default search action
Juraj Somorovsky
Person information
Refine list
refinements active!
zoomed in on ?? of ?? records
view refined list in
export refined list as
2020 – today
- 2024
- [c46]Nico Heitmann, Hendrik Siewert, Sven Moog, Juraj Somorovsky:
Security Analysis of BigBlueButton and eduMEET. ACNS (3) 2024: 190-216 - [c45]Maximilian Radoy, Sven Hebrok, Juraj Somorovsky:
In Search of Partitioning Oracle Attacks Against TLS Session Tickets. ESORICS (3) 2024: 320-340 - [c44]Martin Dunsche, Marcel Maehren, Nurullah Erinola, Robert Merget, Nicolai Bissantz, Juraj Somorovsky, Jörg Schwenk:
With Great Power Come Great Side Channels: Statistical Timing Side-Channel Analyses with Bounded Type-1 Errors. USENIX Security Symposium 2024 - 2023
- [c43]Niklas Niere, Sven Hebrok, Juraj Somorovsky, Robert Merget:
Poster: Circumventing the GFW with TLS Record Fragmentation. CCS 2023: 3528-3530 - [c42]Jens Pottebaum, Jost Rossel, Juraj Somorovsky, Yasemin Acar, René Fahr, Patricia Arias Cabarcos, Eric Bodden, Iris Gräßler:
Re-Envisioning Industrial Control Systems Security by Considering Human Factors as a Core Element of Defense-in-Depth. EuroS&P Workshops 2023: 379-385 - [c41]Jost Rossel, Vladislav Mladenov, Juraj Somorovsky:
Security Analysis of the 3MF Data Format. RAID 2023: 179-194 - [c40]Nurullah Erinola, Marcel Maehren, Robert Merget, Juraj Somorovsky, Jörg Schwenk:
Exploring the Unknown DTLS Universe: Analysis of the DTLS Server Ecosystem on the Internet. USENIX Security Symposium 2023: 4859-4876 - [c39]Sven Hebrok, Simon Nachtigall, Marcel Maehren, Nurullah Erinola, Robert Merget, Juraj Somorovsky, Jörg Schwenk:
We Really Need to Talk About Session Tickets: A Large-Scale Analysis of Cryptographic Dangers with TLS Session Tickets. USENIX Security Symposium 2023: 4877-4894 - 2022
- [c38]Peter Mayer, Damian Poddebniak, Konstantin Fischer, Marcus Brinkmann, Juraj Somorovsky, M. Angela Sasse, Sebastian Schinzel, Melanie Volkamer:
"I don't know why I check this..." - Investigating Expert Users' Strategies to Detect Email Signature Spoofing Attacks. SOUPS @ USENIX Security Symposium 2022: 77-96 - [c37]Hendrik Siewert, Martin Kretschmer, Marcus Niemietz, Juraj Somorovsky:
On the Security of Parsing Security-Relevant HTTP Headers in Modern Browsers. SP (Workshops) 2022: 342-352 - [c36]Marcel Maehren, Philipp Nieting, Sven Hebrok, Robert Merget, Juraj Somorovsky, Jörg Schwenk:
TLS-Anvil: Adapting Combinatorial Testing for TLS Libraries. USENIX Security Symposium 2022: 215-232 - 2021
- [c35]Jan Peter Drees, Pritha Gupta, Eyke Hüllermeier, Tibor Jager, Alexander Konze, Claudia Priesterjahn, Arunselvan Ramaswamy, Juraj Somorovsky:
Automated Detection of Side Channels in Cryptographic Protocols: DROWN the ROBOTs! AISec@CCS 2021: 169-180 - [c34]Robert Merget, Marcus Brinkmann, Nimrod Aviram, Juraj Somorovsky, Johannes Mittmann, Jörg Schwenk:
Raccoon Attack: Finding and Exploiting Most-Significant-Bit-Oracles in TLS-DH(E). USENIX Security Symposium 2021: 213-230 - [c33]Marcus Brinkmann, Christian Dresen, Robert Merget, Damian Poddebniak, Jens Müller, Juraj Somorovsky, Jörg Schwenk, Sebastian Schinzel:
ALPACA: Application Layer Protocol Confusion - Analyzing and Mitigating Cracks in TLS Authentication. USENIX Security Symposium 2021: 4293-4310 - [i7]Marcus Niemietz, Mario Korth, Christian Mainka, Juraj Somorovsky:
