Jörg Schwenk

Proceedings of the 33rd USENIX Security Symposium, 2024

2023

Every Signature is Broken: On the Insecurity of Microsoft Office's OOXML Signatures.

[BibT_eX]

[DOI]

Proceedings of the 32nd USENIX Security Symposium, 2023

We Really Need to Talk About Session Tickets: A Large-Scale Analysis of Cryptographic Dangers with TLS Session Tickets.

[BibT_eX]

[DOI]

Proceedings of the 32nd USENIX Security Symposium, 2023

Isolated and Exhausted: Attacking Operating Systems via Site Isolation in the Browser.

[BibT_eX]

[DOI]

Matthias Gierlings

Marcus Brinkmann

Proceedings of the 32nd USENIX Security Symposium, 2023

Exploring the Unknown DTLS Universe: Analysis of the DTLS Server Ecosystem on the Internet.

[BibT_eX]

[DOI]

Proceedings of the 32nd USENIX Security Symposium, 2023

Finding All Cross-Site Needles in the DOM Stack: A Comprehensive Methodology for the Automatic XS-Leak Detection in Web Browsers.

[BibT_eX]

[DOI]

Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, 2023

2022

USENIX'23 Artifact: Isolated and Exhausted: Attacking Operating Systems via Site Isolation in the Browser.

[BibT_eX]

[DOI]

Matthias Gierlings

Marcus Brinkmann

Dataset, November, 2022

Guide to Internet Cryptography - Security Protocols and Real-World Attack Implications

[BibT_eX]

[DOI]

Information Security and Cryptography, Springer, ISBN: 978-3-031-19438-2, 2022

A reduction-based proof for authentication and session key security in three-party Kerberos.

[BibT_eX]

[DOI]

Douglas Stebila

Int. J. Appl. Cryptogr., 2022

Oops... Code Execution and Content Spoofing: The First Comprehensive Analysis of OpenDocument Signatures.

[BibT_eX]

[DOI]

Proceedings of the 31st USENIX Security Symposium, 2022

TLS-Anvil: Adapting Combinatorial Testing for TLS Libraries.

[BibT_eX]

[DOI]

Proceedings of the 31st USENIX Security Symposium, 2022

DISTINCT: Identity Theft using In-Browser Communications in Dual-Window Single Sign-On.

[BibT_eX]

[DOI]

Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, 2022

2021

SoK: Game-based Security Models for Group Key Exchange.

[BibT_eX]

[DOI]

IACR Cryptol. ePrint Arch., 2021

ALPACA: Application Layer Protocol Confusion - Analyzing and Mitigating Cracks in TLS Authentication.

[BibT_eX]

[DOI]

Proceedings of the 30th USENIX Security Symposium, 2021

Breaking the Specification: PDF Certification.

[BibT_eX]

[DOI]

Proceedings of the 42nd IEEE Symposium on Security and Privacy, 2021

Processing Dangerous Paths - On Security and Privacy of the Portable Document Format.

[BibT_eX]

[DOI]

Proceedings of the 28th Annual Network and Distributed System Security Symposium, 2021

XSinator.com: From a Formal Model to the Automatic Evaluation of Cross-Site Leaks in Web Browsers.

[BibT_eX]

[DOI]

Proceedings of the CCS '21: 2021 ACM SIGSAC Conference on Computer and Communications Security, Virtual Event, Republic of Korea, November 15, 2021

2020

T0RTT: Non-Interactive Immediate Forward-Secret Single-Pass Circuit Construction.

[BibT_eX]

[DOI]

Proc. Priv. Enhancing Technol., 2020

Privacy-Preserving Authenticated Key Exchange and the Case of IKEv2.

[BibT_eX]

[DOI]

Sebastian Lauer

IACR Cryptol. ePrint Arch., 2020

Raccoon Attack: Finding and Exploiting Most-Significant-Bit-Oracles in TLS-DH(E).

[BibT_eX]

[DOI]

IACR Cryptol. ePrint Arch., 2020

Office Document Security and Privacy.

[BibT_eX]

[DOI]

Proceedings of the 14th USENIX Workshop on Offensive Technologies, 2020

Mailto: Me Your Secrets. On Bugs and Features in Email End-to-End Encryption.

[BibT_eX]

[DOI]

Proceedings of the 8th IEEE Conference on Communications and Network Security, 2020

Mitigation of Attacks on Email End-to-End Encryption.

[BibT_eX]

[DOI]

Proceedings of the CCS '20: 2020 ACM SIGSAC Conference on Computer and Communications Security, 2020

Powerless Security.

[BibT_eX]

[DOI]

Proceedings of the Applied Cryptography and Network Security, 2020

2019

A Reduction-Based Proof for Authentication and Session Key Security in 3-Party Kerberos.

[BibT_eX]

[DOI]

Douglas Stebila

IACR Cryptol. ePrint Arch., 2019

Flexible Authenticated and Confidential Channel Establishment (fACCE): Analyzing the Noise Protocol Framework.

[BibT_eX]

[DOI]

Benjamin Dowling

Paul Rösler

IACR Cryptol. ePrint Arch., 2019

Moderne Vertrauensdienste für vertrauenswürdige Transaktionen.

[BibT_eX]

[DOI]

Tobias Wich

Detlef Hühnlein

Datenschutz und Datensicherheit, 2019

Scalable Scanning and Automatic Classification of TLS Padding Oracle Vulnerabilities.

[BibT_eX]

[DOI]

Proceedings of the 28th USENIX Security Symposium, 2019

"Johnny, you are fired!" - Spoofing OpenPGP and S/MIME Signatures in Emails.

[BibT_eX]

[DOI]

Proceedings of the 28th USENIX Security Symposium, 2019

Security Analysis of XAdES Validation in the CEF Digital Signature Services (DSS).

[BibT_eX]

[DOI]

Proceedings of the Open Identity Summit 2019, 2019

1 Trillion Dollar Refund: How To Spoof PDF Signatures.

[BibT_eX]

[DOI]

Vladislav Mladenov

Karsten Meyer zu Selhausen

Martin Grothe

Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, 2019

Practical Decryption exFiltration: Breaking PDF Encryption.

[BibT_eX]

[DOI]

Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, 2019

Re: What's Up Johnny? - Covert Content Attacks on Email End-to-End Encryption.

[BibT_eX]

[DOI]

Proceedings of the Applied Cryptography and Network Security, 2019

2018

Security Analysis of eIDAS - The Cross-Country Authentication Scheme in Europe.

[BibT_eX]

[DOI]

Proceedings of the 12th USENIX Workshop on Offensive Technologies, 2018

Efail: Breaking S/MIME and OpenPGP Email Encryption using Exfiltration Channels.

[BibT_eX]

[DOI]

Proceedings of the 27th USENIX Security Symposium, 2018

The Dangers of Key Reuse: Practical Attacks on IPsec IKE.

[BibT_eX]

[DOI]

Proceedings of the 27th USENIX Security Symposium, 2018

PostScript Undead: Pwning the Web with a 35 Years Old Language.

[BibT_eX]

[DOI]

Proceedings of the Research in Attacks, Intrusions, and Defenses, 2018

More is Less: On the End-to-End Security of Group Chats in Signal, WhatsApp, and Threema.

[BibT_eX]

[DOI]

Paul Rösler

Proceedings of the 2018 IEEE European Symposium on Security and Privacy, 2018

2017

Authenticated Confidential Channel Establishment and the Security of TLS-DHE.

[BibT_eX]

[DOI]

J. Cryptol., 2017

More is Less: How Group Chats Weaken the Security of Instant Messengers Signal, WhatsApp, and Threema.

[BibT_eX]

[DOI]

Paul Rösler

IACR Cryptol. ePrint Arch., 2017

Breaking and Fixing Gridcoin.

[BibT_eX]

[DOI]

Proceedings of the 11th USENIX Workshop on Offensive Technologies, 2017

Same-Origin Policy: Evaluation in Modern Browsers.

[BibT_eX]

[DOI]

Proceedings of the 26th USENIX Security Symposium, 2017

SoK: Exploiting Network Printers.

[BibT_eX]

[DOI]

Proceedings of the 2017 IEEE Symposium on Security and Privacy, 2017

SoK: Single Sign-On Security - An Evaluation of OpenID Connect.

[BibT_eX]

[DOI]

Proceedings of the 2017 IEEE European Symposium on Security and Privacy, 2017

DOMPurify: Client-Side Protection Against XSS and Markup Injection.

[BibT_eX]

[DOI]

Mario Heiderich

Christopher Späth

Proceedings of the Computer Security - ESORICS 2017, 2017

SECRET: On the Feasibility of a Secure, Efficient, and Collaborative Real-Time Web Editor.

[BibT_eX]

[DOI]

Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security, 2017

Out of the Dark: UI Redressing and Trustworthy Events.

[BibT_eX]

[DOI]

Proceedings of the Cryptology and Network Security - 16th International Conference, 2017

Simple Security Definitions for and Constructions of 0-RTT Key Exchange.

[BibT_eX]

[DOI]

Proceedings of the Applied Cryptography and Network Security, 2017

2016

Nonce-based Kerberos is a Secure Delegated AKE Protocol.

[BibT_eX]

[DOI]

IACR Cryptol. ePrint Arch., 2016

SoK: XML Parser Vulnerabilities.

[BibT_eX]

[DOI]

Proceedings of the 10th USENIX Workshop on Offensive Technologies, 2016

How to Break Microsoft Rights Management Services.

[BibT_eX]

[DOI]

Proceedings of the 10th USENIX Workshop on Offensive Technologies, 2016

Evaluating Two Methods for WS-(Security) Policy Negotiation and Decision Making.

[BibT_eX]

[DOI]

Abeer Elsafie

Proceedings of the On the Move to Meaningful Internet Systems: OTM 2016 Conferences, 2016

FutureTrust - Future Trust Services for Trustworthy Global Transactions.

[BibT_eX]

[DOI]

Proceedings of the Open Identity Summit 2016, 13-14 October 2016, Rome, Italy, 2016

Do Not Trust Me: Using Malicious IdPs for Analyzing and Attacking Single Sign-on.

[BibT_eX]

[DOI]

Vladislav Mladenov

Proceedings of the IEEE European Symposium on Security and Privacy, 2016

Breaking PPTP VPNs via RADIUS Encryption.

[BibT_eX]

[DOI]

Proceedings of the Cryptology and Network Security - 15th International Conference, 2016

Your Cloud in My Company: Modern Rights Management Services Revisited.

[BibT_eX]

[DOI]

Proceedings of the 11th International Conference on Availability, Reliability and Security, 2016

2015

Speeding: On Low-Latency Key Exchange.

[BibT_eX]

[DOI]

IACR Cryptol. ePrint Arch., 2015

One-Round Key Exchange with Strong Security: An Efficient and Generic Construction in the Standard Model.

[BibT_eX]

[DOI]

Florian Bergsma

IACR Cryptol. ePrint Arch., 2015

Owning Your Home Network: Router Security Revisited.

[BibT_eX]

[DOI]

CoRR, 2015

On the security of modern Single Sign-On Protocols: OpenID Connect 1.0.

[BibT_eX]

[DOI]

CoRR, 2015

How to Break XML Encryption - Automatically.

[BibT_eX]

[DOI]

Proceedings of the 9th USENIX Workshop on Offensive Technologies, 2015

Not so Smart: On Smart TV Apps.

[BibT_eX]

[DOI]

Proceedings of the 2015 International Workshop on Secure Internet of Things, 2015

Semi-automated Fuzzy MCDM and Lattice Solutions for WS-Policy Intersection.

[BibT_eX]

[DOI]

Abeer Elsafie

Proceedings of the 2015 IEEE World Congress on Services, 2015

Automatic recognition, processing and attacking of single sign-on protocols with burp suite.

[BibT_eX]

[DOI]

Proceedings of the Open Identity Summit 2015, 10-11 November 2015, Berlin, Germany, 2015

Practical Invalid Curve Attacks on TLS-ECDH.

[BibT_eX]

[DOI]

Proceedings of the Computer Security - ESORICS 2015, 2015

Waiting for CSP - Securing Legacy Web Applications with JSAgents.

[BibT_eX]

[DOI]

Mario Heiderich

Proceedings of the Computer Security - ESORICS 2015, 2015

AdIDoS - Adaptive and Intelligent Fully-Automatic Detection of Denial-of-Service Weaknesses in Web Services.

[BibT_eX]

[DOI]

Proceedings of the Data Privacy Management, and Security Assurance, 2015

On the Security of TLS 1.3 and QUIC Against Weaknesses in PKCS#1 v1.5 Encryption.

