{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T23:14:30Z","timestamp":1763507670395,"version":"3.40.3"},"publisher-location":"Berlin, Heidelberg","reference-count":27,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642331664"},{"type":"electronic","value":"9783642331671"}],"license":[{"start":{"date-parts":[[2012,1,1]],"date-time":"2012-01-01T00:00:00Z","timestamp":1325376000000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2012]]},"DOI":"10.1007\/978-3-642-33167-1_43","type":"book-chapter","created":{"date-parts":[[2012,8,18]],"date-time":"2012-08-18T06:07:05Z","timestamp":1345270025000},"page":"752-769","source":"Crossref","is-referenced-by-count":16,"title":["Bleichenbacher\u2019s Attack Strikes again: Breaking PKCS#1 v1.5 in XML Encryption"],"prefix":"10.1007","author":[{"given":"Tibor","family":"Jager","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Sebastian","family":"Schinzel","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Juraj","family":"Somorovsky","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"43_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"608","DOI":"10.1007\/978-3-642-32009-5_36","volume-title":"CRYPTO 2012","author":"R. Bardou","year":"2012","unstructured":"Bardou, R., Focardi, R., Kawamoto, Y., Steel, G., Tsay, J.K.: Efficient Padding Oracle Attacks on Cryptographic Hardware. In: Canetti, R., Safavi-Naini, R. (eds.) CRYPTO 2012. LNCS, vol.\u00a07417, pp. 608\u2013625. Springer, Heidelberg (2012)"},{"key":"43_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-642-13708-2_1","volume-title":"Applied Cryptography and Network Security","author":"A. Bauer","year":"2010","unstructured":"Bauer, A., Coron, J.-S., Naccache, D., Tibouchi, M., Vergnaud, D.: On the Broadcast and Validity-Checking Security of pkcs#1 v1.5 Encryption. In: Zhou, J., Yung, M. (eds.) ACNS 2010. LNCS, vol.\u00a06123, pp. 1\u201318. Springer, Heidelberg (2010)"},{"key":"43_CR3","series-title":"Lecture Notes in Computer Science","first-page":"1","volume-title":"Advances in Cryptology - CRYPTO \u201998","author":"D. Bleichenbacher","year":"1998","unstructured":"Bleichenbacher, D.: Chosen Ciphertext Attacks against Protocols Based on the RSA Encryption Standard PKCS #1. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol.\u00a01462, pp. 1\u201312. Springer, Heidelberg (1998)"},{"key":"43_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"116","DOI":"10.1007\/978-3-642-27954-6_8","volume-title":"Topics in Cryptology \u2013 CT-RSA 2012","author":"J.P. Degabriele","year":"2012","unstructured":"Degabriele, J.P., Lehmann, A., Paterson, K.G., Smart, N.P., Strefler, M.: On the Joint Security of Encryption and Signature in EMV. In: Dunkelman, O. (ed.) CT-RSA 2012. LNCS, vol.\u00a07178, pp. 116\u2013135. Springer, Heidelberg (2012)"},{"key":"43_CR5","unstructured":"Eastlake, D., Reagle, J., Hirsch, F., Roessler, T., Imamura, T., Dillaway, B., Simon, E., Yiu, K., Nystr\u00f6m, M.: XML Encryption Syntax and Processing 1.1. W3C Candidate Recommendation (2012), \n                    \n                      http:\/\/www.w3.org\/TR\/2012\/CR-xmlenc-core1-20120313"},{"key":"43_CR6","unstructured":"Eastlake, D., Reagle, J., Imamura, T., Dillaway, B., Simon, E.: XML Encryption Syntax and Processing. W3C Recommendation (2002), \n                    \n                      http:\/\/www.w3.org\/TR\/xmlenc-core"},{"key":"43_CR7","unstructured":"Eastlake, D., Reagle, J., Solo, D., Hirsch, F., Roessler, T.: XML Signature Syntax and Processing, 2nd edn. W3C Recommendation (2008)"},{"key":"43_CR8","unstructured":"Gudgin, M., Hadley, M., Mendelsohn, N., Moreau, J.J., Nielsen, H.F.: SOAP Version 1.2 Part 1: Messaging Framework. W3C Recommendation (2003)"},{"key":"43_CR9","unstructured":"Haas, H., Booth, D., Newcomer, E., Champion, M., Orchard, D., Ferris, C., McCabe, F.: Web services architecture. W3C note, W3C (February 2004), \n                    \n                      http:\/\/www.w3.org\/TR\/2004\/NOTE-ws-arch-20040211\/"},{"key":"43_CR10","unstructured":"Jager, T., Schinzel, S., Somorovsky, J.: Bleichenbacher\u2019s attack strikes again: breaking PKCS#1 v1.5 in XML Encryption (full version), \n                    \n                      http:\/\/www.nds.rub.de\/research\/publications\/breaking-xml-encryption-pkcs15"},{"key":"43_CR11","doi-asserted-by":"crossref","unstructured":"Jager, T., Somorovsky, J.: How to break XML encryption. In: Chen, Y., Danezis, G., Shmatikov, V. (eds.) ACM CCS 2011: 18th Conference on Computer and Communications Security, pp. 413\u2013422. ACM Press (October 2011)","DOI":"10.1145\/2046707.2046756"},{"key":"43_CR12","unstructured":"JBoss Community: JBoss WS (Web Services Framework for JBoss AS), \n                    \n                      http:\/\/www.jboss.org\/jbossws"},{"key":"43_CR13","unstructured":"Jones, M., Rescorla, E., Hildebrand, J.: JSON Web Encryption (JWE) \u2013 draft-jones-json-web-encryption-01 (October 2011), \n                    \n                      http:\/\/tools.ietf.org\/html\/draft-jones-json-web-encryption-01"},{"key":"43_CR14","doi-asserted-by":"crossref","unstructured":"Jonsson, J., Kaliski, B.: Public-Key Cryptography Standards (PKCS) #1: RSA Cryptography Specifications Version 2.1. RFC 3447 (Informational) (February 2003), \n                    \n                      http:\/\/www.ietf.org\/rfc\/rfc3447.txt","DOI":"10.17487\/rfc3447"},{"key":"43_CR15","doi-asserted-by":"crossref","unstructured":"Kaliski, B.: PKCS #1: RSA Encryption Version 1.5. RFC 2313 (Informational) (March 1998), \n                    \n                      http:\/\/www.ietf.org\/rfc\/rfc2313.txt\n                    \n                    \n                  , obsoleted by RFC 2437","DOI":"10.17487\/rfc2313"},{"key":"43_CR16","doi-asserted-by":"crossref","unstructured":"Kaliski, B., Staddon, J.: PKCS #1: RSA Cryptography Specifications Version 2.0. RFC 2437 (Informational) (October 1998), \n                    \n                      http:\/\/www.ietf.org\/rfc\/rfc2437.txt\n                    \n                    \n                  , obsoleted by RFC 3447","DOI":"10.17487\/rfc2437"},{"key":"43_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"426","DOI":"10.1007\/978-3-540-45238-6_33","volume-title":"Cryptographic Hardware and Embedded Systems - CHES 2003","author":"V. Kl\u00edma","year":"2003","unstructured":"Kl\u00edma, V., Pokorn\u00fd, O., Rosa, T.: Attacking RSA-Based Sessions in SSL\/TLS. In: Walter, C.D., Ko\u00e7, \u00c7.K., Paar, C. (eds.) CHES 2003. LNCS, vol.\u00a02779, pp. 426\u2013440. Springer, Heidelberg (2003)"},{"key":"43_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"230","DOI":"10.1007\/3-540-44647-8_14","volume-title":"Advances in Cryptology - CRYPTO 2001","author":"J. Manger","year":"2001","unstructured":"Manger, J.: A Chosen Ciphertext Attack on RSA Optimal Asymmetric Encryption Padding (OAEP) as Standardized in PKCS #1 v2.0. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol.\u00a02139, pp. 230\u2013238. Springer, Heidelberg (2001)"},{"key":"43_CR19","doi-asserted-by":"publisher","DOI":"10.1201\/9781439821916","volume-title":"Handbook of Applied Cryptography","author":"A.J. Menezes","year":"1996","unstructured":"Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1996)"},{"key":"43_CR20","doi-asserted-by":"crossref","unstructured":"Rescorla, E.: Preventing the Million Message Attack on Cryptographic Message Syntax. RFC 3218 (Informational) (January 2002), \n                    \n                      http:\/\/www.ietf.org\/rfc\/rfc3218.txt","DOI":"10.17487\/rfc3218"},{"key":"43_CR21","unstructured":"Ristenpart, T., Tromer, E., Shacham, H., Savage, S.: Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. In: Al-Shaer, E., Jha, S., Keromytis, A.D. (eds.) ACM Conference on Computer and Communications Security, pp. 199\u2013212. ACM (2009), \n                    \n                      http:\/\/doi.acm.org\/10.1145\/1653662.1653687"},{"key":"43_CR22","doi-asserted-by":"publisher","first-page":"120","DOI":"10.1145\/359340.359342","volume":"21","author":"R.L. Rivest","year":"1978","unstructured":"Rivest, R.L., Shamir, A., Adleman, L.M.: A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM\u00a021, 120\u2013126 (1978)","journal-title":"Communications of the ACM"},{"key":"43_CR23","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"15","DOI":"10.1007\/978-3-642-11925-5_2","volume-title":"Topics in Cryptology - CT-RSA 2010","author":"N.P. Smart","year":"2010","unstructured":"Smart, N.P.: Errors Matter: Breaking RSA-Based PIN Encryption with Thirty Ciphertext Validity Queries. In: Pieprzyk, J. (ed.) CT-RSA 2010. LNCS, vol.\u00a05985, pp. 15\u201325. Springer, Heidelberg (2010)"},{"key":"43_CR24","doi-asserted-by":"crossref","unstructured":"Somorovsky, J., Schwenk, J.: Technical Analysis of Countermeasures against Attack on XML Encryption \u2013 or \u2013 Just Another Motivation for Authenticated Encryption. In: SERVICES Workshop on Security and Privacy Engineering (June 2012)","DOI":"10.1109\/SERVICES.2012.6"},{"key":"43_CR25","unstructured":"Thai, T.L., Lam, H.: NET Framework Essentials, 2nd edn. O\u2019Reilly & Associates, Inc. (2002)"},{"key":"43_CR26","unstructured":"The Apache Software Foundation: Apache Axis2, \n                    \n                      http:\/\/axis.apache.org"},{"key":"43_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"534","DOI":"10.1007\/3-540-46035-7_35","volume-title":"Advances in Cryptology - EUROCRYPT 2002","author":"S. Vaudenay","year":"2002","unstructured":"Vaudenay, S.: Security Flaws Induced by CBC Padding - Applications to SSL, IPSEC, WTLS... In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol.\u00a02332, pp. 534\u2013546. Springer, Heidelberg (2002)"}],"container-title":["Lecture Notes in Computer Science","Computer Security \u2013 ESORICS 2012"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-33167-1_43","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,6,2]],"date-time":"2019-06-02T20:39:41Z","timestamp":1559507981000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-33167-1_43"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2012]]},"ISBN":["9783642331664","9783642331671"],"references-count":27,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-33167-1_43","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2012]]}}}