• Prof. Dr.

JÖRG SCHWENK

  • Netz- und Datensicherheit
Studiendekan IT-Sicherheit

Ruhr-University Bochum
Faculty of Computer Science
Network Data Security
Universitätsstr. 150

44801 Bochum

Room:  MC 4/110

Tel:      +49 (0)234 32-26692

E-Mail: joerg.schwenk@rub.de

Office hours: By Arrangement

Table of Contents

Courses

  • seit 2003: In­ha­ber des Lehr­stuhls für Netz- und Da­ten­si­cher­heit an der Ruhr-Uni­ver­si­tät Bo­chum
  • 2007 – 2010: Ge­schäfts­füh­ren­der Di­rek­tor des Horst Görtz In­sti­tuts für IT Si­cher­heit
  • seit 2007: Stellv. Ge­schäfts­füh­ren­der Di­rek­tor des Re­chen­zen­trums der Ruhr-Uni­ver­si­tät Bo­chum

Publications

2023

Noß, D., Knittel, L., Mainka, C., Niemietz, M., & Schwenk, J. (2023). Finding all cross-site needles in the DOM stack: a comprehensive methodology for the automatic XS-leak detection in web browsers . In W. Meng & C. D. Jensen (Hrsg.), CCS ’23 (Verlagsversion, S. 2456–2470). Association for Computing Machinery. https://doi.org/10.1145/3576915.3616598
Rohlmann, S., Mladenov, V., Mainka, C., Hirschberger, D., & Schwenk, J. (2023). Every signature is broken : on the insecurity of Microsoft Office’s OOXML signatures. Proceedings of the 32nd USENIX Security Symposium, 7411–7428. https://www.usenix.org/system/files/sec23summer_235-rohlmann-prepub.pdf
Jannett, L., Mladenov, V., Mainka, C., & Schwenk, J. (2022). DISTINCT: identity theft using in-browser communications in dual-window single sign-on . In H. Yin (Hrsg.), Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security (Nr. 184101; Verlagsversion, S. 1553–1567). Association for Computing Machinery. https://doi.org/10.1145/3548606.3560692
Maehren, M., Nieting, P., Hebrok, S., Merget, R., Somorovsky, J., & Schwenk, J. (2022). TLS-Anvil: Adapting combinatorial testing for TLS libraries [OnlineRessource]. 31st USENIX Security Symposium, 215–232. https://casa.rub.de/fileadmin/img/Publikationen_PDFs/2022_TLS-Anvil_Adapting_Combinatorial_Testing_for_TLS_Libraries_Publication_ClusterofExcellence_CASA_Bochum.pdf
Rohlmann, S., Mainka, C., Mladenov, V., & Schwenk, J. (2022). Oops… code execution and content spoofing: the first comprehensive analysis of opendocument signatures [OnlineRessource]. 31st USENIX Security Symposium, 3075–3092. https://www.usenix.org/conference/usenixsecurity22/presentation/rohlmann
Brinkmann, M., Dresen, C., Merget, R., Poddebniak, D., Müller, J., Somorovsky, J., Schwenk, J., & Schinzel, S. (2021a). ALPACA: application layer protocol confusion – analyzing and mitigating cracks in TLS authentication. Proceedings of the 30th USENIX Security Symposium, Article 171456. https://www.usenix.org/conference/usenixsecurity21/presentation/brinkmann
Brinkmann, M., Dresen, C., Merget, R., Poddebniak, D., Müller, J., Somorovsky, J., Schwenk, J., & Schinzel, S. (2021b). ALPACA: application layer protocol confusion – analyzing and mitigating cracks in TLS authentication.
Knittel, L., Mainka, C., Niemietz, M., Noß, D., & Schwenk, J. (2021). XSinator.com: from a formal model to the automatic evaluation of cross-site leaks in web browsers. CCS ’21, 1771–1788. https://doi.org/10.1145/3460120.3484739
Lüke, C., Melbert, J., Schwenk, J., & Musch, T. (2021). Breitbandige elektronische Nachbildung von Lithium-Ionen-Zellen für Anwendungen in der Elektromobilität (Verlagsversion, 1.) [Shaker Verlag]. http://hss-opus.ub.ruhr-unibochum.de/opus4/frontdoor/deliver/index/docId/9000/file/diss.pdf
Merget, R., Brinkmann, M., Aviram, N., Somorovsky, J., Mittmann, J., & Schwenk, J. (2021). Raccoon attack: finding and exploiting most-significant-bit-oracles in TLS-DH(E). Proceedings of the 30th USENIX Security Symposium, 213–230. https://www.usenix.org/conference/usenixsecurity21/technical-sessions
Müller, J., Noß, D., Mainka, C., Mladenov, V., & Schwenk, J. (2021). Processing dangerous paths – on security and privacy of the Portable Document Format. Network and Distributed System Security Symposium 2021 (NDSS’21), 105–120. https://doi.org/10.14722/ndss.2021.23109
Rohlmann, S., Mladenov, V., Mainka, C., & Schwenk, J. (2021a). Breaking the specification: PDF certification [Konferenz-Abstract]. IEEE Symposium on Security and Privacy, Online. https://casa.rub.de/forschung/publikationen/detail/breaking-the-specification-pdf-certification
Rohlmann, S., Mladenov, V., Mainka, C., & Schwenk, J. (2021b). Breaking the specification: PDF certification. SP 2021, 2021 IEEE Symposium on Security and Privacy, 1485–1501. https://doi.org/10.1109/sp40001.2021.00110
Rohlmann, S., Mladenov, V., Mainka, C., & Schwenk, J. (2021c). Vulnerability report: attacks on PDF certification (Version 2: 15 March 2021). https://pdf-insecurity.org/download/pdf-certification/report.pdf
Tatang, D., Holz, T., & Schwenk, J. (2021). Large-scale measurements for enhancing network security [Universitätsbibliothek, Ruhr-Universität Bochum]. https://doi.org/10.13154/294-8074
Dowling, B., Rösler, P., & Schwenk, J. (2020a). Flexible authenticated and confidential channel establishment (fACCE): analyzing the noise protocol framework. In A. Kiayias, M. Kohlweiss, P. Wallden, & V. Zikas (Hrsg.), Public-key cryptography – PKC 2020 (Verlagsversion, Bde. 12110–12111, S. 341–373). Springer. https://doi.org/10.1007/978-3-030-45374-9_12
Dowling, B., Rösler, P., & Schwenk, J. (2020b). Flexible authenticated and confidential channel establishment (fACCE): analyzing the noise protocol framework.
Hoffmann, S., Müller, J., Schwenk, J., & Bumiller, G. (2020). Powerless security : a security analysis of in-home powerline communications based on HomePlug AV2. In M. Conti, J. Zhou, E. Casalicchio, & A. Spognardi (Hrsg.), Applied cryptography and network security (Verlagsversion, Bde. 12146–12147, S. 213–232). Springer. https://doi.org/10.1007/978-3-030-57878-7_11
Lauer, S., Gellert, K., Merget, R., Handirk, T., & Schwenk, J. (2020). TORTT : non-interactive immediate forward-secret single-pass circuit construction. Proceedings on Privacy Enhancing Technologies2020(2), 336–357. https://doi.org/10.2478/popets-2020-0030
Merget, R., Brinkmann, M., Aviram, N., Somorovsky, J., Mittmann, J., & Schwenk, J. (2020). Raccoon attack: finding and exploiting most-significant-bit-oracles in TLS-DH(E)https://casa.rub.de/forschung/publikationen/detail/raccoon-attack-finding-and-exploiting-most-significant-bit-oracles-in-tls-dhe
Müller, J., Brinkmann, M., Poddebniak, D., Schinzel, S., & Schwenk, J. (2020a). Mailto: me your secrets: on bugs and features in email end-to-end encryption. 2020 IEEE Conference on Communications and Network Security (CNS 2020), 92–100. https://doi.org/10.1109/cns48642.2020.9162218
Müller, J., Brinkmann, M., Poddebniak, D., Schinzel, S., & Schwenk, J. (2020b). Mailto: me your secrets: on bugs and features in email end-to-end encryption.
Müller, J., Ising, F., Mainka, C., Mladenov, V., Schinzel, S., & Schwenk, J. (2020). Office document security and privacy. 14th USENIX Workshop on Offensive Technologies (WOOT’20), 114–125. https://dl.acm.org/doi/10.5555/3488877.3488889
Schäge, S., Schwenk, J., & Lauer, S. (2020). Privacy-preserving authenticated key exchange and the case of IKEv2. In A. Kiayias, M. Kohlweiss, P. Wallden, & V. Zikas (Hrsg.), Public-key cryptography – PKC 2020 (Verlagsversion, Bde. 12110–12111, S. 567–596). Springer. https://doi.org/10.1007/978-3-030-45388-6_20
Schwenk, J., Brinkmann, M., Poddebniak, D., Müller, J., Somorovsky, J., & Schinzel, S. (2020a). Mitigation of attacks on email end-to-end encryption. CCS’20, 1647–1664. https://doi.org/10.1145/3372297.3417878
Schwenk, J., Brinkmann, M., Poddebniak, D., Müller, J., Somorovsky, J., & Schinzel, S. (2020b). Mitigation of attacks on email end-to-end encryptionhttps://casa.rub.de/fileadmin/img/Publikationen_PDFs/2020_Mitigation_of_Attacks_on_Email_End-to-End_Encryption_Publication_ClusterofExcellence_CASA_Bochum.pdf
Engelbertz, N., Erinola, N., Herring, D., Somorovsky, J., Mladenov, V., & Schwenk, J. (2019). Sicherheitsanalyse von eID/eIDAS-Diensten. IT-Sicherheit als Voraussetzung für eine erfolgreiche Digitalisierung, 241–252.
Engelbertz, N., Mladenov, V., Somorovsky, J., Herring, D., Erinola, N., & Schwenk, J. (2019a). Security analysis of XAdES validation in the CEF Digital Signature Services (DSS). Open Identity Summit 2019293, 95–106.
Engelbertz, N., Mladenov, V., Somorovsky, J., Herring, D., Erinola, N., & Schwenk, J. (2019b). Security analysis of XAdES validation in the CEF Digital Signature Services (DSS).
Mainka, C., Mladenov, V., Rohlmann, S., & Schwenk, J. (2019). Vulnerability report: attacks bypassing the signature validation in PDFhttps://www.nds.ruhr-uni-bochum.de/media/ei/veroeffentlichungen/2019/02/12/report.pdf
Merget, R., Somorovsky, J., Aviram, N., Young, C., Fliegenschmidt, J., & Schwenk, J. (2019). Scalable scanning and automatic classification of TLS padding Oracle vulnerabilities. 28th USENIX Security Symposium (USENIX Security’19), 1029–1046. https://www.usenix.org/conference/usenixsecurity19/presentation/merget
Mladenov, V., Mainka, C., Meyer zu Selhausen, K., Grothe, M., Grothe, M., & Schwenk, J. (2019). 1 trillion dollar refund: how to spoof PDF signatures. CCS ’19, 1–14. https://doi.org/10.1145/3319535.3339812
Mladenov, V., Mainka, C., Meyer zu Selhausen, K., Grothe, M., & Schwenk, J. (2019a). 1 Trillion Dollar refund – how to spoof PDF signatures (Verlagsversion). CCS – Conference on Computer and Communications Security, London. https://www.nds.ruhr-uni-bochum.de/research/publications/1-trillion-dollar-refund-how-spoof-pdf-signatures/
Mladenov, V., Mainka, C., Meyer zu Selhausen, K., Grothe, M., & Schwenk, J. (2019b). 1 Trillion Dollar refund: how to spoof PDF signatures. CCS ’19, 1–14. https://doi.org/10.1145/3319535.3339812
Müller, J., Brinkmann, M., Poddebniak, D., Böck, H., Schinzel, S., Somorovsky, J., & Schwenk, J. (2019). „Johnny, you are fired!“: Spoofing OpenPGP and S/MIME signatures in emails. 28th USENIX Security Symposium (USENIX Security’19), 1011–1028. https://www.usenix.org/conference/usenixsecurity19/presentation/muller
