Publications

Processing Dangerous Paths - On Security and Privacy of the Portable Document Format

2021 - Jens Müller, Dominik Noß, Christian Mainka, Vladislav Mladenov, Jörg Schwenk

28th Network and Distributed System Security Symposium (NDSS 2021) [pdf]

Shadow Attacks: Hiding and Replacing Content in Signed PDFs

2021 - Christian Mainka, Vladislav Mladenov, Simon Rohlmann

28th Network and Distributed System Security Symposium (NDSS 2021) [pdf]

Determining the Core Primitive for Optimally Secure Ratcheting

2020 - Fatih Balli, Paul Rösler, Serge Vaudenay

IACR International Conference on the Theory and Application of Cryptology and Information Security, Asiacrypt 2020 [full version]

On the Price of Concurrency in Group Ratcheting Protocols

2020 - Alexander Bienstock, Yevgeniy Dodis, Paul Rösler

IACR Theory of Cryptography Conference, TCC 2020 [full version]

Powerless Security – A Security Analysis of in-Home Power Line Communications based on HomePlug AV2

2020 - Stefan Hoffmann, Jens Müller, Jörg Schwenk, Gerd Bumiller

18th International Conference on Applied Cryptography and Network Security (ACNS 2020)

Raccoon Attack: Finding and Exploiting Most-Significant-Bit-Oracles in TLS-DH(E)

2020 - Robert Merget, Marcus Brinkmann, Nimrod Aviram, Juraj Somorovsky, Johannes Mittmann, Jörg Schwenk

30th USENIX Security Symposium, August 11–13, 2021, Vancouver, B.C., Canada [PDF]

Mitigation of Attacks on Email End-to-End Encryption

2020 - Jörg Schwenk, Marcus Brinkmann, Damian Poddebniak, Jens Müller, Juraj Somorovsky, Sebastian Schinzel

ACM CCS 2020 - November 9-13, 2020 [PDF]

Analysis of DTLS Implementations Using Protocol State Fuzzing

2020 - Paul Fiterau Brostean, Bengt Jonsson, Robert Merget, Joeri de Ruiter, Konstantinos Sagonas, Juraj Somorovsky

[LINK]

Office Document Security and Privacy

2020 - Jens Müller, Fabian Ising, Vladislav Mladenov, Christian Mainka, Sebastian Schinzel, Jörg Schwenk

14th USENIX Workshop on Offensive Technologies (WOOT 2020) [full version] [artifacts]

Mailto: Me Your Secrets. On Bugs and Features in Email End-to-End Encryption

2020 - Jens Müller, Marcus Brinkmann, Damian Poddebniak, Sebastian Schinzel, Jörg Schwenk

8th IEEE Conference on Communications and Network Security (CNS 2020) [full version]

Flexible Authenticated and Confidential Channel Establishment (fACCE): Analyzing the Noise Protocol Framework

2020 - Benjamin Dowling, Paul Rösler, Jörg Schwenk

IACR International Conference on Practice and Theory in Public Key Cryptography, PKC 2020 [extended version]

T0RTT: Non-Interactive Immediate Forward-Secure Single-Pass Circuit Construction

2020 - Sebastian Lauer, Kai Gellert, Robert Merget, Tobias Handirk, Jörg Schwenk

[Link]

Practical Decryption exFiltration: Breaking PDF Encryption

2019 - Jens Müller, Fabian Ising, Vladislav Mladenov, Christian Mainka, Sebastian Schinzel, Jörg Schwenk

26th ACM Con­fe­rence on Com­pu­ter and Com­mu­ni­ca­ti­ons Se­cu­ri­ty [html] [pdf]

Verifiable Delay Functions from Supersingular Isogenies and Pairings

2019 - Luca De Feo, Simon Masson, Christophe Petit, Antonio Sanso

Asiacrypt 2019 [eprint]

Scalable Scanning and Automatic Classification of TLS Padding Oracle Vulnerabilities

2019 - Robert Merget, Juraj Somorovsky, Nimrod Aviram, Craig Young, Janis Fliegenschmidt, Jörg Schwenk, Yuval Shavitt

28th USE­NIX Se­cu­ri­ty Sym­po­si­um (USE­NIX Se­cu­ri­ty '19) [Paper] [General Information] [TLS-Scanner]

“Johnny, you are fired!” – Spoofing OpenPGP and S/MIME Signatures in Emails

2019 - Jens Müller, Marcus Brinkmann, Damian Poddebniak, Hanno Böck, Sebastian Schinzel, Juraj Somorovsky, Jörg Schwenk

28th USE­NIX Se­cu­ri­ty Sym­po­si­um (USE­NIX Se­cu­ri­ty '19) [full version] [artifacts]

1 Trillion Dollar Refund – How To Spoof PDF Signatures

2019 - Vladislav Mladenov, Christian Mainka, Karsten Meyer zu Selhausen, Martin Grothe, Jörg Schwenk

26th ACM Conference on Computer and Communications Security [html] [pdf]

Re: What's up Johnny? – Covert Content Attacks on Email End-to-End Encryption

2019 - Jens Müller, Marcus Brinkmann, Damian Poddebniak, Sebastian Schinzel, Jörg Schwenk

17th International Conference on Applied Cryptography and Network Security (ACNS 2019) [draft version] [artifacts]

Efail: Angriffe auf S/MIME und OpenPGP

2019 - Damian Poddebniak, Christian Dresen, Jens Müller, Fabian Ising, Sebastian Schinzel, Simon Friedberger, Juraj Somorovsky, Jörg Schwenk

16. Deutscher IT-Sicherheitskongress [pdf]

Sicherheitsanalyse von eID/eIDAS-Diensten

2019 - Nils Engelbertz, Nurullah Erinola, David Herring, Juraj Somorovsky, Vladislav Mladenov, Jörg Schwenk

16. Deutscher IT-Sicherheitskongress
Page: