Marcus Brinkmann

Ruhr-Universität Bochum | RUB · Horst Görtz In­sti­tu­te of IT-Se­cu­ri­ty (HGI)

TLS is widely used to add confidentiality, authenticity and integrity to application layer protocols such as HTTP, SMTP, IMAP, POP3, and FTP. However, TLS does not bind a TCP connection to the intended application layer protocol. This allows a man-in-the-middle attacker to redirect TLS traffic to a different TLS service endpoint on another IP addre...

OpenPGP is one of the two major standards for end-to-end email security. Several studies showed that serious usability issues exist with tools implementing this standard. However, a widespread assumption is that expert users can handle these tools and detect signature spoofing attacks. We present a user study investigating expert users' strategies...

All almost perfect nonlinear (APN) permutations that we know to date admit a special kind of linear self-equivalence, i.e., there exists a permutation $G$ in their CCZ-equivalence class and two linear permutations $A$ and $B$ , such that $G \circ A = B \circ G$ . After providing a survey on the known APN functions with a focus on the existe...

OpenPGP and S/MIME are two major standards for securing email communication introduced in the early 1990s. Three recent classes of attacks exploit weak cipher modes (EFAIL Malleability Gadgets, or EFAIL-MG), the flexibility of the MIME email structure (EFAIL Direct Exfiltration, or EFAIL-DE), and the Reply action of the email client (REPLY attacks)...

All almost perfect nonlinear (APN) permutations that we know to date admit a special kind of linear self-equivalence, i.e., there exists a permutation $G$ in their CCZ-class and two linear permutations $A$ and $B$, such that $G \circ A = B \circ G$. After providing a survey on the known APN functions with a focus on the existence of self equivalenc...

OpenPGP and S/MIME are the two major standards to en-crypt and digitally sign emails. Digital signatures are supposed to guarantee authenticity and integrity of messages. In this work we show practical forgery attacks against various implementations of OpenPGP and S/MIME email signature verification in five attack classes: (1) We analyze edge cases...

We show practical attacks against OpenPGP and S/MIME encryption and digital signatures in the context of email. Instead of targeting the underlying cryptographic primitives, our attacks abuse legitimate features of the MIME standard and HTML, as supported by email clients, to deceive the user regarding the actual message content. We demonstrate how...

We show practical attacks against OpenPGP and S/MIME encryption and digital signatures in the context of email. Instead of targeting the underlying cryptographic primitives, our attacks abuse legitimate features of the MIME standard and HTML, as supported by email clients, to deceive the user regarding the actual message content. We demonstrate how...

For all vectorial boolean functions up to dimension 4, we present canonical representatives for all extended affine (EA) and CCZ equivalence classes. We include the size of each class, as well as its algebraic degree and extended Walsh spectrum. We also answer the following questions: How large are these classes? Which of these classes contain bije...

We classify the almost perfect nonlinear (APN) functions in dimensions 4 and 5 up to affine and CCZ equivalence using backtrack programming and give a partial model for the complexity of such a search. In particular, we demonstrate that up to dimension 5 any APN function is CCZ equivalent to a power function, while it is well known that in dimensio...

The GNU Hurd's design was motivated by a desire to rectify a number of observed shortcomings in Unix. Foremost among these is that many policies that limit users exist simply as remnants of the design of the system's mechanisms and their implementation. To increase extensibility and integration, the Hurd adopts an object-based architecture and defi...

Commodity operating systems fail to meet the secu-rity, resource management and integration expectations of users. We propose a unified solution based on a ca-pability framework as it supports fine grained objects, straightforward access propagation and virtualizable in-terfaces and explore how to improve resource use via ac-cess decomposition and...

End-to-end e-mail encryption is still ignored by almost all users. The mails are left in the clear in the mailboxes of the web mail providers, where they are frequently collected by attackers and lead to an escalation of the attack due to the sensitivity of the mail content. We suggest a new and simplified infrastructure to protect mail that is com...