🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

My students Max ➡️🦋 and Tushar Jois spent most of the summer going through every piece of public documentation, forensics report, and legal document we could find to figure out how police were “breaking phone encryption”. 1/

Join me on August 15, 2021 for the 4th IACR Workshop on Attacks on Cryptography (WAC4): crypto.iacr.org/2021/wac.php Lots of exciting talks by @ic0nz1 Daniel De Almeida Braga Mathy Vanhoef #JuliaLen Elie Bursztein Luca Wilke @PPessl Omer Shlomovits Victor LOMNE IACR #CryptoNews

Workshop on Attacks on Cryptography (WAC4) is about to start, crypto.iacr.org/2021/wac.php Session I, "Raccoon Attack: Finding and Exploiting Most-Significant-Bit-Oracles in TLS-DH(E)" @ic0nz1 and "PARASITE: PAssword Recovery Attack against Srp Implementations in ThE wild" Daniel De Almeida Braga

🎥#Interview de Gwendal Patat (Gwendal Patat), ancien étudiant du master #informatique parcours #cybersécurité, et aujourd’hui #doctorant à l'IRISA. Gwendal témoigne de son expérience de #doctorat : son parcours, sa thèse, la suite de sa carrière… youtube.com/watch?v=5NzRW8…

What do cryptographic library developers think about timing attacks? We asked and got responses from 44 in our IEEE S&P 2022 paper co-authored with Marcel Fourné, Daniel De Almeida Braga, Mohamed Sabt, Peter Schwabe, Gilles Barthe, Pierre-Alain Foque and Yasemin Acar. is.muni.cz/go/d54huq 1/4

If you'are IEEE S&P, don't miss the presentation of our work "They're not that hard to mitigate": What Cryptographic Library Developers Think About Timing Attacks. A joint work with Ján Jančár, M. Fourné, Daniel De Almeida Braga, M. Sabt, Peter Schwabe, G. Barthe, PA Fouque and Yasemin Acar

"What do cryptographic library developers think about timing attacks?" Come to our talk at IEEE S&P, Ballroom BC in ~20 minutes! It's not an attack paper, but we have "attack" in the name.

I've just presented our work "Exploring Widevine for Fun and Profit" this morning at USENIX WOOT Conference on Offensive Technologies! Thanks again to Martina Lindorfer and Colin O'Flynn for the organization paper: arxiv.org/abs/2204.09298

Do you contribute to software that improves #security and/or #privacy? We’d love to chat with you about impacts of your software in a 45-ish minute interview study. 80USD gift card for qualifying participants. To join our research, sign up here: gwusec.seas.gwu.edu/ethicalimpactp…

Blog post on the SIDH attack ellipticnews.wordpress.com/2022/07/31/bre…

Users of glassess beware! You may be leaking secret data during Zoom/Skype/etc videoconferences. Screen reflected in glasses, then visible during a videoconferencing. School-grade physics/optics sufficient to understand the exploit equations. arxiv.org/pdf/2205.03971…

I will be defending my PhD Thesis entitled "Side Channels in Web Browsers: Applications to Security and Privacy" in IRISA tomorrow (29/11) at 2pm! I will host a livestream for remote viewers, feel free to come take a look: youtube.com/watch?v=C55s7k…

Are paper deadlines approaching too quickly, and do you need more time to polish your paper? DIMVA allows updating the body of your paper up to one week after submission! Submit until December 7, and polish until December 14

I will be defending my PhD Thesis "Leveraging side-channel signals for IoT malware classification and rootkit detection" in IRISA tomorrow (13/01) at 9:30. Youtube livestream: youtu.be/pLkD8wglrFg

Fantastic news! Daniel De Almeida Braga got the First Prix of the @FondationR1

I guess our advertisements worked too well. We're in dire need of additional evaluators, due to a record high number of registrations. If you or someone in your group is eager to join the team, please fill out the self-nomination form before the weekend: forms.gle/wp5XpF5EmHJEZP…

68 (UK affiliated) researchers working on security and privacy have raised alarms about provisions in the UK #OnlineSafetyBill: "our concern is that surveillance technologies are deployed in the spirit of providing online safety." Read our letter here: haddadi.github.io/UKOSBOpenlette…

Just presented our last paper at #PETS23 about how the Widevine DRM system could be used to track users online though the EME API Paper link: petsymposium.org/2023/files/pap…

I am happy to announce that Collide+Power, our new and generic software-based power side-channel technique, has been accepted at USENIX Security 2023 #usesec23. collidepower.com