Juraj Somorovsky

Orcid: 0000-0002-3593-7720

According to our database1, Juraj Somorovsky authored at least 49 papers between 2010 and 2024.

Collaborative distances:

Timeline

Legend:

Book 
In proceedings 
Article 
PhD thesis 
Dataset
Other 

Links

On csauthors.net:

Bibliography

2024
With Great Power Come Great Side Channels: Statistical Timing Side-Channel Analyses with Bounded Type-1 Errors.
Proceedings of the 33rd USENIX Security Symposium, 2024

In Search of Partitioning Oracle Attacks Against TLS Session Tickets.
Proceedings of the Computer Security - ESORICS 2024, 2024

Security Analysis of BigBlueButton and eduMEET.
Proceedings of the Applied Cryptography and Network Security, 2024

2023
We Really Need to Talk About Session Tickets: A Large-Scale Analysis of Cryptographic Dangers with TLS Session Tickets.
Proceedings of the 32nd USENIX Security Symposium, 2023

Exploring the Unknown DTLS Universe: Analysis of the DTLS Server Ecosystem on the Internet.
Proceedings of the 32nd USENIX Security Symposium, 2023

Security Analysis of the 3MF Data Format.
Proceedings of the 26th International Symposium on Research in Attacks, 2023

Re-Envisioning Industrial Control Systems Security by Considering Human Factors as a Core Element of Defense-in-Depth.
Proceedings of the IEEE European Symposium on Security and Privacy, 2023

Poster: Circumventing the GFW with TLS Record Fragmentation.
Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, 2023

2022
TLS-Anvil: Adapting Combinatorial Testing for TLS Libraries.
Proceedings of the 31st USENIX Security Symposium, 2022

On the Security of Parsing Security-Relevant HTTP Headers in Modern Browsers.
Proceedings of the 43rd IEEE Security and Privacy, 2022

"I don't know why I check this..." - Investigating Expert Users' Strategies to Detect Email Signature Spoofing Attacks.
Proceedings of the Eighteenth Symposium on Usable Privacy and Security, 2022

2021
Automated Detection of Side Channels in Cryptographic Protocols: DROWN the ROBOTs!
IACR Cryptol. ePrint Arch., 2021

Over 100 Bugs in a Row: Security Analysis of the Top-Rated Joomla Extensions.
CoRR, 2021

ALPACA: Application Layer Protocol Confusion - Analyzing and Mitigating Cracks in TLS Authentication.
Proceedings of the 30th USENIX Security Symposium, 2021

2020
Raccoon Attack: Finding and Exploiting Most-Significant-Bit-Oracles in TLS-DH(E).
IACR Cryptol. ePrint Arch., 2020

Analysis of DTLS Implementations Using Protocol State Fuzzing.
Proceedings of the 29th USENIX Security Symposium, 2020

Mitigation of Attacks on Email End-to-End Encryption.
Proceedings of the CCS '20: 2020 ACM SIGSAC Conference on Computer and Communications Security, 2020

2019
Scalable Scanning and Automatic Classification of TLS Padding Oracle Vulnerabilities.
Proceedings of the 28th USENIX Security Symposium, 2019

"Johnny, you are fired!" - Spoofing OpenPGP and S/MIME Signatures in Emails.
Proceedings of the 28th USENIX Security Symposium, 2019

Security Analysis of XAdES Validation in the CEF Digital Signature Services (DSS).
Proceedings of the Open Identity Summit 2019, 2019

2018
Prime and Prejudice: Primality Testing Under Adversarial Conditions.
IACR Cryptol. ePrint Arch., 2018

Security Analysis of eIDAS - The Cross-Country Authentication Scheme in Europe.
Proceedings of the 12th USENIX Workshop on Offensive Technologies, 2018

Efail: Breaking S/MIME and OpenPGP Email Encryption using Exfiltration Channels.
Proceedings of the 27th USENIX Security Symposium, 2018

2017
Attacking Deterministic Signature Schemes using Fault Attacks.
IACR Cryptol. ePrint Arch., 2017

Return Of Bleichenbacher's Oracle Threat (ROBOT).
IACR Cryptol. ePrint Arch., 2017

Breaking and Fixing Gridcoin.
Proceedings of the 11th USENIX Workshop on Offensive Technologies, 2017

SoK: Exploiting Network Printers.
Proceedings of the 2017 IEEE Symposium on Security and Privacy, 2017

2016
Nonce-Disrespecting Adversaries: Practical Forgery Attacks on GCM in TLS.
IACR Cryptol. ePrint Arch., 2016



Systematic Fuzzing and Testing of TLS Libraries.
Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, 2016

2015
How to Break XML Encryption - Automatically.
Proceedings of the 9th USENIX Workshop on Offensive Technologies, 2015

Not so Smart: On Smart TV Apps.
Proceedings of the 2015 International Workshop on Secure Internet of Things, 2015

Practical Invalid Curve Attacks on TLS-ECDH.
Proceedings of the Computer Security - ESORICS 2015, 2015

AdIDoS - Adaptive and Intelligent Fully-Automatic Detection of Denial-of-Service Weaknesses in Web Services.
Proceedings of the Data Privacy Management, and Security Assurance, 2015

On the Security of TLS 1.3 and QUIC Against Weaknesses in PKCS#1 v1.5 Encryption.
Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, 2015

2014
On the insecurity of XML Security.
it Inf. Technol., 2014

Revisiting SSL/TLS Implementations: New Bleichenbacher Side Channels and Attacks.
Proceedings of the 23rd USENIX Security Symposium, San Diego, CA, USA, August 20-22, 2014., 2014

2013
On the insecurity of XML security
PhD thesis, 2013

One Bad Apple: Backwards Compatibility Attacks on State-of-the-Art Cryptography.
Proceedings of the 20th Annual Network and Distributed System Security Symposium, 2013

A New Approach towards DoS Penetration Testing on Web Services.
Proceedings of the 2013 IEEE 20th International Conference on Web Services, Santa Clara, CA, USA, June 28, 2013

2012
On Breaking SAML: Be Whoever You Want to Be.
Proceedings of the 21th USENIX Security Symposium, Bellevue, WA, USA, August 8-10, 2012, 2012

Technical Analysis of Countermeasures against Attack on XML Encryption - or - Just Another Motivation for Authenticated Encryption.
Proceedings of the Eighth IEEE World Congress on Services, 2012

Penetration Testing Tool for Web Services Security.
Proceedings of the Eighth IEEE World Congress on Services, 2012

Bleichenbacher's Attack Strikes again: Breaking PKCS#1 v1.5 in XML Encryption.
Proceedings of the Computer Security - ESORICS 2012, 2012

SeC2: Secure Mobile Solution for Distributed Public Cloud Storages.
Proceedings of the CLOSER 2012 - Proceedings of the 2nd International Conference on Cloud Computing and Services Science, Porto, Portugal, 18, 2012

2011
All your clouds are belong to us: security analysis of cloud management interfaces.
Proceedings of the 3rd ACM Cloud Computing Security Workshop, 2011

How to break XML encryption.
Proceedings of the 18th ACM Conference on Computer and Communications Security, 2011

2010
Streaming-Based Verification of XML Signatures in SOAP Messages.
Proceedings of the 6th World Congress on Services, 2010


  Loading...