Veröffentlichungen

Out of the Dark: UI Redressing and Trustworthy Events

2017 - Marcus Niemietz, Jörg Schwenk

16th International Conference on Cryptology And Network Security (CANS 2017) [Conference] [PDF]

On The (In-)Security Of JavaScript Object Signing And Encryption

2017 - Dennis Detering, Juraj Somorovsky, Christian Mainka, Vladislav Mladenov, Jörg Schwenk

ROOTS, November 16–17, 2017, Vienna, Austria [PDF]

Same-Origin Policy: Evaluation in Modern Browsers

2017 - Jörg Schwenk, Marcus Niemietz, Christian Mainka

26th USENIX Security Symposium (USENIX Security 17) [PDF]

Breaking and Fixing Gridcoin

2017 - Martin Grothe, Tobias Niemann, Juraj Somorovsky, Jörg Schwenk

11th USENIX Workshop on Offensive Technologies (WOOT '17) [Link] [pdf]

Simple Security Definitions for and Constructions of 0-RTT Key Exchange

2017 - Britta Hale, Tibor Jager, Sebastian Lauer, Jörg Schwenk

15th International Conference on Applied Cryptography and Network Security - ACNS 2017 [ePrint]

SECRET: On the Feasibility of a Secure, Efficient, and Collaborative Real-Time Web Editor

2017 - Dennis Felsch, Christian Mainka, Vladislav Mladenov, Jörg Schwenk

ACM Asia Conference on Computer and Communications Security (ASIACCS) 2017 [GitHub-Project] [Paper] [Slides]

SoK: Exploiting Network Printers

2017 - Jens Müller, Vladislav Mladenov, Juraj Somorovsky, Jörg Schwenk

38th IEEE Symposium on Security and Privacy (S&P 2017) [html] [html] [pdf]

SoK: Single Sign-On Security – An Evaluation of OpenID Connect

2017 - Christian Mainka, Vladislav Mladenov, Tobias Wich, Jörg Schwenk

IEEE Eu­ropean Sym­po­si­um on Se­cu­ri­ty and Pri­va­cy (EuroS&P 2017) [pdf]

0-RTT Key Exchange with Full Forward Secrecy

2017 - Felix Günther, Britta Hale, Tibor Jager, Sebastian Lauer

36th International Conference on the Theory and Applications of Cryptographic Techniques (Eurocrypt 2017)

Breaking PPTP VPNs via RADIUS Encryption

2016 - Matthias Horst, Martin Grothe, Tibor Jager, Jörg Schwenk

15th International Conference on Cryptology and Network Security (CANS) [http] [pdf]

Evaluating Two Methods for WS-(Security) Policy Negotiation and Decision Making

2016 - Abeer El­sa­fie, Jörg Schwenk

Cloud and Trusted Computing (C&TC 2016), part of: The 15th OnTheMove to Meaningful Internet Systems: (OTM 2016) Conferences, 24-28 Oct 2016, Rhodes, Greece. [Paper]

DROWN: Breaking TLS using SSLv2

2016 - Nimrod Aviram, Sebastian Schinzel, Juraj Somorovsky, Nadia Heninger, Maik Dankel, Jens Steube, Luke Valenta, David Adrian, J. Alex Halderman, Viktor Dukhovni, Emilia Käsper, Shaanan Cohney, Susanne Engels, Chris­tof Paar, Yuval Shavitt

USENIX Security 2016 [Website and paper] [Pwnie Awards] [Facebook Prize]

Nonce-Disrespecting Adversaries: Practical Forgery Attacks on GCM in TLS

2016 - Hanno Böck, Aaron Zauner, Sean Devlin, Juraj Somorovsky, Philipp Jovanovic

WOOT 2016 [Blackhat stuff] [paper]

SoK: XML Parser Vulnerabilities

2016 - Christopher Späth, Christian Mainka, Vladislav Mladenov, Jörg Schwenk

10th USENIX Workshop on Offensive Technologies (WOOT '16) [Paper PDF]

How to Break Microsoft Rights Management Services

2016 - Martin Grothe, Christian Mainka, Paul Rösler, Jörg Schwenk

10th USENIX Workshop on Offensive Technologies (WOOT '16) [Paper PDF]

Your Cloud in my Company: Modern Rights Management Services Revisited

2016 - Martin Grothe, Paul Rösler, Johanna Jupke, Jan Kaiser, Christian Mainka, Jörg Schwenk

11th International Conference on Availability, Reliability and Security (ARES 2016) [pdf]

Do not trust me: Using malicious IdPs for analyzing and attacking Single Sign-On

2016 - Christian Mainka, Vladislav Mladenov, Jörg Schwenk

IEEE Eu­ropean Sym­po­si­um on Se­cu­ri­ty and Pri­va­cy (EuroS&P 2016) [Paper PDF]

How Secure is TextSecure?

2016 - Tilman Frosch, Christian Mainka, Christoph Bader, Florian Bergsma, Jörg Schwenk, Thorsten Holz

IEEE European Symposium on Security and Privacy (EuroS&P 2016) [PDF]

Attacks on OpenID Connect

2016 - Vladislav Mladenov, Christian Mainka

[pdf]

Automatic Recognition, Processing and Attacking of Single Sign-On Protocols with Burp Suite

2015 - Christian Mainka, Vladislav Mladenov, Tim Guenther, Jörg Schwenk

Open Identity Summit 2015 [Paper PDF]

How Private is Your Private Cloud?: Security Analysis of Cloud Control Interfaces

2015 - Dennis Felsch, Mario Heiderich, Frederic Schulz, Jörg Schwenk

ACM CCSW 2015 in conjunction with the ACM Conference on Computer and Communications Security (CCS) October 16, 2015, The Denver Marriot City Center, Denver, Colorado, USA. [paper]

On Locational Privacy in the Absence of Anonymous Payments

2015 - Tilman Frosch, Sven Schäge, Martin Goll, Thorsten Holz

Gutwirth, S., Leenes R., P. De Hert and Y. Poullet, Data protection on the Move. Current Developments in ICT and Privacy/Data Protection. Springer (forthcoming, 2015), Dordrecht. [pdf]

Sicherheitsanalyse der Private Cloud Interfaces von openQRM

2015 - Frederic Schulz, Dennis Felsch, Jörg Schwenk

In Proceedings of the DACH Security 2015, Bonn, Germany [Paper]

AdIDoS - Adaptive and Intelligent Fully-Automatic Detection of Denial-of-Service Weaknesses in Web Services

2015 - Christian Altmeier, Christian Mainka, Juraj Somorovsky, Jörg Schwenk

International Workshop on Quantitative Aspects of Security Assurance (QASA), Vienna, Austria, 2015 [Paper PDF]

On the Security of TLS 1.3 and QUIC Against Weaknesses in PKCS#1 v1.5 Encryption

2015 - Tibor Jager, Jörg Schwenk, Juraj Somorovsky

ACM CCS 2015 [pdf]

Practical Invalid Curve Attacks on TLS-ECDH

2015 - Tibor Jager, Jörg Schwenk, Juraj Somorovsky

ESORICS 2015 [pdf]

Not so Smart: On Smart TV Apps

2015 - Marcus Niemietz, Juraj Somorovsky, Christian Mainka, Jörg Schwenk

International Workshop on Secure Internet of Things (SIoT 2015, Vienna, Austria) [pdf]

Waiting for CSP — Securing Legacy Web Applications with JSAgents

2015 - Mario Heiderich, Marcus Niemietz, Jörg Schwenk

Waiting for CSP — Securing Legacy Web Applications with JSAgents, ESORICS 2015, 20th European Symposium on Research in Computer Security [ESORICS 2015] [PDF file]

How to Break XML Encryption - Automatically

2015 - Dennis Kupser, Christian Mainka, Jörg Schwenk, Juraj Somorovsky

In Proceedings of the 9th USENIX Workshop on Offensive Technologies (WOOT), 2015 [pdf]

Semi-Automated Fuzzy MCDM and Lattice Solutions for WS-Policy Intersection

2015 - Abeer El­sa­fie, Jörg Schwenk

IEEE 5th International Workshop on Security and Privacy Engineering SPE2015, within IEEE SERVICES 2015 June 27 and July 2, 2015, New York, NY, USA

Owning Your Home Network: Router Security Revisited

2015 - Marcus Niemietz, Jörg Schwenk

W2SP 2015: Web 2.0 Security & Privacy 2015 (San Jose, California) [Workshop] [PDF]

Tightly Secure Authenticated Key Exchange

2015 - Christoph Bader, Dennis Hofheinz, Tibor Jager, Eike Kiltz, Yong Li

TCC 2015 [paper]

On the Selective Opening Security of Practical Public-Key Encryption Schemes

2015 - Felix Heuer, Tibor Jager, Eike Kiltz, Sven Schäge

PKC 2015

Your Software at my Service

2014 - Vladislav Mladenov, Christian Mainka, Florian Feldmann, Julian Krautwald, Jörg Schwenk

ACM CCSW 2014 in conjunction with the ACM Conference on Computer and Communications Security (CCS) November 7, 2014, The Scottsdale Plaza Resort, Scottsdale, Arizona, USA. [paper]

Multi-Ciphersuite Security of the Secure Shell (SSH) Protocol

2014 - Florian Bergsma, Benjamin Dowling, Florian Kohlar, Jörg Schwenk, Douglas Stebila

ACM Conference on Computer and Communications Security - Best Student Paper Award - [Webseite]

Code Reuse Attacks in PHP: Automated POP Chain Generation

2014 - Johannes Dahse, Nikolai Krein, Thorsten Holz

21st ACM Conference on Computer and Communications Security (CCS), Scottsdale, Arizona, USA, November 2014 - ** Best Student Paper Award ** [PDF]

How Secure is TextSecure?

2014 - Tilman Frosch, Christian Mainka, Christoph Bader, Florian Bergsma, Jörg Schwenk, Thorsten Holz

Cryptology ePrint Archive, Report 2014/904, 31 Oct 2014 [pdf]

On the Security of Holder-of-Key Single Sign-On

2014 - Andreas Mayer, Vladislav Mladenov, Jörg Schwenk

Sicherheit 2014: Sicherheit, Schutz und Zuverlässigkeit, Beiträge der 7. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft für Informatik e.V. (GI), 19.-21. März 2014, Wien, Österreich [pdf]

Strengthening Web Authentication through TLS - Beyond TLS Client Certificates

2014 - Vladislav Mladenov, Florian Feldmann, Christopher Meyer, Andreas Mayer, Jörg Schwenk

Open Iden­ti­ty Sum­mit 2014 Sep­tem­ber 4th - 6th 2014, Frauenhofer IZS, Stuttgart, Ger­ma­ny, http://?openidentity.?eu

Guardians of the Clouds: When Identity Providers Fail

2014 - Andreas Mayer, Marcus Niemietz, Vladislav Mladenov, Jörg Schwenk

ACM CCSW 2014 in conjunction with the ACM Conference on Computer and Communications Security (CCS) November 7, 2014, The Scottsdale Plaza Resort, Scottsdale, Arizona, USA. [paper]

Efficient Signatures with Tight Real World Security in the Random-Oracle Model

2014 - Christoph Bader

In Proceedings of the 13th International Conference, CANS 2014 [paper]

Revisiting SSL/TLS Implementations: New Bleichenbacher Side Channels and Attacks

2014 - Christopher Meyer, Juraj Somorovsky, Jörg Schwenk, Eugen Weiss, Sebastian Schinzel, Erik Tews

USENIX Security 2014 [Slides] [pdf]

Scriptless Timing Attacks on Web Browser Privacy

2014 - Bin Liang, Wei You, Liangkun Liu, Wenchang Shi, Mario Heiderich

2014 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks [PDF]

New Modular Compilers for Authenticated Key Exchange

2014 - Yong Li, Sven Schäge, Zheng Yang, Christoph Bader, Jörg Schwenk

In Proceedings the 12th International Conference, ACNS 2014 [Paper]

Scriptless attacks: Stealing more pie without touching the sill

2014 - Mario Heiderich, Marcus Niemietz, Felix Schuster, Thorsten Holz, Jörg Schwenk

Journal of Computer Security, Volume 22, Number 4 / 2014, Web Application Security – Web @ 25 [URL]

On the Security of the Pre-Shared Key Ciphersuites of TLS

2014 - Yong Li, Sven Schäge, Zheng Yang, Florian Kohlar, Jörg Schwenk

In Proceedings of the 17th International Conference on Practice and Theory in Public-Key Cryptography (PKC), 2014 [Paper]

Secure Fallback Authentication and the Trusted Friend Attack

2014 - Ashar Javed, David Bletgen, Florian Kohlar, Markus Dürmuth, Jörg Schwenk

Proceedings International Conference on Distributed Computing Systems Workshops (ICDCS Workshops), 2014.

One Bad Apple: Backwards Compatibility Attacks on State-of-the-Art Cryptography

2013 - Tibor Jager, Kenneth G. Paterson, Juraj Somorovsky

In Proceedings of the Network and Distributed System Security Symposium (NDSS), 2013 [CryptoChallenge] [paper]

Strongly Secure One-round Group Authenticated Key Exchange in the Standard Model

2013 - Yong Li, Zheng Yang

In Proceedings of the 12th International Conference, CANS 2013 [Paper]

mXSS Attacks: Attacking well-secured Web-Applications by using innerHTML Mutations

2013 - Mario Heiderich, Jörg Schwenk, Tilman Frosch, Jonas Magazinius, Edward Z. Yang

20th ACM Conference on Computer and Communications Security (CCS), Berlin, Germany, November 2013 [PDF]

On the security of TLS renegotiation

2013 - Florian Bergsma, Florian Kohlar, Douglas Stebila

ACM Conference on Computer and Communications Security

Options for Integrating eID and SAML

2013 - Hühnlein, Detlef, Jörg Schwenk, Wich, Tobias, Vladislav Mladenov, Florian Feldmann, Andreas Mayer, Schmölz, Johannes, Bruegger, Bud P., Horsch, Moritz

CCS 2013 Post-Conference Workshop, Digital Identity Management (DIM)

Sicherer Schlüssel- und Informationsaustausch mit SAML

2013 - Dennis Felsch, Thorsten Schreiber, Christopher Meyer, Florian Feldmann, Jörg Schwenk

In Proceedings of the DACH Security 2013, Nürnberg, Germany [Paper]

How to authenticate mobile devices in a web environment - The SIM-ID approach

2013 - Florian Feldmann, Jörg Schwenk

Open Identity Summit 2013 September 9th - 11th 2013, Kloster Banz, Germany http://openidentity.eu [Paper] [Presentation]

On the Insecurity of XML Security

2013 - Juraj Somorovsky

PhD Thesis Supervisors: Jörg Schwenk, Kenneth G. Paterson [pdf]

A Footprint of Third-Party Tracking on Mobile Web

2013 - Ashar Javed

[POSTER] In 20th ACM Conference on Computer and Communications Security (ACM CCS), November 4-8, 2013 Berlin, Germany [poster]

SoK: Lessons Learned From SSL/TLS Attacks

2013 - Christopher Meyer, Jörg Schwenk

In Proceedings of "The 14th International Workshop on Information Security Applications (WISA2013)" [Paper] [Slides]

Towards Elimination of Cross-Site Scripting on Mobile Versions of Web Applications

2013 - Ashar Javed, Jörg Schwenk

In Pro­cee­dings of The 14th International Workshop on Information Security Applications (WISA2013), August 19-21 (2013), Jeju Island, Korea [paper]

A new Approach towards DoS Penetration Testing on Web Services

2013 - Andreas Falkenberg, Christian Mainka, Juraj Somorovsky, Jörg Schwenk

IEEE 20th International Conference on Web Services (IEEE ICWS 2013) [PDF]

Secure Bindings for Browser-based Single Sign-On

2013 - Andreas Mayer, Florian Kohlar, Lijun Liao, Jörg Schwenk

In 13. Deutscher IT-Sicherheitskongress des BSI: Informationssicherheit stärken --- Vertrauen in die Zukunft schaffen, Seiten 375--390, SecuMedia Verlag

Practical Signatures From Standard Assumptions

2013 - Florian Böhl, Dennis Hofheinz, Tibor Jager, Jessica Koch, Jae Hong Seo, Christoph Striecks

Eurocrypt 2013 [pdf] [link]

Penetration Test Tool for XML-based Web Services

2013 - Christian Mainka, Vladislav Mladenov, Juraj Somorovsky, Jörg Schwenk

International Symposium on Engineering Secure Software and Systems 2013 [PDF]

Randomly Failed! The State of Randomness in Current Java Implementations

2013 - Kai Michaelis, Christopher Meyer, Jörg Schwenk

Cryptography track at RSA Conference 2013 (CT-RSA 2013) [Paper] [Slides]

A new approach for WS-Policy Intersection using Partial Ordered Sets

2013 - Abeer El­sa­fie, Christian Mainka, Jörg Schwenk

5th Central European Workshop on Services and their Composition, ZEUS 2013 February 21-22, 2013, Rostock, Germany [PDF]

Tightly secure signatures and public-key encryption

2012 - Dennis Hofheinz, Tibor Jager

CRYPTO 2012 [Full Version]

Waters signatures with optimal security reduction

2012 - Dennis Hofheinz, Tibor Jager, Edward Knapp

PKC 2012 [Full Version]

Down to the Bare Metal: Using Processor Features for Binary Analysis

2012 - Carsten Willems, Ralf Hund, Amit Vasudevan, Andreas Fobian, Dennis Felsch, Thorsten Holz

Annual Computer Security Applications Conference (ACSAC), Orlando, FL, December 2012 [pdf]

UI Redressing Attacks on Android Devices

2012 - Marcus Niemietz, Jörg Schwenk

Black Hat Abu Dhabi 2012

Sometimes it's better to be STUCK! - SAML Transportation Unit for Cryptographic Keys

2012 - Christopher Meyer, Florian Feldmann, Jörg Schwenk

15th Annual International Conference on Information Security and Cryptology, ICISC 2012 [Slides] [Paper]

SS-FP: Browser Fingerprinting using HTML Parser Quirks

2012 - Erwan Abgrall, Yves Le Traon, Martin Monperrus, Sylvain Gombault, Mario Heiderich, Alain Ribault

[Cornell University]

Scriptless Attacks – Stealing the Pie Without Touching the Sill

2012 - Mario Heiderich, Marcus Niemietz, Felix Schuster, Thorsten Holz, Jörg Schwenk

19th ACM Conference on Computer and Communications Security (CCS), Raleigh, NC, October 2012 [PDF]

On the Security of TLS-DHE in the Standard Model

2012 - Tibor Jager, Florian Kohlar, Sven Schäge, Jörg Schwenk

In Advances in Cryptology – CRYPTO 2012, Lecture Notes in Computer Science, 2012, Volume 7417/2012, 273-293, DOI: 10.1007/978-3-642-32009-5_17 [Full_Version]

On the Fragility and Limitations of Current Browser-provided Clickjacking Protection Schemes

2012 - Sebastian Lekies, Mario Heiderich, Dennis Appelt, Thorsten Holz, Martin Johns

6th USENIX Workshop on Offensive Technologies (WOOT), Bellevue, WA, August 2012 [PDF]

Multimedia Content Identification Through Smart Meter Power Usage Profiles

2012 - Ulrich Greveler, Dennis Löhr, Benjamin Justus

[Paper]

On Breaking SAML: Be Whoever You Want to Be

2012 - Juraj Somorovsky, Andreas Mayer, Jörg Schwenk, Marco Kampmann, Meiko Jensen

In Proceedings of the 21st USENIX Security Symposium, 2012 [pdf]

Penetration Testing Tool for Web Services Security

2012 - Christian Mainka, Juraj Somorovsky, Jörg Schwenk

In Proceeding of the IEEE 2012 Services Workshop on Security and Privacy Engineering (SPE2012) [pdf]

Technical Analysis of Countermeasures against Attack on XML Encryption - or - Just Another Motivation for Authenticated Encryption

2012 - Juraj Somorovsky, Jörg Schwenk

In Proceedings of the SERVICES Workshop on Security and Privacy Engineering, 2012 [pdf]

Bleichenbacher’s Attack Strikes Again: Breaking PKCS#1 v1.5 in XML Encryption

2012 - Tibor Jager, Sebastian Schinzel, Juraj Somorovsky

In Proceedings of the 17th European Symposium on Research in Computer Security (ESORICS), 2012, Full Version [pdf]

Forensic Content Detection through Power Consumption

2012 - Ulrich Greveler, Dennis Löhr, Benjamin Justus

[Paper]

Sec2: Secure Mobile Solution for Distributed Public Cloud Storages

2012 - Juraj Somorovsky, Christopher Meyer, Thang Tran, Mohamad Sbeiti, Jörg Schwenk, Christian Wietfeld

In Proceedings of the 2nd International Conference on Cloud Computing and Services Science (CLOSER), 2012 [Paper] [Slides]

XSpRES: Robust and Effective XML Signatures for Web Services

2012 - Christian Mainka, Meiko Jensen, Lo Iacono, Luigi, Jörg Schwenk

In Proceedings of the 2nd International Conference on Cloud Computing and Services Science (CLOSER), 2012 [pdf]

Clickjacking und UI-Redressing – Vom Klick-Betrug zum Datenklau

2012 - Marcus Niemietz

Ein Leitfaden für Sicherheitsexperten und Webentwickler [dpunkt.verlag]

XSpRES: XML-Signaturen, aber sicher!

2012 - Christian Mainka, Junker, Holger, Lo Iacono, Luigi, Jörg Schwenk

DuD - Datenschutz und Datensicherheit Ausgabe 04/2012

XML Signature Wrapping: Die Kunst SAML Assertions zu fälschen

2012 - Andreas Mayer, Jörg Schwenk

In 19. DFN~Workshop: Sicherheit in vernetzten Systemen, Seiten H1-H15, BoD - Books on Demand

Identifikation von Videoinhalten über granulare Stromverbrauchsdaten

2012 - Ulrich Greveler, Dennis Löhr, Benjamin Justus

[Paper]

Crouching Tiger - Hidden Payload: Security Risks of Scalable Vectors Graphics

2011 - Mario Heiderich, Tilman Frosch, Meiko Jensen, Thorsten Holz

18th ACM Conference on Computer and Communications Security (CCS), Chicago, IL, October 2011 [PDF]

The Bug that made me President: A Browser- and Web-Security Case Study on Helios Voting

2011 - Mario Heiderich, Tilman Frosch, Marcus Niemietz, Jörg Schwenk

International Conference on E-voting and Identity (VoteID), 2011, Tallinn, Estonia, September 2011 [Website]

Direct Anonymous Attestation: Enhancing Cloud Service User Privacy

2011 - Ulrich Greveler, Dennis Löhr, Benjamin Justus

[Paper]

IceShield: Detection and Mitigation of Malicious Websites with a Frozen DOM

2011 - Mario Heiderich, Tilman Frosch, Thorsten Holz

14th International Symposium on Recent Advances in Intrusion Detection (RAID), Menlo Park, CA, September 2011 [PDF]

On the E ffectiveness of XML Schema Validation for Countering XML Signature Wrapping Attacks

2011 - Meiko Jensen, Christopher Meyer, Juraj Somorovsky, Jörg Schwenk

In IWSSC 2011: First International Workshop on Securing Services on the Cloud, Sept. 2011 [Paper] [Slides]

Short Signatures from Weaker Assumptions

2011 - Dennis Hofheinz, Tibor Jager, Eike Kiltz

Asiacrypt 2011 [Full Version]

All Your Clouds are Belong to us – Security Analysis of Cloud Management Interfaces

2011 - Juraj Somorovsky, Mario Heiderich, Meiko Jensen, Jörg Schwenk, Nils Gruschka, Luigi Lo Iacono

In Proceedings of the ACM Cloud Computing Security Workshop (CCSW), 2011. [pdf]

How To Break XML Encryption

2011 - Tibor Jager, Juraj Somorovsky

In Proceedings of the 18th ACM Con­fe­rence on Com­pu­ter and Com­mu­ni­ca­ti­ons Se­cu­ri­ty (CCS), 2011. [pdf]

The Power of Recognition: Secure Single Sign-On using TLS Channel Bindings

2011 - Jörg Schwenk, Florian Kohlar, Marcus Amon

In Proceedings of the Seventh ACM Workshop on Digital Identity Management (DIM) (October 21, 2011, Chicago, IL, USA. Collocated with ACM CCS 2011) Copyright 2011 ACM 978-1-4503-1006-2/11/10…$10.00. [Paper]

Cloud-Sicherheit ohne vertrauenswürdige Administration

2011 - Ulrich Greveler, Dennis Löhr, Benjamin Justus

[Paper]

Sec2 – Ein mobiles Nutzer-kontrolliertes Sicherheitskonzept für Cloud-Storage

2011 - Christopher Meyer, Juraj Somorovsky, Jörg Schwenk, Benedikt Driessen, Thang Tran, Christian Wietfeld

In Proceedings of the DACH Security 2011, Oldenburg, Germany [Paper] [Slides]

A Privacy Preserving System for Cloud Computing

2011 - Ulrich Greveler, Dennis Löhr, Benjamin Justus

[Paper]

Mutual Remote Attestation: Enabling System Cloning for TPM based Platforms

2011 - Ulrich Greveler, Dennis Löhr, Benjamin Justus

[Paper]

Expressiveness Considerations of XML Signatures

2011 - Meiko Jensen, Christopher Meyer

In Proceedings of the 3rd IEEE International Workshop on Security Aspects of Process and Services Engineering (SAPSE), Munich, Germany. [Paper] [Slides]

MARV - Data Level Confidentiality Protection in BPEL-based Web Service Compositions

2011 - Majernik, Filip, Meiko Jensen, Jörg Schwenk

In Proceedings of the 6th International Conference on Network Architectures and Information Systems Security (SAR-SSI), La Rochelle, France.

Security Prospects through Cloud Computing by Adopting Multiple Clouds

2011 - Bohli, Jens-Matthias, Meiko Jensen, Gruschka, Nils, Lo Iacono, Luigi, Jörg Schwenk

In Proceedings of the 4th IEEE International Conference on Cloud Computing (CLOUD), Washington, D.C., USA.

Towards Privacy-Preserving XML Transformation

2011 - Meiko Jensen, Kerschbaum, Florian

In Proceedings of the 9th IEEE International Conference on Web Services (ICWS), Washington, D.C., USA.

Sicheres Single Sign-On mit dem SAML Holder-of-Key Web Browser SSO Profile und SimpleSAMLphp

2011 - Andreas Mayer, Jörg Schwenk

In 12. Deutscher IT-Sicherheitskongress des BSI: Sicher in die digitale Welt von morgen, Seiten 33--46, SecuMedia Verlag

Evaluating the Impact of Transmission Power on QoS in Wireless Mesh Networks

2011 - Andreas Noack, Patrick-Benjamin Bök, Sebastian Krück

IEEE ICCCN 2011 Workshop on Context-aware QoS Provisioning and Management for Emerging Networks, Applications and Services - ContextQoS 2011, Hawaii, Juli-August 2011 (to be published)

Mining Network and the Security Question

2011 - Christoph Müller, Andreas Noack

35th APCOM Symposium - Application of Computers and Operations Research in the Mineral Industry, Australia, September 2011 (to be published)

Safety Support Functions for Underground Network Communications

2011 - Christoph Müller, Andreas Noack

35th APCOM Sym­po­si­um - Ap­p­li­ca­ti­on of Com­pu­ters and Ope­ra­ti­ons Re­se­arch in the Mi­ne­ral In­dus­try, Aus­tra­lia, Sep­tem­ber 2011 (to be pu­blis­hed)

Trust Agreement in Wireless Mesh Networks

2011 - Andreas Noack

WISTP'11 - Workshop in Information Security Theory and Practice, Greece, June 2011 (to be published)

On Interoperability Failures in WS-Security: The XML Signature Wrapping Attack

2011 - Nils Gruschka, Meiko Jensen, Florian Kohlar, Lijun Liao

In E. Kajan: Electronic Business Interoperability: Concepts, Opportunities and Challenges, Business Science Reference, Hershey, NY, USA. ISBN 978-1-60960-485-1. 2011

Tight Proofs for Signature Schemes without Random Oracles

2011 - Sven Schäge

Accepted for EUROCRYPT 2011, Tallinn, Estonia, May 15th-19th, 2011. [Full Version]

The semi-generic group model and applications to pairing-based cryptography

2010 - Tibor Jager, Andy Rupp

ASI­A­CRYPT 2010

Simple and Efficient Public-Key Encryption from Computational Diffie-Hellman in the Standard Model

2010 - Kristiyan Haralambiev, Tibor Jager, Eike Kiltz, Vic­tor Shoup

PKC 2010

Mobile Machine Operation in Underground Networks and the Security Question

2010 - Andreas Noack, Christoph Müller

escar'10 - 8th conference on Embedded Security in Cars, Bremen, Germany [Conference Link]

Generic Compilers for Authenticated Key Exchange

2010 - Tibor Jager, Florian Kohlar, Sven Schäge, Jörg Schwenk

In Proceedings of ASIACRYPT 2010, Singapore [Full Version]

Mutual Preimage Authentication for fast Handover in Enterprise Networks

2010 - Andreas Noack, Mark Borrmann

The 5th International Symposium on Information Security (IS'10), Greece, 2010

Security Analysis of OpenID

2010 - Pavol Sovis, Florian Kohlar, Jörg Schwenk

In "Securing Electronic Business Processes - Highlights of the Information Security Solutions Europe 2010 Conference", 2010. [Camery Ready]

Group Key Agreement Performance in Wireless Mesh Networks

2010 - Andreas Noack, Jörg Schwenk

35th Annual IEEE Conference on Local Computer Networks and Workshops, LCN 2010 [Konferenz]

A New RSA-Based Signature Scheme

2010 - Sven Schäge, Jörg Schwenk

AFRICACRYPT 2010, Third International Conference on Cryptology in Africa, Stellenbosch, South Africa, May 3-6, 2010. [Springer Link]

Strea­ming-Ba­sed Ve­ri­fi­ca­ti­on of XML Si­gna­tu­res in SOAP Mes­sa­ges

2010 - Juraj Somorovsky, Meiko Jensen, Jörg Schwenk

In Pro­cee­dings of the IEEE In­ter­na­tio­nal Work­shop on Web Ser­vice and Busi­ness Pro­cess Se­cu­ri­ty (WSBPS), Miami, Flo­ri­da, U.S.A., 2010.

Ethernet communication for detection of emergency locations and dynamic evacuation in underground infrastructures

2010 - Dipl.-Ing. Christoph Müller, Prof. Dr. Iuliu Szekely, Andreas Noack

OPTIM 2010 - 12th International Conference on Optimization of Electrical and Electronic Equipment [Conference Link]

Trusted Virtual Domains: Color Your Network

2010 - Luigi Catuogno, Hans Löhr, Mark Manulis, Ahmad-Reza Sadeghi, Christian Stüble, Marcel Winandy

Datenschutz und Datensicherheit (DuD) 5/2010, p. 289-298. [SpringerLink] [PDF]

Attack Surfaces: A Taxonomy for Attacks on Cloud Services

2010 - Meiko Jensen, Nils Gruschka

In Proceedings of the 3rd IEEE International Conference on Cloud Computing (IEEE CLOUD 2010), Miami, FL, USA.

On In­ter­ope­ra­bi­li­ty Failu­res in WS-Se­cu­ri­ty: The XML Si­gna­tu­re Wrap­ping At­tack

2010 - Lijun Liao, Meiko Jensen, Florian Kohlar, Nils Gruschka

In E. Kajan: Elec­tro­nic Busi­ness In­ter­ope­ra­bi­li­ty: Con­cepts, Op­por­tu­nities and Chal­len­ges, In­for­ma­ti­on Sci­ence Re­fe­rence, (to be pu­blis­hed in 2011).

Streaming-based verification of XML Signatures in SOAP Messages

2010 - Jörg Schwenk, Meiko Jensen,

In Proceedings of the IEEE 2010 International Workshop on Web Service and Business Process Security (WSBPS 2010), Miami, FL, USA.

Towards an Anonymous Access Control and Accountability Scheme for Cloud Computing

2010 - Jörg Schwenk, Sven Schäge, Meiko Jensen,

In Proceedings of the 3rd IEEE International Conference on Cloud Computing (IEEE CLOUD 2010), Miami, FL, USA. [IEEE]

Towards Automated Processing of the Right of Access in Inter-Organizational Web Service Compositions

2010 - Meiko Jensen, Ralph Herkenhöner, Henrich C. Pöhls, Hermann de Meer

In Proceedings of the IEEE 2010 International Workshop on Web Service and Business Process Security (WSBPS 2010), Miami, FL, USA.

A Sur­vey of At­tacks in the Web Ser­vices World

2010 - Meiko Jensen, Nils Gruschka

In C. Gutier­rez, E. Fer­nan­dez-Me­di­na, M. Piat­ti­ni: Web Ser­vices Se­cu­ri­ty De­ve­lop­ment and Ar­chi­tec­tu­re, In­for­ma­ti­on Sci­ence Re­fe­rence, ISBN: 978-1-60566-950-2, 2010.

A CDH-Based Ring Signature Scheme with Short Signatures and Public Keys

2010 - Jörg Schwenk, Sven Schäge,

Financial Cryptography Fourteenth International Conference, FC 2010, Tenerife, Spain, January 25-28, 2010. [Springer Link]

A Design Pattern for Event-Based Processing of Security-enriched SOAP Messages

2010 - Meiko Jensen, Nils Gruschka, Luigi Lo Iacono

Proceedings of the Second International Workshop on Security Aspects in Grid and Cloud Computing (SAGC 2010), Krakow, Poland.

Secure Bindings of SAML Assertions to TLS Sessions

2010 - Jörg Schwenk, Sebastian Gajek, Meiko Jensen, Florian Kohlar,

Proceedings of the Fifth International Conference on Availability, Reliability and Security (ARES), Krakow, Poland.

On the analysis of cryptographic assumptions in the generic ring model

2009 - Tibor Jager, Jörg Schwenk

ASIACRYPT 2009

A Security Modeling Approach for Web-Service-based Business Processes

2009 - Meiko Jensen, Sven Feja

Proceedings of the 7th IEEE Workshop on Model-Based Development for Computer-Based Systems (MBD 2009), held as part of the 16th Annual IEEE International Conference and Workshop on the Engineering of Computer Based Systems (ECBS 2009), San Francisco, USA

Analysis of Signature Wrapping Attacks and Countermeasures

2009 - Jörg Schwenk, Sebastian Gajek, Lijun Liao, Meiko Jensen,

Proceedings of the 7th IEEE International Conference on Web Services (ICWS), Los Angeles, USA, 2009.

Dynamic Threshold Cryptosystem without Group Manager

2009 - Andreas Noack, M.Sc. Stefan Spitz

International Journal of Network Protocols and Algorithms (ISSN: 1943-3581) [Journal]

Efficient Authenticated Wireless Roaming via Tunnels

2009 - Andreas Noack,

Third International Workshop on Advanced Architectures and Algorithms for Internet DElivery and Applications, Las Palmas de Gran Canaria, Spain; 25 November 2009

Efficient Authenticated Wireless Roaming via Tunnels

2009 - Andreas Noack,

Technical Report. Full paper with security proof. [PDF]

Extending the Similarity-Based XML Multicast Approach with Digital Signatures

2009 - Jörg Schwenk, Meiko Jensen, Antonia Azzini, Stefania Marrara

Proceedings of the ACM Workshop on Secure Web Services (SWS), Chicago, Illinois, U.S.A.

Generating WS-SecurityPolicy Documents via Security Model Transformation

2009 - Meiko Jensen,

Proceedings of the Young Researchers Workshop on Modeling and Management of Business Processes (YRW-MBP 2009), held as part of SABRE 2009, Leipzig, Germany

Group Key Agreement for Wireless Mesh Networks

2009 - Jörg Schwenk, Andreas Noack,

The 5th LCN Workshop on Security in Communications Networks (SICK 2009) Zürich, Switzerland; 20-23 October 2009

On Technical Security Issues in Cloud Computing

2009 - Jörg Schwenk, Meiko Jensen, Nils Gruschka, Luigi Lo Iacono

Proceedings of the IEEE International Conference on Cloud Computing (CLOUD-II 2009), Bangalore, India

The Accountability Problem of Flooding Attacks in Service-Oriented Architectures

2009 - Jörg Schwenk, Meiko Jensen,

Proceedings of the IEEE International Conference on Availability, Reliability, and Security (ARES)

The Curse of Namespaces in the Domain of XML Signature

2009 - Jörg Schwenk, Lijun Liao, Meiko Jensen,

Proceedings of the ACM Workshop on Secure Web Services (SWS), Chicago, Illinois, U.S.A.

Twin Signatures, Revisited

2009 - Sven Schäge,

Provable Security Third International Conference, ProvSec 2009, Guangzhou, China, November 11-13, 2009. [Springer Link]

Sichere Webanwendungen

2008 - Mario Heiderich, Christian Matthies, Johannes Dahse, fukami

GALILEO PRESS, Auflage 1, ISBN-10: 3836211947, ISBN-13: 978-3836211949

A Brow­ser-Ba­sed Ker­be­ros Au­then­ti­ca­ti­on Sche­me

2008 - Sebastian Gajek, Tibor Jager, Mark Manulis, Jörg Schwenk

ESORICS 2008

On Black-Box Ring Extraction and Integer Factorization

2008 - Kristina Altmann, Tibor Jager, Andy Rupp

ICALP 2008

On the equivalence of generic group models

2008 - Tibor Jager, Jörg Schwenk

ProvSec 2008

Property-Based Attestation without a Trusted Third Party

2008 - Ahmad-Reza Sadeghi, Hans Löhr, Liqun Chen, Mark Manulis,

Information Security Conference (ISC'08), 2008. [pdf]

Secure Multi-Coupons for Federated Environments: Privacy-Preserving and Customer-Friendly

2008 - Ahmad-Reza Sadeghi, Frederik Armknecht, Hans Löhr, Mark Manulis, Alberto Escalante

Accepted for The 4th Information Security Practice and Experience Conference (ISPEC 2008), 21-23 April 2008, Sydney, Australia. [Springer Link] [pdf]

Die Sicherheit von MS CardSpace und verwandten Single-Sign-On-Protokollen

2008 - Sebastian Gajek, Sven Schäge, Xuan Chen, Christoph Löhr

Datenschutz und Datensicherheit - DuD. Volume 32, Number 8, Seiten 515-519. Vieweg Verlag, August 2008. [Springer Link]

A Forensic Framework for Tracing Phishers

2008 - Ahmad-Reza Sadeghi, Sebastian Gajek, Felix Gröbert, , Dominik Birk

International Federation for Information Processing, to appear in LNCS 6102. [pdf]

A novel solution for end-to-end integrity protection in signed PGP mail

2008 - Jörg Schwenk, Lijun Liao,

ICICS 2008, Birmingham, UK

Code Voting with Linkable Group Signatures

2008 - Jörg Schwenk, Sven Schäge, Jörg Helbach

3rd International Conference, Co-organized by Council of Europe, Gesellschaft für Informatik and E-Voting.CC, August 6th-9th, 2008 in Castle Hofen, Bregenz, Austria 2008. In LNI, 2008. [LNI Link]

Finding Hash Collisions

2008 - Sven Schäge,

VDM Verlag Dr. Müller e.K., 2008. ISBN-13: 978-3639066135. [Amazon Link]

Modeling and Transformation of Security Requirements: An Approach for Service-oriented Architectures

2008 - Jörg Schwenk, Meiko Jensen, Ralph Herkenhöner, Sven Feja, Hermann de Meer, Andreas Speck

Proceedings of the First Euro-NF Workshop on Future Internet Architecture: New Trends in Service & Networking Architectures, 21. November 2008, Paris, France

Nutzung von selbstsignierten Client-Zertifikaten zur Authentifikation bei SSL/TLS

2008 - Tibor Jager, Heiko Jäkel, Jörg Schwenk

Sicherheit 2008.

Provably Secure Browser-Based User-Aware Mutual Authentication over TLS

2008 - Jörg Schwenk, Ahmad-Reza Sadeghi, Sebastian Gajek, Mark Manulis,

Accepted for ASIACCS'08. [ACM Link]

Securing Email Communication with XML Technology

2008 - Jörg Schwenk, Lijun Liao, Mark Manulis,

"Handbook of Research on Information Security and Assurance", to be published in August 2008 by Information Science Reference. [IGI Global]

Stronger TLS Bindings for SAML Assertions and SAML Artifacts

2008 - Jörg Schwenk, Sebastian Gajek, Lijun Liao,

In Proceedings of the ACM CCS Workshop for Secure Web Services (ACM SWS'08), Virginia (USA), 2008.

TLS Federation - a Secure and Relying-Party-Friendly Approach for Federated Identity Management

2008 - Jörg Schwenk,

This paper describes a novel approach that integrates Federated IDM and SSL.

Universally Composable Security Analysis of TLS

2008 - Jörg Schwenk, Ahmad-Reza Sadeghi, Sebastian Gajek, Mark Manulis, Olivier Pereira

Accepted for the Second Confer­ence on Provable Security (ProvSec), 2008. [pdf]

Trusted User-Aware Web Authentication

2007 - Jörg Schwenk, Ahmad-Reza Sadeghi, Sebastian Gajek, Marcel Winandy,

Presented at the Workshop on Trustworthy User Interfaces for Passwords and Personal Information (TIPPI'07), Stanford, USA, June 22, 2007. [PDF]

Compartmented Security for Browsers – Or How to Thwart a Phisher with Trusted Computing

2007 - Sebastian Gajek, Ahmad-Reza Sadeghi, Christian Stüble, Marcel Winandy

In Proceedings of the The Second International Conference on Availability, Reliability and Security (ARES 2007), Vienna, Austria, April 10-13, 2007, pages 120-127. IEEE Computer Society, 2007. [pdf]

A Privacy-Protecting Multi-Coupon Scheme with Stronger Protection against Splitting

2007 - Ahmad-Reza Sadeghi, Hans Löhr, Liqun Chen, Mark Manulis, Alberto Escalante

11th International Conference on Financial Cryptography and Data Security (FC 2007), Scarborough, Trinidad and Tobago, February 12-16, 2007. Revised Selected Papers, volume 4886 of Lecture Notes on Computer Sience (LNCS), pages 29-44. Springer Verlag, 2007. [pdf]

Fingercasting—Joint Fingerprinting and Decryption of Broadcast Messages

2007 - Ahmad-Reza Sadeghi, Andre Adelsbach, Ulrich Huber,

In Transactions on Data Hiding and Multimedia Security II, volume 4499 of Lecture Notes on Computer Sience (LNCS), pages 1-34. Springer Verlag, 2007. [?]

Phishing Phishers - Observing and Tracing Organized Cybercrime

2007 - Ahmad-Reza Sadeghi, Sebastian Gajek, Felix Gröbert, , Dominik Birk

In Proceedings of the Second International Conference on Internet Monitoring and Protection (ICIMP 2007), Silicon Valley, California, July 1-5, 2007, page 3. IEEE Computer Society, 2007. [IEEE Link]

Aktuelle Gefahren im Onlinebanking-Technische und Juristische Hintergründe.

2007 - Jörg Schwenk, Georg Borges, Sebastian Gajek, Christoph Wegener, Isabelle Biallaß, Julia Meyer, Dennis Werner

In Proceedings of the 10th German IT Security Congress, Federal Office for Information Security, Bonn (Germany), 2007.

Breaking and Fixing the Inline Approach.

2007 - Jörg Schwenk, Sebastian Gajek, Lijun Liao,

In Proceedings of the ACM CCS Workshop for Secure Web Services (ACM SWS'07), Alexandria (USA), 2007 .

Browser Models for Usable Authentication Protocols

2007 - Jörg Schwenk, Ahmad-Reza Sadeghi, Sebastian Gajek, Mark Manulis,

Presented at the Workshop on Web 2.0 Security and Privacy (W2SP 2007) held in conjunction with the IEEE Symposium on Security and Privacy, Oakland, California, May 24, 2007. [pdf]

Browser Models for Usable Authentication Protocols.

2007 - Jörg Schwenk, Ahmad-Reza Sadeghi, Sebastian Gajek, Mark Manulis,

In Proceedings of the IEEE Security and Privacy Workshop on Web 2.0 Security and Privacy (W2SP'07), Oakland (USA), 2007.

Browser-based Authentication Protocols for Naive Users.

2007 - Jörg Schwenk, Ahmad-Reza Sadeghi, Sebastian Gajek, Mark Manulis,

accepted for presentation at the Western European Workshop on Research in Cryptology (WEWoRC 2007), Bochum (Germany), 2007.

Compartmented Security for Browsers

2007 - Sebastian Gajek, Ahmad-Reza Sadeghi, Christian Stüble, Marcel Winandy

Technical Report HGI-TR-2007-001, Horst Görtz Institute for IT Security, Ruhr-University Bochum, 2007. [pdf]

Efficient Hash Collision Search Strategies on Special-Purpose Hardware

2007 - Sven Schäge, Tim Güneysu, Christof Paar

Special-purpose Hardware for Attacking Cryptographic Systems, SHARCS Workshop 2007, September 9-10, 2007, Vienna, Austria.

Efficient Hash Collision Search Strategies on Special-Purpose Hardware

2007 - Sven Schäge, Tim Güneysu, Christof Paar

Western European Workshop on Research in Cryptology, WeWORC Workshop 2007, July 4-6, 2007, Bochum, Germany. [Springer Link]

Ein Framework zur Identifikation von Identitätsbetrügern, Geldwäschern und Phishing-Simulanten.

2007 - Sebastian Gajek, Felix Gröbert, Macimillian Dornseif, Dominik Birk

In Proceedings of the 10th German IT Security Congress, Federal Office for Information Security, Bonn (Germany), 2007.

End-to-End Header Protection in S/MIME and PGP Mail.

2007 - Jörg Schwenk, Lijun Liao,

Postersession in the 10th German IT Security Congress, Federal Office for Information Security, Bonn (Germany), 2007. [PDF]

End-to-End Header Protection in Signed S/MIME.

2007 - Jörg Schwenk, Lijun Liao,

In Proceedings of the 2nd International Symposium on Information Security (IS'07), Nov 26-27, 2007 in Vilamoura, Algarve, Portugal.

Malicious Participants in Group Key Exchange: Key Control and Contributiveness in the Shadow of Trust.

2007 - Mark Manulis, Emmanuel Bresson

In Proceedings of the 4th International Conference on Autonomic and Trusted Computing (ATC 2007), 11-13 July, Hong Kong, China. [PDF] [Bibtex]

Malicious Participants in Group Key Exchange: Key Control and Contributiveness in the Shadow of Trust.

2007 - Mark Manulis, Emmanuel Bresson

In Proceedings of the International Workshop on Group-Oriented Cryptographic Protocols (GOCP 2007), Wroclaw (Poland), 2007.

On Security Models and Compilers for Group Key Exchange Protocols.

2007 - Jörg Schwenk, Mark Manulis, Emmanuel Bresson

In Proceedings of the 2nd International Workshop on Security (IWSEC 2007), Nara (Japan), 2007. [PDF] [Bibtex]

Phishing Phishers -- Observing and Tracing Organized Cybercrime.

2007 - Ahmad-Reza Sadeghi, Sebastian Gajek, Felix Gröbert, , Dominik Birk

In Proceedings of the 2nd IEEE International Conference on Internet Monitoring and Protection (ICIMP'07), Silicon Valley (USA), 2007.

Provably Secure Framework for Information Aggregation in Sensor Networks.

2007 - Jörg Schwenk, Mark Manulis,

In Proceedings of the International Conference on Computational Science and Its Applications (ICCSA 2007), Kuala Lumpur (Malaysia), 2007 . [PDF] [Bibtex]

Secure Emails in XML Format Using Web Services.

2007 - Jörg Schwenk, Lijun Liao,

In Proceedings of the 5th IEEE European Conference on Web Services (ECOWS 07), November 26-28, 2007 in Halle (Saale), Germany.

Secure Internet Voting With Code Sheets.

2007 - Jörg Schwenk, Jörg Helbach

In Proceedings of the FIDIS First Conference on E-Voting and Identity. Bochum (Germany), 4-5 October 2007.

Securing Email Communication with XML Technology.

2007 - Jörg Schwenk, Lijun Liao,

The 2007 International Conference on Internet Computing (ICOMP 2007), 25-28 June 2007, Las Vegas, USA.

Security of Mircrosoft's Identity Metasystem and CardSpace .

2007 - Sebastian Gajek, Ralf Hauser, Rolf Oppliger

In Proceedings of Kommunikation in Verteilten Systemen (KiVS '07), Industry Track, Bern (Switzerland), 2007 .

Signieren mit Chipkartensystemen in unsicheren Umgebungen - Homebanking mit Secure HBCI/FinTS

2007 - Jörg Schwenk, Sebastian Gajek, Lijun Liao,

In Datenschutz und Datensicherheit, Ausgabe 2007/11

SSL-over-SOAP: Towards a Token-based Key Establishment Framework for Web Services .

2007 - Jörg Schwenk, Sebastian Gajek, Lijun Liao,

In Proceedings of the IEEE ECOWS Workshop on Emerging Web Services Technology (WEWST'07), Halle (Germany), 2007 .

Towards a Formal Semantic of XML Signature.

2007 - Jörg Schwenk, Sebastian Gajek, Lijun Liao,

W3C Workshop Next Steps for XML Signature and XML Encryption, Mountain View (USA), 2007.

Tree-Based Group Key Agreement Framework for Mobile Ad-Hoc Networks

2007 - Lijun Liao, Mark Manulis,

in Future Generation Computer Systems (FGCS), 23(6):787-803, 2007, Elsevier. [Elsevier]

Trustworthy Signing with Smart Card System in Untrustworthy Environments.

2007 - Jörg Schwenk, Sebastian Gajek, Lijun Liao,

e-Smart conference and demos 2007, 19-21 September 2007, Sophia Antipolis, French Riviera.

Using Two-Steps Hash Function to Support Trustworthy Signing.

2007 - Jörg Schwenk, Sebastian Gajek, Lijun Liao,

Western European Workshop on Research in Cryptology (WEWoRC 2007), Bochum (Germany), 2007.

Towards Multicolored Computing - Compartmented Security to Prevent Phishing Attacks.

2006 - Sebastian Gajek, Ahmad-Reza Sadeghi, Christian Stüble, Marcel Winandy

Workshop on Information and System Security (WISSEC'06), Antwerpen (Belgium), 2006 .

A Case Study on Online-Banking Security.

2006 - Jörg Schwenk, Sebastian Gajek, Henrik te Heesen

International Conference on Emerging Trends in Information and Communication Security (ETRICS'06) Workshop on Security and Privacy in Future Business Services, Freiburg (Germany), 2006 .

A Computational Model for Watermark Robustness

2006 - Ahmad-Reza Sadeghi, Andre Adelsbach, Stefan Katzebeisser

Accepted for Information Hiding Workshop, 2006. [Springer Link]

Client Authentication in Federations Using a Security Mode

2006 - Ahmad-Reza Sadeghi, Sebastian Gajek,

Accepted to be presented at Toward a More Secure Web - W3C Workshop on Usability and Transparency of Web Authentication. [pdf]

Democratic Group Signatures - On an Example of Joint Ventures - Fast Abstract.

2006 - Mark Manulis,

in Proceedings of ACM Symposium on Information, Computer and Communications Security (ASIACCS 2006), 21-24 March, Taipei, Taiwan. [ACM Link] [PDF ] [Bibtex]

DRM für Multimedia-Broadcasts - wie sieht das PayTV der Zukunft aus?.

2006 - Ulrich Greveler,

in Patrick Horster (Hrsg.), D.A.CH Security 2006, Düsseldorf, März 2006, to appear. [PDF]

Efficient Implementation of Zero-Knowledge Proofs for Watermark Detection in Multimedia Data.

2006 - Ahmad-Reza Sadeghi, Andre Adelsbach, Markus Rohe,

To appear in LNCS Transactions on Data Hiding and Multimedia Security. [Springer Link]

Fingercasting - Joint Fingerprinting and Decryption of Broadcast Messages

2006 - Ahmad-Reza Sadeghi, Andre Adelsbach, Ulrich Huber,

Technical Report detailing the ACISP 2006 paper below. A preliminary version is available from the authors:

Fingercasting - Joint Fingerprinting and Decryption of Broadcast Messages

2006 - Ahmad-Reza Sadeghi, Andre Adelsbach, Ulrich Huber,

Accepted for 11th Australasian Conference on Information Security and Privacy (ACISP 2006), Melbourne, Australia, July 3-5, 2006. Published in Springer's LNCS 4058. [Springlink]

Key Agreement for Heterogeneous Ad-Hoc Groups

2006 - Ahmad-Reza Sadeghi, Mark Manulis,

to appear in International Journal of Wireless and Mobile Computing (IJWMC), Inderscience.

Key Agreement for Heterogenous Mobile Ad-hoc Groups

2006 - Ahmad-Reza Sadeghi, Mark Manulis,

To appear in Special Issue on Ubiquitous Computing and Moblie Networking of IJWMC (International Journal of Wireless and Mobile Computing) Journal. [ACM Link]

Linkable Democratic Group Signatures

2006 - Jörg Schwenk, Ahmad-Reza Sadeghi, Mark Manulis,

Accepted for 2nd Information Security Practice and Experience Conference (ISPEC 2006), 11.-14. April, Hangzhou, China. [pdf]

Patentierung kryptographischer Verfahren, die an Hochschulen entwickelt wurden.

2006 - Ulrich Greveler,

GI Fachtagung "Sicherheit 2006", Magdeburg, Feb. 2006, LNI Proceedings P-77, pp. 329-332. [PDF]

Property-based Taming Lying Mobile Nodes

2006 - Ahmad-Reza Sadeghi, Mark Manulis,

Accepted for International Workshop on Trusted and Autonomic Computing Systems (TACS 2006) at 20th IEEE International ­Conference on Advanced Information Networking and Applications (AINA 2006), 18.-20. April, Vienna, Austria. [IEEE CS Link]

Property-Based Taming of Lying Mobile Nodes.

2006 - Ahmad-Reza Sadeghi, Mark Manulis,

in Proceedings of 20th IEEE International Conference on Advanced Information Networking and Applications (AINA 2006), IEEE International Workshop on Trusted and Autonomic Computing Systems (TACS 2006), 18-20 April, Vienna, Austria. [IEEE CS Link] [PDF] [Bibtex]

Reversed Responsibilities: Browser Authentication instead of Server Authentication.

2006 - Jörg Schwenk, Sebastian Gajek,

Workshop on Transparency and Usability of Web Authentication, New York (USA), 2006.

SSL-VA-Authentifizierung als Schutz vor Phishing und Pharming.

2006 - Jörg Schwenk, Sebastian Gajek, Christoph Wegener,

accepted for Sicherheit - Schutz und Zuverlässigkeit, February 20, 2006, Magdeburg, Germany. [PDF]

Tree-based Group Key Agreement Framework for Mobile Ad-Hoc Networks.

2006 - Lijun Liao, Mark Manulis,

in Proceedings of 20th IEEE International Conference on Advanced Information Networking and Applications (AINA 2006), 2nd International Workshop on Security in Networks and Distributed Systems (SNDS 2006), 18-20 April, Vienna, Austria. [IEEE CS Link] [PDF] [Bibtex]

Security Engineering for Zero-knowledge Watermark Detection

2005 - Ahmad-Reza Sadeghi, Andre Adelsbach, Markus Rohe,

Special Session on Media Security, WIAMIS 2005, 13-15 April 2005, Montreux, Switzerland.

A Broadcast Encryption Scheme with Free-Riders but Unconditional Security

2005 - Ulrich Greveler, Andre Adelsbach,

First International Conference on Digital Rights Management, Sydney 2005 to appear: Springer LNCS. [PDF]

Anonymous Data Broadcasting by Misuse of Satellite ISPs

2005 - Ulrich Greveler, Andre Adelsbach, Sven Löschner

Proceedings of 22C3 Chaos Computer Club (CCC) Congress, Berlin, 2005, to appear. [PDF]

Complementing Zero-Knowledge Watermark Detection: Proving Properties of Embedded Information Without Revealing it

2005 - Ahmad-Reza Sadeghi, Andre Adelsbach, Markus Rohe,

to appear in ACM Multimedia Systems Journal.

Complementing Zero-Knowledge Watermark Detection: Proving Properties of Embedded Information Without Revealing it.

2005 - Ahmad-Reza Sadeghi, Andre Adelsbach, Markus Rohe,

ACM Multimedia Systems Journal. [Springer Link]

Contributory Group Key Agreement Protocols, Revisited for Mobile Ad-Hoc Groups

2005 - Mark Manulis,

in Proceedings of the 2nd IEEE International Conference on Mobile Ad-hoc and Sensor Systems (MASS 2005), International Workshop on Wireless and Sensor Networks Security (WSNS 2005), 07-10 November 2005, Washington, USA. [IEEE CS Link] [Bibtex] [PDF]

Datenschutzverletzungen bei Internetzugängen via Satellit

2005 - Ulrich Greveler, Andre Adelsbach,

Datenschutznachrichten, 01/2005, pp. 4-7. [PDF]

Effective Protection Against Phishing and Web Spoofing

2005 - Sebastian Gajek, Rolf Oppliger

9th IFIP TC-6 TC-11 Conference on Communications and Multimedia Security (CMS2005), LNCS 3677. pp 32-42. Copyrights Springer-Verlag, Heidelberg Berlin. [Springer] [Bibtex] [PDF]

Embedding Trust into Cars—Secure Software Delivery and Installation

2005 - Ahmad-Reza Sadeghi, Andre Adelsbach, Christian Stüble, Ulrich Huber,

Third Workshop on Embedded Security in Cars (escar 2005), Cologne, Germany, November 29-30, 2005. Conference presentation [pdf]

Enforcing Regional DRM for Multimedia Broadcasts with and without Trusted Computing

2005 - Ulrich Greveler,

First International Conference on Digital Rights Management, Sydney 2005 to appear: Springer LNCS. [PDF]

Fair DRM - Ermöglichen von Privatkopien und Schutz digitaler Waren

2005 - Jörg Schwenk, Ulrich Greveler, Andre Adelsbach,

accepted for 9. Deutscher IT-Sicherheitskongress des BSI, Mai 2005.

First Summary Report on Asymmetric Watermarking

2005 - Ahmad-Reza Sadeghi, Andre Adelsbach, P. Bas, S. Katzenbeisser (Eds.), M. Barni, A. De Rosa

ECRYPT, Network of Excellence in Cryptology, Project Deliverable (D.WVL.3), 2005. [pdf]

How Pay-TV becomes E-Commerce

2005 - Ulrich Greveler,

7th International IEEE Conference on E-Commerce Technology, Munich 2005, IEEE Press P2277, ISBN 0-7695-2277-7. [PDF]

Identitätsmissbrauch im Onlinebanking

2005 - Jörg Schwenk, Sebastian Gajek, Christoph Wegener,

Datenschutz und Datensicherheit, Ausgabe 11, 2005.

Key Agreement for Heterogeneous Mobile Ad-Hoc Groups

2005 - Mark Manulis,

in Proceedings of 11th International Conference on Parallel and Distributed Systems (ICPADS 2005), Volume 2, International Workshop on Security in Networks and Distributed Systems (SNDS 2005), pp. 290-294. IEEE Computer Society, 2005. [IEEE CS Link] [PDF] [Bibtex]

Non-Interactive Watermark Detection for a Correlation-Based Watermarking Scheme

2005 - Ahmad-Reza Sadeghi, Andre Adelsbach, Markus Rohe,

accepted for 9th IFIP TC-6 TC-11 Conference on Communications and Multimedia Security, 19-21 September 2005, Salzburg, Austria; to appear in LNCS.

Non-Interactive Watermark Detection for a Correlation-Based Watermarking Scheme

2005 - Ahmad-Reza Sadeghi, Andre Adelsbach, Markus Rohe

Accepted for 9th IFIP Conference on Communications and Multimedia Security (CMS) 2005, "Best Paper Award".

Phishing - Die Täuschung des Benutzers zur Preisgabe geheimer Benutzerdaten

2005 - Jörg Schwenk, Sebastian Gajek, Andre Adelsbach,

9. Deutscher IT-Sicherheitskongress des BSI, 2005.

Property-Based Broadcast Encryption for Multi-level Security Policies

2005 - Ahmad-Reza Sadeghi, Andre Adelsbach, Christian Stüble, Ulrich Huber,

Technical Report detailing the ICISC 2005 paper below. A preliminary version is available from the authors

Property-Based Broadcast Encryption for Multi-level Security Policies

2005 - Ahmad-Reza Sadeghi, Andre Adelsbach, Ulrich Huber,

8th International Conference on Information Security and Cryptology (ICISC 2005), Seoul, Korea, December 1-2, 2005. Published in Springer's LNCS 3935. Conference presentation [Springer Link]

Satellite Communication without Privacy - Attacker's Paradise

2005 - Ulrich Greveler, Andre Adelsbach,

accepted for GI Fachtagung "Sicherheit 2005", 5-8 April 2005, Regensburg.

Satellite Communication without Privacy - Attacker's Paradise

2005 - Ulrich Greveler, Andre Adelsbach,

GI Fachtagung "Sicherheit 2005", Regensburg, April 2005, LNI Proceedings P-62, pp. 257-268. [PDF]

Secure Software Delivery and Installation in Embedded Systems

2005 - Ahmad-Reza Sadeghi, Andre Adelsbach, Ulrich Huber,

accepted for the First Information Security Practice and Experience Conference (ISPEC 2005), 11-14 April 2005, Singapore.

Secure Software Delivery and Installation in Embedded Systems

2005 - Ahmad-Reza Sadeghi, Andre Adelsbach, Ulrich Huber,

In: K. Lemke, C. Paar and M. Wolf (eds.): Embedded Security in Cars: Securing Current and Future Automotive IT Applications, pp. 27-49, Springer-Verlag. 2005. [Springer Link]

Secure Software Delivery and Installation in Embedded Systems

2005 - Ahmad-Reza Sadeghi, Andre Adelsbach, Ulrich Huber,

Technical Report detailing the ISPEC 2005 conference paper below.

Secure Software Delivery and Installation in Embedded Systems

2005 - Ahmad-Reza Sadeghi, Andre Adelsbach, Ulrich Huber,

Presented at the First Information Security Practice and Experience Conference (ISPEC 2005).Springer, LNCS 3439, pp. 255-267. [pdf]

Secure XMaiL or How to Get Rid of Legacy Code in Secure E-Mail Applications

2005 - Jörg Schwenk, Lijun Liao, Lars Ewers, Wolfgang Kubbilun

In CMS 2005: Proceedings of the 9th IFIP International Conference on Communications and Multimedia Security, Lecture Notes in Computer Science, volume 3677, pages 291-300, Springer, 2005. [Springer] [PDF] [Bibtex]

Towards Multilateral Secure Digital Rights Distribution Infrastructures

2005 - Ahmad-Reza Sadeghi, Andre Adelsbach, Markus Rohe,

accepted for ACM DRM Workshop'05, November 7, 2005, Alexandria, Virginia, USA.

Towards Multilateral Secure Digital Rights Distribution Infrastructures

2005 - Ahmad-Reza Sadeghi, Andre Adelsbach, Markus Rohe,

Accepted for ACM DRM 2005.

Trustworthy Visualisation and Verification of Multiple XML-Signatures

2005 - Jörg Schwenk, Sebastian Gajek, Wolfgang Kubbilun

In CMS 2005: Proceedings of the 9th IFIP International Conference on Communications and Multimedia Security, Lecture Notes in Computer Science, volume 3677, pages 311-320, Springer, 2005. [Springer]

Visual Spoofing of SSL Protected Web Sites and Effective Countermeasures

2005 - Jörg Schwenk, Sebastian Gajek, Andre Adelsbach,

First Information Security Practice and Experience Conference (ISPEC 2005), LNCS 3439. pp 204-217. Copyrights Springer-Verlag, Heidelberg Berlin. [Bibtex] [Springer] [PDF]

Key-Assignment Strategies for CPPM.

2004 - Jörg Schwenk, Andre Adelsbach,

ACM Multimedia and Security Workshop 2004, Magdeburg, Germany, pp. 107 - 115, © ACM, 2004. [PDF]

Key-As­si­gnment Stra­te­gies for CPPM

2004 - Andre Adelsbach, Jörg Schwenk

ACM Mul­ti­me­dia and Se­cu­ri­ty Work­shop

Moderne Verfahren der Kryptographie

2004 - Jörg Schwenk, Klaus-Dieter Wolfenstetter, Albrecht, Beutelsbacher

[Amazon]

Overcoming the Obstacles of Zero-Knowledge Watermark Detection.

2004 - Ahmad-Reza Sadeghi, Andre Adelsbach, Markus Rohe,

ACM Multimedia and Security Workshop 2004, Magdeburg, Germany, pp. 46 - 55, © ACM, 2004.

Pseudonym Generation Scheme for Ad-Hoc Group Communication Based on IDH.

2004 - Jörg Schwenk, Mark Manulis,

In Proceedings of the 1st European Workshop on Security in Ad-Hoc and Sensor Networks (ESAS 2004), Lecture Notes in Computer Science, volume 3313, pages 107-124, Springer-Verlag, 2005. [Springer Link] [PDF] [Bibtex]

Advanced Techniques for Dispute Resolving and Authorship Proofs on Digital Works

2003 - Ahmad-Reza Sadeghi, Andre Adelsbach,

Security and Watermarking of Multimedia Contents V, SPIE Electronic Imaging 2003. [pdf]

Die digitale Signatur

2003 - Ahmad-Reza Sadeghi, Andre Adelsbach, Markus Schneider, Christian Stüble

In J. Balfanz, J. Wendenburg (Hrsg.): Digitale Signaturen in der Praxis, AWV Verlag, 2003.

Watermark Detection with Zero-Knowledge Disclosure

2003 - Ahmad-Reza Sadeghi, Andre Adelsbach, Stefan Katzenbeisser

ACM Multimedia Systems Journal, Special Issue on Multimedia Security. [Springer Link]

Cryptographic Semantics For The Algebraic Models

2002 - Andre Adelsbach, Christian Stüble, S. Creese, B. Pfitzmann, P. Ryan, W. Simmonds, S. Steinbrechner, M. Steiner, M. Waidner

MAFTIA Deliverable D8, February 2002 [pdf]

Cryptography Meets Watermarking: Detecting Watermarks with Minimal- or Zero-Knowledge Disclosure

2002 - Ahmad-Reza Sadeghi, Andre Adelsbach, Stefan Katzenbeisser

XI European Signal Processing Conference, Volume I, pp. 446-449. [pdf]

Final Report on Verification and Assessment

2002 - Ahmad-Reza Sadeghi, Andre Adelsbach, Christian Stüble,

MAFTIA Deliverable D22, Project IST-1999-11583, January 2002.

Customer Identification for MPEG Video based on Digital Fingerprinting.

2001 - Jörg Schwenk, Enrico Hauer, Jana Dittman, Eva Saar, Claus Vielhauer

Proc. IEEE Pacific-Rim Conference on Multimedia (PCM-2001).

Optimized Self-Synchronizing Mode of Operation

2001 - Ahmad-Reza Sadeghi, Andre Adelsbach, Alexander Geraldy, Birgit Pfitzmann

8th International Workshop on Fast Software Encryption, Yokohama, April 2001, LNCS, Springer-Verlag.

Tree based Key Agreement for Multicast.

2001 - Jörg Schwenk, T. Martin, R. Schaffelhofer

Proc. Communications and Multimedia Security 2001, Mai 2001, Darmstadt.

Zero-Knowledge Watermark Detection and Proof of Ownership

2001 - Ahmad-Reza Sadeghi, Andre Adelsbach,

Information Hiding: Fourth International Workshop, LNCS 2137, Springer-Verlag, Berlin, 2001, pp. 273-288. [Springer Link]

Anonymous fingerprinting with direct non-repudiation

2000 - Andre Adelsbach,

In T. Okamoto, editor, Advances in Cryptology - ASIACRYPT‘2000, volume 1976 of Lecture Notes in Computer Science, pages 401-414, Kyoto, Japan, 2000. International Association for Cryptologic Research, Springer-Verlag, Berlin Germany.

Conditional Access for Business TV.

2000 - Jörg Schwenk,

Fernseh- und Kino-Technik 6/2000.

Proving ownership of digital content

2000 - Ahmad-Reza Sadeghi, Andre Adelsbach, Birgit Pfitzmann

In Andreas Pfitzmann, editor, Information Hiding - 3rd International Workshop, IH ’99, volume 1768 of Lecture Notes in Computer Science, pages 126-141, Dresden, Germany, October 2000. Springer-Verlag, Berlin Germany.

Combining digital watermarks and collusion secure fingerprints for digital images.

1999 - Jörg Schwenk, A. Behr, Jana Dittman, J. Ueberberg, P Schmitt, M. Stabenau

Proc. Electronic Imaging'99, San Jose, USA.

How to securely broadcast a secret.

1999 - Jörg Schwenk,

In: B. Preneel (Ed.): Proceedings Communications an Multimedia Security '99, Kluwer Academic Publishers, 1999.

Public Key Encryption and Digital Signatures based on Permutation Polynomials.

1998 - Jörg Schwenk, Klaus Huber,

Electronics Letters, Vol 34 No. 8, 1998, 759-760.

Establishing a Key Hierarchy for Conditional Access without Encryption.

1996 - Jörg Schwenk,

Proc. IFIP Communications and Multimedia Security 1996, Chapman & Hall, London.

Public Key Encryption and Signature Schemes Based on Polynomials over Zn.

1996 - Jörg Schwenk, J. Eisfeld

Proc. EUROCRYPT 96, Ed. Ueli Maurer, Springer LNCS 1070 (1996), 60-71.

A Classification of Abelian Quasigroups

1995 - Jörg Schwenk,

Rendiconti di Matematica, Serie VII, Volume 15, Roma (1995), 161-172
Seite: