This semester, I have the great opportunity to present my research at several conferences. It is time to give some feedback about the past events to prepare for the upcoming SSTIC!
TL;DR Here are some links about my presentations.
- Toulouse Hacking Convention « Diving into the Portable Document Format » slides
- Fast Software Encryption « Linking Online Misuse-Resistant Authenticated Encryption and Blockwise Attack Models » paper, slides, blog post
- [Upcoming] SSTIC « caradoc : une boîte à outils pour décortiquer et analyser sereinement les fichiers PDF »
Toulouse Hacking Convention
Early March, I started by presenting some updates about my research on the Portable Document Format at the Toulouse Hacking Convention. I must say that this first first edition of this IT security conference was a success!
All the talks were amazing but if I had to select my favorite ones:
- « Macro Pest Control » where Philippe Lagadec presented his latest research on identification of malicious macros in Office documents,
- « App vs Wild » where Stephane Duverger talked about how virtualization can help to protect an application’s code,
- « Dungeons and Dragons and Security » where Tiphaine Romand-Latapie presented her fun but effective role-playing game to train teams about security,
- « Privacy on steroids » where Bruno Kerouanton gave us a glimpse about his security- and privacy-hardened infrastructure,
- « Reverse Engineering Chips » where Eduardo Cruz showed us the technical challenge of reversing chips for preservation of old video games.
By the river, Toulouse by night is totally worth it!
Fast Software Encryption
The following day, I flew straight to Tokyo to arrive in time at the 24th International Conference on Fast Software Encryption. I really enjoyed meeting some of the greatest cryptographers at such a nice venue! The conference featured a cryptanalysis of Haraka (a new lightweight hash function) followed by the presentation of Haraka v2 (which fixes the issue), new attacks against CAESAR competitors NORX v2.0 (for which a fix was proposed) and AEZ v4.1. Last but not least, the rump session was fun and I could see what dining cryptographers really do!
My paper (co-authored with Damian Vizár) about security notions for authenticated encryption may be a bit technical if you don’t have a good background in this domain of crypto, but I wrote a blog post to give an overview of our research.
The talks were not recorded, but my slides are available here.
On a clear day, Tokyo fades away into Mount Fuji.
I very much recommend Kyoto if you get the chance to go!
Just before going to Japan, I also learned that my next presentation was accepted at SSTIC, the largest IT security conference in France! Olivier Levillain and I will present Caradoc, a tool to parse and verify PDF files that I started two years ago during a 6-month internship. I already gave a general presentation at the LangSec workshop last year but this talk will be a brief tutorial of Caradoc and focus on practical aspects.
I hope you could get your tickets with this year’s bigger room and I am looking forward to meet you there in June!