Publications
Raccoon Attack: Finding and Exploiting Most-Significant-Bit-Oracles in TLS-DH(E)
2020 - Robert Merget, Marcus Brinkmann, Nimrod Aviram, Juraj Somorovsky, Johannes Mittmann, Jörg Schwenk
30th USENIX Security Symposium, August 11–13, 2021, Vancouver, B.C., Canada [PDF]Analysis of DTLS Implementations Using Protocol State Fuzzing
2020 - Paul Fiterau Brostean, Bengt Jonsson, Robert Merget, Joeri de Ruiter, Konstantinos Sagonas, Juraj Somorovsky
[LINK]Scalable Scanning and Automatic Classification of TLS Padding Oracle Vulnerabilities
2019 - Robert Merget, Juraj Somorovsky, Nimrod Aviram, Craig Young, Janis Fliegenschmidt, Jörg Schwenk, Yuval Shavitt
28th USENIX Security Symposium (USENIX Security '19) [Paper] [General Information] [TLS-Scanner]Prime and Prejudice: Primality Testing Under Adversarial Conditions
2018 - Martin R. Albrecht, Jake Massimo, Kenneth G. Paterson, Juraj Somorovsky
ACM CCS 2018 [eprint]Return Of Bleichenbacher’s Oracle Threat (ROBOT)
2018 - Hanno Böck, Juraj Somorovsky, Craig Young
27th USENIX Security Symposium (USENIX Security 18) [Attack website]Nonce-Disrespecting Adversaries: Practical Forgery Attacks on GCM in TLS
2016 - Hanno Böck, Aaron Zauner, Sean Devlin, Juraj Somorovsky, Philipp Jovanovic
WOOT 2016 [Blackhat stuff] [paper]Systematic Fuzzing and Testing of TLS Libraries
2016 - Juraj Somorovsky
ACM CCS 2016 [TLS-Attacker] [paper]On the Security of TLS 1.3 and QUIC Against Weaknesses in PKCS#1 v1.5 Encryption
2015 - Tibor Jager, Jörg Schwenk, Juraj Somorovsky
ACM CCS 2015 [pdf]Practical Invalid Curve Attacks on TLS-ECDH
2015 - Tibor Jager, Jörg Schwenk, Juraj Somorovsky
ESORICS 2015 [pdf]Not so Smart: On Smart TV Apps
2015 - Marcus Niemietz, Juraj Somorovsky, Christian Mainka, Jörg Schwenk
International Workshop on Secure Internet of Things (SIoT 2015, Vienna, Austria) [pdf]