Jörg Schwenk

According to our database1, Jörg Schwenk authored at least 164 papers between 1995 and 2019.

Collaborative distances:

Timeline

Legend:

Book 
In proceedings 
Article 
PhD thesis 
Other 

Links

On csauthors.net:

Bibliography

2019
A Reduction-Based Proof for Authentication and Session Key Security in 3-Party Kerberos.
IACR Cryptology ePrint Archive, 2019

Flexible Authenticated and Confidential Channel Establishment (fACCE): Analyzing the Noise Protocol Framework.
IACR Cryptology ePrint Archive, 2019

Moderne Vertrauensdienste für vertrauenswürdige Transaktionen.
Datenschutz und Datensicherheit, 2019

Re: What's Up Johnny? - Covert Content Attacks on Email End-to-End Encryption.
CoRR, 2019

Scalable Scanning and Automatic Classification of TLS Padding Oracle Vulnerabilities.
Proceedings of the 28th USENIX Security Symposium, 2019

"Johnny, you are fired!" - Spoofing OpenPGP and S/MIME Signatures in Emails.
Proceedings of the 28th USENIX Security Symposium, 2019

Re: What's Up Johnny? - Covert Content Attacks on Email End-to-End Encryption.
Proceedings of the Applied Cryptography and Network Security, 2019

2018
Security Analysis of eIDAS - The Cross-Country Authentication Scheme in Europe.
Proceedings of the 12th USENIX Workshop on Offensive Technologies, 2018

Efail: Breaking S/MIME and OpenPGP Email Encryption using Exfiltration Channels.
Proceedings of the 27th USENIX Security Symposium, 2018

The Dangers of Key Reuse: Practical Attacks on IPsec IKE.
Proceedings of the 27th USENIX Security Symposium, 2018

PostScript Undead: Pwning the Web with a 35 Years Old Language.
Proceedings of the Research in Attacks, Intrusions, and Defenses, 2018

More is Less: On the End-to-End Security of Group Chats in Signal, WhatsApp, and Threema.
Proceedings of the 2018 IEEE European Symposium on Security and Privacy, 2018

2017
Authenticated Confidential Channel Establishment and the Security of TLS-DHE.
J. Cryptology, 2017

More is Less: How Group Chats Weaken the Security of Instant Messengers Signal, WhatsApp, and Threema.
IACR Cryptology ePrint Archive, 2017

Breaking and Fixing Gridcoin.
Proceedings of the 11th USENIX Workshop on Offensive Technologies, 2017

Same-Origin Policy: Evaluation in Modern Browsers.
Proceedings of the 26th USENIX Security Symposium, 2017

SoK: Exploiting Network Printers.
Proceedings of the 2017 IEEE Symposium on Security and Privacy, 2017

SoK: Single Sign-On Security - An Evaluation of OpenID Connect.
Proceedings of the 2017 IEEE European Symposium on Security and Privacy, 2017

DOMPurify: Client-Side Protection Against XSS and Markup Injection.
Proceedings of the Computer Security - ESORICS 2017, 2017

SECRET: On the Feasibility of a Secure, Efficient, and Collaborative Real-Time Web Editor.
Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security, 2017

Out of the Dark: UI Redressing and Trustworthy Events.
Proceedings of the Cryptology and Network Security - 16th International Conference, 2017

Simple Security Definitions for and Constructions of 0-RTT Key Exchange.
Proceedings of the Applied Cryptography and Network Security, 2017

2016
Nonce-based Kerberos is a Secure Delegated AKE Protocol.
IACR Cryptology ePrint Archive, 2016

SoK: XML Parser Vulnerabilities.
Proceedings of the 10th USENIX Workshop on Offensive Technologies, 2016

How to Break Microsoft Rights Management Services.
Proceedings of the 10th USENIX Workshop on Offensive Technologies, 2016

Evaluating Two Methods for WS-(Security) Policy Negotiation and Decision Making.
Proceedings of the On the Move to Meaningful Internet Systems: OTM 2016 Conferences, 2016


Do Not Trust Me: Using Malicious IdPs for Analyzing and Attacking Single Sign-on.
Proceedings of the IEEE European Symposium on Security and Privacy, 2016

How Secure is TextSecure?
Proceedings of the IEEE European Symposium on Security and Privacy, 2016

Breaking PPTP VPNs via RADIUS Encryption.
Proceedings of the Cryptology and Network Security - 15th International Conference, 2016

Your Cloud in My Company: Modern Rights Management Services Revisited.
Proceedings of the 11th International Conference on Availability, Reliability and Security, 2016

2015
Speeding: On Low-Latency Key Exchange.
IACR Cryptology ePrint Archive, 2015

One-Round Key Exchange with Strong Security: An Efficient and Generic Construction in the Standard Model.
IACR Cryptology ePrint Archive, 2015

Owning Your Home Network: Router Security Revisited.
CoRR, 2015

On the security of modern Single Sign-On Protocols: OpenID Connect 1.0.
CoRR, 2015

How to Break XML Encryption - Automatically.
Proceedings of the 9th USENIX Workshop on Offensive Technologies, 2015

Not so Smart: On Smart TV Apps.
Proceedings of the 2015 International Workshop on Secure Internet of Things, 2015

Semi-automated Fuzzy MCDM and Lattice Solutions for WS-Policy Intersection.
Proceedings of the 2015 IEEE World Congress on Services, 2015

One-Round Key Exchange with Strong Security: An Efficient and Generic Construction in the Standard Model.
Proceedings of the Public-Key Cryptography - PKC 2015 - 18th IACR International Conference on Practice and Theory in Public-Key Cryptography, Gaithersburg, MD, USA, March 30, 2015

Automatic recognition, processing and attacking of single sign-on protocols with burp suite.
Proceedings of the Open Identity Summit 2015, 10.-11. November 2015, Berlin, Germany, 2015

Practical Invalid Curve Attacks on TLS-ECDH.
Proceedings of the Computer Security - ESORICS 2015, 2015

Waiting for CSP - Securing Legacy Web Applications with JSAgents.
Proceedings of the Computer Security - ESORICS 2015, 2015

AdIDoS - Adaptive and Intelligent Fully-Automatic Detection of Denial-of-Service Weaknesses in Web Services.
Proceedings of the Data Privacy Management, and Security Assurance, 2015

On the Security of TLS 1.3 and QUIC Against Weaknesses in PKCS#1 v1.5 Encryption.
Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, 2015

How Private is Your Private Cloud?: Security Analysis of Cloud Control Interfaces.
Proceedings of the 2015 ACM Workshop on Cloud Computing Security Workshop, 2015

2014
Scriptless attacks: Stealing more pie without touching the sill.
Journal of Computer Security, 2014

On the Security of the Pre-Shared Key Ciphersuites of TLS.
IACR Cryptology ePrint Archive, 2014

How Secure is TextSecure?
IACR Cryptology ePrint Archive, 2014

Do not trust me: Using malicious IdPs for analyzing and attacking Single Sign-On.
CoRR, 2014

Systematically Breaking Online WYSIWYG Editors.
Proceedings of the Information Security Applications - 15th International Workshop, 2014

Revisiting SSL/TLS Implementations: New Bleichenbacher Side Channels and Attacks.
Proceedings of the 23rd USENIX Security Symposium, San Diego, CA, USA, August 20-22, 2014., 2014

TTPCookie: Flexible Third-Party Cookie Management for Increasing Online Privacy.
Proceedings of the 13th IEEE International Conference on Trust, 2014

On the Security of Holder-of-Key Single Sign-On.
Proceedings of the Sicherheit 2014: Sicherheit, 2014

On the Security of the Pre-shared Key Ciphersuites of TLS.
Proceedings of the Public-Key Cryptography - PKC 2014, 2014

Strengthening Web Authentication through TLS - Beyond TLS Client Certificates.
Proceedings of the Open Identity Summit 2014, November 4-6, 2014, Stuttgart, Germany, 2014

SIACHEN: A Fine-Grained Policy Language for the Mitigation of Cross-Site Scripting Attacks.
Proceedings of the Information Security - 17th International Conference, 2014

Secure Fallback Authentication and the Trusted Friend Attack.
Proceedings of the 34th International Conference on Distributed Computing Systems Workshops (ICDCS 2014 Workshops), Madrid, Spain, June 30, 2014

Modelling Time for Authenticated Key Exchange Protocols.
Proceedings of the Computer Security - ESORICS 2014, 2014

Guardians of the Clouds: When Identity Providers Fail.
Proceedings of the 6th edition of the ACM Workshop on Cloud Computing Security, 2014

Your Software at my Service: Security Analysis of SaaS Single Sign-On Solutions in the Cloud.
Proceedings of the 6th edition of the ACM Workshop on Cloud Computing Security, 2014

Multi-Ciphersuite Security of the Secure Shell (SSH) Protocol.
Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, 2014

New Modular Compilers for Authenticated Key Exchange.
Proceedings of the Applied Cryptography and Network Security, 2014

2013
On the Analysis of Cryptographic Assumptions in the Generic Ring Model.
J. Cryptology, 2013

Modelling Time, or A Step Towards Reduction-based Security Proofs for OTP and Kerberos.
IACR Cryptology ePrint Archive, 2013

Lessons Learned From Previous SSL/TLS Attacks - A Brief Chronology Of Attacks And Weaknesses.
IACR Cryptology ePrint Archive, 2013

On the Security of TLS-DH and TLS-RSA in the Standard Model.
IACR Cryptology ePrint Archive, 2013

Multi-ciphersuite security and the SSH protocol.
IACR Cryptology ePrint Archive, 2013

A new approach for WS-Policy Intersection using Partial Ordered Sets.
Proceedings of the 5<sup>th</sup> Central-European Workshop on Services and their Composition, 2013

SoK: Lessons Learned from SSL/TLS Attacks.
Proceedings of the Information Security Applications - 14th International Workshop, 2013

Towards Elimination of Cross-Site Scripting on Mobile Versions of Web Applications.
Proceedings of the Information Security Applications - 14th International Workshop, 2013

How to authenticate mobile devices in a web environment - the SIM-ID approach.
Proceedings of the Open Identity Summit 2013, September 9th, 2013

A New Approach towards DoS Penetration Testing on Web Services.
Proceedings of the 2013 IEEE 20th International Conference on Web Services, Santa Clara, CA, USA, June 28, 2013


Randomly Failed! The State of Randomness in Current Java Implementations.
Proceedings of the Topics in Cryptology - CT-RSA 2013, 2013

mXSS attacks: attacking well-secured web-applications by using innerHTML mutations.
Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, 2013

2012
XML Signature Wrapping Angriffe wirksam unterbinden.
Datenschutz und Datensicherheit, 2012

On Breaking SAML: Be Whoever You Want to Be.
Proceedings of the 21th USENIX Security Symposium, Bellevue, WA, USA, August 8-10, 2012, 2012


Technical Analysis of Countermeasures against Attack on XML Encryption - or - Just Another Motivation for Authenticated Encryption.
Proceedings of the Eighth IEEE World Congress on Services, 2012

Penetration Testing Tool for Web Services Security.
Proceedings of the Eighth IEEE World Congress on Services, 2012

Strongly Authenticated Key Exchange Protocol from Bilinear Groups without Random Oracles.
Proceedings of the Provable Security - 6th International Conference, 2012

Sometimes It's Better to Be STUCK! SAML Transportation Unit for Cryptographic Keys.
Proceedings of the Information Security and Cryptology - ICISC 2012, 2012

On the Security of TLS-DHE in the Standard Model.
Proceedings of the Advances in Cryptology - CRYPTO 2012, 2012

SeC2: Secure Mobile Solution for Distributed Public Cloud Storages.
Proceedings of the CLOSER 2012 - Proceedings of the 2nd International Conference on Cloud Computing and Services Science, Porto, Portugal, 18, 2012

Making XML Signatures Immune to XML Signature Wrapping Attacks.
Proceedings of the Cloud Computing and Services Science - Second International Conference, 2012

XSpRES - Robust and Effective XML Signatures for Web Services.
Proceedings of the CLOSER 2012 - Proceedings of the 2nd International Conference on Cloud Computing and Services Science, Porto, Portugal, 18, 2012

Scriptless attacks: stealing the pie without touching the sill.
Proceedings of the ACM Conference on Computer and Communications Security, 2012

2011
HTTP Authentication.
Proceedings of the Encyclopedia of Cryptography and Security, 2nd Ed., 2011

On Cryptographically Strong Bindings of SAML Assertions to Transport Layer Security.
IJMCMC, 2011

A Standard-Model Security Analysis of TLS-DHE.
IACR Cryptology ePrint Archive, 2011

The Bug That Made Me President a Browser- and Web-Security Case Study on Helios Voting.
Proceedings of the E-Voting and Identity, 2011

The power of recognition: secure single sign-on using TLS channel bindings.
Proceedings of the DIM'11, Proceedings of the 2013 ACM Workshop on Digital Identity Management, Chicago, IL, USA, 2011

All your clouds are belong to us: security analysis of cloud management interfaces.
Proceedings of the 3rd ACM Cloud Computing Security Workshop, 2011

Security Prospects through Cloud Computing by Adopting Multiple Clouds.
Proceedings of the IEEE International Conference on Cloud Computing, 2011

2010
Generic Compilers for Authenticated Key Exchange (Full Version).
IACR Cryptology ePrint Archive, 2010

Security Analysis of OpenID.
Proceedings of the Sicherheit 2010: Sicherheit, 2010

Streaming-Based Verification of XML Signatures in SOAP Messages.
Proceedings of the 6th World Congress on Services, 2010

Group key agreement performance in wireless mesh networks.
Proceedings of the 35th Annual IEEE Conference on Local Computer Networks, 2010

A CDH-Based Ring Signature Scheme with Short Signatures and Public Keys.
Proceedings of the Financial Cryptography and Data Security, 14th International Conference, 2010

Attacking of SmartCard-Based Banking Applications with JavaScript-Based Rootkits.
Proceedings of the Financial Cryptography and Data Security, 14th International Conference, 2010

Generic Compilers for Authenticated Key Exchange.
Proceedings of the Advances in Cryptology - ASIACRYPT 2010, 2010

A New RSA-Based Signature Scheme.
Proceedings of the Progress in Cryptology, 2010

Towards an Anonymous Access Control and Accountability Scheme for Cloud Computing.
Proceedings of the IEEE International Conference on Cloud Computing, 2010

Secure Bindings of SAML Assertions to TLS Sessions.
Proceedings of the ARES 2010, 2010

Sicherheit und Kryptographie im Internet - Von sicherer E-Mail bis zu IP-Verschlüsselung (3. Aufl.).
Vieweg, ISBN: 978-3-8348-0814-1, 2010

2009
Security model and framework for information aggregation in sensor networks.
TOSN, 2009

User-aware provably secure protocols for browser-based mutual authentication.
IJACT, 2009

On the Analysis of Cryptographic Assumptions in the Generic Ring Model.
IACR Cryptology ePrint Archive, 2009

XML Signature Wrapping Angriffe - What you process is not always what you verify.
Datenschutz und Datensicherheit, 2009

The curse of namespaces in the domain of XML signature.
Proceedings of the 6th ACM Workshop On Secure Web Services, 2009

Extending the similarity-based XML multicast approach with digital signatures.
Proceedings of the 6th ACM Workshop On Secure Web Services, 2009

Group key agreement for wireless mesh networks.
Proceedings of the 34th Annual IEEE Conference on Local Computer Networks, 2009

Risks of the CardSpace Protocol.
Proceedings of the Information Security, 12th International Conference, 2009

Analysis of Signature Wrapping Attacks and Countermeasures.
Proceedings of the IEEE International Conference on Web Services, 2009

Sicherheitsanalyse von Kreditkarten am Beispiel von EMV.
Proceedings of the Informatik 2009: Im Focus das Leben, 2009

SAMLizing the European Citizen Card.
Proceedings of the BIOSIG 2009, 2009

On the Analysis of Cryptographic Assumptions in the Generic Ring Model.
Proceedings of the Advances in Cryptology, 2009

On Technical Security Issues in Cloud Computing.
Proceedings of the IEEE International Conference on Cloud Computing, 2009

The Accountability Problem of Flooding Attacks in Service-Oriented Architectures.
Proceedings of the The Forth International Conference on Availability, 2009

2008
The Generic Hardness of Subset Membership Problems under the Factoring Assumption.
IACR Cryptology ePrint Archive, 2008

Universally Composable Security Analysis of TLS - Secure Sessions with Handshake and Record Layer Protocols.
IACR Cryptology ePrint Archive, 2008

Stronger TLS bindings for SAML assertions and SAML artifacts.
Proceedings of the 5th ACM Workshop On Secure Web Services, 2008

Protecting Code Voting Against Vote Selling.
Proceedings of the Sicherheit 2008: Sicherheit, 2008

Nutzung von selbstsignierten Client-Zertifikaten zur Authentifikation bei SSL/TLS.
Proceedings of the Sicherheit 2008: Sicherheit, 2008

On the Equivalence of Generic Group Models.
Proceedings of the Provable Security, Second International Conference, 2008

Universally Composable Security Analysis of TLS.
Proceedings of the Provable Security, Second International Conference, 2008

A Novel Solution for End-to-End Integrity Protection in Signed PGP Mail.
Proceedings of the Information and Communications Security, 10th International Conference, 2008

CAPTCHA-based Code Voting.
Proceedings of the 3rd International Conference, 2008

Code Voting with Linkable Group Signatures.
Proceedings of the 3rd International Conference, 2008

A Browser-Based Kerberos Authentication Scheme.
Proceedings of the Computer Security, 2008

Provably secure browser-based user-aware mutual authentication over TLS.
Proceedings of the 2008 ACM Symposium on Information, Computer and Communications Security, 2008

TLS-Federation - a Secure and Relying-Party-Friendly Approach for Federated Identity Management.
Proceedings of the BIOSIG 2008, 2008

Enforcing User-Aware Browser-Based Mutual Authentication with Strong Locked Same Origin Policy.
Proceedings of the Information Security and Privacy, 13th Australasian Conference, 2008

2007
Provably Secure Framework for Information Aggregation is Sensor Networks.
IACR Cryptology ePrint Archive, 2007

Studieren mit Sicherheit in Bochum - Die Studiengänge zum Thema IT-Sicherheit.
Datenschutz und Datensicherheit, 2007

Signieren mit Chipkartensystemen in unsicheren Umgebungen - Homebanking mit Secure HBCI/FinTS.
Datenschutz und Datensicherheit, 2007

Secure Internet Voting with Code Sheets.
Proceedings of the E-Voting and Identity, First International Conference, 2007

Breaking and fixing the inline approach.
Proceedings of the 4th ACM Workshop On Secure Web Services, 2007

End-to-End Header Protection in Signed S/MIME.
Proceedings of the On the Move to Meaningful Internet Systems 2007: CoopIS, 2007

On Security Models and Compilers for Group Key Exchange Protocols.
Proceedings of the Advances in Information and Computer Security, 2007

Provably Secure Framework for Information Aggregation in Sensor Networks.
Proceedings of the Computational Science and Its Applications, 2007

Securing Email Communication with XML Technology.
Proceedings of the 2007 International Conference on Internet Computing, 2007

Secure Emails in XML Format Using Web Services.
Proceedings of the Fifth IEEE European Conference on Web Services (ECOWS 2007), 2007

SSL-over-SOAP: Towards a Token-based Key Establishment framework for Web services.
Proceedings of the Emerging Web Services Technology, 2007

2006
Linkable Democratic Group Signatures.
IACR Cryptology ePrint Archive, 2006

On Security Models and Compilers for Group Key Exchange Protocols.
IACR Cryptology ePrint Archive, 2006

SSL-VA-Authentifizierung als Schutz von Phishing und Pharming.
Proceedings of the Sicherheit 2006: Sicherheit, 2006

Linkable Democratic Group Signatures.
Proceedings of the Information Security Practice and Experience, 2006

Moderne Verfahren der Krypotgraphie - von RSA zu Zero-Knowledge (6. Aufl.).
Vieweg, ISBN: 978-3-8348-0083-1, 2006

2005
Visual Spoofing of SSL Protected Web Sites and Effective Countermeasures.
Proceedings of the Information Security Practice and Experience, 2005

Trustworthy Verification and Visualisation of Multiple XML-Signatures.
Proceedings of the Communications and Multimedia Security, 2005

Secure XMaiL or How to Get Rid of Legacy Code in Secure E-Mail Applications.
Proceedings of the Communications and Multimedia Security, 2005

2004
Key-assignment strategies for CPPM.
Proceedings of the 6th workshop on Multimedia & Security, 2004

Pseudonym Generation Scheme for Ad-Hoc Group Communication Based on IDH.
Proceedings of the Security in Ad-hoc and Sensor Networks, First European Workshop, 2004

Moderne Verfahren der Kryptographie - von RSA zu Zero-Knowledge (5. Aufl.).
Vieweg, ISBN: 978-3-528-46590-2, 2004

2001
Customer Identification for MPEG Video Based on Digital Fingerprinting.
Proceedings of the Advances in Multimedia Information Processing, 2001

From pay-tv to pay-streaming: similarities and differences.
Proceedings of the 4th workshop on Multimedia & Security: New Challenges, 2001

Tree-based Key Agreement for Multicast.
Proceedings of the Communications and Multimedia Security Issues of the New Century, 2001

2000
Combining digital watermarks and collusion secure fingerprints for digital images.
J. Electronic Imaging, 2000

1999
Combining digital watermarks and collusion-secure fingerprints for digital images.
Proceedings of the Security and Watermarking of Multimedia Contents, 1999

How to Security Broadcast a Secret.
Proceedings of the Secure Information Networks: Communications and Multimedia Security, 1999

1996
Public Key Encryption and Signature Schemes Based on Polynomials over Zn.
Proceedings of the Advances in Cryptology, 1996

Establishing a Key Hierarchy for Conditional Access without Encryption.
Proceedings of the Communications and Multimedia Security II, 1996

1995
Moderne Verfahren der Kryptographie - von RSA zu Zero-Knowledge.
Vieweg, ISBN: 978-3-528-06590-4, 1995


  Loading...