
M. Niemietz, J. Somorovsky, C. Mainka, and J. Schwenk, “Not so Smart: On Smart TV Apps,” in International Workshop on Secure Internet of Things (SIoT), 2015.
LibreCat | DOI
 
[14]
2014 | Conference Paper | LibreCat-ID: 15904
C. Meyer, J. Somorovsky, E. Weiss, J. Schwenk, S. Schinzel, and E. Tews, “Revisiting SSL/TLS Implementations: New Bleichenbacher Side Channels and Attacks,” in 23rd {USENIX} Security Symposium ({USENIX} Security 14), 2014, pp. 733–748.
LibreCat | Download (ext.)
 
[13]
2013 | Dissertation | LibreCat-ID: 15901
J. Somorovsky, On the insecurity of XML Security. 2013.
LibreCat | DOI
 
[12]
2013 | Conference Paper | LibreCat-ID: 15918
T. Jager, K. G. Paterson, and J. Somorovsky, “One Bad Apple: Backwards Compatibility Attacks on State-of-the-Art Cryptography,” in 20th Annual Network and Distributed System Security Symposium, NDSS 2013, San Diego, California, USA, February 24-27, 2013, 2013.
LibreCat | Download (ext.)
 
[11]
2013 | Conference Paper | LibreCat-ID: 15902
A. Falkenberg, C. Mainka, J. Somorovsky, and J. Schwenk, “A New Approach towards DoS Penetration Testing on Web Services,” in 2013 IEEE 20th International Conference on Web Services, 2013.
LibreCat | DOI
 
[10]
2013 | Journal Article | LibreCat-ID: 15903
C. Mainka, V. Mladenov, J. Somorovsky, and J. Schwenk, “Penetration test tool for XML-based web services,” CEUR Workshop Proceedings, vol. 965, pp. 31–35, 2013.
LibreCat
 
[9]
2012 | Conference Paper | LibreCat-ID: 15888
J. Somorovsky, A. Mayer, J. Schwenk, M. Kampmann, and M. Jensen, “On Breaking SAML: Be Whoever You Want to Be,” in Presented as part of the 21st {USENIX} Security Symposium ({USENIX} Security 12), 2012, pp. 397–412.
LibreCat | Download (ext.)
 
[8]
2012 | Conference Paper | LibreCat-ID: 15890
J. Somorovsky and J. Schwenk, “Technical Analysis of Countermeasures against Attack on XML Encryption -- or -- Just Another Motivation for Authenticated Encryption,” in 2012 IEEE Eighth World Congress on Services, 2012.
LibreCat | DOI
 
[7]
2012 | Book Chapter | LibreCat-ID: 15891
T. Jager, S. Schinzel, and J. Somorovsky, “Bleichenbacher’s Attack Strikes again: Breaking PKCS#1 v1.5 in XML Encryption,” in Computer Security – ESORICS 2012, Berlin, Heidelberg, 2012.
LibreCat | DOI
 
[6]
2012 | Conference Paper | LibreCat-ID: 15917
J. Somorovsky, C. Meyer, T. Tran, M. Sbeiti, J. Schwenk, and C. Wietfeld, “Sec2: Secure Mobile Solution for Distributed Public Cloud Storages,” 2012.
LibreCat
 
[5]
2011 | Conference Paper | LibreCat-ID: 15887
M. Jensen, C. Meyer, J. Somorovsky, and J. Schwenk, “On the effectiveness of XML Schema validation for countering XML Signature Wrapping attacks,” in 2011 1st International Workshop on Securing Services on the Cloud (IWSSC), 2011.
LibreCat | DOI
 
[4]
2011 | Conference Paper | LibreCat-ID: 15915
T. Jager and J. Somorovsky, “How to break XML encryption,” in Proceedings of the 18th ACM conference on Computer and communications security - CCS ’11, 2011.
LibreCat | DOI | Download (ext.)
 
[3]
2011 | Conference Paper | LibreCat-ID: 15916
C. Meyer, J. Somorovsky, B. Driessen, J. Schwenk, T. Tran, and C. Wietfeld, “Sec2: Ein mobiles Nutzer-kontrolliertes Sicherheitskonzept für Cloud-Storage,” 2011.
LibreCat
 
[2]
2011 | Conference Paper | LibreCat-ID: 15885
J. Somorovsky, M. Heiderich, M. Jensen, J. Schwenk, N. Gruschka, and L. Lo Iacono, “All your clouds are belong to us: security analysis of cloud management interfaces,” in Proceedings of the 3rd ACM workshop on Cloud computing security workshop - CCSW ’11, 2011.
LibreCat | DOI | Download (ext.)
 
[1]
2010 | Conference Paper | LibreCat-ID: 15889
J. Somorovsky, M. Jensen, and J. Schwenk, “Streaming-Based Verification of XML Signatures in SOAP Messages,” in 2010 6th World Congress on Services, 2010.
LibreCat | DOI
 

Search

Filter Publications

Display / Sort

Citation Style: IEEE

Export / Embed

33 Publications

Mark all

[33]
2019 | Conference Paper | LibreCat-ID: 15908
J. Müller et al., “‘Johnny, you are fired!’ -- Spoofing OpenPGP and S/MIME Signatures in Emails,” in 28th {USENIX} Security Symposium ({USENIX} Security 19), 2019, pp. 1011–1028.
LibreCat | Download (ext.)
 
[32]
2019 | Conference Paper | LibreCat-ID: 15910
N. Engelbertz, V. Mladenov, J. Somorovsky, D. Herring, N. Erinola, and J. Schwenk, “Security Analysis of XAdES Validation in the CEF Digital Signature Services (DSS),” in Open Identity Summit 2019, 2019, pp. 95–106.
LibreCat
 
[31]
2019 | Conference Paper | LibreCat-ID: 15909
R. Merget et al., “Scalable Scanning and Automatic Classification of TLS Padding Oracle Vulnerabilities,” in 28th {USENIX} Security Symposium ({USENIX} Security 19), 2019, pp. 1029–1046.
LibreCat | Download (ext.)
 
[30]
2018 | Conference Paper | LibreCat-ID: 15893
D. Poddebniak, J. Somorovsky, S. Schinzel, M. Lochter, and P. Rosler, “Attacking Deterministic Signature Schemes Using Fault Attacks,” in 2018 IEEE European Symposium on Security and Privacy (EuroS&P), 2018.
LibreCat | DOI
 
[29]
2018 | Conference Paper | LibreCat-ID: 15906
H. Böck, J. Somorovsky, and C. Young, “Return Of Bleichenbacher\textquoterights Oracle Threat (ROBOT),” in 27th {USENIX} Security Symposium ({USENIX} Security 18), 2018, pp. 817–849.
LibreCat | Download (ext.)
 
[28]
2018 | Conference Paper | LibreCat-ID: 15894
D. Detering, J. Somorovsky, C. Mainka, V. Mladenov, and J. Schwenk, “On The (In-)Security Of JavaScript Object Signing And Encryption,” in Proceedings of the 1st Reversing and Offensive-oriented Trends Symposium on - ROOTS, 2018.
LibreCat | DOI
 
[27]
2018 | Conference Paper | LibreCat-ID: 15914
N. Engelbertz, N. Erinola, D. Herring, J. Somorovsky, V. Mladenov, and J. Schwenk, “Security Analysis of eIDAS -- The Cross-Country Authentication Scheme in Europe,” in 12th {USENIX} Workshop on Offensive Technologies ({WOOT} 18), 2018.
LibreCat | Download (ext.)
 
[26]
2018 | Conference Paper | LibreCat-ID: 15892
M. R. Albrecht, J. Massimo, K. G. Paterson, and J. Somorovsky, “Prime and Prejudice: Primality Testing Under Adversarial Conditions,” in Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, 2018.
LibreCat | DOI | Download (ext.)
 
[25]
2018 | Conference Paper | LibreCat-ID: 15905
D. Poddebniak et al., “Efail: Breaking S/MIME and OpenPGP Email Encryption using Exfiltration Channels,” in 27th {USENIX} Security Symposium ({USENIX} Security 18), 2018, pp. 549–566.
LibreCat | Download (ext.)
 
[24]
2017 | Conference Paper | LibreCat-ID: 15895
J. Muller, V. Mladenov, J. Somorovsky, and J. Schwenk, “SoK: Exploiting Network Printers,” in 2017 IEEE Symposium on Security and Privacy (SP), 2017.
LibreCat | DOI | Download (ext.)
 
[23]
2017 | Conference Paper | LibreCat-ID: 15912
M. Grothe, T. Niemann, J. Somorovsky, and J. Schwenk, “Breaking and Fixing Gridcoin,” in 11th {USENIX} Workshop on Offensive Technologies ({WOOT} 17), 2017.
LibreCat | Download (ext.)
 
[22]
2016 | Conference Paper | LibreCat-ID: 15913
H. Böck, A. Zauner, S. Devlin, J. Somorovsky, and P. Jovanovic, “Nonce-Disrespecting Adversaries: Practical Forgery Attacks on GCM in TLS,” in 10th {USENIX} Workshop on Offensive Technologies ({WOOT} 16), 2016.
LibreCat | Download (ext.)
 
[21]
2016 | Conference Paper | LibreCat-ID: 15907
N. Aviram et al., “DROWN: Breaking TLS Using SSLv2,” in 25th {USENIX} Security Symposium ({USENIX} Security 16), 2016, pp. 689–706.
LibreCat | Download (ext.)
 
[20]
2016 | Conference Paper | LibreCat-ID: 15896
J. Somorovsky, “Systematic Fuzzing and Testing of TLS Libraries,” in Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security - CCS’16, 2016.
LibreCat | DOI | Download (ext.)
 
[19]
2015 | Conference Paper | LibreCat-ID: 15898
T. Jager, J. Schwenk, and J. Somorovsky, “On the Security of TLS 1.3 and QUIC Against Weaknesses in PKCS#1 v1.5 Encryption,” in Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security - CCS ’15, 2015.
LibreCat | DOI | Download (ext.)
 
[18]
2015 | Book Chapter | LibreCat-ID: 15899
T. Jager, J. Schwenk, and J. Somorovsky, “Practical Invalid Curve Attacks on TLS-ECDH,” in Computer Security -- ESORICS 2015, Cham, 2015.
LibreCat | DOI | Download (ext.)
 
[17]
2015 | Conference Paper | LibreCat-ID: 15911
D. Kupser, C. Mainka, J. Schwenk, and J. Somorovsky, “How to Break XML Encryption -- Automatically,” in 9th {USENIX} Workshop on Offensive Technologies ({WOOT} 15), 2015.
LibreCat | Download (ext.)
 
[16]
2015 | Book Chapter | LibreCat-ID: 15897
C. Altmeier, C. Mainka, J. Somorovsky, and J. Schwenk, “AdIDoS – Adaptive and Intelligent Fully-Automatic Detection of Denial-of-Service Weaknesses in Web Services,” in Data Privacy Management, and Security Assurance - 10th International Workshop, {DPM} 2015, and 4th International Workshop, {QASA} 2015, Cham, 2015.
LibreCat | DOI
 
[15]
2015 | Conference Paper | LibreCat-ID: 15900
M. Niemietz, J. Somorovsky, C. Mainka, and J. Schwenk, “Not so Smart: On Smart TV Apps,” in International Workshop on Secure Internet of Things (SIoT), 2015.
LibreCat | DOI
 
[14]
2014 | Conference Paper | LibreCat-ID: 15904
C. Meyer, J. Somorovsky, E. Weiss, J. Schwenk, S. Schinzel, and E. Tews, “Revisiting SSL/TLS Implementations: New Bleichenbacher Side Channels and Attacks,” in 23rd {USENIX} Security Symposium ({USENIX} Security 14), 2014, pp. 733–748.
LibreCat | Download (ext.)
 
