Hackmanit Logo


Wissenschaftliche Veröffentlichungen

  • Efail: Breaking S/MIME and OpenPGP Email Encryption using Exfiltration Channels. USENIX Security 2018 (DL)
  • More is Less: On the End-to-End Security of Group Chats in Signal, WhatsApp, and Threema (DL)
  • Same-Origin Policy: Evaluation in Modern Browsers. USENIX Security 2017 (DL)
  • Do not trust me: Using malicious IdPs for analyzing and attacking Single Sign-On. EuroS&P 2016 (DL)
  • How Secure is TextSecure?. EuroS&P 2016
  • How to Break XML Encryption - Automatically. WOOT 2015 (DL)
  • Automatic Recognition, Processing and Attacking of Single Sign-On Protocols with Burp Suite. Open Identity Summit 2015 (DL)
  • AdIDoS - Adaptive and Intelligent Fully-Automatic Detection of Denial-of-Service Weaknesses in Web Services. QASA 2015 (DL)
  • Practical Invalid Curve Attacks on TLS-ECDH. ESORICS 2015 (DL)
  • Not so Smart: On Smart TV Apps. SIoT 2015. (DL)
  • Owning Your Home Network: Router Security Revisited, W2SP 2015 (DL)
  • Guardians of the Clouds. CCSW 2014: The ACM Cloud Computing Security Workshop
  • Revisiting SSL/TLS Implementations: New Bleichenbacher Side Channels and Attacks. USENIX 2014
  • Scriptless attacks: Stealing more pie without touching the sill. Journal of Computer Security 2014 (DL)
  • On the Insecurity of XML Security. Dissertation. Juraj Somorovsky, 2013 (DL)
  • A new Approach towards DoS Penetration Testing on Web Services. ICWS 2013 (DL)
  • One Bad Apple: Backwards Compatibility Attacks on State-of-the-Art Cryptography. NDSS 2013 (DL)
  • Bleichenbacher’s Attack Strikes Again: Breaking PKCS#1 v1.5 in XML Encryption. ESORICS 2012 (DL)
  • On Breaking SAML: Be Whoever You Want to Be. USENIX 2012 (DL)
  • Penetration Testing Tool for Web Services Security. SERVICES Workshop 2012 (DL)
  • Technical Analysis of Countermeasures against Attack on XML Encryption - or - Just Another Motivation for Authenticated Encryption. SERVICES Workshop 2012 (DL)
  • UI Re­dressing Attacks on Android Devices. Black Hat Abu Dhabi 2012 (DL)
  • Scriptless Attacks – Stealing the Pie Without Touching the Sill. ACM CCS 2012 (DL)
  • The Bug that made me Pre­si­dent: A Browser and Web-Security Case Study on Helios Voting. VoteID 2011 (Amazon)
  • All Your Clouds are Belong to us - Security Analysis of Cloud Management Interfaces. CCSW 2011 (DL)
  • How to Break XML Encryption. CCS 2011 (DL)

Sicherheit und Kryptographie im Internet


Studie BSI

Öffentliche Studien