Publications

Practical Decryption exFiltration: Breaking PDF Encryption

2019 - Jens Müller, Fabian Ising, Vladislav Mladenov, Christian Mainka, Sebastian Schinzel, Jörg Schwenk

26th ACM Con­fe­rence on Com­pu­ter and Com­mu­ni­ca­ti­ons Se­cu­ri­ty [html] [pdf]

Vulnerability Report: Attacks bypassing confidentiality in encrypted PDF

2019 - Jens Müller, Fabian Ising, Vladislav Mladenov, Christian Mainka, Sebastian Schinzel, Jörg Schwenk

[html] [pdf]

Verifiable Delay Functions from Supersingular Isogenies and Pairings

2019 - Luca De Feo, Simon Masson, Christophe Petit, Antonio Sanso

Asiacrypt 2019 [eprint]

Scalable Scanning and Automatic Classification of TLS Padding Oracle Vulnerabilities

2019 - Robert Merget, Juraj Somorovsky, Nimrod Aviram, Craig Young, Janis Fliegenschmidt, Jörg Schwenk, Yuval Shavitt

28th USE­NIX Se­cu­ri­ty Sym­po­si­um (USE­NIX Se­cu­ri­ty '19) [Paper] [General Information] [TLS-Scanner]

“Johnny, you are fired!” – Spoofing OpenPGP and S/MIME Signatures in Emails

2019 - Jens Müller, Marcus Brinkmann, Damian Poddebniak, Hanno Böck, Sebastian Schinzel, Juraj Somorovsky, Jörg Schwenk

28th USE­NIX Se­cu­ri­ty Sym­po­si­um (USE­NIX Se­cu­ri­ty '19) [full version] [artifacts]

1 Trillion Dollar Refund – How To Spoof PDF Signatures

2019 - Vladislav Mladenov, Christian Mainka, Karsten Meyer zu Selhausen, Martin Grothe, Jörg Schwenk

26th ACM Conference on Computer and Communications Security [html] [pdf]

Re: What's up Johnny? – Covert Content Attacks on Email End-to-End Encryption

2019 - Jens Müller, Marcus Brinkmann, Damian Poddebniak, Sebastian Schinzel, Jörg Schwenk

17th International Conference on Applied Cryptography and Network Security (ACNS 2019) [draft version] [artifacts]

Efail: Angriffe auf S/MIME und OpenPGP

2019 - Damian Poddebniak, Christian Dresen, Jens Müller, Fabian Ising, Sebastian Schinzel, Simon Friedberger, Juraj Somorovsky, Jörg Schwenk

16. Deutscher IT-Sicherheitskongress [pdf]

Sicherheitsanalyse von eID/eIDAS-Diensten

2019 - Nils Engelbertz, Nurullah Erinola, David Herring, Juraj Somorovsky, Vladislav Mladenov, Jörg Schwenk

16. Deutscher IT-Sicherheitskongress

Security Analysis of XAdES Validation in the CEF Digital Signature Services (DSS)

2019 - Nils Engelbertz, Vladislav Mladenov, Juraj Somorovsky, Nurullah Erinnola, David Herring, Jörg Schwenk

[pdf]

Extended Affine and CCZ Equivalence up to Dimension 4

2019 - Marcus Brinkmann

A complete classification of all vectorial boolean functions in up to dimension 4, up to extended affine and CCZ equivalence. Work done as part of my diploma thesis in 2008, and since then cited as personal communication. [ePrint] [pdf]

Vulnerability Report: Attacks bypassing the signature validation in PDF

2019 - Vladislav Mladenov, Christian Mainka, Karsten Meyer zu Selhausen, Martin Grothe, Jörg Schwenk

[pdf]

Prime and Prejudice: Primality Testing Under Adversarial Conditions

2018 - Martin R. Albrecht, Jake Massimo, Kenneth G. Paterson, Juraj Somorovsky

ACM CCS 2018 [eprint]

In Search of CurveSwap: Measuring Elliptic Curve Implementations in the Wild

2018 - Luke Valenta, Nick Sullivan, Antonio Sanso

In IEEE European Symposium on Security and Privacy (EuroS&P), 2018 [IEEE Website]

Towards Bidirectional Ratcheted Key Exchange

2018 - Bertram Poettering, Paul Rösler

In Advances in Cryptology, IACR CRYPTO 2018 [extended version]

Efail: Breaking S/MIME and OpenPGP Email Encryption using Exfiltration Channels

2018 - Damian Poddebniak, Christian Dresen, Jens Müller, Fabian Ising, Sebastian Schinzel, Simon Friedberger, Juraj Somorovsky, Jörg Schwenk

27th USE­NIX Se­cu­ri­ty Sym­po­si­um (USE­NIX Se­cu­ri­ty 18) [full version]

The Dangers of Key Reuse: Practical Attacks on IPsec IKE

2018 - Dennis Felsch, Martin Grothe, Jörg Schwenk, Adam Czubak, Marcin Szymanek

27th USENIX Security Symposium, August 15–17, 2018, Baltimore, MD, USA [Original Publication] [Video of the Talk] [Paper] [Slides]

Return Of Bleichenbacher’s Oracle Threat (ROBOT)

2018 - Hanno Böck, Juraj Somorovsky, Craig Young

27th USE­NIX Se­cu­ri­ty Sym­po­si­um (USE­NIX Se­cu­ri­ty 18) [Attack website]

PostScript Undead: Pwning the Web with a 35 Years Old Language

2018 - Jens Müller, Vladislav Mladenov, Dennis Felsch, Jörg Schwenk

21st International Symposium on Research in Attacks, Intrusions, and Defenses (RAID 2018) [Paper]

Security Analysis of eIDAS – The Cross-Country Authentication Scheme in Europe

2018 - Nils Engelbertz, Nurullah Erinola, David Herring, Vladislav Mladenov, Juraj Somorovsky, Jörg Schwenk

12th USE­NIX Work­shop on Of­fen­si­ve Tech­no­lo­gies (WOOT '18) [pdf]
Page: