Please note that LibreCat no longer supports Internet Explorer versions 8 or 9 (or earlier).
We recommend upgrading to the latest Internet Explorer, Google Chrome, or Firefox.
44 Publications
2023 | Conference Paper | LibreCat-ID: 43060 | 
Hebrok SN, Nachtigall S, Maehren M, et al. We Really Need to Talk About Session Tickets: A Large-Scale Analysis of Cryptographic Dangers with TLS Session Tickets. In: 32nd USENIX Security Symposium. ; 2023.
LibreCat
| Download (ext.)
2023 | Conference Paper | LibreCat-ID: 48012
Rossel J, Mladenov V, Somorovsky J. Security Analysis of the 3MF Data Format. In: Proceedings of the 26th International Symposium on Research in Attacks, Intrusions and Defenses. ACM; 2023. doi:10.1145/3607199.3607216
LibreCat
| Files available
| DOI
| Download (ext.)
2023 | Conference Paper | LibreCat-ID: 46500
Pottebaum J, Rossel J, Somorovsky J, et al. Re-Envisioning Industrial Control Systems Security by Considering Human Factors as a Core Element of Defense-in-Depth. In: 2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW). IEEE; 2023:379-385. doi:10.1109/eurospw59978.2023.00048
LibreCat
| DOI
| Download (ext.)
2023 | Conference Paper | LibreCat-ID: 49654
Niere N, Hebrok SN, Somorovsky J, Merget R. Poster: Circumventing the GFW with TLS Record Fragmentation. In: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security. ACM; 2023. doi:10.1145/3576915.3624372
LibreCat
| DOI
2022 | Conference Paper | LibreCat-ID: 32572
Mayer P, Poddebniak D, Fischer K, et al. “I don’ know why I check this...” - Investigating Expert Users’ Strategies to Detect Email Signature Spoofing Attacks. In: Eighteenth Symposium on Usable Privacy and Security (SOUPS 2022). USENIX Association; 2022:77–96.
LibreCat
2022 | Conference Paper | LibreCat-ID: 32573
Maehren M, Nieting P, Hebrok SN, Merget R, Somorovsky J, Schwenk J. TLS-Anvil: Adapting Combinatorial Testing for TLS Libraries. In: 31st USENIX Security Symposium (USENIX Security 22). USENIX Association; 2022.
LibreCat
2021 | Conference Paper | LibreCat-ID: 25331
Brinkmann M, Dresen C, Merget R, et al. ALPACA: Application Layer Protocol Confusion - Analyzing and Mitigating Cracks in TLS Authentication. In: 30th {USENIX} Security Symposium ({USENIX} Security 21). {USENIX} Association; 2021:4293-4310.
LibreCat
2021 | Conference Paper | LibreCat-ID: 25332
Merget R, Brinkmann M, Aviram N, Somorovsky J, Mittmann J, Schwenk J. Raccoon Attack: Finding and Exploiting Most-Significant-Bit-Oracles in TLS-DH(E). In: 30th {USENIX} Security Symposium ({USENIX} Security 21). {USENIX} Association; 2021:213-230.
LibreCat
2021 | Journal Article | LibreCat-ID: 24143
Drees JP, Gupta P, Hüllermeier E, et al. Automated Detection of Side Channels in Cryptographic Protocols: DROWN the ROBOTs! 14th ACM Workshop on Artificial Intelligence and Security. Published online 2021.
LibreCat
2020 | Conference Paper | LibreCat-ID: 25334
Fiterau-Brostean P, Jonsson B, Merget R, de Ruiter J, Sagonas K, Somorovsky J. Analysis of DTLS Implementations Using Protocol State Fuzzing. In: 29th {USENIX} Security Symposium ({USENIX} Security 20). {USENIX} Association; 2020:2523-2540.
LibreCat
2020 | Conference Paper | LibreCat-ID: 25336
Schwenk J, Brinkmann M, Poddebniak D, Müller J, Somorovsky J, Schinzel S. Mitigation of Attacks on Email End-to-End Encryption. In: Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security. CCS ’20. Association for Computing Machinery; 2020:1647–1664. doi:10.1145/3372297.3417878
LibreCat
| DOI
2019 | Conference Paper | LibreCat-ID: 15908 |
Müller J, Brinkmann M, Poddebniak D, et al. “Johnny, you are fired!” -- Spoofing OpenPGP and S/MIME Signatures in Emails. In: 28th {USENIX} Security Symposium ({USENIX} Security 19). Santa Clara, CA: {USENIX} Association; 2019:1011-1028.
LibreCat
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 15909 |
Merget R, Somorovsky J, Aviram N, et al. Scalable Scanning and Automatic Classification of TLS Padding Oracle Vulnerabilities. In: 28th {USENIX} Security Symposium ({USENIX} Security 19). Santa Clara, CA: {USENIX} Association; 2019:1029-1046.
LibreCat
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 15910
Engelbertz N, Mladenov V, Somorovsky J, Herring D, Erinola N, Schwenk J. Security Analysis of XAdES Validation in the CEF Digital Signature Services (DSS). In: Roßnagel H, Wagner S, Hühnlein D, eds. Open Identity Summit 2019. Gesellschaft für Informatik, Bonn; 2019:95-106.
LibreCat
2018 | Conference Paper | LibreCat-ID: 15892
Albrecht MR, Massimo J, Paterson KG, Somorovsky J. Prime and Prejudice: Primality Testing Under Adversarial Conditions. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. ; 2018. doi:10.1145/3243734.3243787
LibreCat
| DOI
| Download (ext.)
2018 | Conference Paper | LibreCat-ID: 15893
Poddebniak D, Somorovsky J, Schinzel S, Lochter M, Rosler P. Attacking Deterministic Signature Schemes Using Fault Attacks. In: 2018 IEEE European Symposium on Security and Privacy (EuroS&P). ; 2018. doi:10.1109/eurosp.2018.00031
LibreCat
| DOI
2018 | Conference Paper | LibreCat-ID: 15894
Detering D, Somorovsky J, Mainka C, Mladenov V, Schwenk J. On The (In-)Security Of JavaScript Object Signing And Encryption. In: Proceedings of the 1st Reversing and Offensive-Oriented Trends Symposium on - ROOTS. ; 2018. doi:10.1145/3150376.3150379
LibreCat
| DOI
2018 | Conference Paper | LibreCat-ID: 15905 |
Poddebniak D, Dresen C, Müller J, et al. Efail: Breaking S/MIME and OpenPGP Email Encryption using Exfiltration Channels. In: 27th {USENIX} Security Symposium ({USENIX} Security 18). Baltimore, MD: {USENIX} Association; 2018:549-566.
LibreCat
| Download (ext.)
2018 | Conference Paper | LibreCat-ID: 15906 |
Böck H, Somorovsky J, Young C. Return Of Bleichenbacher\textquoterights Oracle Threat (ROBOT). In: 27th {USENIX} Security Symposium ({USENIX} Security 18). Baltimore, MD: {USENIX} Association; 2018:817-849.
LibreCat
| Download (ext.)
2018 | Conference Paper | LibreCat-ID: 15914 |
Engelbertz N, Erinola N, Herring D, Somorovsky J, Mladenov V, Schwenk J. Security Analysis of eIDAS -- The Cross-Country Authentication Scheme in Europe. In: 12th {USENIX} Workshop on Offensive Technologies ({WOOT} 18). Baltimore, MD: {USENIX} Association; 2018.
LibreCat
| Download (ext.)