talks

2023

1. USENIX

   Every Signature Is Broken: On the Insecurity of Microsoft Office’s OOXML Signatures

   Simon Rohlmann, Vladislav Mladenov, Christian Mainka, Daniel Hirschberger, and Jörg Schwenk

   In USENIX Security Symposium, Anaheim, CA, USA, accepted papers: 419/1444 = 29%, Aug 2023

   Abs Bib PDF Video Code Slides

   Microsoft Office is one of the most widely used applications for office documents. For documents of prime importance, such as contracts and invoices, the content can be signed to guarantee authenticity and integrity. Since 2019, security researchers have uncovered attacks against the integrity protection in other office standards like PDF and ODF. Since Microsoft Office documents rely on different specifications and processing rules, the existing attacks are not applicable.

   @inproceedings{rohlmannEverySignatureBroken2023,
     title = {Every {{Signature}} Is {{Broken}}: {{On}} the {{Insecurity}} of {{Microsoft Office}}’s {{OOXML Signatures}}},
     booktitle = {{{USENIX Security Symposium}}},
     author = {Rohlmann, Simon and Mladenov, Vladislav and Mainka, Christian and Hirschberger, Daniel and Schwenk, Jörg},
     date = {2023-08-09},
     pages = {18},
     publisher = {USENIX Association},
     location = {Anaheim, CA, USA},
     url = {https://www.usenix.org/conference/usenixsecurity23/presentation/rohlmann},
     eventtitle = {{{USENIX}}},
     langid = {english},
     month = aug,
   }

2022

1. SCI ACNS

   Hey... It’s a PDF. What Can Go Wrong?

   Christian Mainka, and Vladislav Mladenov

   In Workshop on Secure Cryptographic Implementation (SCI) In Conjunction with ACNS 2022, Rome, Italy, Jun 2022

   Invited Keynote

   The basic idea of a PDF is simple. Users can open a document on different operating systems, and it has the same appearance as its printed equivalent. In the early 1990s, this conformance was a game-changer: it allowed sharing of documents on the Internet. Since then, PDFs have experienced an incredible evolution. The latest PDF standard supports calculation logic, 3D animations, and the filling and submitting of forms. PDF nowadays even supports JavaScript, a well-known scripting language used on websites. PDFs can also be signed and encrypted to ensure confidentiality, authenticity, and integrity. This talk sheds light on what can go wrong when a user opens a PDF. We present the art of breaking PDF signatures. We highlight the developers’ contradictive interpretation of specifications and talk about the difficulties to validate PDF signatures properly. Finally, we conclude with an outlook of further threats raised from documents.

2. Nachgehackt

   Der Podcast zu IT Security: Cyberwar

   Nachgehackt

   Aug 2022

   Podcast invitation Video

   The podcast episode focuses on the term “cyberwar”. With his guests Dr.-Ing. Christian Mainka (Horst Görtz Institute for IT Security) and Prof. Dr. Constantin Goschler (Faculty of History, RUB), Henrik Hanses attempts to define the term “cyberwar” more precisely and to shed light on it from a technical, social and historical perspective.

3. UPB

   Web Security: OAuth and OpenID Connect

   Christian Mainka

   In Padaborn University, Germany, Jun 2022

   Invited Guest Lecture

   As part of the lecture series on web security

2021

1. NDSS

   Shadow Attacks: Hiding and Replacing Content in Signed PDFs

   Christian Mainka, Vladislav Mladenov, and Simon Rohlmann

   In Network and Distributed System Security Symposium, Virtual Conference, accepted papers: 87/573 = 15%, Feb 2021

   Abs Bib PDF Video Code

   The Portable Document Format, better known as PDF, is one of the most widely used document formats worldwide, and in order to ensure information confidentiality, this file format supports document encryption. In this paper, we analyze PDF encryption and show two novel techniques for breaking the confidentiality of encrypted documents. First, we abuse the PDF feature of partially encrypted documents to wrap the encrypted part of the document within attacker-controlled content and therefore, exfiltrate the plaintext once the document is opened by a legitimate user. Second, we abuse a flaw in the PDF encryption specification to arbitrarily manipulate encrypted content. The only requirement is that a single block of known plaintext is needed, and we show that this is fulfilled by design. Our attacks allow the recovery of the entire plaintext of encrypted documents by using exfiltration channels which are based on standard compliant PDF properties. We evaluated our attacks on 27 widely used PDF viewers and found all of them to be vulnerable. We responsibly disclosed the vulnerabilities and supported the vendors in fixing the issues.

   @inproceedings{mainkaShadowAttacksHiding2021,
     title = {Shadow {{Attacks}}: {{Hiding}} and {{Replacing Content}} in {{Signed PDFs}}},
     booktitle = {Network and {{Distributed System Security Symposium}}},
     author = {Mainka, Christian and Mladenov, Vladislav and Rohlmann, Simon},
     date = {2021-02-21},
     publisher = {Internet Society},
     location = {Virtual Conference},
     doi = {10.14722/ndss.2021.24117},
     url = {https://www.ndss-symposium.org/ndss-paper/shadow-attacks-hiding-and-replacing-content-in-signed-pdfs/},
     eventtitle = {{{NDSS}}},
     month = feb,
   }

2. UPB

   Web Security: OAuth and OpenID Connect

   Christian Mainka

   In Padaborn University, Germany, Jun 2021

   Invited Guest Lecture

   As part of the lecture series on web security

2019

1. OWASP

   How to Break PDF Security

   Christian Mainka, and Jens Müller

   In German OWASP Day, Karlsruhe, Germany, Dec 2019
2. CCS

   

   1 Trillion Dollar Refund: How To Spoof PDF Signatures

   Vladislav Mladenov, Christian Mainka,  Karsten Meyer zu Selhausen, Martin Grothe, and Jörg Schwenk

   In ACM SIGSAC Conference on Computer and Communications Security, London, United Kingdom, accepted papers: 149/933 = 16%, Nov 2019

   Awarded Abs Bib PDF Website

   Awarded with the Best Paper Award on the Cyber Security Awareness Week (CSAW), Applied Research Competition.

   The Portable Document Format (PDF) is the de-facto standard for document exchange worldwide. To guarantee the authenticity and integrity of documents, digital signatures are used. Several public and private services ranging from governments, public enterprises, banks, and payment services rely on the security of PDF signatures. In this paper, we present the first comprehensive security evaluation on digital signatures in PDFs. We introduce three novel attack classes which bypass the cryptographic protection of digitally signed PDF files allowing an attacker to spoof the content of a signed PDF. We analyzed 22 different PDF viewers and found 21 of them to be vulnerable, including prominent and widely used applications such as Adobe Reader DC and Foxit. We additionally evaluated eight online validation services and found six to be vulnerable. A possible explanation for these results could be the absence of a standard algorithm to verify PDF signatures – each client verifies signatures differently, and attacks can be tailored to these differences. We, therefore, propose the standardization of a secure verification algorithm, which we describe in this paper.

   @inproceedings{mladenovTrillionDollarRefund2019,
     title = {1 {{Trillion Dollar Refund}}: {{How To Spoof PDF Signatures}}},
     booktitle = {{{ACM SIGSAC Conference}} on {{Computer}} and {{Communications Security}}},
     author = {Mladenov, Vladislav and Mainka, Christian and {Karsten Meyer zu Selhausen} and Grothe, Martin and Schwenk, Jörg},
     date = {2019-11-06},
     pages = {1--14},
     publisher = {ACM Press},
     location = {London, United Kingdom},
     doi = {10.1145/3319535.3339812},
     url = {https://dl.acm.org/doi/10.1145/3319535.3339812},
     urldate = {2020-12-08},
     addendum = {CSAW Best Paper Award},
     eventtitle = {{{CCS}}},
     langid = {english},
     month = nov,
   }

2017

1. EuroS&P

   SoK: Single Sign-On Security – An Evaluation of OpenID Connect

   Christian Mainka, Vladislav Mladenov, Tobias Wich, and Jörg Schwenk

   In European Symposium on Security and Privacy (Euro S&P), Parice, France, accepted papers: 38/194 = 20%, Apr 2017

   Abs Bib Code

   OpenID Connect is the OAuth 2.0-based replacement for OpenID 2.0 (OpenID) and one of the most important Single Sign-On (SSO) protocols used for delegated authentication. It is used by companies like Amazon, Google, Microsoft, and PayPal. In this paper, we systematically analyze wellknown attacks on SSO protocols and adapt these on OpenID Connect. We additionally introduce two novel attacks on OpenID Connect, Identity Provider Confusion and Malicious Endpoints Attack abusing lacks in the current specification and breaking the security goals of the protocol. We communicated these attacks in 2014 with the authors of the OpenID Connect specification and helped to develop a fix (currently an RFC Draft). We categorize the described attacks in two classes: Single-Phase Attacks abusing a lack of a single security check and Cross-Phase Attacks requiring a complex attack setup and manipulating multiple messages distributed across the whole protocol workflow. We provide an evaluation of officially referenced OpenID Connect libraries and find 75% of them vulnerable to at least one Single-Phase Attack. All libraries are susceptible Cross-Phase Attacks which is not surprising since the attacks abuse a logic flaw in the protocol and not an implementation error. We reported the found vulnerabilities to the developers and helped them to fix the issues. We address the existing problems in a Practical Offensive Evaluation of Single Sign-On Services (PrOfESSOS). PrOfESSOS is our open source implementation for fully automated Evaluation-as-a-Service for SSO. PrOfESSOS introduces a generic approach to improve the security of OpenID Connect implementations by systematically detecting vulnerabilities. In collaboration with the IETF OAuth and OpenID Connect working group, we integrate PrOfESSOS into the OpenID Connect certification process.

   @inproceedings{mainkaSoKSingleSignOn2017,
     title = {{{SoK}}: {{Single Sign-On Security}} – {{An Evaluation}} of {{OpenID}} Connect},
     booktitle = {European {{Symposium}} on {{Security}} and {{Privacy}} ({{Euro S}}\&{{P}})},
     author = {Mainka, Christian and Mladenov, Vladislav and Wich, Tobias and Schwenk, Jörg},
     date = {2017-04},
     publisher = {IEEE},
     location = {Parice, France},
     doi = {10.1109/EuroSP.2017.32},
     url = {https://doi.ieeecomputersociety.org/10.1109/EuroSP.2017.32},
     eventtitle = {{{EuroS}}\&{{P}}},
     month = apr
   }

2016

1. XML

   From DTD to XXE - An Evaluation of XML-Parsers

   Christian Mainka, and Christopher Späth

   In XML Amsterdam, Amsterdam, Netherlands, Nov 2016
2. OWASP

   From DTD to XXE - An Evaluation of XML-Parsers

   Christian Mainka, and Christopher Späth

   In OWASP AppSec EU, Rome, Italy, Jun 2016

   Video
3. PhD Thesis

   On Message-Level Security

   Christian Mainka

   Dec 2016

   Abs Bib PDF

   The advent of message-level security raised with the upcoming popularity of multi-party application architectures, in which securing messages only during transport does not fulfill the demands. Security features are directly added to the exchanged messages so that they can be forwarded to further entities without losing their protection, even if an untrusted party is involved in between. This thesis analyzes message-level security in two widely-used application areas: web services and Single Sign-On (SSO). Through the described methodology, numerous security issues in various software libraries and websites were identified, reported and fixed. The first part of the thesis analyzes the security of SOAP-based web services. This work found novel attack techniques with the focus on automatic detection and circumvention of existing countermeasures. With WS-Attacker, a software developed in this context, the first fully-automatic penetration test software for web service security is designed and implemented. Its application led to the discovery of numerous vulnerabilities in well-known web service frameworks, such as Apache CXF, and in the IBM DataPower Security Gateway. The issues were reported to the developers and the implementation flaws were fixed. The second part of the thesis examines the security of SSO systems. Generic attack concepts applicable to arbitrary SSO protocols are developed and then applied to the protocols (1.) OpenID, (2.) OpenID Connect, and (3.) Security Assertion Markup Language (SAML). These attack concepts are based on a newly introduced SSO Attacker Paradigm which is founded by the question whether the Identity Provider (IdP) in an SSO protocol can always be viewed as a Trusted Third Party (TTP). The research results in this thesis show that in modern SSO systems, an attacker may integrate his malicious IdP and, thus, they reveal that the answer is no. The malicious IdP can then be used for the detection of security vulnerabilities and for their exploitation. Based on the SSO Attacker Paradigm, the attack techniques are evaluated. Vulnerabilities are identified in different OpenID, OpenID Connect, and SAML implementations. The security of widespread systems, such as Software-as-aService Cloud Providers (SaaS-CPs), can be broken. We show how to successfully log in to foreign accounts, read out local files stored on the server, and to efficiently execute Denial-of-Service (DoS) as well as complex Server-Side Request Forgery (SSRF) attacks. The work described in this thesis influenced the development of many web service frameworks and SSO systems. Within this context, attacks on the specification of OpenID Connect are shown that allow to break the main target of the protocol – the authentication of the End-User – regardless of the underlying implementation. A countermeasure has been proposed in collaboration with the official OAuth and OpenID Connect workgroups of the Internet Engineering Task Force (IETF). Due to the attacks, the specifications of OAuth and OpenID Connect are currently being updated and adjusted.

   @thesis{mainkaMessagelevelSecurity2016,
     type = {phdthesis},
     title = {On Message-Level Security},
     author = {Mainka, Christian},
     date = {2016-12},
     institution = {Ruhr University Bochum},
     urn = {urn:nbn:de:hbz:294-52517},
     month = dec
   }

4. EuroS&P

   Do Not Trust Me: Using Malicious IdPs for Analyzing and Attacking Single Sign-On

   Christian Mainka, Vladislav Mladenov, and Jörg Schwenk

   In European Symposium on Security and Privacy (Euro S&P), Saarbrücken, Germany, accepted papers: 29/169 = 17%, Dec 2016

   Abs Bib Code

   Single Sign-On (SSO) systems simplify login procedures by using an Identity Provider (IdP) to issue authentication tokens which can be consumed by Service Providers (SPs). Traditionally, IdPs are modeled as trusted third parties. This is reasonable for centralized SSO systems like Kerberos, where each SP explicitly specifies which single IdP it trusts. However, a typical use case for SPs like Salesforce is that each customer is allowed to configure his own IdP. A malicious IdP should however only be able to compromise the security of those accounts on the SP for which it was configured. If different accounts can be compromised, this must be considered as a serious attack. Additionally, in open systems like OpenID and OpenID Connect, the IdP for each customer account is dynamically detected in a discovery phase. Our research goal was to test if this phase can be used to trick a SP into using a malicious IdP for legitimate user accounts. Thus, by introducing a malicious IdP we evaluate in detail the popular and widely deployed SSO protocol OpenID. We found two novel classes of attacks, ID Spoofing (IDS) and Key Confusion (KC), on OpenID, which were not covered by previous research. Both attack classes allow compromising the security of all accounts on a vulnerable SP, even if those accounts were not allowed to use the malicious IdP. As a result, we were able to compromise 12 out the most popular 17 existing OpenID implementations, including Sourceforge, Drupal, ownCloud and JIRA. We developed an open source tool OpenID Attacker, which enables the fully automated and fine granular testing of OpenID implementations. Our research helps to better understand the message flow in the OpenID protocol, trust assumptions in the different components of the system, and implementation issues in OpenID components. All OpenID implementations have been informed about their vulnerabilities and we supported them in fixing the issues. One year after our reports, we have evaluated 70 online websites. Some of them have upgraded their libraries and were safe from our attacks, but 26% were still vulnerable.

   @inproceedings{mainkaNotTrustMe2016,
     title = {Do Not Trust Me: {{Using}} Malicious {{IdPs}} for Analyzing and Attacking Single Sign-On},
     booktitle = {European {{Symposium}} on {{Security}} and {{Privacy}} ({{Euro S}}\&{{P}})},
     author = {Mainka, Christian and Mladenov, Vladislav and Schwenk, Jörg},
     date = {2016},
     pages = {321--336},
     publisher = {IEEE},
     location = {Saarbrücken, Germany},
     doi = {10.1109/eurosp.2016.33},
     url = {https://doi.ieeecomputersociety.org/10.1109/EuroSP.2016.33},
     eventtitle = {{{EuroS}}\&{{P}}},
     organization = {IEEE},
   }

5. OWASP

   Systematically Breaking and Fixing OpenID Connect

   Christian Mainka, and Vladislav Mladenov

   In OWASP AppSec EU, Rome, Italy, Jun 2016

   Video

2015

1. QASA

   AdIDoS – Adaptive and Intelligent Fully-Automatic Detection of Denial-of-Service Weaknesses in Web Services

   Christian Altmeier, Christian Mainka, Juraj Somorovsky, and Jörg Schwenk

   In International Workshop on Quantitative Aspects of Security Assurance (QASA), Vienna, Austria, Sep 2015

   Abs Bib Code

   Denial-of-Service (DoS) attacks aim to affect availability of applications. They can be executed using several techniques. Most of them are based upon a huge computing power that is used to send a large amount of messages to attacked applications, e.g. web services. Web services apply parsing technologies to process incoming XML messages. This enlarges the amount of attack vectors since attackers get new possibilities to abuse specific parser features and complex parsing techniques. Therefore, web service applications apply various countermeasures, including message length or XML element restrictions. These countermeasures make validations of web service robustness against DoS attacks complex and error prone. In this paper, we present a novel adaptive and intelligent approach for testing web services. Our algorithm systematically increases the attack strength and evaluates its impact on a given web serice, using a blackbox approach based on server response times. This allows one to automatically detect message size limits or element count restrictions. We prove the practicability of our approach by implementing a new WS-Attacker plugin and detecting new DoS vulnerabilities in widely used web service implementations.

   @inproceedings{altmeierAdIDoSAdaptiveIntelligent2015,
     title = {{{AdIDoS}} – Adaptive and Intelligent Fully-Automatic Detection of Denial-of-Service Weaknesses in Web Services},
     booktitle = {International Workshop on Quantitative Aspects of Security Assurance ({{QASA}})},
     author = {Altmeier, Christian and Mainka, Christian and Somorovsky, Juraj and Schwenk, Jörg},
     date = {2015-09},
     publisher = {ESORICS},
     location = {Vienna, Austria},
     doi = {10.1007/978-3-319-29883-2_5},
     url = {https://dl.acm.org/doi/10.1007/978-3-319-29883-2_5},
     eventtitle = {{{QASA}}},
     month = sep
   }

2. WOOT

   How to Break XML Encryption – Automatically

   Dennis Kupser, Christian Mainka, Juraj Somorovsky, and Jörg Schwenk

   In USENIX Workshop on Offensive Technologies (WOOT), Washington, D.C., USA, accepted papers: 20/57 = 35%, Aug 2015

   Abs Bib Code

   In the recent years, XML Encryption became a target of several new attacks. These attacks belong to the family of adaptive chosen-ciphertext attacks, and allow an adversary to decrypt symmetric and asymmetric XML ciphertexts, without knowing the secret keys. In order to protect XML Encryption implementations, the World Wide Web Consortium (W3C) published an updated version of the standard. Unfortunately, most of the current XML Encryption implementations do not support the newest XML Encryption specification and offer different XML Security configurations to protect confidentiality of the exchanged messages. Resulting from the attack complexity, evaluation of the security configuration correctness becomes tedious and error prone. Validation of the applied countermeasures can typically be made with numerous XML messages provoking incorrect behavior by decrypting XML content. Up to now, this validation was only manually possible. In this paper, we systematically analyze the chosenciphertext attacks on XML Encryption and design an algorithm to perform a vulnerability scan on arbitrary encrypted XML messages. The algorithm can automatically detect a vulnerability and exploit it to retrieve the plaintext of a message protected by XML Encryption. To assess practicability of our approach, we implemented an open source attack plugin for Web Service attacking tool called WS-Attacker. With the plugin, we discovered new security problems in four out of five analyzed Web Service implementations, including IBM Datapower or Apache CXF.

   @inproceedings{kupserHowBreakXML2015,
     title = {How to Break {{XML Encryption}} – {{Automatically}}},
     booktitle = {{{USENIX}} Workshop on Offensive Technologies ({{WOOT}})},
     author = {Kupser, Dennis and Mainka, Christian and Somorovsky, Juraj and Schwenk, Jörg},
     date = {2015-08},
     publisher = {USENIX Association},
     location = {Washington, D.C., USA},
     url = {https://www.usenix.org/conference/woot15/workshop-program/presentation/kupser},
     eventtitle = {{{WOOT}}},
     month = aug
   }

3. IETF

   Attacks on OAuth and OpenID Connect

   Christian Mainka, and Vladislav Mladenov

   In IETF OAuth Working Group Security Meeting, Darmstadt, Germany, Dec 2015

   Invited by IETF

   Special Meeting on discussing security vulnerabilities in OAuth and OpenID Connect together with the IETF OAuth Working Group and the OpenID Foundation

2013

1. CAST

   Automatisierte Sicherheitsanalyse von XML-basierten Schnittstellen

   Christian Mainka, and Vladislav Mladenov

   In Competence Center for Applied Security Technology, CAST e.V., Darmstadt, Jun 2013
2. SSK

   Best Practices Für Webservices

   Christian Mainka

   In 2. Stralsunder Sicherheitskonferenz, Stralsund, Jul 2013
3. OWASP

   WS-Attacker: An OpenSource Penetration Testing Framework

   Christian Mainka, and Juraj Somorovsky

   In OWASP AppSec Europe, Hamburg, Aug 2013
4. MyPHD

   XML-Security in Webservices and Single-Sign On

   Christian Mainka

   In MyPHD, Hamburg, Sep 2013

2012

1. IBM

   Aktuelle Forschungsergebnisse zur Netzwerk-Security mit SOAP- und XML- Web Services

   Christian Mainka, and Juraj Somorovsky

   In IBM Frankfurt, Frankfurt, Germany, Nov 2012

   Invited by IBM

   Invited talk about XML- and SOAP Security

2. OWASP

   On Breaking SAML: Be Whoever You Want to Be

   Christian Mainka, and Juraj Somorovsky

   In German OWASP Day, Munich, Germany, Nov 2012
3. SERVICES

   Penetration Testing Tool for Web Services Security

   Christian Mainka, Juraj Somorovsky, and Jörg Schwenk

   In World Congress on Services (SERVICES), Honolulu, HI, USA, Jun 2012

   Abs Bib Code

   XML Encryption and XML Signature are fundamental security standards forming the core for many applications which require to process XML-based data. Due to the increased usage of XML in distributed systems and platforms such as in SOA and Cloud settings, the demand for robust and effective security mechanisms increased as well. Recent research work discovered, however, substantial vulnerabilities in these standards as well as in the vast majority of the available implementations. Amongst them, the so-called XML Signature Wrapping attack belongs to the most relevant ones. With the many possible instances of this attack type, it is feasible to annul security systems relying on XML Signature and to gain access to protected resources as has been successfully demonstrated lately for various Cloud infrastructures and services. This paper contributes a comprehensive approach to robust and effective XML Signatures for SOAP-based Web Services. An architecture is proposed, which integrates the required enhancements to ensure a fail-safe and robust signature generation and verification. Following this architecture, a hardened XML Signature library has been implemented. The obtained evaluation results show that the developed concept and library provide the targeted robustness against all kinds of known XML Signature Wrapping attacks. Furthermore the empirical results underline, that these security merits are obtained at low efficiency and performance costs as well as remain compliant with the underlying standards.

   @inproceedings{mainkaPenetrationTestingTool2012,
     title = {Penetration Testing Tool for Web Services Security},
     booktitle = {World Congress on Services ({{SERVICES}})},
     author = {Mainka, Christian and Somorovsky, Juraj and Schwenk, Jörg},
     date = {2012-06},
     location = {Honolulu, HI, USA},
     doi = {10.1109/services.2012.7},
     url = {https://dl.acm.org/doi/10.1109/SERVICES.2012.7},
     eventtitle = {{{SERVICES}}},
     month = jun
   }

4. FSCC

   XSpRES: Robust and Effective XML Signatures for Web Services

   Christian Mainka

   In 2. Fachgespräch Sicherheit Für Cloud Computing, Paderborn, Germany, Jun 2012
5. CLOSER

   XSpRES: Robust and Effective XML Signatures for Web Services

   Christian Mainka, Meiko Jensen, Luigi Lo Iacono, and Jörg Schwenk

   In International Conference on Cloud Computing and Services Science (CLOSER), Porto, Portugal, accepted papers: 15/145 = 10%, Apr 2012

   Abs Bib

   XML Encryption and XML Signature are fundamental security standards forming the core for many applications which require to process XML-based data. Due to the increased usage of XML in distributed systems and platforms such as in SOA and Cloud settings, the demand for robust and effective security mechanisms increased as well. Recent research work discovered, however, substantial vulnerabilities in these standards as well as in the vast majority of the available implementations. Amongst them, the so-called XML Signature Wrapping attack belongs to the most relevant ones. With the many possible instances of this attack type, it is feasible to annul security systems relying on XML Signature and to gain access to protected resources as has been successfully demonstrated lately for various Cloud infrastructures and services. This paper contributes a comprehensive approach to robust and effective XML Signatures for SOAP-based Web Services. An architecture is proposed, which integrates the required enhancements to ensure a fail-safe and robust signature generation and verification. Following this architecture, a hardened XML Signature library has been implemented. The obtained evaluation results show that the developed concept and library provide the targeted robustness against all kinds of known XML Signature Wrapping attacks. Furthermore the empirical results underline, that these security merits are obtained at low efficiency and performance costs as well as remain compliant with the underlying standards.

   @inproceedings{mainkaXSpRESRobustEffective2012a,
     title = {{{XSpRES}}: {{Robust}} and {{Effective XML Signatures}} for {{Web Services}}},
     booktitle = {International Conference on Cloud Computing and Services Science ({{CLOSER}})},
     author = {Mainka, Christian and Jensen, Meiko and Iacono, Luigi Lo and Schwenk, Jörg},
     date = {2012-04},
     pages = {187--197},
     location = {Porto, Portugal},
     url = {https://www.researchgate.net/publication/267407051_XSpRES_Robust_and_effective_XML_signatures_for_Web_Services},
     eventtitle = {{{CLOSER}}},
     month = apr
   }