| CARVIEW |
Select Language
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 28 Dec 2025 08:31:47 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"68b5c27b-eb9a"
Last-Modified: Sunday, 28-Dec-2025 08:31:47 GMT
Cache-Control: no-store, no-cache
Content-Encoding: gzip
Ruben A. Gonzalez - Personal Website
Publications
Academic Publications
High-assurance zeroization,
2023,
TCHES
R Gonzalez
,
S Arranz Olmos
,
G Barthe
,
B Grégoire
,
V Laporte
,
J Léchenet
,
T Oliveira
,
P Schwabe
KEMTLS vs. Post-quantum TLS: Performance on Embedded Systems,
2022,
SPACE 2022
R Gonzalez
,
T Wiggers
Security Research
Advisories, Popular Science and Non-Academic Publications
Rambox TLS Plaintext Recovery - CVE-2023-43972,
2023,
MITRE
Ruben Gonzalez
Croc Full Plaintext Recovery - CVE-2021-31603,
2021,
MITRE/RedRocket Blog
Ruben Gonzalez
,
Aaron Kaiser
Kyber - How does it work? The Inner Workings of the Post-Quantum KEM,
2021,
Cryptopedia Blog
Ruben Gonzalez
Reversing and Hacking Age of Empires 2: Definitive Edition,
2021,
Microsoft/RedRocket Blog
Ruben Gonzalez
,
F. Stotz
BigBlueButton Local File Inclusion/Privilege Escalation - CVE-2020-12112,
2020,
BigBlueButton/RedRocket Blog
L. Schauer
,
Ruben Gonzalez
Academic Work
Courses, Seminars and other Academic Work
- Cry.College: Online Lecture on Modern Cryptography , H-BRS, Start 2021.
- WebSecSeminar: Research Seminar on Web Security , H-BRS, Start 2021.
- HookFTW: A Windows Hooking Library , Master Project Supervision, H-BRS, 2021.
- Syntax Aware Fuzzing For Indentifying Parser Differentials , Bachelor Thesis Supervision, H-BRS, 2020.
- Reviewer , Paper on Improving Schindler Style Error Correction, CARDIS, 2019
- Offensive Security: Online Lecture on Hacking Techniques , H-BRS, Start 2019.
- Tutor for Lecture Operating Systems , HTWG Konstanz 2016.
Talks
Presentations Held (Selection)
- Hacking Cryptography , DEFCON, Las Vegas
- Better Information Security Management in Hospital , DMEA
- Hacking Cryptography , Hack in The Box, Amsterdam
- Attacking Companies: How does it work? , SecIT, Hannover
- Post-Quantum Migration , BDEW Bundesverband der Energie- und Wasserwirtschaft/German Association of Energy and Water Supply
- Security Threat’s for Judges and Prosecutors , Deutscher Juristentag/German Attorneys Association
- Web Application Security , Malta Information Technology Agency
- Kyber and Post-Quantum Crypto - How does it work? , Chaos Communication Congress, rc3 2021
- Foundations of Modern Cryptography , Fraunhofer Academy Training.
- Laymen’s Guide to Information Security , Fraunhofer Academy Training.
- Information Security for Endusers , German Farmers Day 2021
- Curveball - Mircosoft’s Crypto Screwup , Cooleleute.live, 2020.
- Real World Crypto in The Actual Real World , DS Lunch Colloquium, Radboud University, 2021.
- How to Learn (and Teach) Hacking , OWASP AppSec, 2019.
- News On Error Correction Methods for SPA on Blinded Modular Exponentiation , JIL Hardware-Related Attacks Subgroup, Brussels, 2018
- AI, Heuristics and NP in Laymen’s Terms , Datenburg, 2018.
- Hosting CTFs with Berlyne , FrOSCon, 2017.
Projects
Involved Projects
Chairman - RedRocket Hacking Club
Co-Organizer - CyberSecurityRumble Germany Hacking Competition
Full Member - Nachwuchsförderung IT-Sicherheit e.V.
Edu25519 - Curve25519 Implementation Optimized For Readability
Cry.College-Lib - Python Library implementing many crypto primitives.
eccfun - Python Library For Interactively Exploring Elliptic Curves
IKEFOO - Test suite for IKE/IPSec implementations
Press
Selection Of Interviews And Press Coverage
- Spiegel Article about Car Hacking , Spiegel
- Gamestar Podcast about RedRocket and Game Hacking , Gamestar
- Wie hackt man einen Satelliten? , PM Wissen
- US-Wettbewerb: Hackerteam der Hochschule Bonn-Rhein-Sieg gewinnt Preis , Cologne Messenger
- Im Weltraum hört dich niemand hacken , Der Spiegel
- Sankt Augustiner spüren im Wettbewerb IT-Sicherheitslücken auf , Generalanzeiger Bonn
- PLATZ 3: FLUXREPEATROCKET BEIM HACK-A-SAT , Press Release H-BRS
- Team RedRocket Hackt Beim ProCTF In Abu Dhabi , H-BRS Press Release
- Red-Rocket-Team Hacker-Gruppe der Hochschule Bonn-Rhein-Sieg sucht Sicherheitslücken , Cologne Messenger
- Team Sauercloud Qualifiziert Sich Für DEFCON CTF , H-BRS Press Release
- TV Report about RedRocket winning the CyberSecRumble , WDR Lokalzeit Bonn
- Team RedRocket Rockt Cyber Security Rumble In Bonn , H-BRS Press Release
CTF Tasks
Hacking Challenges Authored
BfLol,
2020,
CyberSecurityRumble
Binary Exploitation, Brainfuck Interpreter PWNing, 300/500
Blow,
2020,
CyberSecurityRumble
Crypto, Inavlid Curve Attack On Faulty JWT Usage, 500/500
Secure Secret Sharing,
2020,
CyberSecurityRumble
Web, NoSQL Injection Attack, 300/500
Whistle,
2018,
P.W.N. University CTF
Crypto, Exploit Invalid Padding via Coppersmith Attack, 300/500