Veröffentlichungen

On Breaking SAML: Be Whoever You Want to Be

2012 - Juraj Somorovsky, Andreas Mayer, Jörg Schwenk, Marco Kampmann, Meiko Jensen

In Proceedings of the 21st USENIX Security Symposium, 2012 [pdf]

Penetration Testing Tool for Web Services Security

2012 - Christian Mainka, Juraj Somorovsky, Jörg Schwenk

In Proceeding of the IEEE 2012 Services Workshop on Security and Privacy Engineering (SPE2012) [pdf]

Technical Analysis of Countermeasures against Attack on XML Encryption - or - Just Another Motivation for Authenticated Encryption

2012 - Juraj Somorovsky, Jörg Schwenk

In Proceedings of the SERVICES Workshop on Security and Privacy Engineering, 2012 [pdf]

Bleichenbacher’s Attack Strikes Again: Breaking PKCS#1 v1.5 in XML Encryption

2012 - Tibor Jager, Sebastian Schinzel, Juraj Somorovsky

In Proceedings of the 17th European Symposium on Research in Computer Security (ESORICS), 2012, Full Version [pdf]

Forensic Content Detection through Power Consumption

2012 - Ulrich Greveler, Dennis Löhr, Benjamin Justus

[Paper]

Sec2: Secure Mobile Solution for Distributed Public Cloud Storages

2012 - Juraj Somorovsky, Christopher Meyer, Thang Tran, Mohamad Sbeiti, Jörg Schwenk, Christian Wietfeld

In Proceedings of the 2nd International Conference on Cloud Computing and Services Science (CLOSER), 2012 [Paper] [Slides]

XSpRES: Robust and Effective XML Signatures for Web Services

2012 - Christian Mainka, Meiko Jensen, Lo Iacono, Luigi, Jörg Schwenk

In Proceedings of the 2nd International Conference on Cloud Computing and Services Science (CLOSER), 2012 [pdf]

Clickjacking und UI-Redressing – Vom Klick-Betrug zum Datenklau

2012 - Marcus Niemietz

Ein Leitfaden für Sicherheitsexperten und Webentwickler [dpunkt.verlag]

XSpRES: XML-Signaturen, aber sicher!

2012 - Christian Mainka, Junker, Holger, Lo Iacono, Luigi, Jörg Schwenk

DuD - Datenschutz und Datensicherheit Ausgabe 04/2012

XML Signature Wrapping: Die Kunst SAML Assertions zu fälschen

2012 - Andreas Mayer, Jörg Schwenk

In 19. DFN~Workshop: Sicherheit in vernetzten Systemen, Seiten H1-H15, BoD - Books on Demand

Identifikation von Videoinhalten über granulare Stromverbrauchsdaten

2012 - Ulrich Greveler, Dennis Löhr, Benjamin Justus

[Paper]

Crouching Tiger - Hidden Payload: Security Risks of Scalable Vectors Graphics

2011 - Mario Heiderich, Tilman Frosch, Meiko Jensen, Thorsten Holz

18th ACM Conference on Computer and Communications Security (CCS), Chicago, IL, October 2011 [PDF]

STEED — Usable End-to-End Encryption

2011 - Werner Koch, Marcus Brinkmann

White Paper, g10code GmbH [PDF]

The Bug that made me President: A Browser- and Web-Security Case Study on Helios Voting

2011 - Mario Heiderich, Tilman Frosch, Marcus Niemietz, Jörg Schwenk

International Conference on E-voting and Identity (VoteID), 2011, Tallinn, Estonia, September 2011 [Website]

Direct Anonymous Attestation: Enhancing Cloud Service User Privacy

2011 - Ulrich Greveler, Dennis Löhr, Benjamin Justus

[Paper]

IceShield: Detection and Mitigation of Malicious Websites with a Frozen DOM

2011 - Mario Heiderich, Tilman Frosch, Thorsten Holz

14th International Symposium on Recent Advances in Intrusion Detection (RAID), Menlo Park, CA, September 2011 [PDF]

On the E ffectiveness of XML Schema Validation for Countering XML Signature Wrapping Attacks

2011 - Meiko Jensen, Christopher Meyer, Juraj Somorovsky, Jörg Schwenk

In IWSSC 2011: First International Workshop on Securing Services on the Cloud, Sept. 2011 [Paper] [Slides]

Short Signatures from Weaker Assumptions

2011 - Dennis Hofheinz, Tibor Jager, Eike Kiltz

Asiacrypt 2011 [Full Version]

All Your Clouds are Belong to us – Security Analysis of Cloud Management Interfaces

2011 - Juraj Somorovsky, Mario Heiderich, Meiko Jensen, Jörg Schwenk, Nils Gruschka, Luigi Lo Iacono

In Proceedings of the ACM Cloud Computing Security Workshop (CCSW), 2011. [pdf]

How To Break XML Encryption

2011 - Tibor Jager, Juraj Somorovsky

In Proceedings of the 18th ACM Con­fe­rence on Com­pu­ter and Com­mu­ni­ca­ti­ons Se­cu­ri­ty (CCS), 2011. [pdf]
Seite: