Dr.-Ing. Juraj Somorovsky

  • Postdoc - Chair Network and Data Security

Address

Ruhr-Universität Bochum
Lehrstuhl für Netz- und Datensicherheit
Universitätsstraße 150
D-44801 Bochum

Room
ID 2/411
Phone:
(+49)(0)234 / 32 - 26740
Fax:
(+49)(0)234 / 32 - 14347
Email:
firstname.lastname@rub.de PGP key S/MIME key

Courses

Publications

2016
DROWN: Breaking TLS using SSLv2

Nimrod Aviram, Sebastian Schinzel, Juraj Somorovsky, Nadia Heninger, Maik Dankel, Jens Steube, Luke Valenta, David Adrian, J. Alex Halderman, Viktor Dukhovni, Emilia Käsper, Shaanan Cohney, Susanne Engels, Chris­tof Paar, Yuval Shavitt - USENIX Security 2016

Nonce-Disrespecting Adversaries: Practical Forgery Attacks on GCM in TLS

Hanno Böck, Aaron Zauner, Sean Devlin, Juraj Somorovsky, Philipp Jovanovic - WOOT 2016

2015
AdIDoS - Adaptive and Intelligent Fully-Automatic Detection of Denial-of-Service Weaknesses in Web Services

Christian Altmeier, Christian Mainka, Juraj Somorovsky, Jörg Schwenk - International Workshop on Quantitative Aspects of Security Assurance (QASA), Vienna, Austria, 2015

On the Security of TLS 1.3 and QUIC Against Weaknesses in PKCS#1 v1.5 Encryption

Tibor Jager, Jörg Schwenk, Juraj Somorovsky - ACM CCS 2015

Practical Invalid Curve Attacks on TLS-ECDH

Tibor Jager, Jörg Schwenk, Juraj Somorovsky - ESORICS 2015

Not so Smart: On Smart TV Apps

Marcus Niemietz, Juraj Somorovsky, Christian Mainka, Jörg Schwenk - International Workshop on Secure Internet of Things (SIoT 2015, Vienna, Austria)

How to Break XML Encryption - Automatically

Dennis Kupser, Christian Mainka, Jörg Schwenk, Juraj Somorovsky - In Proceedings of the 9th USENIX Workshop on Offensive Technologies (WOOT), 2015

2014
Revisiting SSL/TLS Implementations: New Bleichenbacher Side Channels and Attacks

Christopher Meyer, Juraj Somorovsky, Jörg Schwenk, Eugen Weiss, Sebastian Schinzel, Erik Tews - USENIX Security 2014

2013
One Bad Apple: Backwards Compatibility Attacks on State-of-the-Art Cryptography

Tibor Jager, Kenneth G. Paterson, Juraj Somorovsky - In Proceedings of the Network and Distributed System Security Symposium (NDSS), 2013

On the Insecurity of XML Security

Juraj Somorovsky - PhD Thesis Supervisors: Jörg Schwenk, Kenneth G. Paterson

A new Approach towards DoS Penetration Testing on Web Services

Andreas Falkenberg, Christian Mainka, Juraj Somorovsky, Jörg Schwenk - IEEE 20th International Conference on Web Services (IEEE ICWS 2013)

Penetration Test Tool for XML-based Web Services

Christian Mainka, Vladislav Mladenov, Juraj Somorovsky, Jörg Schwenk - International Symposium on Engineering Secure Software and Systems 2013

2012
On Breaking SAML: Be Whoever You Want to Be

Juraj Somorovsky, Andreas Mayer, Jörg Schwenk, Marco Kampmann, Meiko Jensen - In Proceedings of the 21st USENIX Security Symposium, 2012

Penetration Testing Tool for Web Services Security

Christian Mainka, Juraj Somorovsky, Jörg Schwenk - In Proceeding of the IEEE 2012 Services Workshop on Security and Privacy Engineering (SPE2012)

Technical Analysis of Countermeasures against Attack on XML Encryption - or - Just Another Motivation for Authenticated Encryption

Juraj Somorovsky, Jörg Schwenk - In Proceedings of the SERVICES Workshop on Security and Privacy Engineering, 2012

Bleichenbacher’s Attack Strikes Again: Breaking PKCS#1 v1.5 in XML Encryption

Tibor Jager, Sebastian Schinzel, Juraj Somorovsky - In Proceedings of the 17th European Symposium on Research in Computer Security (ESORICS), 2012, Full Version

Sec2: Secure Mobile Solution for Distributed Public Cloud Storages

Juraj Somorovsky, Christopher Meyer, Thang Tran, Mohamad Sbeiti, Jörg Schwenk, Christian Wietfeld - In Proceedings of the 2nd International Conference on Cloud Computing and Services Science (CLOSER), 2012

2011
On the E ffectiveness of XML Schema Validation for Countering XML Signature Wrapping Attacks

Meiko Jensen, Christopher Meyer, Juraj Somorovsky, Jörg Schwenk - In IWSSC 2011: First International Workshop on Securing Services on the Cloud, Sept. 2011

All Your Clouds are Belong to us – Security Analysis of Cloud Management Interfaces

Juraj Somorovsky, Mario Heiderich, Meiko Jensen, Jörg Schwenk, Nils Gruschka, Luigi Lo Iacono - In Proceedings of the ACM Cloud Computing Security Workshop (CCSW), 2011.

How To Break XML Encryption

Tibor Jager, Juraj Somorovsky - In Proceedings of the 18th ACM Con­fe­rence on Com­pu­ter and Com­mu­ni­ca­ti­ons Se­cu­ri­ty (CCS), 2011.

Sec2 – Ein mobiles Nutzer-kontrolliertes Sicherheitskonzept für Cloud-Storage

Christopher Meyer, Juraj Somorovsky, Jörg Schwenk, Benedikt Driessen, Thang Tran, Christian Wietfeld - In Proceedings of the DACH Security 2011, Oldenburg, Germany

2010
Strea­ming-Ba­sed Ve­ri­fi­ca­ti­on of XML Si­gna­tu­res in SOAP Mes­sa­ges

Juraj Somorovsky, Meiko Jensen, Jörg Schwenk - In Pro­cee­dings of the IEEE In­ter­na­tio­nal Work­shop on Web Ser­vice and Busi­ness Pro­cess Se­cu­ri­ty (WSBPS), Miami, Flo­ri­da, U.S.A., 2010.