Over 100 Bugs in a Row: Security Analysis of the Top-Rated Joomla Extensions. CoRR abs/2102.03131 (2021) - [i6]Jan Peter Drees, Pritha Gupta, Eyke Hüllermeier, Tibor Jager, Alexander Konze, Claudia Priesterjahn, Arunselvan Ramaswamy, Juraj Somorovsky:
Automated Detection of Side Channels in Cryptographic Protocols: DROWN the ROBOTs! IACR Cryptol. ePrint Arch. 2021: 591 (2021) - 2020
- [c32]Jörg Schwenk, Marcus Brinkmann, Damian Poddebniak, Jens Müller, Juraj Somorovsky, Sebastian Schinzel:
Mitigation of Attacks on Email End-to-End Encryption. CCS 2020: 1647-1664 - [c31]Paul Fiterau-Brostean, Bengt Jonsson, Robert Merget, Joeri de Ruiter, Konstantinos Sagonas, Juraj Somorovsky:
Analysis of DTLS Implementations Using Protocol State Fuzzing. USENIX Security Symposium 2020: 2523-2540 - [i5]Robert Merget, Marcus Brinkmann, Nimrod Aviram, Juraj Somorovsky, Johannes Mittmann, Jörg Schwenk:
Raccoon Attack: Finding and Exploiting Most-Significant-Bit-Oracles in TLS-DH(E). IACR Cryptol. ePrint Arch. 2020: 1151 (2020)
2010 – 2019
- 2019
- [c30]Nils Engelbertz, Vladislav Mladenov, Juraj Somorovsky, David Herring, Nurullah Erinola, Jörg Schwenk:
Security Analysis of XAdES Validation in the CEF Digital Signature Services (DSS). Open Identity Summit 2019: 95-106 - [c29]Jens Müller, Marcus Brinkmann, Damian Poddebniak, Hanno Böck, Sebastian Schinzel, Juraj Somorovsky, Jörg Schwenk:
"Johnny, you are fired!" - Spoofing OpenPGP and S/MIME Signatures in Emails. USENIX Security Symposium 2019: 1011-1028 - [c28]Robert Merget, Juraj Somorovsky, Nimrod Aviram, Craig Young, Janis Fliegenschmidt, Jörg Schwenk, Yuval Shavitt:
Scalable Scanning and Automatic Classification of TLS Padding Oracle Vulnerabilities. USENIX Security Symposium 2019: 1029-1046 - 2018
- [c27]Martin R. Albrecht, Jake Massimo, Kenneth G. Paterson, Juraj Somorovsky:
Prime and Prejudice: Primality Testing Under Adversarial Conditions. CCS 2018: 281-298 - [c26]Damian Poddebniak, Juraj Somorovsky, Sebastian Schinzel, Manfred Lochter, Paul Rösler:
Attacking Deterministic Signature Schemes Using Fault Attacks. EuroS&P 2018: 338-352 - [c25]Damian Poddebniak, Christian Dresen, Jens Müller, Fabian Ising, Sebastian Schinzel, Simon Friedberger, Juraj Somorovsky, Jörg Schwenk:
Efail: Breaking S/MIME and OpenPGP Email Encryption using Exfiltration Channels. USENIX Security Symposium 2018: 549-566 - [c24]Hanno Böck, Juraj Somorovsky, Craig Young:
Return Of Bleichenbacher's Oracle Threat (ROBOT). USENIX Security Symposium 2018: 817-849 - [c23]Nils Engelbertz, Nurullah Erinola, David Herring, Juraj Somorovsky, Vladislav Mladenov, Jörg Schwenk:
Security Analysis of eIDAS - The Cross-Country Authentication Scheme in Europe. WOOT @ USENIX Security Symposium 2018 - [i4]Martin R. Albrecht, Jake Massimo, Kenneth G. Paterson, Juraj Somorovsky:
Prime and Prejudice: Primality Testing Under Adversarial Conditions. IACR Cryptol. ePrint Arch. 2018: 749 (2018) - 2017
- [c22]Jens Müller, Vladislav Mladenov, Juraj Somorovsky, Jörg Schwenk:
SoK: Exploiting Network Printers. IEEE Symposium on Security and Privacy 2017: 213-230 - [c21]Martin Grothe, Tobias Niemann, Juraj Somorovsky, Jörg Schwenk:
Breaking and Fixing Gridcoin. WOOT 2017 - [i3]Damian Poddebniak, Juraj Somorovsky, Sebastian Schinzel, Manfred Lochter, Paul Rösler:
Attacking Deterministic Signature Schemes using Fault Attacks. IACR Cryptol. ePrint Arch. 2017: 1014 (2017) - [i2]Hanno Böck, Juraj Somorovsky, Craig Young:
Return Of Bleichenbacher's Oracle Threat (ROBOT). IACR Cryptol. ePrint Arch. 2017: 1189 (2017) - 2016
- [c20]Juraj Somorovsky:
Systematic Fuzzing and Testing of TLS Libraries. CCS 2016: 1492-1504 - [c19]Detlef Hühnlein, Tilman Frosch, Jörg Schwenk, Carl-Markus Piswanger, Marc Sel, Tina Hühnlein, Tobias Wich, Daniel Nemmert, René Lottes, Juraj Somorovsky, Vladislav Mladenov, Cristina Condovici, Herbert Leitold, Sophie Stalla-Bourdillon, Niko Tsakalakis, Jan Eichholz, Frank-Michael Kamm, Andreas Kühne, Damian Wabisch, Roger Dean, Jon Shamah, Mikheil Kapanadze, Nuno Ponte, Jose Martins, Renato Portela, Cagatay Karabat, Snezana Stojicic, Slobodan Nedeljkovic, Vincent Bouckaert, Alexandre Defays, Bruce Anderson, Michael Jonas, Christina Hermanns, Thomas Schubert, Dirk Wegener, Alexander Sazonov:
FutureTrust - Future Trust Services for Trustworthy Global Transactions. Open Identity Summit 2016: 27-41 - [c18]Nimrod Aviram, Sebastian Schinzel, Juraj Somorovsky, Nadia Heninger, Maik Dankel, Jens Steube, Luke Valenta, David Adrian, J. Alex Halderman, Viktor Dukhovni, Emilia Käsper, Shaanan Cohney, Susanne Engels, Christof Paar, Yuval Shavitt:
DROWN: Breaking TLS Using SSLv2. USENIX Security Symposium 2016: 689-706 - [c17]Hanno Böck, Aaron Zauner, Sean Devlin, Juraj Somorovsky, Philipp Jovanovic:
Nonce-Disrespecting Adversaries: Practical Forgery Attacks on GCM in TLS. WOOT 2016 - [i1]Hanno Böck, Aaron Zauner, Sean Devlin, Juraj Somorovsky, Philipp Jovanovic:
Nonce-Disrespecting Adversaries: Practical Forgery Attacks on GCM in TLS. IACR Cryptol. ePrint Arch. 2016: 475 (2016) - 2015
- [c16]Tibor Jager, Jörg Schwenk, Juraj Somorovsky:
On the Security of TLS 1.3 and QUIC Against Weaknesses in PKCS#1 v1.5 Encryption. CCS 2015: 1185-1196 - [c15]Christian Altmeier, Christian Mainka, Juraj Somorovsky, Jörg Schwenk:
AdIDoS - Adaptive and Intelligent Fully-Automatic Detection of Denial-of-Service Weaknesses in Web Services. DPM/QASA@ESORICS 2015: 65-80 - [c14]Tibor Jager, Jörg Schwenk, Juraj Somorovsky:
Practical Invalid Curve Attacks on TLS-ECDH. ESORICS (1) 2015: 407-425 - [c13]Marcus Niemietz, Juraj Somorovsky, Christian Mainka, Jörg Schwenk:
Not so Smart: On Smart TV Apps. SIoT 2015: 72-81 - [c12]Dennis Kupser, Christian Mainka, Jörg Schwenk, Juraj Somorovsky:
How to Break XML Encryption - Automatically. WOOT 2015 - 2014
- [j1]Juraj Somorovsky:
On the insecurity of XML Security. it Inf. Technol. 56(6): 313-317 (2014) - [c11]Christopher Meyer, Juraj Somorovsky, Eugen Weiss, Jörg Schwenk, Sebastian Schinzel, Erik Tews:
Revisiting SSL/TLS Implementations: New Bleichenbacher Side Channels and Attacks. USENIX Security Symposium 2014: 733-748 - 2013
- [b1]Juraj Somorovsky:
On the insecurity of XML security. Bochum University, Germany, 2013 - [c10]Andreas Falkenberg, Christian Mainka, Juraj Somorovsky, Jörg Schwenk:
A New Approach towards DoS Penetration Testing on Web Services. ICWS 2013: 491-498 - [c9]Tibor Jager, Kenneth G. Paterson, Juraj Somorovsky:
One Bad Apple: Backwards Compatibility Attacks on State-of-the-Art Cryptography. NDSS 2013 - 2012
- [c8]Juraj Somorovsky, Christopher Meyer, Thang Tran, Mohamad Sbeiti, Jörg Schwenk, Christian Wietfeld:
SeC2: Secure Mobile Solution for Distributed Public Cloud Storages. CLOSER 2012: 555-561 - [c7]Tibor Jager, Sebastian Schinzel, Juraj Somorovsky:
Bleichenbacher's Attack Strikes again: Breaking PKCS#1 v1.5 in XML Encryption. ESORICS 2012: 752-769 - [c6]Christian Mainka, Juraj Somorovsky, Jörg Schwenk:
Penetration Testing Tool for Web Services Security. SERVICES 2012: 163-170 - [c5]Juraj Somorovsky, Jörg Schwenk:
Technical Analysis of Countermeasures against Attack on XML Encryption - or - Just Another Motivation for Authenticated Encryption. SERVICES 2012: 171-178 - [c4]Juraj Somorovsky, Andreas Mayer, Jörg Schwenk, Marco Kampmann, Meiko Jensen:
On Breaking SAML: Be Whoever You Want to Be. USENIX Security Symposium 2012: 397-412 - 2011
- [c3]Juraj Somorovsky, Mario Heiderich, Meiko Jensen, Jörg Schwenk, Nils Gruschka, Luigi Lo Iacono:
All your clouds are belong to us: security analysis of cloud management interfaces. CCSW 2011: 3-14 - [c2]Tibor Jager, Juraj Somorovsky:
How to break XML encryption. CCS 2011: 413-422 - 2010
- [c1]Juraj Somorovsky, Meiko Jensen, Jörg Schwenk:
Streaming-Based Verification of XML Signatures in SOAP Messages. SERVICES 2010: 637-644
Coauthor Index
manage site settings
To protect your privacy, all features that rely on external API calls from your browser are turned off by default. You need to opt-in for them to become active. All settings here will be stored as cookies with your web browser. For more information see our F.A.Q.
Unpaywalled article links
Add open access links from to the list of external document links (if available).
Privacy notice: By enabling the option above, your browser will contact the API of unpaywall.org to load hyperlinks to open access articles. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the Unpaywall privacy policy.
Archived links via Wayback Machine
For web page which are no longer available, try to retrieve content from the of the Internet Archive (if available).
Privacy notice: By enabling the option above, your browser will contact the API of archive.org to check for archived content of web pages that are no longer available. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the Internet Archive privacy policy.
Reference lists
Add a list of references from , , and to record detail pages.
load references from crossref.org and opencitations.net
Privacy notice: By enabling the option above, your browser will contact the APIs of crossref.org, opencitations.net, and semanticscholar.org to load article reference information. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the Crossref privacy policy and the OpenCitations privacy policy, as well as the AI2 Privacy Policy covering Semantic Scholar.
Citation data
Add a list of citing articles from and to record detail pages.
load citations from opencitations.net
Privacy notice: By enabling the option above, your browser will contact the API of opencitations.net and semanticscholar.org to load citation information. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the OpenCitations privacy policy as well as the AI2 Privacy Policy covering Semantic Scholar.
OpenAlex data
Load additional information about publications from .
Privacy notice: By enabling the option above, your browser will contact the API of openalex.org to load additional information. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the information given by OpenAlex.
last updated on 2024-10-07 01:18 CEST by the dblp team
all metadata released as open data under CC0 1.0 license
see also: Terms of Use | Privacy Policy | Imprint