[13]
2013 | Dissertation | LibreCat-ID: 15901
J. Somorovsky, On the insecurity of XML Security. 2013.
LibreCat | DOI
 
[12]
2013 | Conference Paper | LibreCat-ID: 15918
T. Jager, K. G. Paterson, and J. Somorovsky, “One Bad Apple: Backwards Compatibility Attacks on State-of-the-Art Cryptography,” in 20th Annual Network and Distributed System Security Symposium, NDSS 2013, San Diego, California, USA, February 24-27, 2013, 2013.
LibreCat | Download (ext.)
 
[11]
2013 | Conference Paper | LibreCat-ID: 15902
A. Falkenberg, C. Mainka, J. Somorovsky, and J. Schwenk, “A New Approach towards DoS Penetration Testing on Web Services,” in 2013 IEEE 20th International Conference on Web Services, 2013.
LibreCat | DOI
 
[10]
2013 | Journal Article | LibreCat-ID: 15903
C. Mainka, V. Mladenov, J. Somorovsky, and J. Schwenk, “Penetration test tool for XML-based web services,” CEUR Workshop Proceedings, vol. 965, pp. 31–35, 2013.
LibreCat
 
[9]
2012 | Conference Paper | LibreCat-ID: 15888
J. Somorovsky, A. Mayer, J. Schwenk, M. Kampmann, and M. Jensen, “On Breaking SAML: Be Whoever You Want to Be,” in Presented as part of the 21st {USENIX} Security Symposium ({USENIX} Security 12), 2012, pp. 397–412.
LibreCat | Download (ext.)
 
[8]
2012 | Conference Paper | LibreCat-ID: 15890
J. Somorovsky and J. Schwenk, “Technical Analysis of Countermeasures against Attack on XML Encryption -- or -- Just Another Motivation for Authenticated Encryption,” in 2012 IEEE Eighth World Congress on Services, 2012.
LibreCat | DOI
 
[7]
2012 | Book Chapter | LibreCat-ID: 15891
T. Jager, S. Schinzel, and J. Somorovsky, “Bleichenbacher’s Attack Strikes again: Breaking PKCS#1 v1.5 in XML Encryption,” in Computer Security – ESORICS 2012, Berlin, Heidelberg, 2012.
LibreCat | DOI
 
[6]
2012 | Conference Paper | LibreCat-ID: 15917
J. Somorovsky, C. Meyer, T. Tran, M. Sbeiti, J. Schwenk, and C. Wietfeld, “Sec2: Secure Mobile Solution for Distributed Public Cloud Storages,” 2012.
LibreCat
 
[5]
2011 | Conference Paper | LibreCat-ID: 15887
M. Jensen, C. Meyer, J. Somorovsky, and J. Schwenk, “On the effectiveness of XML Schema validation for countering XML Signature Wrapping attacks,” in 2011 1st International Workshop on Securing Services on the Cloud (IWSSC), 2011.
LibreCat | DOI
 
[4]
2011 | Conference Paper | LibreCat-ID: 15915
T. Jager and J. Somorovsky, “How to break XML encryption,” in Proceedings of the 18th ACM conference on Computer and communications security - CCS ’11, 2011.
LibreCat | DOI | Download (ext.)
 
[3]
2011 | Conference Paper | LibreCat-ID: 15916
C. Meyer, J. Somorovsky, B. Driessen, J. Schwenk, T. Tran, and C. Wietfeld, “Sec2: Ein mobiles Nutzer-kontrolliertes Sicherheitskonzept für Cloud-Storage,” 2011.
LibreCat
 
[2]
2011 | Conference Paper | LibreCat-ID: 15885
J. Somorovsky, M. Heiderich, M. Jensen, J. Schwenk, N. Gruschka, and L. Lo Iacono, “All your clouds are belong to us: security analysis of cloud management interfaces,” in Proceedings of the 3rd ACM workshop on Cloud computing security workshop - CCSW ’11, 2011.
LibreCat | DOI | Download (ext.)
 
[1]
2010 | Conference Paper | LibreCat-ID: 15889
J. Somorovsky, M. Jensen, and J. Schwenk, “Streaming-Based Verification of XML Signatures in SOAP Messages,” in 2010 6th World Congress on Services, 2010.
LibreCat | DOI
 

Search

Filter Publications

Display / Sort

Citation Style: IEEE

Export / Embed