Jörg Schwenk

Publikationen:

Oops... Code Execution and Content Spoofing: The First Comprehensive Analysis of OpenDocument Signatures Johnny, you are fired! – Spoofing OpenPGP and S/MIME Signatures in Emails Breaking the Specification: PDF Certification Processing Dangerous Paths - On Security and Privacy of the Portable Document Form Every Signature is Broken: On the Insecurity of Microsoft Office’s OOXML Signatures DISTINCT: Identity Theft using In-Browser Communications in Dual-Window Single Sign-On Isolated and Exhausted: Attacking Operating Systems via Site Isolation in the Browser TLS-Anvil: Adapting Combinatorial Testing for TLS Libraries Privacy-Preserving Authenticated Key Exchange and the Case of IKEv2 1 Trillion Dollar Refund– How To Spoof PDF Signatures Re: What's up Johnny? – Covert Content Attacks on Email End-to-End Encryption Practical Decryption exFiltration: Breaking PDF Encryption T0RTT: Non-Interactive Immediate Forward - Secret Single-Pass Circuit Construction Flexible Authenticated and Confidential Channel Establishment (fACCE): Analyzing the Noise Protocol Framework Powerless Security – A Security Analysis of in-Home Power Line Communications based on HomePlug AV2 Raccoon Attack: Finding and Exploiting Most-Significant-Bit-Oracles in TLS-DH(E) Mitigation of Attacks on Email End-to-End Encryption ALPACA: Application Layer Protocol Confusion - Analyzing and Mitigating Cracks in TLS Authentication XSinator.com: From a Formal Model to the Automatic Evaluation of Cross-Site Leaks in Web Browsers