Publications

Raccoon Attack: Finding and Exploiting Most-Significant-Bit-Oracles in TLS-DH(E)

2020 - Robert Merget, Marcus Brinkmann, Nimrod Aviram, Juraj Somorovsky, Johannes Mittmann, Jörg Schwenk

30th USENIX Security Symposium, August 11–13, 2021, Vancouver, B.C., Canada [PDF]

Analysis of DTLS Implementations Using Protocol State Fuzzing

2020 - Paul Fiterau Brostean, Bengt Jonsson, Robert Merget, Joeri de Ruiter, Konstantinos Sagonas, Juraj Somorovsky

[LINK]

Scalable Scanning and Automatic Classification of TLS Padding Oracle Vulnerabilities

2019 - Robert Merget, Juraj Somorovsky, Nimrod Aviram, Craig Young, Janis Fliegenschmidt, Jörg Schwenk, Yuval Shavitt

28th USE­NIX Se­cu­ri­ty Sym­po­si­um (USE­NIX Se­cu­ri­ty '19) [Paper] [General Information] [TLS-Scanner]

Prime and Prejudice: Primality Testing Under Adversarial Conditions

2018 - Martin R. Albrecht, Jake Massimo, Kenneth G. Paterson, Juraj Somorovsky

ACM CCS 2018 [eprint]

Return Of Bleichenbacher’s Oracle Threat (ROBOT)

2018 - Hanno Böck, Juraj Somorovsky, Craig Young

27th USE­NIX Se­cu­ri­ty Sym­po­si­um (USE­NIX Se­cu­ri­ty 18) [Attack website]

Nonce-Disrespecting Adversaries: Practical Forgery Attacks on GCM in TLS

2016 - Hanno Böck, Aaron Zauner, Sean Devlin, Juraj Somorovsky, Philipp Jovanovic

WOOT 2016 [Blackhat stuff] [paper]

On the Security of TLS 1.3 and QUIC Against Weaknesses in PKCS#1 v1.5 Encryption

2015 - Tibor Jager, Jörg Schwenk, Juraj Somorovsky

ACM CCS 2015 [pdf]

Practical Invalid Curve Attacks on TLS-ECDH

2015 - Tibor Jager, Jörg Schwenk, Juraj Somorovsky

ESORICS 2015 [pdf]

Not so Smart: On Smart TV Apps

2015 - Marcus Niemietz, Juraj Somorovsky, Christian Mainka, Jörg Schwenk

International Workshop on Secure Internet of Things (SIoT 2015, Vienna, Austria) [pdf]
Page: