XML Signature Wrapping: Die Kunst SAML Assertions zu fälschen

2012 - Andreas Mayer, Jörg Schwenk

In 19. DFN~Workshop: Sicherheit in vernetzten Systemen, Seiten H1-H15, BoD - Books on Demand

Identifikation von Videoinhalten über granulare Stromverbrauchsdaten

2012 - Ulrich Greveler, Dennis Löhr, Benjamin Justus


Crouching Tiger - Hidden Payload: Security Risks of Scalable Vectors Graphics

2011 - Mario Heiderich, Tilman Frosch, Meiko Jensen, Thorsten Holz

18th ACM Conference on Computer and Communications Security (CCS), Chicago, IL, October 2011 [PDF]

STEED — Usable End-to-End Encryption

2011 - Werner Koch, Marcus Brinkmann

White Paper, g10code GmbH [PDF]

The Bug that made me President: A Browser- and Web-Security Case Study on Helios Voting

2011 - Mario Heiderich, Tilman Frosch, Marcus Niemietz, Jörg Schwenk

International Conference on E-voting and Identity (VoteID), 2011, Tallinn, Estonia, September 2011 [Website]

Direct Anonymous Attestation: Enhancing Cloud Service User Privacy

2011 - Ulrich Greveler, Dennis Löhr, Benjamin Justus


IceShield: Detection and Mitigation of Malicious Websites with a Frozen DOM

2011 - Mario Heiderich, Tilman Frosch, Thorsten Holz

14th International Symposium on Recent Advances in Intrusion Detection (RAID), Menlo Park, CA, September 2011 [PDF]

On the E ffectiveness of XML Schema Validation for Countering XML Signature Wrapping Attacks

2011 - Meiko Jensen, Christopher Meyer, Juraj Somorovsky, Jörg Schwenk

In IWSSC 2011: First International Workshop on Securing Services on the Cloud, Sept. 2011 [Paper] [Slides]

Short Signatures from Weaker Assumptions

2011 - Dennis Hofheinz, Tibor Jager, Eike Kiltz

Asiacrypt 2011 [Full Version]

All Your Clouds are Belong to us – Security Analysis of Cloud Management Interfaces

2011 - Juraj Somorovsky, Mario Heiderich, Meiko Jensen, Jörg Schwenk, Nils Gruschka, Luigi Lo Iacono

In Proceedings of the ACM Cloud Computing Security Workshop (CCSW), 2011. [pdf]