Research Fellow, INRIA
Since September 2013 I am working as CEO of Cryptosense
, a spin-off company
commercializing my research in formal analysis of crypto security APIs.
Padding Oracle Attacks
Our recent work on padding oracle attacks has received some press and
blog coverage, not all of it accurate. Please read the FAQ
for more information.
From the LSV server
or from DBLP
Slides from recent seminars
including my CRYPTO'12 talk.
My research concerns formal analysis of information security
problems. In particular, I'm interested in security APIs
protocols, and security of embedded systems. Some highlights:
and Algorithmic Foundations of the Internet
- Analysis of Security
APIs workshop series - co-organiser with Mike Bond. The 6th Edition, ASA-6
was held on 28th June as part of CSF 2012.
- ACM SAC Security Track 2013, Programme Committee co-chair.
- CSF 2013, Programme Committee member
- Dagstuhl Seminar on security APIs, November 2012, co-organiser with Mike Bond, Riccardo Focardi and Sibylle Fröschle.
- PROOFS workshop -
Security Proofs for Embedded Systems, September 2012, Programme Committee member.
- ACM SAC Security Track 2012, Programme Committee member.
- Alan Turing Year workshop Is Cryptographic Theory Practically Relevant?, Cambridge, 31 January - 2 February 2012, Invited speaker.
- FMATS, workshop on Formal Methods and tools for Security, Cambridge, December 7-8 2011, Invited speaker
- Santa's Crypto in Prague on December 1st 2011, Invited speaker
- Course at Tsinghua University, Beijing, in August 2011, Invited lecturer
- SSTIC 2011 in Rennes June 9th 2011, Invited speaker.
, by Fabrizio Luccio,
Linda Pagli, and me. CRC Press, July 2011. Recently described
in the JOC
as a "superb read".