Müller, J., Brinkmann, M., Poddebniak, D., Schinzel, S., & Schwenk, J. (2019). Re: What’s up Johnny?: Covert content attacks on email end-to-end encryption. In R. H. Deng, V. Gauthier-Umaña, M. Ochoa, & M. Yung (Hrsg.), Applied cryptography and network security (Verlagsversion, Bd. 11464, S. 24–42). Springer. https://doi.org/10.1007/978-3-030-21568-2_2
Müller, J., Ising, F., Mladenov, V., Mainka, C., Schinzel, S., & Schwenk, J. (2019a). Practical decryption exFiltration: breaking PDF encryption (Preprint). https://pdf-insecurity.org/download/paper-pdf_encryption-ccs2019.pdf
Müller, J., Ising, F., Mladenov, V., Mainka, C., Schinzel, S., & Schwenk, J. (2019b). Vulnerability report: attacks bypassing confidentiality in encrypted PDF.
Müller, J., Ising, F., Mladenov, V., Mainka, C., Schinzel, S., & Schwenk, J. (2019c). Vulnerability Report: attacks bypassing confidetiality in encrypted PDFhttps://www.nds.ruhr-uni-bochum.de/media/ei/veroeffentlichungen/2019/09/30/report-pdf-encryption-2019.pdf
Müller, J., Ising, F., Mladenov, V., Mainka, C., Schinzel, S., & Schwenk, J. (2019d). Practical decryption exFiltration: breaking PDF encryption. CCS ’19, 15–29. https://doi.org/10.1145/3319535.3354214
Poddebniak, D., Dresen, C., Ising, F., Schinzel, S., Müller, J., Somorovsky, J., Schwenk, J., & Friedberger, S. (2019). Efail: Angriffe auf S/MIME und OpenPGP. IT-Sicherheit als Voraussetzung für eine erfolgreiche Digitalisierung, 427–436.
Poddebniak, D., Dresen, C., Müller, J., Ising, F., Schinzel, S., Friedberger, S., Somorovsky, J., & Schwenk, J. (2019). Efail: Angriffe auf S/MIME und OpenPGP.
Engelbertz, N., Erinola, N., Herring, D., Somorovsky, J., Mladenov, V., & Schwenk, J. (2018). Security analysis of eIDAS – the cross-country authentication scheme in Europe. WOOT ’18. Publiziert. USENIX Workshop on Offensive Technologies, Baltimore, MD. https://www.usenix.org/conference/woot18/presentation/engelbertz
Felsch, D., Grothe, M., Schwenk, J., Czubak, A., & Szymanek, M. (2018). The dangers of key reuse: practical attacks on IPsec IKE. Proceedings of the 27th USENIX Security Symposium, 567–584. https://www.usenix.org/system/files/conference/usenixsecurity18/sec18-felsch.pdf
Müller, J., Mladenov, V., Felsch, D., & Schwenk, J. (2018). PostScript undead: pwning the web with a 35 years old language. In T. Holz, M. Bailey, M. Stamatogiannakis, & S. Ioannidis (Hrsg.), Research in attacks, intrusions, and defenses (Verlagsversion, Bd. 11050, S. 603–622). Springer. https://doi.org/10.1007/978-3-030-00470-5_28
Niemietz, M., & Schwenk, J. (2018). Out of the dark: UI redressing and trustworthy events. In S. Capkun & S. S. M. Chow (Hrsg.), Cryptology and Network Security (Verlagsversion, Bd. 11261, S. 229–249). Springer. https://doi.org/10.1007/978-3-030-02641-7_11
Poddebniak, D., Dresen, C., Müller, J., Ising, F., Schinzel, S., Friedberger, S., Somorovsky, J., & Schwenk, J. (2018). Efail: breaking S/MIME and OpenPGP email encryption using exfiltration channels. Proceedings of the 27th USENIX Security Symposium, 549–566. https://www.usenix.org/conference/usenixsecurity18/presentation/poddebniak
Rösler, P., Mainka, C., & Schwenk, J. (2018a). More is less: on the end-to-end security of group chats in Signal, WhatsApp, and Threema. Proceedings, 3rd IEEE European Symposium on Security and Privacy, 415–429. https://doi.org/10.1109/eurosp.2018.00036
Rösler, P., Mainka, C., & Schwenk, J. (2018b). On the end-to-end security of group chats: real world crypto 2018.
Welp, B., Pohl, N., Schwenk, J., Stelzer, A., & Musch, T. (2018). Systemkonzept und Schaltungen für breitbandige MIMO-FMCW-Radarsysteme bis 60 GHz in modernen SiGe-Bipolartechnologien (Verlagsversion) [Universitätsbibliothek, Ruhr-Universität Bochum]. https://doi.org/10.13154/294-6346
Detering, D., Somorovsky, J., Mainka, C., Mladenov, V., & Schwenk, J. (2017). On the (in-)security of JavaScript object signing and encryption. ROOTS 2017, Article 3. Publiziert. Reversing and Offensive-Oriented Trends Symposium, Wien. https://doi.org/10.1145/3150376.3150379
Felsch, D., Mainka, C., Mladenov, V., & Schwenk, J. (2017). SECRET: on the feasibility of a secure, efficient, and collaborative real-time web editor. ASIA CCS ’17, 835–848. https://doi.org/10.1145/3052973.3052982
Grothe, M., Niemann, T., Somorovsky, J., & Schwenk, J. (2017). Breaking and fixing Gridcoin. WOOT ’17. Publiziert. USENIX Workshop on Offensive Technologies. https://www.usenix.org/conference/woot17/workshop-program/presentation/grothe
Hale, B., Jager, T., Lauer, S., & Schwenk, J. (2017a). Simple security definitions for and constructions of 0-RTT key exchange. In D. Gollmann, A. Miyaji, & H. Kikuchi (Hrsg.), Applied cryptography and network security (Verlagsversion, Bd. 10355, S. 20–28). Springer. https://doi.org/10.1007/978-3-319-61204-1_2
Hale, B., Jager, T., Lauer, S., & Schwenk, J. (2017b). Simple security definitions for and constructions of 0-RTT key exchange.
Heiderich, M., Späth, C., & Schwenk, J. (2017). DOMPurify: client-side protection against XSS and markup injection. In S. N. Foley, D. Gollmann, & E. Snekkenes (Hrsg.), Computer Security – ESORICS 2017 (Verlagsversion, Bde. 10492–10493, S. 116–134). Springer. https://doi.org/10.1007/978-3-319-66399-9_7
Jager, T., Kohlar, F., Schäge, S., & Schwenk, J. (2017). Authenticated confidential channel establishment and the security of TLS-DHE. Journal of Cryptology30(4), 1276–1324. https://doi.org/10.1007/s00145-016-9248-2
Mainka, C., Mladenov, V., Schwenk, J., & Wich, T. (2017). SoK: single sign-on security – an evaluation of OpenID connect. In C. Hriţcu (Hrsg.), 2017 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW 2017) (Verlagsversion, S. 251–266). IEEE. https://doi.org/10.1109/eurosp.2017.32
Müller, J., Mladenov, V., Somorovsky, J., & Schwenk, J. (2017). SoK: exploiting network printers. 2017 IEEE Symposium on Security and Privacy (SP 2017), 213–230. https://doi.org/10.1109/sp.2017.47
Niemietz, M., & Schwenk, J. (2017). Out of the dark: UI redressing and trustworthy events. Conference on Cryptology And Network Security (CANS 2017), Hong Kong. http://nds.rub.de/media/ei/veroeffentlichungen/2017/11/03/UI-Redressing_and_Trustworthy-Events_Niemietz_1.pdf
Schwenk, J., Niemietz, M., & Mainka, C. (2017). Same-origin policy: evaluation in modern browsers. Proceedings of the 26th USENIX Security Symposium, 713–727. http://nds.rub.de/media/nds/veroeffentlichungen/2017/07/13/Same-Origin-Policy_Security-Evaluation.pdf
Altmeier, C., Mainka, C., Somorovsky, J., & Schwenk, J. (2016). AdIDoS – Adaptive and intelligent fully-automatic detection of denial-of-service weaknesses in web services. In J. Garcia-Alfaro, G. Navarro-Arribas, A. Aldini, F. Martinelli, & N. Suri (Hrsg.), Data privacy management, and security assurance (Verlagsversion, Bd. 9481, S. 65–80). Springer. https://doi.org/10.1007/978-3-319-29883-2_5
Elsafie, A., & Schwenk, J. (2016). Evaluating two methods for WS-(security) policy negotiation and decision making. In C. Debruyne, H. Panetto, R. Meersman, T. Dillon, E. Kühn, D. O’Sullivan, & C. A. Ardagna (Hrsg.), On the move to meaningful internet systems: OTM 2016 Conferences (Verlagsversion, Bd. 10033, S. 890–909). Springer. https://doi.org/10.1007/978-3-319-48472-3_56
Frosch, T., Mainka, C., Bader, C., Bergsma, F., Schwenk, J., & Holz, T. (2016). How secure is TextSecure? 2016 IEEE European Symposium on Security and Privacy (EuroS&P 2016), 457–472. https://doi.org/10.1109/eurosp.2016.41
Grothe, M., Mainka, C., Rösler, P., & Schwenk, J. (2016). How to break Microsoft rights management services. WOOT ’16. Publiziert. USENIX Workshop on Offensive Technologies, Austin, TX. https://www.usenix.org/system/files/conference/woot16/woot16-paper-grothe.pdf
Grothe, M., Rösler, P., Jupke, J., Kaiser, J., Mainka, C., & Schwenk, J. (2016a). Your cloud in my company: modern rights management services revisited. 2016 11th International Conference on Availability, Reliability and Security (ARES 2016), 217–222. https://doi.org/10.1109/ares.2016.69
Grothe, M., Rösler, P., Jupke, J., Kaiser, J., Mainka, C., & Schwenk, J. (2016b). Your cloud in my company: modern rights management services revisited.
Horst, M., Grothe, M., Jager, T., & Schwenk, J. (2016a). Breaking PPTP VPNs via RADIUS encryption. In S. Foresti & G. Persiano (Hrsg.), Cryptology and Network Security (Verlagsversion, Bd. 10052, S. 159–175). Springer. https://doi.org/10.1007/978-3-319-48965-0_10
Horst, M., Grothe, M., Jager, T., & Schwenk, J. (2016b). Breaking PPTP VPNs via RADIUS encryption.
Mainka, C., Mladenov, V., & Schwenk, J. (2016a). Do not trust me: using malicious IdPs for analyzing and attacking single sign-on. 2016 IEEE European Symposium on Security and Privacy (EuroS&P 2016), 321–336. https://doi.org/10.1109/eurosp.2016.33
Mainka, C., Mladenov, V., & Schwenk, J. (2016b). Do not trust me: using malicious IdPs for analyzing and attacking Single Sign-On.
Mladenov, V., Mainka, C., & Schwenk, J. (2016). On the security of modern single sign-on protocols: second-order vulnerabilities in OpenID connect. Publiziert. https://doi.org/10.48550/arxiv.1508.04324
Späth, C., Mainka, C., Mladenov, V., & Schwenk, J. (2016). SoK: XML parser vulnerabilities. WOOT ’16. Publiziert. USENIX Workshop on Offensive Technologies, Austin, TX. https://www.usenix.org/conference/woot16/workshop-program/presentation/spath
Altmeier, C., Mainka, C., Somorovsky, J., & Schwenk, J. (2015). AdIDoS – Adaptive and intelligent fully-automatic detection of denial-of-service weaknesses in web services.
Bergsma, F., Jager, T., & Schwenk, J. (2015). One-round key exchange with strong security: an efficient and generic construction in the standard model. In J. Katz (Hrsg.), Public-key cryptography – PKC 2015 (Verlagsversion, Bd. 9020, S. 477–494). Springer. https://doi.org/10.1007/978-3-662-46447-2_21
Elsafie, A., & Schwenk, J. (2015). Semi-automated fuzzy MCDM and lattice solutions for WS-policy intersection. In L.-J. Zhang & R. Bahsoon (Hrsg.), SERVICES 2015 (S. 167–174). IEEE. https://doi.org/10.1109/services.2015.33
Felsch, D., Heiderich, M., Schulz, F., & Schwenk, J. (2015). How private is your private cloud?: security analysis of cloud control interfaces. In I. Ray (Hrsg.), Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security (Verlagsversion, S. 5–16). ACM Pr. https://doi.org/10.1145/2808425.2808432
Hale, B., Jager, T., Lauer, S., & Schwenk, J. (2015, Dezember 20). Simple security definitions for and constructions of 0-RTT key exchange. Publiziert. https://eprint.iacr.org/2015/1214.pdf
Heiderich, M., Niemietz, M., & Schwenk, J. (2015). Waiting for CSP: securing legacy web applications with JSAgents. In G. Pernul, P. Y. A. Ryan, & E. Weippl (Hrsg.), Computer security – ESORICS 2015 (Verlagsversion, 1st ed., Bd. 9326, S. 23–42). Springer. https://doi.org/10.1007/978-3-319-24174-6_2
Jager, T., Schwenk, J., & Somorovsky, J. (2015a). Practical invalid curve attacks on TLS-ECDH. In G. Pernul, P. Y. A. Ryan, & E. Weippl (Hrsg.), Computer security – ESORICS 2015 (Verlagsversion, 1st ed., Bd. 9326, S. 407–425). Springer. https://doi.org/10.1007/978-3-319-24174-6_21
Jager, T., Schwenk, J., & Somorovsky, J. (2015b). Practical invalid curve attacks on TLS-ECDH.
Jager, T., Schwenk, J., & Somorovsky, J. (2015c). On the security of TLS 1.3 and QUIC against weaknesses in PKCS#1 v1.5 encryption. In I. Ray (Hrsg.), Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security (S. 1185–1196). ACM Pr. https://doi.org/10.1145/2810103.2813657
Javed, A., & Schwenk, J. (2015). Systematically breaking online WYSIWYG editors. In K.-H. Rhee & J. H. Yi (Hrsg.), Information Security Applications (Verlagsversion, Bd. 8909, S. 122–133). Springer. https://doi.org/10.1007/978-3-319-15087-1_10
Kupser, D., Mainka, C., Schwenk, J., & Somorovsky, J. (2015). How to break XML encryption – automatically. WOOT ’15. Publiziert. https://www.usenix.org/conference/woot15/workshop-program/presentation/kupser
Mainka, C., Mladenov, V., Guenther, T., & Schwenk, J. (2015a). Automatic recognition, processing and attacking of single sign-on protocols with Burp Suite. In D. Hühnlein, H. Roßnagel, R. Kuhlisch, & J. Ziesing (Hrsg.), Open Identity Summit 2015 (Verlagsversion, Bd. 251, S. 119–132). Ges. für Informatik.
Mainka, C., Mladenov, V., Guenther, T., & Schwenk, J. (2015b). Automatic recognition, processing and attacking of single sign-on protocols with Burp Suite.
Mladenov, V., Guenther, T., Mainka, C., & Schwenk, J. (2015, November 10). Automatic recognition, processing and attacking of single sign-on protocols with Burp Suite. Open Identity Summit, Berlin. https://www.openidentity.eu/fileadmin/openidentity-files/pub/EsPReSSO.pdf
Niemietz, M., & Schwenk, J. (2015a). Owning your home network: router security revisited. Publiziert. https://doi.org/10.48550/arxiv.1506.04112
Niemietz, M., & Schwenk, J. (2015b, Mai 21). Owning your home network: router security revisited. Web 2.0 Security & Privacy 2015 (W2SP 2015). Publiziert. Workshop Web 2.0 Security & Privacy, San José, CA. http://ieee-security.org/TC/SPW2015/W2SP/papers/W2SP_2015_submission_9.pdf
Niemietz, M., Somorovsky, J., Mainka, C., & Schwenk, J. (2015a). Not so smart: on smart TV apps. 2015 International Workshop on Secure Internet of Things (SIoT), 72–81. https://doi.org/10.1109/siot.2015.13
Niemietz, M., Somorovsky, J., Mainka, C., & Schwenk, J. (2015b). Not so smart: on smart TV apps.
Schulz, F., Felsch, D., & Schwenk, J. (2015). Sicherheitsanalyse der Private Cloud Interfaces von openQRM. In P. Schartner (Hrsg.), D-A-CH security 2015 (Verlagsversion, S. 1–11). Syssec.
Bergsma, F., Dowling, B., Kohlar, F., Schwenk, J., & Stebila, D. (2014). Multi-ciphersuite security of the Secure Shell (SSH) protocol. In G.-J. Ahn (Hrsg.), Proceedings of the 21st ACM Conference on Computer and Communications Security (Verlagsversion, S. 369–381). ACM. https://doi.org/10.1145/2660267.2660286
Frosch, T., Mainka, C., Bader, C., Bergsma, F., Schwenk, J., & Holz, T. (2014). How secure is TextSecure? Publiziert. http://eprint.iacr.org/2014/904
Heiderich, M., Niemietz, M., Schuster, F., Holz, T., & Schwenk, J. (2014). Scriptless attacks: stealing more pie without touching the sill. Journal of Computer Security22(4), 567–599. https://doi.org/10.3233/jcs-130494
Javed, A., Bletgen, D., Kohlar, F., Dürmuth, M., & Schwenk, J. (2014). Secure fallback authentication and the trusted friend attack. 2014 IEEE 34th International Conference on Distributed Computing Systems Workshops (ICDCSW 2014), 22–28. https://doi.org/10.1109/icdcsw.2014.30
Javed, A., Merz, C. J., & Schwenk, J. (2014). TTPCookie: flexible third-party cookie management for increasing online privacy. 13th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom 2014), 37–44. https://doi.org/10.1109/trustcom.2014.9
Javed, A., Riemer, J., & Schwenk, J. (2014). SIACHEN: a fine-grained policy language for the mitigation of cross-site scripting attacks. In S. S. M. Chow, J. Camenisch, L. C.-K. Hui, & S.-M. Yiu (Hrsg.), Information security (Bd. 8783, S. 515–528). Springer. https://doi.org/10.1007/978-3-319-13257-0_33
Javed, A., & Schwenk, J. (2014). Towards elimination of cross-site scripting on mobile versions of web applications. In Y. Kim, H. Lee, & A. Perrig (Hrsg.), Information security applications (Verlagsversion, Bd. 8267, S. 103–123). Springer. https://doi.org/10.1007/978-3-319-05149-9_7
Li, Y., Schäge, S., Yang, Z., Bader, C., & Schwenk, J. (2014a). New modular compilers for authenticated key exchange. In I. C. Boureanu, P. Owesarski, & S. Vaudenay (Hrsg.), Applied cryptography and network security (Verlagsversion, Bd. 8479, S. 1–18). Springer. https://doi.org/10.1007/978-3-319-07536-5_1
Li, Y., Schäge, S., Yang, Z., Bader, C., & Schwenk, J. (2014b). New modular compilers for authenticated key exchange.
Li, Y., Schäge, S., Yang, Z., Kohlar, F., & Schwenk, J. (2014a). On the security of the pre-shared key ciphersuites of TLS. In H. Krawczyk (Hrsg.), Public-key cryptography – PKC 2014 (Verlagsversion, Bd. 8383, S. 669–684). Springer. https://doi.org/10.1007/978-3-642-54631-0_38
Li, Y., Schäge, S., Yang, Z., Kohlar, F., & Schwenk, J. (2014b). On the security of the pre-shared key ciphersuites of TLS. Publiziert. https://eprint.iacr.org/2014/037.pdf
Mainka, C., Mladenov, V., Feldmann, F., Krautwald, J., & Schwenk, J. (2014). Your software at my service: security analysis of SaaS single sign-on solutions in the cloud. In A. Oprea & R. Safavi-Naini (Hrsg.), Proceedings of the 6th edition of the ACM Workshop on Cloud Computing Security (CCSW 2014) (Verlagsversion, S. 93–104). ACM Pr. https://doi.org/10.1145/2664168.2664172
Mainka, C., Mladenov, V., & Schwenk, J. (2014). Do not trust me: using malicious IdPs for analyzing and attacking Single Sign-On. Publiziert. https://doi.org/10.48550/arxiv.1412.1623
Mayer, A., Mladenov, V., & Schwenk, J. (2014a). On the security of holder-of-key single sign-on. In S. Katzenbeisser, V. Lotz, & E. Weippl (Hrsg.), Sicherheit 2014 – Sicherheit, Schutz und Zuverlässigkeit: Bd. P-228 (Verlagsversion, S. 65–77). Ges. für Informatik. http://subs.emis.de/LNI/Proceedings/Proceedings228/article11.html
Mayer, A., Mladenov, V., & Schwenk, J. (2014b). On the security of holder-of-key single sign-on.
Mayer, A., Mladenov, V., Schwenk, J., Feldmann, F., & Meyer, C. (2014). Strengthening web authentication through TLS: beyond TLS client certificates. In D. Hühnlein & H. Roßnagel (Hrsg.), Open Identity Summit 2014: Bd. P-237 (S. 97–108). Ges. für Informatik. http://subs.emis.de/LNI/Proceedings/Proceedings237/article12.html
Mayer, A., Niemietz, M., Mladenov, V., & Schwenk, J. (2014). Guardians of the clouds: when identity providers fail. In A. Oprea & R. Safavi-Naini (Hrsg.), Proceedings of the 6th edition of the ACM Workshop on Cloud Computing Security (CCSW 2014) (Verlagsversion, S. 105–116). ACM Pr. https://doi.org/10.1145/2664168.2664171
Meyer, C., & Schwenk, J. (2014). SoK: lessons learned from SSL/TLS attacks. In Y. Kim, H. Lee, & A. Perrig (Hrsg.), Information security applications (Verlagsversion, Bd. 8267, S. 189–209). Springer. https://doi.org/10.1007/978-3-319-05149-9_12
Meyer, C., Somorovsky, J., Weiss, E., Schwenk, J., Schinzel, S., & Tews, E. (2014a). Revisiting SSL/TLS implementations: new Bleichenbacher side channels and attacks. In K. Fu (Hrsg.), 23rd USENIX Security Symposium (Verlagsversion, S. 733–748). USENIX Assoc. https://www.usenix.org/conference/usenixsecurity14/technical-sessions/presentation/meyer
Meyer, C., Somorovsky, J., Weiss, E., Schwenk, J., Schinzel, S., & Tews, E. (2014b). Revisiting SSL/TLS implementations: new Bleichenbacher side channels and attacks.
Schwenk, J. (2014). Modelling time for authenticated key exchange protocols. In M. Kutyłowski & J. Vaidya (Hrsg.), Computer security – ESORICS 2014 (Verlagsversion, Bde. 8712–8713, S. 277–294). Springer. https://doi.org/10.1007/978-3-319-11212-1_16
Bergsma, F., Dowling, B., Kohlar, F., Schwenk, J., & Stebila, D. (2013). Multi-ciphersuite security of the Secure Shell (SSH) protocol. Publiziert. http://eprint.iacr.org/2013/813
Elsafie, A., Mainka, C., & Schwenk, J. (2013). A new approach for WS-policy intersection using partial ordered sets. In O. Kopp (Hrsg.), Services und ihre Komposition (Verlagsversion, Bd. 1029, S. 45–48). RWTH. http://ceur-ws.org/Vol-1029/paper9.pdf
Falkenberg, A., Mainka, C., Somorovsky, J., & Schwenk, J. (2013). A new approach towards DoS penetration testing on web services. ICWS 2013, 491–498. https://doi.org/10.1109/icws.2013.72
Feldmann, F., & Schwenk, J. (2013). How to authenticate mobile devices in a web environment: the SIM-ID approach. In D. Hühnlein & H. Roßnagel (Hrsg.), Open Identity Summit 2013: Bd. P-223 (Verlagsversion, S. 130–141). Ges. für Informatik. http://subs.emis.de/LNI/Proceedings/Proceedings223/article18.html
Felsch, D., Schreiber, T., Meyer, C., Feldmann, F., & Schwenk, J. (2013). Sicherer Schlüssel- und Informationsaustausch mit SAML. In P. Schartner & P. Trommler (Hrsg.), D-A-CH Security 2013 (Verlagsversion, S. 248–259). Syssec. https://www.nds.rub.de/media/nds/veroeffentlichungen/2013/09/30/SAMLKeyTransport.pdf
Heiderich, M., Schwenk, J., Frosch, T., Magazinius, J., & Yang, E. Z. (2013). mXSS attacks: attacking well-secured web-applications by using innerHTML mutations. Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, 777–788. https://doi.org/10.1145/2508859.2516723
Hühnlein, D., Schwenk, J., Wich, T., Mladenov, V., Feldmann, F., Mayer, A., Schmölz, J., Bruegger, B. P., & Horsch, M. (2013). Options for integrating eID and SAML. In T. Groß & M. Hansen (Hrsg.), DIM’13 (S. 85–96). ACM Pr. https://doi.org/10.1145/2517881.2517892
Jager, T., & Schwenk, J. (2013). On the analysis of cryptographic assumptions in the generic ring model. Journal of Cryptology26(2), 225–245. https://doi.org/10.1007/s00145-012-9120-y
Javed, A., & Schwenk, J. (2013). Towards elimination of cross-site scripting on mobile versions of web applications.
Kohlar, F., Schäge, S., & Schwenk, J. (2013). On the security of TLS-DH and TLS-RSA in the standard model. Publiziert. http://eprint.iacr.org/2013/367
Kohlar, F., Schwenk, J., Jensen, M., & Gajek, S. (2013). On cryptographically strong bindings of SAML assertions to transport layer security (Verlagsversion). https://doi.org/10.4018/978-1-4666-2163-3.ch006
Mainka, C., Mladenov, V., Somorovsky, J., & Schwenk, J. (2013). Penetration test tool for XML-based web services (Verlagsversion). In­ter­na­tio­nal Sym­po­si­um on En­gi­nee­ring Se­cu­re Soft­ware and Sys­tems, Paris. http://nds.rub.de/media/nds/veroeffentlichungen/2013/03/06/ESSoS_Pentest.pdf
Mayer, A., Kohlar, F., Liao, L., & Schwenk, J. (2013). Secure bindings for browser-based single sign-on. Informationssicherheit Stärken – Vertrauen in Die Zukunft Schaffen, 375–390.
Meyer, C., Feldmann, F., & Schwenk, J. (2013). Sometimes it’s better to be STUCK!: SAML transportation unit for cryptographic keys. In T. Kwon, M.-K. Lee, & D. Kwon (Hrsg.), Information security and cryptology – ICISC 2012 (Verlagsversion, Bd. 7839, S. 110–125). Springer. https://doi.org/10.1007/978-3-642-37682-5_9
Meyer, C., & Schwenk, J. (2013a). Lessons learned from previous SSL/TLS attacks: a brief chronology of attacks and weaknesses. Publiziert. http://eprint.iacr.org/2013/049
Meyer, C., & Schwenk, J. (2013b). SoK: lessons learned from SSL/TLS attacks.
Michaelis, K., Meyer, C., & Schwenk, J. (2013a). Randomly failed!: The state of randomness in current java implementations. In E. Dawson (Hrsg.), Topics in cryptology – CT-RSA 2013 (Verlagsversion, Bd. 7779, S. 129–144). Springer. https://doi.org/10.1007/978-3-642-36095-4_9
Michaelis, K., Meyer, C., & Schwenk, J. (2013b). Randomly failed!: The state of randomness in current java implementations.
Schwenk, J. (2013). Modelling time, or a step towards reduction-based security proofs for OTP and Kerberos. Publiziert. http://eprint.iacr.org/2013/604
Armgardt, M. (2012). Daten- und Identitätsschutz in Cloud Computing, E-Government und E-Commerce (G. Borges & J. Schwenk, Hrsg.; Verlagsversion) [Computer software]. Springer. https://doi.org/10.1007/978-3-642-30102-5
Feja, S., August, S., Speck, A., Jensen, M., & Schwenk, J. (2012). Automatic transformation of generic, validated business process security models to WS-security policy descriptions. In E. Kajan, F.-D. Dorloff, & I. Bedini (Hrsg.), Handbook of research on e-business standards and protocols (Verlagsversion, S. 293–320). Business Science Reference. https://doi.org/10.4018/978-1-4666-0146-8.ch014
Heiderich, M., Frosch, T., Niemietz, M., & Schwenk, J. (2012). The bug that made me president: a browser- and web-security case study on helios voting. In A. Kiayias & H. Lipmaa (Hrsg.), E-voting and identity (Verlagsversion, Bd. 7187, S. 89–103). Springer. https://doi.org/10.1007/978-3-642-32747-6_6
Heiderich, M., Niemietz, M., Schuster, F., Holz, T., & Schwenk, J. (2012). Scriptless attacks: stealing the pie without touching the sill. In T. Yu (Hrsg.), CCS 2012 (Verlagsversion, S. 760–771). ACM Pr. https://doi.org/10.1145/2382196.2382276
Hühnlein, D., Petrautzki, D., Schmölz, J., Wich, T., Horsch, M., Wieland, T., Eichholz, J., Wiesmaier, A., Braun, J., Feldmann, F., Potzernheim, S., Schwenk, J., Kahlo, C., Kühne, A., & Veit, H. (2012). On the design and implementation of the Open eCard App. In N. Suri & M. Waidner (Hrsg.), Sicherheit 2012 (Bd. 195, S. 95–110). Ges. für Informatik. http://subs.emis.de/LNI/Proceedings/Proceedings195/article6609.html
Jager, T., Kohlar, F., Schäge, S., & Schwenk, J. (2012). On the security of TLS-DHE in the standard model. In R. Safavi-Naini & R. Canetti (Hrsg.), Advances in cryptology – CRYPTO 2012 (Bd. 7417, S. 273–293). Springer. https://doi.org/10.1007/978-3-642-32009-5_17
Jensen, M., Junker, H., Lo Iacono, L., Mainka, C., & Schwenk, J. (2012). XML signature wrapping Angriffe wirksam unterbinden. Datenschutz und Datensicherheit36(4), 236–240. https://doi.org/10.1007/s11623-012-0091-9
Mainka, C., Jensen, M., Lo Iacono, L., & Schwenk, J. (2012a). Making XML signatures immune to XML signature wrapping attacks. In F. Leymann (Hrsg.), Proceedings of the 2nd International Conference on Cloud Computing and Services Science (Verlagsversion, S. 151–167). SciTePr. https://doi.org/10.1007/978-3-319-04519-1_10
Mainka, C., Jensen, M., Lo Iacono, L., & Schwenk, J. (2012b). XSpRES: Robust and effective XML signatures for web services. In F. Leymann (Hrsg.), Proceedings of the 2nd International Conference on Cloud Computing and Services Science (Verlagsversion, S. 187–197). SciTePr. http://nds.rub.de/media/nds/veroeffentlichungen/2012/07/24/CLOSER_XSpRES.pdf
Mainka, C., Somorovsky, J., & Schwenk, J. (2012a). Penetration testing tool for web services security. IEEE Eighth World Congress on Services (SERVICES 2012), 163–170. https://doi.org/10.1109/services.2012.7
Mainka, C., Somorovsky, J., & Schwenk, J. (2012b). Penetration testing tool for web services security.
Mainka, C., Somorovsky, J., & Schwenk, J. (2012c, Juni 24). Penetration testing tol for wb services securityhttp://nds.rub.de/media/nds/veroeffentlichungen/2012/07/11/camera-ready.pdf
Mayer, A., & Schwenk, J. (2012). XML Signature Wrapping: die Kunst SAML Assertions zu fälschen. In C. Paulsen (Hrsg.), Sicherheit in vernetzten Systemen (Verlagsversion, S. H1–H15). Books on Demand GmbH.
Meyer, C., Feldmann, F., & Schwenk, J. (2012). Sometimes it’s better to be STUCK!: SAML transportation unit for cryptographic keys [Poster-Abstract].
Niemietz, M., & Schwenk, J. (2012). UI redressing attacks on Android devices (Verlagsversion). Black Hat, Abu Dhabi. https://media.blackhat.com/ad-12/Niemietz/bh-ad-12-androidmarcus_niemietz-WP.pdf
Somorovsky, J., Mayer, A., Schwenk, J., Kampmann, M., & Jensen, M. (2012). On breaking SAML: be whoever you want to be. USENIX Security Symposium 2012, 1–16. https://www.usenix.org/conference/usenixsecurity12/technical-sessions/presentation/somorovsky
Somorovsky, J., Meyer, C., Tran, T., Sbeiti, M., Schwenk, J., & Wietfeld, C. (2012a). SeC2: secure mobile solution for distributed public cloud storages. In F. Leymann (Hrsg.), Proceedings of the 2nd International Conference on Cloud Computing and Services Science (Verlagsversion, S. 555–561). SciTePr. https://www.nds.rub.de/media/nds/veroeffentlichungen/2012/03/11/sec2.pdf
Somorovsky, J., Meyer, C., Tran, T., Sbeiti, M., Schwenk, J., & Wietfeld, C. (2012b). SeC2: secure mobile solution for distributed public cloud storages.
Somorovsky, J., & Schwenk, J. (2012a). Technical analysis of countermeasures against attack on XML encryption — or — just another motivation for authenticated encryption. IEEE Eighth World Congress on Services (SERVICES 2012), 171–178. https://doi.org/10.1109/services.2012.6
Somorovsky, J., & Schwenk, J. (2012b). Technical analysis of countermeasures against attack on XML encryption – or – just another motivation for authenticated encryption.
Yang, Z., & Schwenk, J. (2012). Strongly authenticated key exchange protocol from bilinear groups without random oracles. In T. Takagi, G. Wang, Z. Qin, S. Jiang, & Y. Yu (Hrsg.), Provable security (Bd. 7496, S. 264–275). Springer. https://doi.org/10.1007/978-3-642-33272-2_17
Borges, G., Schwenk, J., Stuckenberg, C.-F., & Wegener, C. (Hrsg.). (2011). Identitätsdiebstahl und Identitätsmissbrauch im Internet: rechtliche und technische Aspekte (Verlagsversion) [Computer software]. Springer. https://doi.org/10.1007/978-3-642-15833-9
Jager, T., Kohlar, F., Schäge, S., & Schwenk, J. (2011a). A standard-model security analysis of TLS-DHE. Publiziert. https://eprint.iacr.org/2011/219
Jager, T., Kohlar, F., Schäge, S., & Schwenk, J. (2011b). On the security of TLS-DHE in the standard model. Publiziert. http://eprint.iacr.org/2011/219
Jensen, M., Meyer, C., Somorovsky, J., & Schwenk, J. (2011a). On the effectiveness of XML schema validation for countering XML signature wrapping attacks. In C. A. Ardagna & E. Damiani (Hrsg.), 2011 1st International Workshop on Securing Services on the Cloud (Verlagsversion). IEEE. https://doi.org/10.1109/iwsscloud.2011.6049019
Jensen, M., Meyer, C., Somorovsky, J., & Schwenk, J. (2011b). On the effectiveness of XML schema validation for countering XML signature wrapping attacks.
Jensen, M., Schwenk, J., Bohli, J.-M., Gruschka, N., & Lo Iacono, L. (2011). Security prospects through cloud computing by adopting multiple clouds. In L. Liu & M. Parashar (Hrsg.), IEEE International conference on cloud computing (CLOUD 2011) (S. 565–572). IEEE. https://doi.org/10.1109/cloud.2011.85
Kohlar, F., Schwenk, J., Jensen, M., & Gajek, S. (2011). On cryptographically strong bindings of SAML assertions to transport layer security. International Journal of Mobile Computing and Multimedia Communications3(4), 20–35. https://doi.org/10.4018/jmcmc.2011100102
Majernik, F., Jensen, M., & Schwenk, J. (2011). MARV – data level confidentiality protection in BPEL-based web service compositions. Conference on Network and Information Systems Security (SAR-SSI), 2011, 5931365. https://doi.org/10.1109/sar-ssi.2011.5931365
Mayer, A., & Schwenk, J. (2011). Sicheres Single Sign-On mit dem SAML Holder-of-Key Web Browser SSO Profile mit SimpleSAMLphp. Sicher in die digitale Welt von morgen, 33–46.
Meyer, C., Somorovsky, J., Driessen, B., Schwenk, J., Tran, T., & Wietfeld, C. (2011). Sec2 – Ein sicheres Speicherkonzept für die Cloud. In P. Schartner & J. Taeger (Hrsg.), D-A-CH Security 2011 (Verlagsversion). syssec.
Meyer, C., Somorovsky, J., Schwenk, J., Driessen, B., Tran, T., & Wietfeld, C. (2011a). Sec2 – ein mobiles Nutzer-kontrolliertes Sicherheitskonzept für cloud-storage (Verlagsversion). http://emsec.rub.de/media/nds/veroeffentlichungen/2012/03/11/dach.pdf
Meyer, C., Somorovsky, J., Schwenk, J., Driessen, B., Tran, T., & Wietfeld, C. (2011b, September 20). Sec2 – ein mobiles Nutzer-kontrolliertes Sicherheitskonzept für cloud-storagehttp://emsec.rub.de/media/nds/veroeffentlichungen/2013/08/19/01_PPT_Arial_Custom.pdf
Schwenk, J. (2011). HTTP authentication. In H. C. A. van Tilborg & S. Jajodia (Hrsg.), Encyclopedia of cryptography and security (Verlagsversion, 2. Aufl., S. 564–565). Springer. https://doi.org/10.1007/978-1-4419-5906-5_653
Schwenk, J., Kohlar, F., & Amon, M. (2011). The power of recognition: secure single sign-on using TLS channel bindings. In A. Bhargav-Spantzel & T. Groß (Hrsg.), Proceedings of the 7th ACM workshop on Digital identity management (Verlagsversion, S. 63–72). ACM Pr. https://doi.org/10.1145/2046642.2046656
Somorovsky, J., Heiderich, M., Jensen, M., Schwenk, J., Gruschka, N., & Lo Iacono, L. (2011). All your clouds are belong to us: security analysis of cloud management interfaces. In C. Cachin & T. Ristenpart (Hrsg.), Proceedings of the 3rd ACM workshop on Cloud computing security workshop (Verlagsversion, S. 3–14). ACM Pr. https://doi.org/10.1145/2046660.2046664
Sovis, P., Kohlar, F., & Schwenk, J. (2011). Security analysis of OpenID. In N. Pohlmann, H. Reimer, & W. Schneider (Hrsg.), ISSE 2010 Securing electronic business processes (Verlagsversion). Vieweg & Teubner. http://www.nds.rub.de/media/nds/veroeffentlichungen/2010/12/20/CameraReady_SecurityofSingleSignOn.pdf
Bußmeyer, D., Gröbert, F., Schwenk, J., & Wegener, C. (2010). Attacking of smart card-based banking applications with Javascript-based rootkits. In R. Sion, R. Curtmola, S. Dietrich, A. Kiayias, J. M. Miret, K. Sako, & F. Sebé (Hrsg.), Financial cryptography and data security (Verlagsversion, Bd. 6054, S. 320–327). Springer. https://doi.org/10.1007/978-3-642-14577-3_25
Jager, T., Kohlar, F., Schäge, S., & Schwenk, J. (2010a). Generic compilers for authenticated key exchange. In M. Abe (Hrsg.), Advances in cryptology – ASIACRYPT 2010 (Verlagsversion, Bd. 6477, S. 232–249). Springer. https://doi.org/10.1007/978-3-642-17373-8_14
Jager, T., Kohlar, F., Schäge, S., & Schwenk, J. (2010b). Generic compilers for authenticated key exchange.
Jager, T., Kohlar, F., Schäge, S., & Schwenk, J. (2010c). Generic compilers for authenticated key exchange (full version). Publiziert. https://eprint.iacr.org/2010/621
Jensen, M., Schäge, S., & Schwenk, J. (2010). Towards an anonymous access control and accountability scheme for cloud computing. 2010 IEEE 3rd International Conference on Cloud Computing, 540–541. https://doi.org/10.1109/cloud.2010.61
Jensen, M., & Schwenk, J. (2010). Definition, application, and enforcement of WS-security policies in model-driven SOAs (Verlagsversion). http://www.zu.ac.ae/wss/presentations/Meiko%20Jensen%20paper-cr.pdf
Kohlar, F., Schwenk, J., Jensen, M., & Gajek, S. (2010). Secure bindings of SAML assertions to TLS sessions. 2010 International Conference on Availability, Reliability, and Security, 62–69. https://doi.org/10.1109/ares.2010.89
Noack, A., & Schwenk, J. (2010). Group key agreement performance in wireless mesh networks. In 2010 IEEE 35th Conference on Local Computer Networks (LCN 2010) (Verlagsversion). Annual IEEE Conference on Local Computer Networks (LCN), Denver, Colo. IEEE. https://doi.org/10.1109/lcn.2010.5735694
Schäge, S., & Schwenk, J. (2010a). A CDH-based ring signature scheme with short signatures and public keys. In R. Sion, R. Curtmola, S. Dietrich, A. Kiayias, J. M. Miret, K. Sako, & F. Sebé (Hrsg.), Financial cryptography and data security (Verlagsversion, Bd. 6054, S. 129–142). Springer. https://doi.org/10.1007/978-3-642-14577-3_12
Schäge, S., & Schwenk, J. (2010b). A new RSA-based signature scheme. In D. J. Bernstein & T. Lange (Hrsg.), Progress in cryptology – AFRICACRYPT 2010 (Bd. 6055, S. 1–15). Springer. https://doi.org/10.1007/978-3-642-12678-9_1
Schwenk, J. (2010). Sicherheit und Kryptographie im Internet: von sicherer E-Mail bis zu IP-Verschlüsselung (Verlagsversion, 3. überarb. Aufl.) [Computer software]. Vieweg & Teubner.
Somorovsky, J., Jensen, M., & Schwenk, J. (2010). Streaming-based verification of XML signatures in SOAP messages. 2010 6th World Congress on Services, 637–644. https://doi.org/10.1109/services.2010.57
Azzini, A., Marrara, S., Jensen, M., & Schwenk, J. (2009). Extending the similarity-based XML multicast approach with digital signatures. In E. Damiani, S. Proctor, & A. Singhal (Hrsg.), Proceedings of the 6th ACM Workshop On Secure Web Services (Verlagsversion, S. 45–52). ACM Pr.
Eichholz, J., Hühnlein, D., & Schwenk, J. (2009). SAMLizing the European citizen card. In A. Brömme, C. Busch, & D. Hühnlein (Hrsg.), BIOSIG 2009 (Verlagsversion, Bd. 155, S. 105–116). Ges. für Informatik.
Gajek, S., Jensen, M., Liao, L., & Schwenk, J. (2009). Analysis of signature wrapping attacks and countermeasures. In E. Damiani (Hrsg.), IEEE International Conference on Web Services (Verlagsversion, S. 575–582). IEEE. https://doi.org/10.1109/icws.2009.12
Gajek, S., Manulis, M., & Schwenk, J. (2009). User-aware provably secure protocols for browser-based mutual authentication. International Journal of Applied Cryptography1(4), 290–308. https://doi.org/10.1504/ijact.2009.028028
Gajek, S., & Schwenk, J. (2009). Universally composable delegated authentication secure communication sessions resilient against credential compromise: Thursday 26th March 2009.
Gajek, S., Schwenk, J., Steiner, M., & Xuan, C. (2009). Risks of the CardSpace protocol. In P. Samarati, M. Yung, F. Martinelli, & C. A. Ardagna (Hrsg.), Information security (Verlagsversion, Bd. 5735, S. 278–293). Springer. https://doi.org/10.1007/978-3-642-04474-8_23
Gruschka, N., Jensen, M., Lo Iacono, L., & Schwenk, J. (2009). XML Signature Wrapping Angriffe: what you process is not always what you verify. Datenschutz und Datensicherheit33(9), 553–560. https://doi.org/10.1007/s11623-009-0142-z
Jager, T., & Schwenk, J. (2009). On the analysis of cryptographic assumptions in the generic ring model. In M. Matsui (Hrsg.), Advances in cryptology – ASIACRYPT 2009 (Verlagsversion, Bd. 5912, S. 399–416). Springer.
Jensen, M., Liao, L., & Schwenk, J. (2009). The curse of namespaces in the domain of XML signature. In E. Damiani, S. Proctor, & A. Singhal (Hrsg.), Proceedings of the 6th ACM Workshop On Secure Web Services (Verlagsversion, S. 29–36). ACM Pr.
Jensen, M., & Schwenk, J. (2009a). SOA security: web services Standards und Angriffe. In P. Horster (Hrsg.), D-A-CH Security 2009 (Verlagsversion). syssec.
Jensen, M., & Schwenk, J. (2009b). The accountability problem of flooding attacks in service-oriented architectures. 2009 International Conference on Availability, Reliability, and Security, 25–32. https://doi.org/10.1109/ares.2009.11
Jensen, M., Schwenk, J., Gruschka, N., & Lo Iacono, L. (2009). On technical security issues in cloud computing. Proceedings of the IEEE International Conference on Cloud Computing. Publiziert. https://doi.org/10.1109/cloud.2009.60
Liao, L., & Schwenk, J. (2009). Securing Email communication with XML technology. In J. N. D. Gupta (Hrsg.), Handbook of research on information security and assurance (Verlagsversion, S. 304–310). Information Science.
Manulis, M., & Schwenk, J. (2009). Security model and framework for information aggregation in sensor networks. ACM Transactions on Sensor Networks5(2). https://doi.org/10.1145/1498915.1498919
Noack, A., & Schwenk, J. (2009). Group key agree­ment for wire­less mesh net­works. The 5th LCN Work­shop on Se­cu­ri­ty in Com­mu­ni­ca­ti­ons Net­works. Publiziert.
Wolf, C., Schwenk, J., & Wang, Z. (2009). Sicherheitsanalyse von Kreditkarten am Beispiel von EMV. In S. Fischer (Hrsg.), Informatik 2009, Im Focus das Leben (Verlagsversion, Bd. 154, S. 1732–1743). Ges. für Informatik.
Bruegger, B. P., Hühnlein, D., & Schwenk, J. (2008). TLS-Federation: a secure and relying-party-friendly approach for federated identity management. In A. Brömme, C. Busch, & D. Hühnlein (Hrsg.), BIOSIG 2008 (Bd. 137, S. 93–104). Ges. für Informatik. http://subs.emis.de/LNI/Proceedings/Proceedings137/article2262.html
Gajek, S., Jager, T., Manulis, M., & Schwenk, J. (2008). A browser-based kerberos authentication scheme. In S. Jajodia & J. López (Hrsg.), Computer security (Verlagsversion, Bd. 5283, S. 115–129). Springer.
Gajek, S., Manulis, M., Pereira, O., Sadeghi, A.-R., & Schwenk, J. (2008). Universally composable analysis of TLS. In J. Baek, F. Bao, K. Chen, & X. Lai (Hrsg.), Provable security (Verlagsversion, Bd. 5324, S. 313–327). Springer. https://doi.org/10.1007/978-3-540-88733-1_22
Gajek, S., Manulis, M., Pereira, O., Sadeghi, A.-R., & Schwenk, J. (2008). Universally composable analysis of TLS. ProvSec, Schanghai.
Gajek, S., Manulis, M., Sadeghi, A.-R., & Schwenk, J. (2008). Provably secure browser-based user-aware mutual authentication over TLS. In M. Abe & V. Glibor (Hrsg.), Proceedings of the ACM Symposium on Information, Computer and Communications Security (Verlagsversion, Bd. 399, S. 300–311). ACM Pr.
Gajek, S., Manulis, M., & Schwenk, J. (2008a). Enforcing user-aware browser-based mutual authentication with strong locked same origin policy. In Y. Mu (Hrsg.), Information security and privacy (Verlagsversion, Bd. 5107, S. 6–20). Springer.
Gajek, S., Manulis, M., & Schwenk, J. (2008b). User-aware browser-based mutual authentication via passwords and cookies with provable security on top of TLS. IET Information Security3.
Gajek, S., Schwenk, J., & Chen, X. (2008). On the insecurity of Microsoft‘s identity metasystem cardspace (TR-HGI-2008-003; Verlagsversion, Technical Report / Horst Görtz Institut Für Sicherheit in Der Informationstechnik 2008–003). http://www.hgi.rub.de/media/hgi/files/weitere/HGI-TR-2008-003.pdf
Helbach, J., Schwenk, J., & Schäge, S. (2008). Code voting with linkable group signatures. In R. Krimmer & R. Grimm (Hrsg.), Electronic voting 2008 (EVOTE08): Bd. P-131 (S. 209–222). Ges. für Informatik. http://subs.emis.de/LNI/Proceedings/Proceedings131/article4371.html
Jager, T., Jäkel, H., & Schwenk, J. (2008). Nutzung von selbstsignierten Client-Zertifikaten zur Authentifikation bei SSL/TLS. In A. Alkassar & J. H. Siekmann (Hrsg.), Sicherheit 2008 (Verlagsversion, Bd. 128, S. 127–136). Ges. für Informatik. https://dl.gi.de/handle/20.500.12116/21471
Jager, T., & Schwenk, J. (2008a). On the equivalence of generic group models. In J. Baek, F. Bao, K. Chen, & X. Lai (Hrsg.), Provable security (Verlagsversion, Bd. 5324, S. 200–209). Springer.
Jager, T., & Schwenk, J. (2008b). The generic hardness of subset membership problems under the factoring assumption. Publiziert. http://eprint.iacr.org/2008/482
Liao, L., & Schwenk, J. (2008). A novel solution for end-to-end integrity protection in signed PGP mail. In L. Chen (Hrsg.), Information and communications security (Verlagsversion, Bd. 5308, S. 19–32). Springer.
Oppliger, R., Schwenk, J., & Helbach, J. (2008). Protecting code voting against vote selling. In A. Alkassar & J. H. Siekmann (Hrsg.), Sicherheit 2008 (Verlagsversion, Bd. 128, S. 193–204). Ges. für Informatik. https://dl.gi.de/handle/20.500.12116/21476
Oppliger, R., Schwenk, J., & Löhr, C. (2008). CAPTCHA-based code voting. In R. Krimmer & R. Grimm (Hrsg.), Electronic voting 2008 (EVOTE08): Bd. P-131 (S. 223‐222). Ges. für Informatik. http://subs.emis.de/LNI/Proceedings/Proceedings131/article4372.html
Schwenk, J., Gajek, S., Manulis, M., & Jager, T. (o. J.). Sichere, browser-basierte Einmalanmeldung mit Clientzertifikaten (Patent Nr. DE200810024783). https://register.dpma.de/DPMAregister/pat/PatSchrifteneinsicht?docId=DE102008024783A1
Schwenk, J., Liao, L., & Gajek, S. (2008). Stronger bindings for SAML assertions and SAML artifacts. In E. Damiani & S. Proctor (Hrsg.), Proceedings of the 5th ACM CCS Workshop on Secure Web Services (Verlagsversion). ACM Pr. https://doi.org/10.1145/1456492.1456495
Biallaß, I., Borges, G., Gajek, S., Meyer, J., Schwenk, J., Wegener, C., & Werner, D. (2007). Aktuelle Gefahren im Onlinebanking: technische und juristische Hintergründe. Innovationsmotor IT-Sicherheit, 495–511.
Bresson, E., Manulis, M., & Schwenk, J. (2007). On security models and compilers for group key exchange protocols. In A. Miyaji, H. Kikuchi, & K. Rannenberg (Hrsg.), Advances in information and computer security (Verlagsversion, Bd. 4752, S. 292–307). Springer.
Gajek, S., Liao, L., Möller, B., & Schwenk, J. (2007). SSL-over-SOAP: towards a token-based key establishment framework for web services. In T. Gschwind (Hrsg.), Emerging web services technology (Verlagsversion). Birkhäuser Publishing.
Gajek, S., Liao, L., & Schwenk, J. (2007a). Breaking and fixing the inline approach. Proceedings of the 2007 ACM Workshop on Secure Web Services, 37–43.
Gajek, S., Liao, L., & Schwenk, J. (2007b). Towards a formal semantic of XML signature. In Workshop report (Verlagsversion). http://www.w3.org/2007/xmlsec/ws/papers/07-gajek-rub/
Gajek, S., Manulis, M., Sadeghi, A.-R., & Schwenk, J. (2007). Browser models for usable authentication protocols. Proceedings, S & P 2007, 2007 IEEE Symposium on Security and Privacy : 20 – 23 May 2007, Berkeley/Oakland, California. Publiziert. https://www.manulis.eu/papers/W2SPPosPap.pdf
Gajek, S., Sadeghi, A.-R., Schwenk, J., & Winandy, M. (2007). Trusted user-aware web authentication. In Work­shop on Trust­wor­thy User In­ter­faces for Pass­words and Per­so­nal In­for­ma­ti­on (Verlagsversion). TRUST.
Gajek, S., Sadeghi, A.-R., Schwenk, J., & Winandy, M. (2007). Trusted user-aware web authentication.
Gajek, S., & Schwenk, J. (2007). Probleme und Risiken der Internet-Auktion. In G. Borges (Hrsg.), Rechtsfragen der Internet-Auktion (Verlagsversion, 1. Aufl., Bd. 1, S. 180–190). Nomos Verlagsgesellschaft.
Helbach, J., & Schwenk, J. (2007). Secure internet voting with code sheets. In A. Alkassar & M. Volkamer (Hrsg.), E-voting and identity (Verlagsversion, Bd. 4896, S. 166–177). Springer.
Liao, L., Gajek, S., & Schwenk, J. (2007). Signieren mit Chipkartensystemen in unsicheren Umgebungen. Datenschutz und Datensicherheit31(11), 816–821.
Liao, L., & Schwenk, J. (2007a). End-to-end header protection in signed S/MIME. In R. Meersman (Hrsg.), On the move to meaningful internet systems 2007: CoopIS, DOA, ODBASE, GADA, and IS (Verlagsversion, Bd. 4804, S. 1646–1658). Springer.
Liao, L., & Schwenk, J. (2007b). Secure emails in XML format using web services. In W. Zimmermann, B. König-Ries, & C. Pahl (Hrsg.), Proceedings of the Fifth IEEE European Conference on Web Services (Verlagsversion, S. 129–136). IEEE Computer Society. https://doi.org/10.1109/ecows.2007.20
Manulis, M., & Schwenk, J. (2007a). Provably secure framework for information aggregation in sensor networks. In O. Gervasi & M. L. Gavrilova (Hrsg.), Computational science and its applications (Verlagsversion, Bd. 4705, S. 603–621). Springer.
Manulis, M., & Schwenk, J. (2007b). Provably secure framework for information aggregation is sensor networks. Publiziert. http://eprint.iacr.org/2007/283
Manulis, M., & Schwenk, J. (2007c). Provably secure framework for information aggregation in sensor networks. In O. Gervasi & M. L. Gavrilova (Hrsg.), Computational science and its applications – ICCSA 2007 (Bde. 4705–4707, S. 603–621). Springer. https://doi.org/10.1007/978-3-540-74472-6_49
Paar, C., Sadeghi, A.-R., Schwenk, J., & Wegener, C. (2007). Studieren mit Sicherheit in Bochum: die Studiengänge zum Thema IT-Sicherheit. Datenschutz und Datensicherheit31(5), 338–342. https://doi.org/10.1007/s11623-007-0130-0
Schwenk, J., Sadeghi, A.-R., Gajek, S., & Manulis, M. (2007a). Browser models for usable authentication protocols.
Schwenk, J., Sadeghi, A.-R., Gajek, S., & Manulis, M. (2007b). Browser-based authentication protocols for naive user
Beutelspacher, A., Schwenk, J., & Wolfenstetter, K.-D. (2006). Moderne Verfahren der Krypotgraphie: von RSA zu Zero-Knowledge (6., verbesserte Aufl.). Vieweg & Teubner. https://doi.org/10.1007/978-3-8348-9103-7
Gajek, S., & Schwenk, J. (2006). Reversed responsibilities: browser authentication instead of server authentication. Workshop on Transparency and Usability of Web Authentication. Publiziert.
Gajek, S., Schwenk, J., & Heesen, H. te. (2006). A case study on online-banking security. Emerging Trends in Information and Communication Security3995.
Gajek, S., Schwenk, J., & Wegener, C. (2006). SSL-VA-Authentifizierung als Schutz von Phishing und Pharming. In J. Dittmann (Hrsg.), Sicherheit 2006 (Verlagsversion, Bd. 77, S. 6–17). Ges. für Informatik.
Manulis, M., Sadeghi, A.-R., & Schwenk, J. (2006). Linkable democratic group signatures. In K. Chen, R. H. Deng, X. Lai, & J. Zhou (Hrsg.), Information security practice and experience (Verlagsversion, Bd. 3903, S. 187–201). Springer. https://doi.org/10.1007/11689522_18
Adelsbach, A., Gajek, S., & Schwenk, J. (2005a). Phishing: Die Täuschung des Benutzers zur Preisgabe geheimer Benutzerdaten. IT-Sicherheit geht alle an!, 53–65.
Adelsbach, A., Gajek, S., & Schwenk, J. (2005b). Visual spoofing of SSL protected web sites and effective countermeasures. In R. H. Deng, F. Bao, H. Pang, & J. Zhou (Hrsg.), Information security practice and experience (Verlagsversion, Bd. 3439, S. 204–216). Springer.
Ewers, L., Kubbilun, W., Liao, L., & Schwenk, J. (2005). Secure XmaiL or how to get rid of legacy code in secure E-mail applications. In J. Dittmann, S. Katzenbeisser, & A. Uhl (Hrsg.), Communications and multimedia security (Verlagsversion, Bd. 3677, S. 291–300). Springer.
Gajek, S., Schwenk, J., & Wegener, C. (2005). Identitätsmissbrauch im Online-Banking. Datenschutz und Datensicherheit29(11), 639–642.
Kubbilun, W., Gajek, S., Psarros, M., & Schwenk, J. (2005). Trustworthy verification and visualisation of multiple XML-signatures. In J. Dittmann, S. Katzenbeisser, & A. Uhl (Hrsg.), Communications and multimedia security (Verlagsversion, Bd. 3677, S. 311–320). Springer.
Manulis, M., & Schwenk, J. (2005). Pseudonym generation scheme for ad-hoc group communication based on IDH. In C. Paar, C. Castelluccia, H. Hartenstein, & D. Westhoff (Hrsg.), Security in ad hoc and sensor networks (Verlagsversion, Bd. 3313, S. 107–124). Springer.
[1]
P. Berkes und L. Wiskott, „Applying slow feature analysis to image sequences yields a rich repertoire of complex cell properties“, in Artificial neural networks, 2002, Bd. 2415, S. 81–86.
[2]
L. Wiskott, C. von der Malsburg, und A. Weitzenfeld, „Face recognition by dynamic link matching: 18“, in The neural simulation language, A. Weitzenfeld, M. A. Arbib, und A. Alexander, Hrsg. Cambridge, MA: MIT Pr., 2002, S. 343–372.
[3]
L. Wiskott und P. Berkes, „Is slowness a principle for the emergence of complex cells in primary visual cortex?“, in Proceedings of the Berlin Neuroscience Forum 2002, Liebenwalde April 18-20, 2002, S. 43.
[4]
T. Blaschke und L. Wiskott, „An improved cumulant based method for independent component analysis“, in Artificial neural networks, 2002, Bd. 2415, S. 1087–1093.
[5]
L. Wiskott und T. J. Sejnowski, „Slow feature analysis: unsupervised learning of invariances“, Neural computation, Bd. 14, Nr. 4, S. 715–770, 2002, doi: 10.1162/08997660231731893.
 
Dittmann, J., Hauer, E., Vielhauer, C., Schwenk, J., & Saar, E. (2001). Customer identification for MPEG video based on digital fingerprinting. In H.-Y. Shum, M. Liao, & S.-F. Chang (Hrsg.), Advances in multimedia information processing – PCM 2001 (Bd. 2195, S. 383–390). Springer. https://doi.org/10.1007/3-540-45453-5_49
Schwenk, J., Martin, T., & Neumann, E. (2001). From pay-tv to pay-streaming: similarities and differences. In N. D. Georganas & R. Popescu-Zeletin (Hrsg.), Proceedings of the 2001 Workshop on Multimedia and Security New Challenges (S. 40–43). ACM Pr. https://doi.org/10.1145/1232454.1232470
Schwenk, J., Martin, T., & Schaffelhofer, R. (2001). Tree-based multicast key agreement. In R. Steinmetz, J. Dittmann, & M. Steinebach (Hrsg.), Communications and multimedia security issues of the new century (Bd. 64, S. 283–295). Springer. https://doi.org/10.1007/978-0-387-35413-2_24
Dittmann, J., Schmitt, P., Saar, E., Schwenk, J., & Ueberberg, J. (2000). Combining digital watermarks and collusion secure fingerprints for digital images. Journal of Electronic Imaging9(4), 456–467. https://doi.org/10.1117/1.1287729
Schwenk, J. (1999). How to securely broadcast a secret. In B. Preneel (Hrsg.), Secure information networks (Bd. 23, S. 247–257). Springer. https://doi.org/10.1007/978-0-387-35568-9_17
Schwenk, J. (1999). How to securely broadcast a secret. In B. Preneel (Hrsg.), Secure information networks (Bd. 23, S. 247–257). Springer. https://doi.org/10.1007/978-0-387-35568-9_17
Beutelspacher, A., Schwenk, J., & Wolfenstetter, K.-D. (1995). Moderne Verfahren der Kryptographie: von RSA zu Zero-Knowledge. Vieweg & Teubner.

Publications

26 Einträge « 2 von 3 »

Elena Kirshanova, Alexander May

Breaking Goppa-based McEliece with hints Proceedings Article

In: Security and Cryptography for Networks (SCN 22), and Journal of Information and Computation, Volume 293, 2023.

Links | Schlagwörter: Crypto Others

Jesús-Javier Chi-Dominguez, Andre Esser, Sabrina Kunzweiler, Alexander May

Low Memory Attacks on Small Key CSIDH Proceedings Article

In: Applied Cryptography and Network Security (ACNS 23), S. 276–304, Springer, 2023.

Links | Schlagwörter: Crypto Others

Elena Kirshanova, Alexander May, Julian Nowakowski

New NTRU Records with Improved Lattice Bases Proceedings Article

In: Post-Quantum Cryptography (PQCrypto 23), S. 167–195, Springer, 2023.

Links | Schlagwörter: Crypto Others

Alexander May, Carl Richard Theodor Schneider

Dlog is Practically as Hard (or Easy) as DH - Solving Dlogs via DH Oracles on EC Standards Proceedings Article

In: Transactions on Cryptographic Hardware and Embedded Systems (TCHES), S. 146–166, 2023.

Links | Schlagwörter: Crypto Area, Rank A*/A

Andre Esser, Alexander May, Javier A. Verbel, Weiqiang Wen

Partial Key Exposure Attacks on BIKE, Rainbow and NTRU Proceedings Article

In: Advances in Cryptology (CRYPTO 2022) , S. 346–375, Springer, 2022.

Links | Schlagwörter: Crypto Flagship, Rank A*/A

Alexander May, Julian Nowakowski, Santanu Sarkar

Approximate Divisor Multiples - Factoring with Only a Third of the Secret CRT-Exponents Proceedings Article

In: Advances in Cryptology (EUROCRYPT 22) , S. 147–167, Springer, 2022.

Links | Schlagwörter: Crypto Flagship, Rank A*/A

Andre Esser, Alexander May, Floyd Zweydinger

McEliece Needs a Break - Solving McEliece-1284 and Quasi-Cyclic-2918 with Modern ISD Proceedings Article

In: Advances in Cryptology (EUROCRYPT 22), S. 433–457, Springer, 2022.

Links | Schlagwörter: Crypto Flagship, Rank A*/A

Julian Speith, Florian Schweins, Maik Ender, Marc Fyrbiak, Alexander May, Christof Paar

How Not to Protect Your IP - An Industry-Wide Break of IEEE 1735 Implementations Proceedings Article

In: Symposium on Security and Privacy (S&P 22), 2022.

Links | Schlagwörter: Rank A*/A, Security

Alexander May, Floyd Zweydinger

Legendre PRF (Multiple) Key Attacks and the Power of Preprocessing Proceedings Article

In: Computer Security Foundations Symposium (CSF 22), S. 428–438, IEEE, 2022.

Links | Schlagwörter: Rank A*/A, Security

Alexander May, Lars Schlieper

Quantum Period Finding is Compression Robust Proceedings Article

In: Transactions on Symmetric Cryptology (TOSC 22), S. 183–211, 2022.

Links | Schlagwörter: Crypto Area, Quantum

26 Einträge « 2 von 3 »

Memberships

  • BITSI – Bochumer Verein zur Förderung der IT-Sicherheit und Informatik
  • CASA – DFG Excellence Cluster
  • QSI – EU Marie Curie Network
  • HGI – Horst Görtz Institute
  • IACR – Cryptology Research

Lectures (Moodle/Notes)

Crypto Challenges

Former PhDs

  1. Önder Askin, 2024
  2. Floyd Zweydinger, 2023
  3. Lars Schlieper, 2022
  4. Alexander Helm, 2020
  5. Andre Esser, 2020
  6. Matthias Minihold, 2019 
  7. Leif Both, 2018
  8. Robert Kübler, 2018
  9. Elena Kirshanova, 2016
  10. Ilya Ozerov, 2016
  11. Gottfried Herold, 2014
  12. Alexander Meurer, 2014
  13. Mathias Herrmann, 2011
  14. Maike Ritzenhofen, 2010

Calvin & Hobbes

Prof. Dr. Jörg Schwenk

Netz- und Da­ten­si­cher­heit

Professor / Lehrstuhlleiter

Adresse:
Ruhr-Universität Bochum
Fakultät für Informatik
Netz- und Da­ten­si­cher­heit
Universitätsstraße 150
--D-44801 Bochum

Raum: ID 2/469

Telefon: +49(0)234 32 26692

Sprechzeiten: Nach Absprache

E-Mail: joerg.​schwenk(at)​rub.​de

Lebenslauf

- seit 2003: In­ha­ber des Lehr­stuhls für Netz- und Da­ten­si­cher­heit an der Ruhr-Uni­ver­si­tät Bo­chum
- 2007 - 2010: Ge­schäfts­füh­ren­der Di­rek­tor des Horst Görtz In­sti­tuts für IT Si­cher­heit
- seit 2007: Stellv. Ge­schäfts­füh­ren­der Di­rek­tor des Re­chen­zen­trums der Ruhr-Uni­ver­si­tät Bo­chum


Lehrveranstaltungen



Veröffentlichungen