51 Publications
2025 | Conference Paper | LibreCat-ID: 58657 | 
J. Rossel, V. Mladenov, N. Wördenweber, and J. Somorovsky, “Security Implications of Malicious G-Codes in 3D Printing,” presented at the 34th USENIX Security Symposium, Seattle, WA, USA, 2025.
LibreCat
| Files available
2025 | Conference Paper | LibreCat-ID: 58801 |
F. Lange, N. Niere, J. von Niessen, D. Suermann, N. Heitmann, and J. Somorovsky, “I(ra)nconsistencies: Novel Insights into Iran’s Censorship,” presented at the Free and Open Communications on the Internet, Virtual, 2025.
LibreCat
| Files available
| Download (ext.)
2024 | Conference Paper | LibreCat-ID: 54437
N. Heitmann, H. Siewert, S. Moog, and J. Somorovsky, “Security Analysis of BigBlueButton and eduMEET,” Abu Dhabi, 2024, doi: 10.1007/978-3-031-54776-8_8.
LibreCat
| DOI
| Download (ext.)
2024 | Conference Paper | LibreCat-ID: 55137 |
P. Müller, N. Niere, F. Lange, and J. Somorovsky, “Turning Attacks into Advantages: Evading HTTP Censorship with HTTP Request Smuggling,” presented at the Free and Open Communications on the Internet 2024 , Bristol, 2024.
LibreCat
| Files available
| Download (ext.)
2024 | Conference Paper | LibreCat-ID: 57816
F. Bäumer et al., “TLS-Attacker: A Dynamic Framework for Analyzing TLS Implementations,” presented at the Annual Computer Security Applications Conference, Hawaii, 2024.
LibreCat
2023 | Conference Paper | LibreCat-ID: 49654
N. Niere, S. N. Hebrok, J. Somorovsky, and R. Merget, “Poster: Circumventing the GFW with TLS Record Fragmentation,” 2023, doi: 10.1145/3576915.3624372.
LibreCat
| DOI
2023 | Conference Paper | LibreCat-ID: 46500
J. Pottebaum et al., “Re-Envisioning Industrial Control Systems Security by Considering Human Factors as a Core Element of Defense-in-Depth,” in 2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), Delft, Netherlands, 2023, pp. 379–385, doi: 10.1109/eurospw59978.2023.00048.
LibreCat
| Files available
| DOI
| Download (ext.)
2023 | Conference Paper | LibreCat-ID: 48012 |
J. Rossel, V. Mladenov, and J. Somorovsky, “Security Analysis of the 3MF Data Format,” presented at the 26th International Symposium on Research in Attacks, Intrusions and Defenses, Hongkong, 2023, doi: 10.1145/3607199.3607216.
LibreCat
| Files available
| DOI
| Download (ext.)
2023 | Conference Paper | LibreCat-ID: 43060 |
S. N. Hebrok et al., “We Really Need to Talk About Session Tickets: A Large-Scale Analysis of Cryptographic Dangers with TLS Session Tickets,” 2023.
LibreCat
| Download (ext.)
2022 | Conference Paper | LibreCat-ID: 32572
P. Mayer et al., “‘I don’ know why I check this...’ - Investigating Expert Users’ Strategies to Detect Email Signature Spoofing Attacks,” in Eighteenth Symposium on Usable Privacy and Security (SOUPS 2022), 2022, pp. 77–96.
LibreCat
2022 | Conference Paper | LibreCat-ID: 32573
M. Maehren, P. Nieting, S. N. Hebrok, R. Merget, J. Somorovsky, and J. Schwenk, “TLS-Anvil: Adapting Combinatorial Testing for TLS Libraries,” 2022.
LibreCat
2022 | Conference Paper | LibreCat-ID: 54435
H. Siewert, M. Kretschmer, M. Niemietz, and J. Somorovsky, “On the Security of Parsing Security-Relevant HTTP Headers in Modern Browsers,” 2022, doi: 10.1109/spw54247.2022.9833880.
LibreCat
| DOI
2021 | Conference Paper | LibreCat-ID: 25331
M. Brinkmann et al., “ALPACA: Application Layer Protocol Confusion - Analyzing and Mitigating Cracks in TLS Authentication,” in 30th {USENIX} Security Symposium ({USENIX} Security 21), 2021, pp. 4293–4310.
LibreCat
2021 | Conference Paper | LibreCat-ID: 25332
R. Merget, M. Brinkmann, N. Aviram, J. Somorovsky, J. Mittmann, and J. Schwenk, “Raccoon Attack: Finding and Exploiting Most-Significant-Bit-Oracles in TLS-DH(E),” in 30th {USENIX} Security Symposium ({USENIX} Security 21), 2021, pp. 213–230.
LibreCat
2021 | Journal Article | LibreCat-ID: 24143
J. P. Drees et al., “Automated Detection of Side Channels in Cryptographic Protocols: DROWN the ROBOTs!,” 14th ACM Workshop on Artificial Intelligence and Security, 2021.
LibreCat
2020 | Conference Paper | LibreCat-ID: 25334
P. Fiterau-Brostean, B. Jonsson, R. Merget, J. de Ruiter, K. Sagonas, and J. Somorovsky, “Analysis of DTLS Implementations Using Protocol State Fuzzing,” in 29th {USENIX} Security Symposium ({USENIX} Security 20), 2020, pp. 2523–2540.
LibreCat
2020 | Conference Paper | LibreCat-ID: 25336
J. Schwenk, M. Brinkmann, D. Poddebniak, J. Müller, J. Somorovsky, and S. Schinzel, “Mitigation of Attacks on Email End-to-End Encryption,” in Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security, 2020, pp. 1647–1664, doi: 10.1145/3372297.3417878.
LibreCat
| DOI
2019 | Conference Paper | LibreCat-ID: 15908 |
J. Müller et al., “‘Johnny, you are fired!’ -- Spoofing OpenPGP and S/MIME Signatures in Emails,” in 28th {USENIX} Security Symposium ({USENIX} Security 19), 2019, pp. 1011–1028.
LibreCat
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 15909 |
R. Merget et al., “Scalable Scanning and Automatic Classification of TLS Padding Oracle Vulnerabilities,” in 28th {USENIX} Security Symposium ({USENIX} Security 19), 2019, pp. 1029–1046.
LibreCat
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 15910
N. Engelbertz, V. Mladenov, J. Somorovsky, D. Herring, N. Erinola, and J. Schwenk, “Security Analysis of XAdES Validation in the CEF Digital Signature Services (DSS),” in Open Identity Summit 2019, 2019, pp. 95–106.
LibreCat
2018 | Conference Paper | LibreCat-ID: 15892
M. R. Albrecht, J. Massimo, K. G. Paterson, and J. Somorovsky, “Prime and Prejudice: Primality Testing Under Adversarial Conditions,” in Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, 2018.
LibreCat
| DOI
| Download (ext.)
2018 | Conference Paper | LibreCat-ID: 15905 |
D. Poddebniak et al., “Efail: Breaking S/MIME and OpenPGP Email Encryption using Exfiltration Channels,” in 27th {USENIX} Security Symposium ({USENIX} Security 18), 2018, pp. 549–566.
LibreCat
| Download (ext.)
2018 | Conference Paper | LibreCat-ID: 15906 |
H. Böck, J. Somorovsky, and C. Young, “Return Of Bleichenbacher\textquoterights Oracle Threat (ROBOT),” in 27th {USENIX} Security Symposium ({USENIX} Security 18), 2018, pp. 817–849.
LibreCat
| Download (ext.)
2018 | Conference Paper | LibreCat-ID: 15914 |
N. Engelbertz, N. Erinola, D. Herring, J. Somorovsky, V. Mladenov, and J. Schwenk, “Security Analysis of eIDAS -- The Cross-Country Authentication Scheme in Europe,” in 12th {USENIX} Workshop on Offensive Technologies ({WOOT} 18), 2018.
LibreCat
| Download (ext.)
2017 | Conference Paper | LibreCat-ID: 15895
J. Muller, V. Mladenov, J. Somorovsky, and J. Schwenk, “SoK: Exploiting Network Printers,” in 2017 IEEE Symposium on Security and Privacy (SP), 2017.
LibreCat
| DOI
| Download (ext.)
2017 | Conference Paper | LibreCat-ID: 15912 |
M. Grothe, T. Niemann, J. Somorovsky, and J. Schwenk, “Breaking and Fixing Gridcoin,” in 11th {USENIX} Workshop on Offensive Technologies ({WOOT} 17), 2017.
LibreCat
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 15896
J. Somorovsky, “Systematic Fuzzing and Testing of TLS Libraries,” in Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security - CCS’16, 2016.
LibreCat
| DOI
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 15907 |
N. Aviram et al., “DROWN: Breaking TLS Using SSLv2,” in 25th {USENIX} Security Symposium ({USENIX} Security 16), 2016, pp. 689–706.
LibreCat
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 15913 |
H. Böck, A. Zauner, S. Devlin, J. Somorovsky, and P. Jovanovic, “Nonce-Disrespecting Adversaries: Practical Forgery Attacks on GCM in TLS,” in 10th {USENIX} Workshop on Offensive Technologies ({WOOT} 16), 2016.
LibreCat
| Download (ext.)
2015 | Book Chapter | LibreCat-ID: 15897
C. Altmeier, C. Mainka, J. Somorovsky, and J. Schwenk, “AdIDoS – Adaptive and Intelligent Fully-Automatic Detection of Denial-of-Service Weaknesses in Web Services,” in Data Privacy Management, and Security Assurance - 10th International Workshop, {DPM} 2015, and 4th International Workshop, {QASA} 2015, Cham, 2015.
LibreCat
| DOI
2015 | Conference Paper | LibreCat-ID: 15898
T. Jager, J. Schwenk, and J. Somorovsky, “On the Security of TLS 1.3 and QUIC Against Weaknesses in PKCS#1 v1.5 Encryption,” in Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security - CCS ’15, 2015.
LibreCat
| DOI
| Download (ext.)
2015 | Book Chapter | LibreCat-ID: 15899
T. Jager, J. Schwenk, and J. Somorovsky, “Practical Invalid Curve Attacks on TLS-ECDH,” in Computer Security -- ESORICS 2015, Cham, 2015.
LibreCat
| DOI
| Download (ext.)
2015 | Conference Paper | LibreCat-ID: 15911 |
D. Kupser, C. Mainka, J. Schwenk, and J. Somorovsky, “How to Break XML Encryption -- Automatically,” in 9th {USENIX} Workshop on Offensive Technologies ({WOOT} 15), 2015.
LibreCat
| Download (ext.)
2014 | Conference Paper | LibreCat-ID: 15904 |
C. Meyer, J. Somorovsky, E. Weiss, J. Schwenk, S. Schinzel, and E. Tews, “Revisiting SSL/TLS Implementations: New Bleichenbacher Side Channels and Attacks,” in 23rd {USENIX} Security Symposium ({USENIX} Security 14), 2014, pp. 733–748.
LibreCat
| Download (ext.)
2013 | Journal Article | LibreCat-ID: 15903
C. Mainka, V. Mladenov, J. Somorovsky, and J. Schwenk, “Penetration test tool for XML-based web services,” CEUR Workshop Proceedings, vol. 965, pp. 31–35, 2013.
LibreCat
2013 | Conference Paper | LibreCat-ID: 15918 |
T. Jager, K. G. Paterson, and J. Somorovsky, “One Bad Apple: Backwards Compatibility Attacks on State-of-the-Art Cryptography,” in 20th Annual Network and Distributed System Security Symposium, NDSS 2013, San Diego, California, USA, February 24-27, 2013, 2013.
LibreCat
| Download (ext.)
2012 | Conference Paper | LibreCat-ID: 15888 |
J. Somorovsky, A. Mayer, J. Schwenk, M. Kampmann, and M. Jensen, “On Breaking SAML: Be Whoever You Want to Be,” in Presented as part of the 21st {USENIX} Security Symposium ({USENIX} Security 12), 2012, pp. 397–412.
LibreCat
| Download (ext.)
2012 | Conference Paper | LibreCat-ID: 15917
J. Somorovsky, C. Meyer, T. Tran, M. Sbeiti, J. Schwenk, and C. Wietfeld, “Sec2: Secure Mobile Solution for Distributed Public Cloud Storages,” 2012.
LibreCat
2011 | Conference Paper | LibreCat-ID: 15885
J. Somorovsky, M. Heiderich, M. Jensen, J. Schwenk, N. Gruschka, and L. Lo Iacono, “All your clouds are belong to us: security analysis of cloud management interfaces,” in Proceedings of the 3rd ACM workshop on Cloud computing security workshop - CCSW ’11, 2011.
LibreCat
| DOI
| Download (ext.)
2011 | Conference Paper | LibreCat-ID: 15915
T. Jager and J. Somorovsky, “How to break XML encryption,” in Proceedings of the 18th ACM conference on Computer and communications security - CCS ’11, 2011.
LibreCat
| DOI
| Download (ext.)
2011 | Conference Paper | LibreCat-ID: 15916
C. Meyer, J. Somorovsky, B. Driessen, J. Schwenk, T. Tran, and C. Wietfeld, “Sec2: Ein mobiles Nutzer-kontrolliertes Sicherheitskonzept für Cloud-Storage,” 2011.
LibreCat
51 Publications
2025 | Conference Paper | LibreCat-ID: 58657 |
J. Rossel, V. Mladenov, N. Wördenweber, and J. Somorovsky, “Security Implications of Malicious G-Codes in 3D Printing,” presented at the 34th USENIX Security Symposium, Seattle, WA, USA, 2025.
LibreCat
| Files available
2025 | Conference Paper | LibreCat-ID: 58801 |
F. Lange, N. Niere, J. von Niessen, D. Suermann, N. Heitmann, and J. Somorovsky, “I(ra)nconsistencies: Novel Insights into Iran’s Censorship,” presented at the Free and Open Communications on the Internet, Virtual, 2025.
LibreCat
| Files available
| Download (ext.)
2024 | Conference Paper | LibreCat-ID: 54437
N. Heitmann, H. Siewert, S. Moog, and J. Somorovsky, “Security Analysis of BigBlueButton and eduMEET,” Abu Dhabi, 2024, doi: 10.1007/978-3-031-54776-8_8.
LibreCat
| DOI
| Download (ext.)
2024 | Conference Paper | LibreCat-ID: 55137 |
P. Müller, N. Niere, F. Lange, and J. Somorovsky, “Turning Attacks into Advantages: Evading HTTP Censorship with HTTP Request Smuggling,” presented at the Free and Open Communications on the Internet 2024 , Bristol, 2024.
LibreCat
| Files available
| Download (ext.)
2024 | Conference Paper | LibreCat-ID: 57816
F. Bäumer et al., “TLS-Attacker: A Dynamic Framework for Analyzing TLS Implementations,” presented at the Annual Computer Security Applications Conference, Hawaii, 2024.
LibreCat
2023 | Conference Paper | LibreCat-ID: 49654
N. Niere, S. N. Hebrok, J. Somorovsky, and R. Merget, “Poster: Circumventing the GFW with TLS Record Fragmentation,” 2023, doi: 10.1145/3576915.3624372.
LibreCat
| DOI
2023 | Conference Paper | LibreCat-ID: 46500
J. Pottebaum et al., “Re-Envisioning Industrial Control Systems Security by Considering Human Factors as a Core Element of Defense-in-Depth,” in 2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), Delft, Netherlands, 2023, pp. 379–385, doi: 10.1109/eurospw59978.2023.00048.
LibreCat
| Files available
| DOI
| Download (ext.)
2023 | Conference Paper | LibreCat-ID: 48012 |
J. Rossel, V. Mladenov, and J. Somorovsky, “Security Analysis of the 3MF Data Format,” presented at the 26th International Symposium on Research in Attacks, Intrusions and Defenses, Hongkong, 2023, doi: 10.1145/3607199.3607216.
LibreCat
| Files available
| DOI
| Download (ext.)
2023 | Conference Paper | LibreCat-ID: 43060 |
S. N. Hebrok et al., “We Really Need to Talk About Session Tickets: A Large-Scale Analysis of Cryptographic Dangers with TLS Session Tickets,” 2023.
LibreCat
| Download (ext.)
2022 | Conference Paper | LibreCat-ID: 32572
P. Mayer et al., “‘I don’ know why I check this...’ - Investigating Expert Users’ Strategies to Detect Email Signature Spoofing Attacks,” in Eighteenth Symposium on Usable Privacy and Security (SOUPS 2022), 2022, pp. 77–96.
LibreCat
2022 | Conference Paper | LibreCat-ID: 32573
M. Maehren, P. Nieting, S. N. Hebrok, R. Merget, J. Somorovsky, and J. Schwenk, “TLS-Anvil: Adapting Combinatorial Testing for TLS Libraries,” 2022.
LibreCat
2022 | Conference Paper | LibreCat-ID: 54435
H. Siewert, M. Kretschmer, M. Niemietz, and J. Somorovsky, “On the Security of Parsing Security-Relevant HTTP Headers in Modern Browsers,” 2022, doi: 10.1109/spw54247.2022.9833880.
LibreCat
| DOI
2021 | Conference Paper | LibreCat-ID: 25331
M. Brinkmann et al., “ALPACA: Application Layer Protocol Confusion - Analyzing and Mitigating Cracks in TLS Authentication,” in 30th {USENIX} Security Symposium ({USENIX} Security 21), 2021, pp. 4293–4310.
LibreCat
2021 | Conference Paper | LibreCat-ID: 25332
R. Merget, M. Brinkmann, N. Aviram, J. Somorovsky, J. Mittmann, and J. Schwenk, “Raccoon Attack: Finding and Exploiting Most-Significant-Bit-Oracles in TLS-DH(E),” in 30th {USENIX} Security Symposium ({USENIX} Security 21), 2021, pp. 213–230.
LibreCat
2021 | Journal Article | LibreCat-ID: 24143
J. P. Drees et al., “Automated Detection of Side Channels in Cryptographic Protocols: DROWN the ROBOTs!,” 14th ACM Workshop on Artificial Intelligence and Security, 2021.
LibreCat
2020 | Conference Paper | LibreCat-ID: 25334
P. Fiterau-Brostean, B. Jonsson, R. Merget, J. de Ruiter, K. Sagonas, and J. Somorovsky, “Analysis of DTLS Implementations Using Protocol State Fuzzing,” in 29th {USENIX} Security Symposium ({USENIX} Security 20), 2020, pp. 2523–2540.
LibreCat
2020 | Conference Paper | LibreCat-ID: 25336
J. Schwenk, M. Brinkmann, D. Poddebniak, J. Müller, J. Somorovsky, and S. Schinzel, “Mitigation of Attacks on Email End-to-End Encryption,” in Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security, 2020, pp. 1647–1664, doi: 10.1145/3372297.3417878.
LibreCat
| DOI
2019 | Conference Paper | LibreCat-ID: 15908 |
J. Müller et al., “‘Johnny, you are fired!’ -- Spoofing OpenPGP and S/MIME Signatures in Emails,” in 28th {USENIX} Security Symposium ({USENIX} Security 19), 2019, pp. 1011–1028.
LibreCat
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 15909 |
R. Merget et al., “Scalable Scanning and Automatic Classification of TLS Padding Oracle Vulnerabilities,” in 28th {USENIX} Security Symposium ({USENIX} Security 19), 2019, pp. 1029–1046.
LibreCat
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 15910
N. Engelbertz, V. Mladenov, J. Somorovsky, D. Herring, N. Erinola, and J. Schwenk, “Security Analysis of XAdES Validation in the CEF Digital Signature Services (DSS),” in Open Identity Summit 2019, 2019, pp. 95–106.
LibreCat
2018 | Conference Paper | LibreCat-ID: 15892
M. R. Albrecht, J. Massimo, K. G. Paterson, and J. Somorovsky, “Prime and Prejudice: Primality Testing Under Adversarial Conditions,” in Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, 2018.
LibreCat
| DOI
| Download (ext.)
2018 | Conference Paper | LibreCat-ID: 15905 |
D. Poddebniak et al., “Efail: Breaking S/MIME and OpenPGP Email Encryption using Exfiltration Channels,” in 27th {USENIX} Security Symposium ({USENIX} Security 18), 2018, pp. 549–566.
LibreCat
| Download (ext.)
2018 | Conference Paper | LibreCat-ID: 15906 |
H. Böck, J. Somorovsky, and C. Young, “Return Of Bleichenbacher\textquoterights Oracle Threat (ROBOT),” in 27th {USENIX} Security Symposium ({USENIX} Security 18), 2018, pp. 817–849.
LibreCat
| Download (ext.)
2018 | Conference Paper | LibreCat-ID: 15914 |
N. Engelbertz, N. Erinola, D. Herring, J. Somorovsky, V. Mladenov, and J. Schwenk, “Security Analysis of eIDAS -- The Cross-Country Authentication Scheme in Europe,” in 12th {USENIX} Workshop on Offensive Technologies ({WOOT} 18), 2018.
LibreCat
| Download (ext.)
2017 | Conference Paper | LibreCat-ID: 15895
J. Muller, V. Mladenov, J. Somorovsky, and J. Schwenk, “SoK: Exploiting Network Printers,” in 2017 IEEE Symposium on Security and Privacy (SP), 2017.
LibreCat
| DOI
| Download (ext.)
2017 | Conference Paper | LibreCat-ID: 15912 |
M. Grothe, T. Niemann, J. Somorovsky, and J. Schwenk, “Breaking and Fixing Gridcoin,” in 11th {USENIX} Workshop on Offensive Technologies ({WOOT} 17), 2017.
LibreCat
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 15896
J. Somorovsky, “Systematic Fuzzing and Testing of TLS Libraries,” in Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security - CCS’16, 2016.
LibreCat
| DOI
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 15907 |
N. Aviram et al., “DROWN: Breaking TLS Using SSLv2,” in 25th {USENIX} Security Symposium ({USENIX} Security 16), 2016, pp. 689–706.
LibreCat
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 15913 |
H. Böck, A. Zauner, S. Devlin, J. Somorovsky, and P. Jovanovic, “Nonce-Disrespecting Adversaries: Practical Forgery Attacks on GCM in TLS,” in 10th {USENIX} Workshop on Offensive Technologies ({WOOT} 16), 2016.
LibreCat
| Download (ext.)
2015 | Book Chapter | LibreCat-ID: 15897
C. Altmeier, C. Mainka, J. Somorovsky, and J. Schwenk, “AdIDoS – Adaptive and Intelligent Fully-Automatic Detection of Denial-of-Service Weaknesses in Web Services,” in Data Privacy Management, and Security Assurance - 10th International Workshop, {DPM} 2015, and 4th International Workshop, {QASA} 2015, Cham, 2015.
LibreCat
| DOI
2015 | Conference Paper | LibreCat-ID: 15898
T. Jager, J. Schwenk, and J. Somorovsky, “On the Security of TLS 1.3 and QUIC Against Weaknesses in PKCS#1 v1.5 Encryption,” in Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security - CCS ’15, 2015.
LibreCat
| DOI
| Download (ext.)
2015 | Book Chapter | LibreCat-ID: 15899
T. Jager, J. Schwenk, and J. Somorovsky, “Practical Invalid Curve Attacks on TLS-ECDH,” in Computer Security -- ESORICS 2015, Cham, 2015.
LibreCat
| DOI
| Download (ext.)
2015 | Conference Paper | LibreCat-ID: 15911 |
D. Kupser, C. Mainka, J. Schwenk, and J. Somorovsky, “How to Break XML Encryption -- Automatically,” in 9th {USENIX} Workshop on Offensive Technologies ({WOOT} 15), 2015.
LibreCat
| Download (ext.)
2014 | Conference Paper | LibreCat-ID: 15904 |
C. Meyer, J. Somorovsky, E. Weiss, J. Schwenk, S. Schinzel, and E. Tews, “Revisiting SSL/TLS Implementations: New Bleichenbacher Side Channels and Attacks,” in 23rd {USENIX} Security Symposium ({USENIX} Security 14), 2014, pp. 733–748.
LibreCat
| Download (ext.)
2013 | Journal Article | LibreCat-ID: 15903
C. Mainka, V. Mladenov, J. Somorovsky, and J. Schwenk, “Penetration test tool for XML-based web services,” CEUR Workshop Proceedings, vol. 965, pp. 31–35, 2013.
LibreCat
2013 | Conference Paper | LibreCat-ID: 15918 |
T. Jager, K. G. Paterson, and J. Somorovsky, “One Bad Apple: Backwards Compatibility Attacks on State-of-the-Art Cryptography,” in 20th Annual Network and Distributed System Security Symposium, NDSS 2013, San Diego, California, USA, February 24-27, 2013, 2013.
LibreCat
| Download (ext.)
2012 | Conference Paper | LibreCat-ID: 15888 |
J. Somorovsky, A. Mayer, J. Schwenk, M. Kampmann, and M. Jensen, “On Breaking SAML: Be Whoever You Want to Be,” in Presented as part of the 21st {USENIX} Security Symposium ({USENIX} Security 12), 2012, pp. 397–412.
LibreCat
| Download (ext.)
2012 | Conference Paper | LibreCat-ID: 15917
J. Somorovsky, C. Meyer, T. Tran, M. Sbeiti, J. Schwenk, and C. Wietfeld, “Sec2: Secure Mobile Solution for Distributed Public Cloud Storages,” 2012.
LibreCat
2011 | Conference Paper | LibreCat-ID: 15885
J. Somorovsky, M. Heiderich, M. Jensen, J. Schwenk, N. Gruschka, and L. Lo Iacono, “All your clouds are belong to us: security analysis of cloud management interfaces,” in Proceedings of the 3rd ACM workshop on Cloud computing security workshop - CCSW ’11, 2011.
LibreCat
| DOI
| Download (ext.)
2011 | Conference Paper | LibreCat-ID: 15915
T. Jager and J. Somorovsky, “How to break XML encryption,” in Proceedings of the 18th ACM conference on Computer and communications security - CCS ’11, 2011.
LibreCat
| DOI
| Download (ext.)
2011 | Conference Paper | LibreCat-ID: 15916
C. Meyer, J. Somorovsky, B. Driessen, J. Schwenk, T. Tran, and C. Wietfeld, “Sec2: Ein mobiles Nutzer-kontrolliertes Sicherheitskonzept für Cloud-Storage,” 2011.
LibreCat