Jörg Schwenk
Institution: Ruhr-Universität Bochum / CASA
Research Hub(s):
Hub A: Kryptographie der Zukunft
Hub C: Sichere Systeme
E-Mail: Joerg.Schwenk@rub.de
Adresse: ID 2/469
Website: https://informatik.rub.de/schwenk/
Twitter: @JoergSchwenk
Publikationen:
Terrapin Attack: Breaking SSH Channel Integrity by Sequence Number Manipulation DISTINCT: Identity Theft using In-Browser Communications in Dual-Window Single Sign-On Every Signature is Broken: On the Insecurity of Microsoft Office’s OOXML Signatures Johnny, you are fired! – Spoofing OpenPGP and S/MIME Signatures in Emails Processing Dangerous Paths - On Security and Privacy of the Portable Document Form Isolated and Exhausted: Attacking Operating Systems via Site Isolation in the Browser With Great Power Come Great Side Channels: Statistical Timing Side-Channel Analyses with Bounded Type-1 Errors Finding All Cross-Site Needles in the DOM Stack: A Comprehensive Methodology for the Automatic XS-Leak Detection in Web Browsers We Really Need to Talk About Session Tickets: A Large-Scale Analysis of Cryptographic Dangers with TLS Session Tickets Exploring the Unknown DTLS Universe: Analysis of the DTLS Server Ecosystem on the Internet TLS-Anvil: Adapting Combinatorial Testing for TLS Libraries Breaking the Specification: PDF Certification Privacy-Preserving Authenticated Key Exchange and the Case of IKEv2 Flexible Authenticated and Confidential Channel Establishment (fACCE): Analyzing the Noise Protocol Framework T0RTT: Non-Interactive Immediate Forward - Secret Single-Pass Circuit Construction Practical Decryption exFiltration: Breaking PDF Encryption Re: What's up Johnny? – Covert Content Attacks on Email End-to-End Encryption 1 Trillion Dollar Refund– How To Spoof PDF Signatures Powerless Security – A Security Analysis of in-Home Power Line Communications based on HomePlug AV2 Raccoon Attack: Finding and Exploiting Most-Significant-Bit-Oracles in TLS-DH(E) Oops... Code Execution and Content Spoofing: The First Comprehensive Analysis of OpenDocument Signatures XSinator.com: From a Formal Model to the Automatic Evaluation of Cross-Site Leaks in Web Browsers ALPACA: Application Layer Protocol Confusion - Analyzing and Mitigating Cracks in TLS Authentication Mitigation of Attacks on Email End-to-End Encryption