[BibT_eX]

[DOI]

Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, 2015

How Private is Your Private Cloud?: Security Analysis of Cloud Control Interfaces.

[BibT_eX]

[DOI]

Proceedings of the 2015 ACM Workshop on Cloud Computing Security Workshop, 2015

2014

Scriptless attacks: Stealing more pie without touching the sill.

[BibT_eX]

[DOI]

J. Comput. Secur., 2014

On the Security of the Pre-Shared Key Ciphersuites of TLS.

[BibT_eX]

[DOI]

IACR Cryptol. ePrint Arch., 2014

How Secure is TextSecure?

[BibT_eX]

[DOI]

IACR Cryptol. ePrint Arch., 2014

Systematically Breaking Online WYSIWYG Editors.

[BibT_eX]

[DOI]

Proceedings of the Information Security Applications - 15th International Workshop, 2014

Revisiting SSL/TLS Implementations: New Bleichenbacher Side Channels and Attacks.

[BibT_eX]

[DOI]

Proceedings of the 23rd USENIX Security Symposium, San Diego, CA, USA, August 20-22, 2014., 2014

TTPCookie: Flexible Third-Party Cookie Management for Increasing Online Privacy.

[BibT_eX]

[DOI]

Christian Merz

Proceedings of the 13th IEEE International Conference on Trust, 2014

On the Security of Holder-of-Key Single Sign-On.

[BibT_eX]

[DOI]

Andreas Mayer

Vladislav Mladenov

Proceedings of the Sicherheit 2014: Sicherheit, 2014

Strengthening Web Authentication through TLS - Beyond TLS Client Certificates.

[BibT_eX]

[DOI]

Proceedings of the Open Identity Summit 2014, November 4-6, 2014, Stuttgart, Germany, 2014

SIACHEN: A Fine-Grained Policy Language for the Mitigation of Cross-Site Scripting Attacks.

[BibT_eX]

[DOI]

Jens Riemer

Proceedings of the Information Security - 17th International Conference, 2014

Secure Fallback Authentication and the Trusted Friend Attack.

[BibT_eX]

[DOI]

Proceedings of the 34th International Conference on Distributed Computing Systems Workshops (ICDCS 2014 Workshops), Madrid, Spain, June 30, 2014

Modelling Time for Authenticated Key Exchange Protocols.

[BibT_eX]

[DOI]

Proceedings of the Computer Security - ESORICS 2014, 2014

Guardians of the Clouds: When Identity Providers Fail.

[BibT_eX]

[DOI]

Proceedings of the 6th edition of the ACM Workshop on Cloud Computing Security, 2014

Your Software at my Service: Security Analysis of SaaS Single Sign-On Solutions in the Cloud.

[BibT_eX]

[DOI]

Proceedings of the 6th edition of the ACM Workshop on Cloud Computing Security, 2014

Multi-Ciphersuite Security of the Secure Shell (SSH) Protocol.

[BibT_eX]

[DOI]

Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, 2014

New Modular Compilers for Authenticated Key Exchange.

[BibT_eX]

[DOI]

Proceedings of the Applied Cryptography and Network Security, 2014

2013

On the Analysis of Cryptographic Assumptions in the Generic Ring Model.

[BibT_eX]

[DOI]

J. Cryptol., 2013

Modelling Time, or A Step Towards Reduction-based Security Proofs for OTP and Kerberos.

[BibT_eX]

[DOI]

IACR Cryptol. ePrint Arch., 2013

Lessons Learned From Previous SSL/TLS Attacks - A Brief Chronology Of Attacks And Weaknesses.

[BibT_eX]

[DOI]

IACR Cryptol. ePrint Arch., 2013

On the Security of TLS-DH and TLS-RSA in the Standard Model.

[BibT_eX]

[DOI]

Florian Kohlar

IACR Cryptol. ePrint Arch., 2013

Multi-ciphersuite security and the SSH protocol.

[BibT_eX]

[DOI]

IACR Cryptol. ePrint Arch., 2013

A new approach for WS-Policy Intersection using Partial Ordered Sets.

[BibT_eX]

[DOI]

Abeer Elsafie

Proceedings of the 5<sup>th</sup> Central-European Workshop on Services and their Composition, 2013

SoK: Lessons Learned from SSL/TLS Attacks.

[BibT_eX]

[DOI]

Proceedings of the Information Security Applications - 14th International Workshop, 2013

Towards Elimination of Cross-Site Scripting on Mobile Versions of Web Applications.

[BibT_eX]

[DOI]

Proceedings of the Information Security Applications - 14th International Workshop, 2013

How to authenticate mobile devices in a web environment - the SIM-ID approach.

[BibT_eX]

[DOI]

Florian Feldmann

Proceedings of the Open Identity Summit 2013, September 9th, 2013

A New Approach towards DoS Penetration Testing on Web Services.

[BibT_eX]

[DOI]

Proceedings of the 2013 IEEE 20th International Conference on Web Services, Santa Clara, CA, USA, June 28, 2013

Options for integrating eID and SAML.

[BibT_eX]

[DOI]

Proceedings of the DIM'13, 2013

Randomly Failed! The State of Randomness in Current Java Implementations.

[BibT_eX]

[DOI]

Kai Michaelis

Proceedings of the Topics in Cryptology - CT-RSA 2013, 2013

mXSS attacks: attacking well-secured web-applications by using innerHTML mutations.

[BibT_eX]

[DOI]

Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, 2013

2012

XML Signature Wrapping Angriffe wirksam unterbinden.

[BibT_eX]

[DOI]

Datenschutz und Datensicherheit, 2012

On Breaking SAML: Be Whoever You Want to Be.

[BibT_eX]

[DOI]

Proceedings of the 21th USENIX Security Symposium, Bellevue, WA, USA, August 8-10, 2012, 2012

On the design and implementation of the Open eCard App.

[BibT_eX]

[DOI]

Proceedings of the Sicherheit 2012: Sicherheit, 2012

Technical Analysis of Countermeasures against Attack on XML Encryption - or - Just Another Motivation for Authenticated Encryption.

[BibT_eX]

[DOI]

Proceedings of the Eighth IEEE World Congress on Services, 2012

Penetration Testing Tool for Web Services Security.

[BibT_eX]

[DOI]

Proceedings of the Eighth IEEE World Congress on Services, 2012

Strongly Authenticated Key Exchange Protocol from Bilinear Groups without Random Oracles.

[BibT_eX]

[DOI]

Zheng Yang

Proceedings of the Provable Security - 6th International Conference, 2012

Sometimes It's Better to Be STUCK! SAML Transportation Unit for Cryptographic Keys.

[BibT_eX]

[DOI]

Florian Feldmann

Proceedings of the Information Security and Cryptology - ICISC 2012, 2012

On the Security of TLS-DHE in the Standard Model.

[BibT_eX]

[DOI]

Proceedings of the Advances in Cryptology - CRYPTO 2012, 2012

SeC2: Secure Mobile Solution for Distributed Public Cloud Storages.

[BibT_eX]

Proceedings of the CLOSER 2012 - Proceedings of the 2nd International Conference on Cloud Computing and Services Science, Porto, Portugal, 18, 2012

Making XML Signatures Immune to XML Signature Wrapping Attacks.

[BibT_eX]

[DOI]

Proceedings of the Cloud Computing and Services Science - Second International Conference, 2012

XSpRES - Robust and Effective XML Signatures for Web Services.

[BibT_eX]

Proceedings of the CLOSER 2012 - Proceedings of the 2nd International Conference on Cloud Computing and Services Science, Porto, Portugal, 18, 2012

Scriptless attacks: stealing the pie without touching the sill.

[BibT_eX]

[DOI]

Proceedings of the ACM Conference on Computer and Communications Security, 2012

2011

HTTP Authentication.

[BibT_eX]

[DOI]

Proceedings of the Encyclopedia of Cryptography and Security, 2nd Ed., 2011

On Cryptographically Strong Bindings of SAML Assertions to Transport Layer Security.

[BibT_eX]

[DOI]

Int. J. Mob. Comput. Multim. Commun., 2011

A Standard-Model Security Analysis of TLS-DHE.

[BibT_eX]

[DOI]

IACR Cryptol. ePrint Arch., 2011

The Bug That Made Me President a Browser- and Web-Security Case Study on Helios Voting.

[BibT_eX]

[DOI]

Proceedings of the E-Voting and Identity - Third International Conference, 2011

The power of recognition: secure single sign-on using TLS channel bindings.

[BibT_eX]

[DOI]

Florian Kohlar

Marcus Amon

Proceedings of the DIM'11, Proceedings of the 2013 ACM Workshop on Digital Identity Management, Chicago, IL, USA, 2011

All your clouds are belong to us: security analysis of cloud management interfaces.

[BibT_eX]

[DOI]

Proceedings of the 3rd ACM Cloud Computing Security Workshop, 2011

Security Prospects through Cloud Computing by Adopting Multiple Clouds.

[BibT_eX]

[DOI]

Proceedings of the IEEE International Conference on Cloud Computing, 2011

2010

Generic Compilers for Authenticated Key Exchange (Full Version).

[BibT_eX]

[DOI]

IACR Cryptol. ePrint Arch., 2010

Security Analysis of OpenID.

[BibT_eX]

[DOI]

Pavol Sovis

Florian Kohlar

Proceedings of the Sicherheit 2010: Sicherheit, 2010

Streaming-Based Verification of XML Signatures in SOAP Messages.

[BibT_eX]

[DOI]

Proceedings of the 6th World Congress on Services, 2010

Group key agreement performance in wireless mesh networks.

[BibT_eX]

[DOI]

Andreas Noack

Proceedings of the 35th Annual IEEE Conference on Local Computer Networks, 2010

A CDH-Based Ring Signature Scheme with Short Signatures and Public Keys.

[BibT_eX]

[DOI]

Proceedings of the Financial Cryptography and Data Security, 14th International Conference, 2010

Attacking of SmartCard-Based Banking Applications with JavaScript-Based Rootkits.

[BibT_eX]

[DOI]

Proceedings of the Financial Cryptography and Data Security, 14th International Conference, 2010

Generic Compilers for Authenticated Key Exchange.

[BibT_eX]

[DOI]

Proceedings of the Advances in Cryptology - ASIACRYPT 2010, 2010

A New RSA-Based Signature Scheme.

[BibT_eX]

[DOI]

Proceedings of the Progress in Cryptology, 2010

Towards an Anonymous Access Control and Accountability Scheme for Cloud Computing.

[BibT_eX]

[DOI]

Proceedings of the IEEE International Conference on Cloud Computing, 2010

Secure Bindings of SAML Assertions to TLS Sessions.

[BibT_eX]

[DOI]

Proceedings of the ARES 2010, 2010

Sicherheit und Kryptographie im Internet - Von sicherer E-Mail bis zu IP-Verschlüsselung (3. Aufl.).

[BibT_eX]

[DOI]

Vieweg, ISBN: 978-3-8348-0814-1, 2010

2009

Security model and framework for information aggregation in sensor networks.

[BibT_eX]

[DOI]

ACM Trans. Sens. Networks, 2009

User-aware provably secure protocols for browser-based mutual authentication.

[BibT_eX]

[DOI]

Int. J. Appl. Cryptogr., 2009

XML Signature Wrapping Angriffe - What you process is not always what you verify.

[BibT_eX]

[DOI]

Datenschutz und Datensicherheit, 2009

The curse of namespaces in the domain of XML signature.

[BibT_eX]

[DOI]

Proceedings of the 6th ACM Workshop On Secure Web Services, 2009

Extending the similarity-based XML multicast approach with digital signatures.

[BibT_eX]

[DOI]

Proceedings of the 6th ACM Workshop On Secure Web Services, 2009

Group key agreement for wireless mesh networks.

[BibT_eX]

[DOI]

Andreas Noack

Proceedings of the 34th Annual IEEE Conference on Local Computer Networks, 2009

Risks of the CardSpace Protocol.

[BibT_eX]

[DOI]

Proceedings of the Information Security, 12th International Conference, 2009

Analysis of Signature Wrapping Attacks and Countermeasures.

[BibT_eX]

[DOI]

Proceedings of the IEEE International Conference on Web Services, 2009

Sicherheitsanalyse von Kreditkarten am Beispiel von EMV.

[BibT_eX]

[DOI]

Christopher Wolf

Zidu Wang

Proceedings of the 39. Jahrestagung der Gesellschaft für Informatik, Im Focus das Leben, INFORMATIK 2009, Lübeck, Germany, September 28, 2009

SAMLizing the European Citizen Card.

[BibT_eX]

[DOI]

Jan Eichholz

Detlef Hühnlein

Proceedings of the BIOSIG 2009, 2009

On Technical Security Issues in Cloud Computing.

[BibT_eX]

[DOI]

Proceedings of the IEEE International Conference on Cloud Computing, 2009

The Accountability Problem of Flooding Attacks in Service-Oriented Architectures.

[BibT_eX]

[DOI]

Proceedings of the The Forth International Conference on Availability, 2009

2008

The Generic Hardness of Subset Membership Problems under the Factoring Assumption.

[BibT_eX]

[DOI]

IACR Cryptol. ePrint Arch., 2008

Universally Composable Security Analysis of TLS - Secure Sessions with Handshake and Record Layer Protocols.

[BibT_eX]

[DOI]

IACR Cryptol. ePrint Arch., 2008

Stronger TLS bindings for SAML assertions and SAML artifacts.

[BibT_eX]

[DOI]

Proceedings of the 5th ACM Workshop On Secure Web Services, 2008

Protecting Code Voting Against Vote Selling.

[BibT_eX]

[DOI]

Rolf Oppliger

Jörg Helbach

Proceedings of the Sicherheit 2008: Sicherheit, 2008

Nutzung von selbstsignierten Client-Zertifikaten zur Authentifikation bei SSL/TLS.

[BibT_eX]

[DOI]

Heiko Jäkel

Proceedings of the Sicherheit 2008: Sicherheit, 2008

On the Equivalence of Generic Group Models.

[BibT_eX]

[DOI]

Proceedings of the Provable Security, Second International Conference, 2008

Universally Composable Security Analysis of TLS.

[BibT_eX]

[DOI]

Proceedings of the Provable Security, Second International Conference, 2008

A Novel Solution for End-to-End Integrity Protection in Signed PGP Mail.

[BibT_eX]

[DOI]

Proceedings of the Information and Communications Security, 10th International Conference, 2008

CAPTCHA-based Code Voting.

[BibT_eX]

[DOI]

Rolf Oppliger

Christoph Löhr

Proceedings of the 3rd International Conference, 2008

Code Voting with Linkable Group Signatures.

[BibT_eX]

[DOI]

Jörg Helbach

Proceedings of the 3rd International Conference, 2008

A Browser-Based Kerberos Authentication Scheme.

[BibT_eX]

[DOI]

Proceedings of the Computer Security, 2008

Provably secure browser-based user-aware mutual authentication over TLS.

[BibT_eX]

[DOI]

Proceedings of the 2008 ACM Symposium on Information, Computer and Communications Security, 2008

TLS-Federation - a Secure and Relying-Party-Friendly Approach for Federated Identity Management.

[BibT_eX]

[DOI]

Bud P. Bruegger

Detlef Hühnlein

Proceedings of the BIOSIG 2008, 2008

Enforcing User-Aware Browser-Based Mutual Authentication with Strong Locked Same Origin Policy.

[BibT_eX]

[DOI]

Proceedings of the Information Security and Privacy, 13th Australasian Conference, 2008

2007

Provably Secure Framework for Information Aggregation is Sensor Networks.

[BibT_eX]

[DOI]

IACR Cryptol. ePrint Arch., 2007

Studieren mit Sicherheit in Bochum - Die Studiengänge zum Thema IT-Sicherheit.

[BibT_eX]

[DOI]

Datenschutz und Datensicherheit, 2007

Signieren mit Chipkartensystemen in unsicheren Umgebungen - Homebanking mit Secure HBCI/FinTS.

[BibT_eX]

[DOI]

Datenschutz und Datensicherheit, 2007

Secure Internet Voting with Code Sheets.

[BibT_eX]

[DOI]

Jörg Helbach

Proceedings of the E-Voting and Identity, First International Conference, 2007

Breaking and fixing the inline approach.

[BibT_eX]

[DOI]

Proceedings of the 4th ACM Workshop On Secure Web Services, 2007

End-to-End Header Protection in Signed S/MIME.

[BibT_eX]

[DOI]

Proceedings of the On the Move to Meaningful Internet Systems 2007: CoopIS, 2007

Provably Secure Framework for Information Aggregation in Sensor Networks.

[BibT_eX]

[DOI]

Proceedings of the Computational Science and Its Applications, 2007

Securing Email Communication with XML Technology.

[BibT_eX]

Proceedings of the 2007 International Conference on Internet Computing, 2007

Secure Emails in XML Format Using Web Services.

[BibT_eX]

[DOI]

Proceedings of the Fifth IEEE European Conference on Web Services (ECOWS 2007), 2007

SSL-over-SOAP: Towards a Token-based Key Establishment Framework for Web Services.

[BibT_eX]

[DOI]

Proceedings of the 2nd ECOWS07 Workshop on Emerging Web Services Technology, 2007

2006

Linkable Democratic Group Signatures.

[BibT_eX]

[DOI]

Ahmad-Reza Sadeghi

IACR Cryptol. ePrint Arch., 2006

On Security Models and Compilers for Group Key Exchange Protocols.

[BibT_eX]

[DOI]

Emmanuel Bresson

IACR Cryptol. ePrint Arch., 2006

SSL-VA-Authentifizierung als Schutz von Phishing und Pharming.

[BibT_eX]

[DOI]

Christoph Wegener

Proceedings of the Sicherheit 2006: Sicherheit, 2006

Moderne Verfahren der Krypotgraphie - von RSA zu Zero-Knowledge (6. Aufl.).

[BibT_eX]

Albrecht Beutelspacher

Klaus-Dieter Wolfenstetter

Vieweg, ISBN: 978-3-8348-0083-1, 2006

2005

Visual Spoofing of SSL Protected Web Sites and Effective Countermeasures.

[BibT_eX]

[DOI]

André Adelsbach

Proceedings of the Information Security Practice and Experience, 2005

Trustworthy Verification and Visualisation of Multiple XML-Signatures.

[BibT_eX]

[DOI]

Proceedings of the Communications and Multimedia Security, 2005

Secure XMaiL or How to Get Rid of Legacy Code in Secure E-Mail Applications.

[BibT_eX]

[DOI]

Proceedings of the Communications and Multimedia Security, 2005

2004

Key-assignment strategies for CPPM.

[BibT_eX]

[DOI]

André Adelsbach

Proceedings of the 6th workshop on Multimedia & Security, 2004

Pseudonym Generation Scheme for Ad-Hoc Group Communication Based on IDH.

[BibT_eX]

[DOI]

Proceedings of the Security in Ad-hoc and Sensor Networks, First European Workshop, 2004

Moderne Verfahren der Kryptographie - von RSA zu Zero-Knowledge (5. Aufl.).

[BibT_eX]

Albrecht Beutelspacher

Klaus-Dieter Wolfenstetter

Vieweg, ISBN: 978-3-528-46590-2, 2004

2001

Customer Identification for MPEG Video Based on Digital Fingerprinting.

[BibT_eX]

[DOI]

Proceedings of the Advances in Multimedia Information Processing, 2001

From pay-tv to pay-streaming: similarities and differences.

[BibT_eX]

[DOI]

Tobias Martin

Erik Neumann

Proceedings of the 4th workshop on Multimedia & Security: New Challenges, 2001

Tree-based Key Agreement for Multicast.

[BibT_eX]

Tobias Martin

R. Schaffelhofer

Proceedings of the Communications and Multimedia Security Issues of the New Century, 2001

2000

Combining digital watermarks and collusion secure fingerprints for digital images.

[BibT_eX]

[DOI]

J. Electronic Imaging, 2000

1999

Combining digital watermarks and collusion-secure fingerprints for digital images.

[BibT_eX]

[DOI]

Proceedings of the Security and Watermarking of Multimedia Contents, 1999

How to Security Broadcast a Secret.

[BibT_eX]

Proceedings of the Secure Information Networks: Communications and Multimedia Security, 1999

1996

Public Key Encryption and Signature Schemes Based on Polynomials over Zn.

[BibT_eX]

[DOI]

Jörg Eisfeld

Proceedings of the Advances in Cryptology, 1996

Establishing a Key Hierarchy for Conditional Access without Encryption.

[BibT_eX]

Proceedings of the Communications and Multimedia Security II, 1996

1995

Moderne Verfahren der Kryptographie - von RSA zu Zero-Knowledge.

[BibT_eX]

Albrecht Beutelspacher