Jörg Schwenk

Jörg Schwenk

Institution: Ruhr-Universität Bochum / CASA

Research Hub(s):

Hub A: Future Cryptography
Hub C: Secure Systems


Adress: ID 2/469


With Great Power Come Great Side Channels: Statistical Timing Side-Channel Analyses with Bounded Type-1 Errors Every Signature is Broken: On the Insecurity of Microsoft Office’s OOXML Signatures Johnny, you are fired! – Spoofing OpenPGP and S/MIME Signatures in Emails Processing Dangerous Paths - On Security and Privacy of the Portable Document Form Breaking the Specification: PDF Certification DISTINCT: Identity Theft using In-Browser Communications in Dual-Window Single Sign-On Finding All Cross-Site Needles in the DOM Stack: A Comprehensive Methodology for the Automatic XS-Leak Detection in Web Browsers We Really Need to Talk About Session Tickets: A Large-Scale Analysis of Cryptographic Dangers with TLS Session Tickets Exploring the Unknown DTLS Universe: Analysis of the DTLS Server Ecosystem on the Internet TLS-Anvil: Adapting Combinatorial Testing for TLS Libraries Isolated and Exhausted: Attacking Operating Systems via Site Isolation in the Browser Oops... Code Execution and Content Spoofing: The First Comprehensive Analysis of OpenDocument Signatures From a Formal Model to the Automatic Evaluation of Cross-Site Leaks in Web Browsers 1 Trillion Dollar Refund– How To Spoof PDF Signatures Re: What's up Johnny? – Covert Content Attacks on Email End-to-End Encryption Practical Decryption exFiltration: Breaking PDF Encryption T0RTT: Non-Interactive Immediate Forward - Secret Single-Pass Circuit Construction Flexible Authenticated and Confidential Channel Establishment (fACCE): Analyzing the Noise Protocol Framework Privacy-Preserving Authenticated Key Exchange and the Case of IKEv2 Powerless Security – A Security Analysis of in-Home Power Line Communications based on HomePlug AV2 Raccoon Attack: Finding and Exploiting Most-Significant-Bit-Oracles in TLS-DH(E) Mitigation of Attacks on Email End-to-End Encryption ALPACA: Application Layer Protocol Confusion - Analyzing and Mitigating Cracks in TLS Authentication