Christian Mainka scite author profile

Abstract-Instant Messaging has gained popularity by users for both private and business communication as low-cost short message replacement on mobile devices. However, until recently, most mobile messaging apps did not protect confidentiality or integrity of the messages.Press releases about mass surveillance performed by intelligence services such as NSA and GCHQ motivated many people to use alternative messaging solutions to preserve the security and privacy of their communication on the Internet. Initially fueled by Facebook's acquisition of the hugely popular mobile messaging app WHATSAPP, alternatives claiming to provide secure communication experienced a significant increase of new users.A messaging app that claims to provide secure instant messaging and has attracted a lot of attention is TEXTSECURE. Besides numerous direct installations, its protocol is part of Android's most popular aftermarket firmware CYANOGEN-MOD. TEXTSECURE's successor Signal continues to use the underlying protocol for text messaging. In this paper, we present the first complete description of TEXTSECURE's complex cryptographic protocol, provide a security analysis of its three main components (key exchange, key derivation and authenticated encryption), and discuss the main security claims of TEXTSECURE. Furthermore, we formally prove that-if key registration is assumed to be secure-TEXTSECURE's push messaging can indeed achieve most of the claimed security goals.

show abstract

SoK: Single Sign-On Security — An Evaluation of OpenID Connect

Mainka

Mladenov

Schwenk

et al. 2017

View full text Add to dashboard Cite

Penetration Testing Tool for Web Services Security

Mainka

Somorovsky

Schwenk

2012

View full text Add to dashboard Cite

XML-based SOAP Web Services are a widely used technology, which allows the users to execute remote operations and transport arbitrary data. It is currently adapted in Service Oriented Architectures, cloud interfaces, management of federated identities, eGovernment, or millitary services. The wide adoption of this technology has resulted in an emergence of numerous-mostly complex-extension specifications. Naturally, this has been followed by a rise in large number of Web Services attacks. They range from specific Denial of Service attacks to attacks breaking interfaces of cloud providers [1], [2] or confidentiality of encrypted messages [3]. By implementing common web applications, the developers evaluate the security of their systems by applying different penetration testing tools. However, in comparison to the wellknown attacks as SQL injection or Cross Site Scripting, there exist no penetration testing tools for Web Services specific attacks. This was the motivation for developing the first automated penetration testing tool for Web Services called WS-Attacker. In this paper we give an overview of our design decisions and provide evaluation of four Web Services frameworks and their resistance against WS-Addressing spoofing and SOAPAction spoofing attacks.

show abstract

A New Approach towards DoS Penetration Testing on Web Services

Falkenberg¹,

Mainka

Somorovsky

et al. 2013

View full text Add to dashboard Cite

SOAP-based Web services is a middleware technology marketed as the solution to easy data exchange between heterogeneous IT architectures. The large number of scenarios, in which this technology is used, has introduced demands for new extensions raising its complexity. However, this has also introduced a large variety of new attacks. In this paper, we investigate an automatic evaluation of Web service specific Denial of Service (DoS) attacks. We present a new fully automated plugin for the WS-Attacker penetration testing tool implementing major DoS attacks. Our tool determines the attack success without having physical access to the target machine, using a novel blackbox approach. We give an overview of our design decisions and present the evaluation results using common Web service frameworks and systems.

show abstract

Do Not Trust Me: Using Malicious IdPs for Analyzing and Attacking Single Sign-on

Mainka

Mladenov

Schwenk

2016

View full text Add to dashboard Cite

Abstract. Single Sign-On (SSO) systems simplify login procedures by using an an Identity Provider (IdP) to issue authentication tokens which can be consumed by Service Providers (SPs). Traditionally, IdPs are modeled as trusted third parties. This is reasonable for SSO systems like Kerberos, MS Passport and SAML, where each SP explicitely specifies which IdP he trusts. However, in open systems like OpenID and OpenID Connect, each user may set up his own IdP, and a discovery phase is added to the protocol flow. Thus it is easy for an attacker to set up its own IdP. In this paper we use a novel approach for analyzing SSO authentication schemes by introducing a malicious IdP. With this approach we evaluate one of the most popular and widely deployed SSO protocols -OpenID. We found four novel attack classes on OpenID, which were not covered by previous research, and show their applicability to real-life implementations. As a result, we were able to compromise 11 out of 16 existing OpenID implementations like Sourceforge, Drupal and ownCloud. We automated discovery of these attacks in a open source tool OpenID Attacker, which additionally allows fine-granular testing of all parameters in OpenID implementations. Our research helps to better understand the message flow in the OpenID protocol, trust assumptions in the different components of the system, and implementation issues in OpenID components. It is applicable to other SSO systems like OpenID Connect and SAML. All OpenID implementations have been informed about their vulnerabilities and we supported them in fixing the issues.

show abstract

On The (In-)Security Of JavaScript Object Signing And Encryption

Detering¹,

Somorovsky

Mainka

et al. 2017

View full text Add to dashboard Cite

Not so Smart: On Smart TV Apps

Niemietz

Somorovsky

Mainka

et al. 2015

View full text Add to dashboard Cite

12 3 4

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.