0-RTT Key Exchange with Full Forward Secrecy

2017 - Felix Günther, Britta Hale, Tibor Jager, Sebastian Lauer

36th International Conference on the Theory and Applications of Cryptographic Techniques (Eurocrypt 2017)

Breaking PPTP VPNs via RADIUS Encryption

2016 - Matthias Horst, Martin Grothe, Tibor Jager, Jörg Schwenk

15th International Conference on Cryptology and Network Security (CANS) [http] [pdf]

Evaluating Two Methods for WS-(Security) Policy Negotiation and Decision Making

2016 - Abeer El­sa­fie, Jörg Schwenk

Cloud and Trusted Computing (C&TC 2016), part of: The 15th OnTheMove to Meaningful Internet Systems: (OTM 2016) Conferences, 24-28 Oct 2016, Rhodes, Greece. [Paper]

DROWN: Breaking TLS using SSLv2

2016 - Nimrod Aviram, Sebastian Schinzel, Juraj Somorovsky, Nadia Heninger, Maik Dankel, Jens Steube, Luke Valenta, David Adrian, J. Alex Halderman, Viktor Dukhovni, Emilia Käsper, Shaanan Cohney, Susanne Engels, Chris­tof Paar, Yuval Shavitt

USENIX Security 2016 [Website and paper] [Pwnie Awards] [Facebook Prize]

Nonce-Disrespecting Adversaries: Practical Forgery Attacks on GCM in TLS

2016 - Hanno Böck, Aaron Zauner, Sean Devlin, Juraj Somorovsky, Philipp Jovanovic

WOOT 2016 [Blackhat stuff] [paper]

SoK: XML Parser Vulnerabilities

2016 - Christopher Späth, Christian Mainka, Vladislav Mladenov, Jörg Schwenk

10th USENIX Workshop on Offensive Technologies (WOOT '16) [Paper PDF]

How to Break Microsoft Rights Management Services

2016 - Martin Grothe, Christian Mainka, Paul Rösler, Jörg Schwenk

10th USENIX Workshop on Offensive Technologies (WOOT '16) [Paper PDF]

Your Cloud in my Company: Modern Rights Management Services Revisited

2016 - Martin Grothe, Paul Rösler, Johanna Jupke, Jan Kaiser, Christian Mainka, Jörg Schwenk

11th International Conference on Availability, Reliability and Security (ARES 2016) [pdf]

Do not trust me: Using malicious IdPs for analyzing and attacking Single Sign-On

2016 - Christian Mainka, Vladislav Mladenov, Jörg Schwenk

IEEE Eu­ropean Sym­po­si­um on Se­cu­ri­ty and Pri­va­cy (EuroS&P 2016) [Paper PDF]