Contact | Privacy | DE / EN
Hackmanit Logo

Efail

Scientific Publications

» Year 2018
  • Prime and Prejudice: Primality Testing Under Adversarial Conditions; Martin R. Albrecht, Jake Massimo, Kenneth G. Paterson, Juraj Somorovsky - ACM CCS 2018 (PDF)
  • Efail: Breaking S/MIME and OpenPGP Email Encryption using Exfiltration Channels; Damian Poddebniak, Christian Dresen, Jens Müller, Fabian Ising, Sebastian Schinzel, Simon Friedberger, Juraj Somorovsky, Jörg Schwenk - 27th USENIX Security Symposium, USENIX Security 18 (PDF)
  • Return Of Bleichenbacher’s Oracle Threat (ROBOT); Hanno Böck, Juraj Somorovsky, Craig Young - 27th USE­NIX Security Symposium (USENIX Security 18) (PDF)
  • Security Analysis of eIDAS – The Cross-Country Authentication Scheme in Europe; Nils Engelbertz, Nurullah Erinola, David Herring, Vladislav Mladenov, Juraj Somorovsky, Jörg Schwenk - 12th USENIX Workshop on Offensive Technologies (WOOT '18) (PDF)
  • Attacking Deterministic Signature Schemes using Fault Attacks; Damian Poddebniak, Juraj Somorovsky, Sebastian Schinzel, Manfred Lochter, Paul Rösler - IEEE European Symposium on Security and Privacy, EuroS&P 2018 (PDF)
  • More is Less: On the End-to-End Security of Group Chats in Signal, WhatsApp, and Threema; Paul Rösler, Christian Mainka, Jörg Schwenk - IEEE European Symposium on Security and Privacy, EuroS&P 2018 (PDF)
» Year 2017
  • SoK: Exploiting Network Printers; Jens Müller, Vladislav Mladenov, Juraj Somorovsky, Jörg Schwenk - 38th IEEE Symposium on Security and Privacy (S&P 2017) (PDF)
  • Breaking and Fixing Gridcoin; Martin Grothe, Tobias Niemann, Juraj Somorovsky, Jörg Schwenk - 11th USENIX Workshop on Offensive Technologies (WOOT '17) (PDF)
  • On The (In-)Security Of JavaScript Object Signing And Encryption; Dennis Detering, Juraj Somorovsky, Christian Mainka, Vladislav Mladenov, Jörg Schwenk - ROOTS, November 16–17, 2017, Vienna, Austria (PDF)
  • Same-Origin Policy: Evaluation in Modern Browsers; Jörg Schwenk, Marcus Niemietz, Christian Mainka - 26th USENIX Security Symposium (USENIX Security 17) (PDF)
  • SECRET: On the Feasibility of a Secure, Efficient, and Collaborative RealTime Web Editor; Dennis Felsch, Christian Mainka, Vladislav Mladenov, Jörg Schwenk - ACM Asia Conference on Computer and Communications Security (ASIACCS) 2017 (PDF)
  • SoK: Single Sign-On Security – An Evaluation of Open­ID Connect; Christian Mainka, Vladislav Mladenov, Tobias Wich, Jörg Schwenk - IEEE Eu­ropean Symposium on Security and Privacy (EuroS&P 2017) (PDF)
  • Out of the Dark: UI Redressing and Trustworthy Events; Marcus Niemietz, Jörg Schwenk - 16th International Conference on Cryptology And Network Security (CANS 2017)(PDF)
» Year 2016
  • DROWN: Breaking TLS using SSLv2; Nimrod Aviram, Sebastian Schinzel, Juraj Somorovsky, Nadia Heninger, Maik Dankel, Jens Steube, Luke Valenta, David Adrian, J. Alex Halderman, Viktor Dukhovni, Emilia Käsper, Shaanan Cohney, Susanne Engels, Christof Paar, Yuval Shavitt - USENIX Security 2016 (PDF)
  • Nonce-Disrespecting Adversaries: Practical Forgery Attacks on GCM in TLS; Hanno Böck, Aaron Zauner, Sean Devlin, Juraj Somorovsky, Philipp Jovanovic - WOOT 2016 (PDF)
  • Systematic Fuzzing and Testing of TLS Libraries; Juraj Somorovsky - ACM CCS 2016 (PDF)
  • SoK: XML Parser Vulnerabilities; Christopher Späth, Christian Mainka, Vladislav Mladenov, Jörg Schwenk - 10th USENIX Workshop on Offensive Technologies (WOOT '16) (PDF)
  • How to Break Microsoft Rights Management Services; Martin Grothe, Christian Mainka, Paul Rösler, Jörg Schwenk - 10th USENIX Workshop on Offensive Technologies (WOOT '16) (PDF)
  • Your Cloud in my Company: Modern Rights Management Services Revisited; Martin Grothe, Paul Rösler, Johanna Jupke, Jan Kaiser, Christian Mainka, Jörg Schwenk - 11th International Conference on Availability, Reliability and Security (ARES 2016) (PDF)
  • Do not trust me: Using malicious IdPs for analyzing and attacking Single Sign-On; Christian Mainka, Vladislav Mladenov, Jörg Schwenk - IEEE European Symposium on Security and Privacy (EuroS&P 2016) (PDF)
  • How Secure is TextSecure?; Tilman Frosch, Christian Mainka, Christoph Bader, Florian Bergsma, Jörg Schwenk, Thorsten Holz - IEEE European Symposium on Security and Privacy (EuroS&P 2016 (PDF)
  • Attacks on OpenID Connect; Vladislav Mladenov, Christian Mainka (PDF)
» Year 2015
  • AdIDoS - Adaptive and Intelligent Fully-Automatic Detection of Denial-of-Service Weaknesses in Web Services; Christian Altmeier, Christian Mainka, Juraj Somorovsky, Jörg Schwenk - International Workshop on Quantitative Aspects of Security Assurance (QASA), Vienna, Austria, 2015 (PDF)
  • On the Security of TLS 1.3 and QUIC Against Weaknesses in PKCS#1 v1.5 Encryption; Tibor Jager, Jörg Schwenk, Juraj Somorovsky - ACM CCS 2015 (PDF)
  • Practical Invalid Curve Attacks on TLS-ECDH; Tibor Jager, Jörg Schwenk, Juraj Somorovsky - ESORICS 2015 (PDF)
  • Not so Smart: On Smart TV Apps; Marcus Niemietz, Juraj Somorovsky, Christian Mainka, Jörg Schwenk - International Workshop on Secure Internet of Things (SIoT 2015, Vienna, Austria) (PDF)
  • How to Break XML Encryption - Automatically; Dennis Kupser, Christian Mainka, Jörg Schwenk, Juraj Somorovsky - In Proceedings of the 9th USENIX Workshop on Offensive Technologies (WOOT), 2015 (PDF)
  • Automatic Recognition, Processing and Attacking of Single Sign-On Protocols with Burp Suite; Christian Mainka, Vladislav Mladenov, Tim Guenther, Jörg Schwenk - Open Identity Summit 2015 (PDF)
  • Waiting for CSP — Securing Legacy Web Applications with JSAgents; Mario Heiderich, Marcus Niemietz, Jörg Schwenk - Waiting for CSP — Securing Legacy Web Applications with JSAgents, ESORICS 2015, 20th European Symposium on Research in Computer Security (Info)
  • Owning Your Home Network: Router Security Revisited; Marcus Niemietz, Jörg Schwenk - W2SP 2015: Web 2.0 Security & Privacy 2015 (San Jose, California) (PDF)
» Year 2014
  • Revisiting SSL/TLS Implementations: New Bleichenbacher Side Channels and Attacks; Christopher Meyer, Juraj Somorovsky, Jörg Schwenk, Eugen Weiss, Sebastian Schinzel, Erik Tews - USENIX Security 2014 (PDF)
  • Your Software at my Service; Vladislav Mladenov, Christian Mainka, Florian Feldmann, Julian Krautwald, Jörg Schwenk - ACM CCSW 2014 in conjunction with the ACM Conference on Computer and Communications Security (CCS) November 7, 2014, The Scottsdale Plaza Resort, Scottsdale, Arizona, USA. (PDF)
  • How Secure is TextSecure?; Tilman Frosch, Christian Mainka, Christoph Bader, Florian Bergsma, Jörg Schwenk, Thorsten Holz - Cryptology ePrint Archive, Report 2014/904, 31 Oct 2014 (PDF)
  • Guardians of the Clouds: When Identity Providers Fail; Andreas Mayer, Marcus Niemietz, Vladislav Mladenov, Jörg Schwenk - ACM CCSW 2014 in conjunction with the ACM Conference on Computer and Communications Security (CCS) November 7, 2014, The Scottsdale Plaza Resort, Scottsdale, Arizona, USA. (PDF)
  • Scriptless attacks: Stealing more pie without touching the sill; Mario Heiderich, Marcus Niemietz, Felix Schuster, Thorsten Holz, Jörg Schwenk - Journal of Computer Security, Volume 22, Number 4 / 2014, Web Application Security – Web @ 25 (Info)
» Year 2013
  • One Bad Apple: Backwards Compatibility Attacks on State-of-the-Art Cryptography; Tibor Jager, Kenneth G. Paterson, Juraj Somorovsky - In Proceedings of the Network and Distributed System Security Symposium (NDSS), 2013 (PDF)
  • On the Insecurity of XML Security; Juraj Somorovsky - PhD Thesis Supervisors: Jörg Schwenk, Kenneth G. Paterson (PDF)
  • A new Approach towards DoS Penetration Testing on Web Services; Andreas Falkenberg, Christian Mainka, Juraj Somorovsky, Jörg Schwenk - IEEE 20th International Conference on Web Services (IEEE ICWS 2013) (PDF)
  • Penetration Test Tool for XML-based Web Services; Christian Mainka, Vladislav Mladenov, Juraj Somorovsky, Jörg Schwenk - International Symposium on Engineering Secure Software and Systems 2013 (PDF)
  • A new approach for WS-Policy Intersection using Partial Ordered Sets; Abeer Elsafie, Christian Mainka, Jörg Schwenk - 5th Central European Workshop on Services and their Composition, ZEUS 2013 February 21-22, 2013, Rostock, Germany (PDF)
» Year 2012
  • UI Redressing Attacks on Android Devices; Marcus Niemietz, Jörg Schwenk - Black Hat Abu Dhabi 2012 (Info)
  • Scriptless Attacks – Stealing the Pie Without Touching the Sill; Mario Heiderich, Marcus Niemietz, Felix Schuster, Thorsten Holz, Jörg Schwenk - 19th ACM Conference on Computer and Communications Security (CCS), Raleigh, NC, October 2012 (PDF)
  • Penetration Testing Tool for Web Services Security; Christian Mainka, Juraj Somorovsky, Jörg Schwenk - In Proceeding of the IEEE 2012 Services Workshop on Security and Privacy Engineering (SPE2012) (PDF)
  • XSpRES: Robust and Effective XML Signatures for Web Services; Christian Mainka, Meiko Jensen, Lo Iacono, Luigi, Jörg Schwenk - In Proceedings of the 2nd International Conference on Cloud Computing and Services Science (CLO­SER), 2012 (PDF)
  • XSpRES: XML-Signaturen, aber sicher!; Christian Mainka, Junker, Holger, Lo Iacono, Luigi, Jörg Schwenk - DuD - Datenschutz und Datensicherheit Ausgabe 04/2012 (Info)
  • On Breaking SAML: Be Whoever You Want to Be; Juraj Somorovsky, Andreas Mayer, Jörg Schwenk, Marco Kampmann, Meiko Jensen - In Proceedings of the 21st USENIX Security Symposium, 2012 (PDF)
  • Technical Analysis of Countermeasures against Attack on XML Encryption - or - Just Another Motivation for Authenticated Encryption; Juraj Somorovsky, Jörg Schwenk - In Proceedings of the SERVICES Workshop on Security and Privacy Engineering, 2012 (PDF)
  • Bleichenbacher’s Attack Strikes Again: Breaking PKCS#1 v1.5 in XML Encryption; Tibor Jager, Sebastian Schinzel, Juraj Somorovsky - In Proceedings of the 17th European Symposium on Research in Computer Security (ESO­RICS), 2012, Full Version (PDF)
  • Sec2: Secure Mobile Solution for Distributed Public Cloud Storages; Juraj Somorovsky, Christopher Meyer, Thang Tran, Mohamad Sbeiti, Jörg Schwenk, Christian Wietfeld - In Proceedings of the 2nd International Conference on Cloud Computing and Services Science (CLO­SER), 2012 (PDF)
» Year 2011
  • On the E ffectiveness of XML Schema Validation for Countering XML Signature Wrapping Attacks; Meiko Jensen, Christopher Meyer, Juraj Somorovsky, Jörg Schwenk - In IWSSC 2011: First International Workshop on Securing Services on the Cloud, Sept. 2011 (PDF)
  • All Your Clouds are Belong to us – Security Analysis of Cloud Management Interfaces; Juraj Somorovsky, Mario Heiderich, Meiko Jensen, Jörg Schwenk, Nils Gruschka, Luigi Lo Iacono - In Proceedings of the ACM Cloud Computing Security Workshop (CCSW), 2011. (PDF)
  • How To Break XML Encryption; Tibor Jager, Juraj Somorovsky - In Proceedings of the 18th ACM Conference on Computer and Communications Security (CCS), 2011. (PDF)
  • Sec2 – Ein mobiles Nutzerkontrolliertes Sicherheitskonzept für Cloud-Storage; Christopher Meyer, Juraj Somorovsky, Jörg Schwenk, Benedikt Driessen, Thang Tran, Christian Wietfeld - In Proceedings of the DACH Security 2011, Oldenburg, Germany (PDF)
  • The Bug that made me President: A Browser- and WebSecurity Case Study on Helios Voting; Mario Heiderich, Tilman Frosch, Marcus Niemietz, Jörg Schwenk - International Conference on Evoting and Identity (VoteID), 2011, Tallinn, Estonia, September 2011 (Info)
  • The Power of Recognition: Secure Single Sign-On using TLS Channel Bindings; Jörg Schwenk, Florian Kohlar, Marcus Amon - In Proceedings of the Seventh ACM Workshop on Digital Identity Management (DIM) (October 21, 2011, Chicago, IL, USA. Collocated with ACM CCS 2011) Copyright 2011 ACM 978-1-4503-1006-2/11/10…$10.​00 (PDF)
» Year 2010
  • Streaming-Based Verification of XML Signatures in SOAP Messages; Juraj Somorovsky, Meiko Jensen, Jörg Schwenk - In Proceedings of the IEEE International Workshop on Web Service and Business Process Security (WSBPS), Miami, Florida, U.S.A., 2010 (Info)
  • Towards an Anonymous Access Control and Accountability Scheme for Cloud Computing; Jörg Schwenk, Sven Schäge, Meiko Jensen, - In Proceedings of the 3rd IEEE International Conference on Cloud Computing (IEEE CLOUD 2010), Miami, FL, USA. (Info)
  • A CDH-Based Ring Signature Scheme with Short Signatures and Public Keys; Jörg Schwenk, Sven Schäge, - Financial Cryptography Fourteenth International Conference, FC 2010, Tenerife, Spain, January 25-28, 2010. (Info)
  • Secure Bindings of SAML Assertions to TLS Sessions; Jörg Schwenk, Sebastian Gajek, Meiko Jensen, Florian Kohlar, - Proceedings of the Fifth International Conference on Availability, Reliability and Security (ARES), Krakow, Poland. (Info)
» Year 2009
  • Analysis of Signature Wrapping Attacks and Countermeasures; Jörg Schwenk, Sebastian Gajek, Lijun Liao, Meiko Jensen, - Proceedings of the 7th IEEE International Conference on Web Services (ICWS), Los Angeles, USA, 2009. (Info)
  • Extending the Similarity-Based XML Multicast Approach with Digital Signatures; Jörg Schwenk, Meiko Jensen, Antonia Azzini, Stefania Marrara - Proceedings of the ACM Workshop on Secure Web Services (SWS), Chicago, Illinois, U.S.A. (Info)
  • Group Key Agreement for Wireless Mesh Networks; Jörg Schwenk, Andreas Noack, - The 5th LCN Workshop on Security in Communications Networks (SICK 2009) Zürich, Switzerland; 20-23 October 2009 (Info)
  • On Technical Security Issues in Cloud Computing; Jörg Schwenk, Meiko Jensen, Nils Gruschka, Luigi Lo Iacono - Proceedings of the IEEE International Conference on Cloud Computing (CLOUD-II 2009), Bangalore, India (Info)
  • The Accountability Problem of Flooding Attacks in Service-Oriented Architectures; Jörg Schwenk, Meiko Jensen, - Proceedings of the IEEE International Conference on Availability, Reliability, and Security (ARES) (Info)
  • The Curse of Namespaces in the Domain of XML Signature; Jörg Schwenk, Lijun Liao, Meiko Jensen, - Proceedings of the ACM Workshop on Secure Web Services (SWS), Chicago, Illinois, U.S.A (Info)
» Year 2008
  • A novel solution for end-to-end integrity protection in signed PGP mail; Jörg Schwenk, Lijun Liao, - ICICS 2008, Birmingham, UK (Info)
  • Code Voting with Linkable Group Signatures; Jörg Schwenk, Sven Schäge, Jörg Helbach - 3rd International Conference, Coorganized by Council of Europe, Gesellschaft für Informatik and E-Voting.​CC, August 6th-9th, 2008 in Castle Hofen, Bregenz, Austria 2008. In LNI, 2008. (Info)
  • Modeling and Transformation of Security Requirements: An Approach for Serviceoriented Architectures; Jörg Schwenk, Meiko Jensen, Ralph Herkenhöner, Sven Feja, Hermann de Meer, Andreas Speck - Proceedings of the First Euro-NF Workshop on Future Internet Architecture: New Trends in Service & Networking Architectures, 21. November 2008, Paris, France (Info)
  • Provably Secure Browser-Based User-Aware Mutual Authentication over TLS; Jörg Schwenk, Ahmad-Reza Sadeghi, Sebastian Gajek, Mark Manulis, - Accepted for ASIACCS'08. (Info)
  • Securing Email Communication with XML Technology; Jörg Schwenk, Lijun Liao, Mark Manulis, - "Handbook of Research on Information Security and Assurance", to be published in August 2008 by Information Science Reference. (Info)
  • Stronger TLS Bindings for SAML Assertions and SAML Artifacts; Jörg Schwenk, Sebastian Gajek, Lijun Liao, - In Proceedings of the ACM CCS Workshop for Secure Web Services (ACM SWS'08), Virginia (USA), 2008. (Info)
  • TLS Federation - a Secure and Relying-Party-Friendly Approach for Federated Identity Management; Jörg Schwenk, - This paper describes a novel approach that integrates Federated IDM and SSL. (Info)
  • Universally Composable Security Analysis of TLS; Jörg Schwenk, Ahmad-Reza Sadeghi, Sebastian Gajek, Mark Manulis, Olivier Pereira - Accepted for the Second Conference on Provable Security (Prov­Sec), 2008. (PDF)
» Year 2007
  • Trusted User-Aware Web Authentication; Jörg Schwenk, Ahmad-Reza Sadeghi, Sebastian Gajek, Marcel Winandy, - Presented at the Workshop on Trustworthy User Interfaces for Passwords and Personal Information (TIPPI'07), Stanford, USA, June 22, 2007. (PDF)
  • Aktuelle Gefahren im Onlinebanking-Technische und Juristische Hintergründe.; Jörg Schwenk, Georg Borges, Sebastian Gajek, Christoph Wegener, Isabelle Biallaß, Julia Meyer, Dennis Werner - In Proceedings of the 10th German IT Security Congress, Federal Office for Information Security, Bonn (Germany), 2007. (Info)
  • Breaking and Fixing the Inline Approach.; Jörg Schwenk, Sebastian Gajek, Lijun Liao, - In Proceedings of the ACM CCS Workshop for Secure Web Services (ACM SWS'07), Alexandria (USA), 2007 . (Info)
  • Browser Models for Usable Authentication Protocols; Jörg Schwenk, Ahmad-Reza Sadeghi, Sebastian Gajek, Mark Manulis, - Presented at the Workshop on Web 2.0 Security and Privacy (W2SP 2007) held in conjunction with the IEEE Symposium on Security and Privacy, Oakland, California, May 24, 2007. (Info)
  • Browser Models for Usable Authentication Protocols.; Jörg Schwenk, Ahmad-Reza Sadeghi, Sebastian Gajek, Mark Manulis, - In Proceedings of the IEEE Security and Privacy Workshop on Web 2.0 Security and Privacy (W2SP'07), Oakland (USA), 2007. (Info)
  • Browser-based Authentication Protocols for Naive Users.; Jörg Schwenk, Ahmad-Reza Sadeghi, Sebastian Gajek, Mark Manulis, - accepted for presentation at the Western European Workshop on Research in Cryptology (WE­WoRC 2007), Bochum (Germany), 2007. (Info)
  • End-to-End Header Protection in S/MIME and PGP Mail.; Jörg Schwenk, Lijun Liao, - Postersession in the 10th German IT Security Congress, Federal Office for Information Security, Bonn (Germany), 2007. (Info)
  • End-to-End Header Protection in Signed S/MIME.; Jörg Schwenk, Lijun Liao, - In Proceedings of the 2nd International Symposium on Information Security (IS'07), Nov 26-27, 2007 in Vilamoura, Algarve, Portugal. (Info)
  • On Security Models and Compilers for Group Key Exchange Protocols.; Jörg Schwenk, Mark Manulis, Emmanuel Bresson - In Proceedings of the 2nd International Workshop on Security (IWSEC 2007), Nara (Japan), 2007. (Info)
  • Provably Secure Framework for Information Aggregation in Sensor Networks.; Jörg Schwenk, Mark Manulis, - In Proceedings of the International Conference on Computational Science and Its Applications (ICCSA 2007), Kuala Lumpur (Malaysia), 2007. (Info)
  • Secure Emails in XML Format Using Web Services.; Jörg Schwenk, Lijun Liao, - In Proceedings of the 5th IEEE European Conference on Web Services (ECOWS 07), November 26-28, 2007 in Halle (Saale), Germany. (Info)
  • Secure Internet Voting With Code Sheets.; Jörg Schwenk, Jörg Helbach - In Proceedings of the FIDIS First Conference on E-Voting and Identity. Bochum (Germany), 4-5 October 2007. (Info)
  • Securing Email Communication with XML Technology.; Jörg Schwenk, Lijun Liao, - The 2007 International Conference on Internet Computing (ICOMP 2007), 25-28 June 2007, Las Vegas, USA. (Info)
  • Signieren mit Chipkartensystemen in unsicheren Umgebungen - Homebanking mit Secure HBCI/FinTS; Jörg Schwenk, Sebastian Gajek, Lijun Liao, - In Datenschutz und Datensicherheit, Ausgabe 2007/11 (Info)
  • SSL-over-SOAP: Towards a Token-based Key Establishment Framework for Web Services.; Jörg Schwenk, Sebastian Gajek, Lijun Liao, - In Proceedings of the IEEE ECOWS Workshop on Emerging Web Services Technology (WEWST'07), Halle (Germany), 2007 (Info)
  • Towards a Formal Semantic of XML Signature.; Jörg Schwenk, Sebastian Gajek, Lijun Liao, - W3C Workshop Next Steps for XML Signature and XML Encryption, Mountain View (USA), 2007. (Info)
  • Trustworthy Signing with Smart Card System in Untrustworthy Environments.; Jörg Schwenk, Sebastian Gajek, Lijun Liao, - e-Smart conference and demos 2007, 19-21 September 2007, Sophia Antipolis, French Riviera. (Info)
  • Using Two-Steps Hash Function to Support Trustworthy Signing.; Jörg Schwenk, Sebastian Gajek, Lijun Liao, - Western European Workshop on Research in Cryptology (WEWoRC 2007), Bochum (Germany), 2007. (Info)
» Year 2006
  • A Case Study on Online-Banking Security.; Jörg Schwenk, Sebastian Gajek, Henrik te Heesen - International Conference on Emerging Trends in Information and Communication Security (ETRICS'06) Workshop on Security and Privacy in Future Business Services, Freiburg (Germany), 2006. (Info)
  • Linkable Democratic Group Signatures; Jörg Schwenk, Ahmad-Reza Sadeghi, Mark Manulis, - Accepted for 2nd Information Security Practice and Experience Conference (ISPEC 2006), 11.-14. April, Hangzhou, China. (PDF)
  • Reversed Responsibilities: Browser Authentication instead of Server Authentication.; Jörg Schwenk, Sebastian Gajek, - Workshop on Transparency and Usability of Web Authentication, New York (USA), 2006. (Info)
  • SSL-VA-Authentifizierung als Schutz vor Phishing und Pharming.; Jörg Schwenk, Sebastian Gajek, Christoph Wegener, - accepted for Sicherheit - Schutz und Zuverlässigkeit, February 20, 2006, Magdeburg, Germany. (Info)
» Year 2005
  • Fair DRM - Ermöglichen von Privatkopien und Schutz digitaler Waren; Jörg Schwenk, Ulrich Greveler, Andre Adelsbach, - accepted for 9. Deutscher IT-Sicherheitskongress des BSI, Mai 2005. (Info)
  • Identitätsmissbrauch im Onlinebanking; Jörg Schwenk, Sebastian Gajek, Christoph Wegener, - Datenschutz und Datensicherheit, Ausgabe 11, 2005. (Info)
  • Phishing - Die Täuschung des Benutzers zur Preisgabe geheimer Benutzerdaten; Jörg Schwenk, Sebastian Gajek, Andre Adelsbach, - 9. Deutscher IT-Sicherheitskongress des BSI, 2005. (Info)
  • Secure XMaiL or How to Get Rid of Legacy Code in Secure E-Mail Applications; Jörg Schwenk, Lijun Liao, Lars Ewers, Wolfgang Kubbilun - In CMS 2005: Proceedings of the 9th IFIP International Conference on Communications and Multimedia Security, Lecture Notes in Computer Science, volume 3677, pages 291-300, Springer, 2005. (Info)
  • Trustworthy Visualisation and Verification of Multiple XML-Signatures; Jörg Schwenk, Sebastian Gajek, Wolfgang Kubbilun - In CMS 2005: Proceedings of the 9th IFIP International Conference on Communications and Multimedia Security, Lecture Notes in Computer Science, volume 3677, pages 311-320, Springer, 2005. (Info)
  • Visual Spoofing of SSL Protected Web Sites and Effective Countermeasures; Jörg Schwenk, Sebastian Gajek, Andre Adelsbach, - First Information Security Practice and Experience Conference (ISPEC 2005), LNCS 3439. pp 204-217. Copyrights Springer-Verlag, Heidelberg Berlin. (Info)
» Year 2004
  • Key-Assignment Strategies for CPPM.; Jörg Schwenk, Andre Adelsbach, - ACM Multimedia and Security Workshop 2004, Magdeburg, Germany, pp. 107 - 115, © ACM, 2004. (Info)
  • Pseudonym Generation Scheme for Ad-Hoc Group Communication Based on IDH.; Jörg Schwenk, Mark Manulis, - In Proceedings of the 1st European Workshop on Security in Ad-Hoc and Sensor Networks (ESAS 2004), Lecture Notes in Computer Science, volume 3313, pages 107-124, Springer-Verlag, 2005. (Info)
» Year 2001
  • Customer Identification for MPEG Video based on Digital Fingerprinting.; Jörg Schwenk, Enrico Hauer, Jana Dittman, Eva Saar, Claus Vielhauer - Proc. IEEE Pacific-Rim Conference on Multimedia (PCM-2001). (Info)
  • Tree based Key Agreement for Multicast.; Jörg Schwenk, T. Martin, R. Schaffelhofer - Proc. Communications and Multimedia Security 2001, Mai 2001, Darmstadt. (Info)
» Year 2000
  • Conditional Access for Business TV.; Jörg Schwenk, - Fernseh- und Kino-Technik 6/2000. (Info)
» Year 1999
  • Combining digital watermarks and collusion secure fingerprints for digital images.; Jörg Schwenk, A. Behr, Jana Dittman, J. Ueberberg, P Schmitt, M. Stabenau - Proc. Electronic Imaging'99, San Jose, USA. (Info)
  • How to securely broadcast a secret.; Jörg Schwenk, - In: B. Preneel (Ed.): Proceedings Communications an Multimedia Security '99, Kluwer Academic Publishers, 1999. (Info)
» Year 1998
  • Public Key Encryption and Digital Signatures based on Permutation Polynomials.; Jörg Schwenk, Klaus Huber, - Electronics Letters, Vol 34 No. 8, 1998, 759-760. (Info)
» Year 1996
  • Establishing a Key Hierarchy for Conditional Access without Encryption.; Jörg Schwenk, - Proc. IFIP Communications and Multimedia Security 1996, Chapman & Hall, London. (Info)
  • Public Key Encryption and Signature Schemes Based on Polynomials over Zn.; Jörg Schwenk, J. Eisfeld - Proc. EUROCRYPT 96, Ed. Ueli Maurer, Springer LNCS 1070 (1996), 60-71. (Info)
» Year 1995
  • A Classification of Abelian Quasigroups; Jörg Schwenk, - Rendiconti di Matematica, Serie VII, Volume 15, Roma (1995), 161-172 (Info)


Sicherheit und Kryptographie im Internet

Books in German (5)

  • Identitätsdiebstahl und Identitätsmissbrauch im Internet, Rechtliche und technische Aspekte, Schwenk et al., Springer (Springer)
  • Daten- und Identitätsschutz in Cloud Computing, E-Government und E-Commerce, Schwenk et al., Springer (Springer)
  • Clickjacking und UI-Redressing – Vom Klick-Betrug zum Datenklau. Ein Leitfaden für Sicherheitsexperten und Webentwickler, Marcus Niemietz, dpunkt.verlag (dpunkt.verlag)
  • Sicherheit und Kryptographie im Internet: Von Sicherer E-Mail bis zu IP-Verschlüsselung, Jörg Schwenk, Springer (Springer)
  • Moderne Verfahren der Kryptographie: Von RSA zu Zero-Knowledge, Jörg Schwenk et al., Springer (Springer)


Studie BSI

Public Studies (2)

The following studies were created in collaboration with Rhode and Schwarz Cybersecurity and the German Federal Office for Information Security.
  • Sichere Implementierung einer allgemeinen Kryptobibliothek (PDF)
  • Quellcode-basierte Untersuchung von kryptographisch relevanten Aspekten der OpenSSL-Bibliothek, Bundesamtes für Sicherheit in der Informationstechnik (PDF)