Thriving in between theory and practice: How applied cryptography bridges the gap
Matilda Backendal and I were invited to give this talk at the NIST CRClub on where the gap between theory and practice occurs.
Talks and presentations
Key Overwriting Attacks
I was fortunate to be hosted by Henry Corrigan-Gibbs and held this talk at MIT CSAIL.
CSE 207b: Key Overwriting Attacks
In this guest lecture in the applied cryptography course CSE 207b at UCSD, I formalize key overwriting attacks.
MEGA: Malleable Encryption Goes Awry
In this talk, I present five attacks on the user-controlled end-to-end security MEGA. Our attacks show that a malicious provider can break authentication and compromise file confidentiality and integrity.
Why E2EE Cloud Storage is hard - Challenges, Attacks and Best Practices
We discuss leasons learnt from breaking MEGA for why end-to-end encrypted cloud storage is hard to design.
Climbing the Hacking /mnt/ain
This talk discusses my experience as team coach of the Swiss National Hacking Team and preparing it for the European Cyber Security Challenge 2021.
Revisiting Microarchitectural Side-Channels
This talks presents the results of applying cache side-channels to contemporary hardware and investigating AES lookup tables, AES key scheduling, and Argon2. The slides give a brief overview of the content described in this blog post
SGX Accurate Time Measurements
This talk briefly summarizes our improvements on time measurements inside SGX enclaves. It discusses our discovery of the “Poor man’s CMOV” phenomenon, which later led to the USENIX Security paper on the Frontal Attack.