Talks

Talks I gave (see also Speaker Deck).

• SPHINCS+
  29/06/23, Paris (France), 55 min
  Quantum PEPR PQ-TLS project days

• Keynote
  15/06/23, Lausanne (Switzerland), 20 min
  CMTA Digital financial assets event

• Post-quantum crypto is coming!
  12/05/23, Bordeaux (France), 40 min
  Sthack

• UltraPlonkova: minimising parallel plonkish constraints using transformers
  25/04/23, Lyon (France), 3 min — interrupted
  Eurocrypt

• Too much crypto II
  30/11/22, Zurich (Switzerland), 20min
  Too much crypto

• Zero-knowledge proofs: securing the future of crypto
  15/11/22, Riyadh (Saudi Arabia), 25min
  Black Hat MEA

• SAFE: Faster and simpler hashing for ZKPs
  15/09/22, Berlin (Germany), 30min
  ZK Summit 8

• Zero-knowledge proofs security, in practice
  25/06/22, Donostia - San Sebastián (Spain), 45min
  EuskalHack

• The CMTA token
  03/06/22, Zurich (Switzerland), 15min
  SNB-CIF Conference on Cryptoassets and Financial Innovation

• Post-quantum crypto is coming!
  02/05/22, Paris (France), 40 min
  Paris P2P Festival

• Security of ZKP projects: same but different
  22/04/22, Amsterdam (Netherlands), 30 min
  ZK Summit 7

• Zero-knowledge proofs security, in practice
  31/03/22, online, 60min
  zkStudyClub

• Hunting for bugs in "Ethereum 2.0"
  25/03/22, Geneva (Switzerland), 45 min
  Insomni'Hack

• The CMTA token
  24/03/22, Zurich (Switzerland), 15 min
  CMTA & 4T-DLT event

• Post-quantum crypto is coming
  28/11/21, Riyadh (Saudi Arabia), 45 min
  @Hack

• Protecting digital assets: much more than cryptography
  10/03/21, Lausanne (Switzerland), 25 min
  Finance and Technology Conference

• Quantum computing vs. cryptography
  15/06/21, online, 60 min
  PoC

• Post quantum world: Is crypto ready? (panel)
  15/06/21, online, 40 min, with Eli Ben-Sasson and Michael Harte
  CogX Festival

• Auditing cryptography (panel)
  09/06/21, online, 45 min, with isis agora lovecruft, Taylor Hornby, and Thomas Pornin
  Zcon2Lite

• Quantum computing vs. cryptography
  04/05/21, online, 60 min
  Cyberpeace Institute

• Protecting digital assets: much more than crypto
  10/03/21, online, 30 min
  Swiss Cyber Security Days

• Attacking threshold wallets
  14/01/21, online, 10 min
  Real World Crypto (talk given by Omer Shlomovits)

• Attacks to deployed threshold signatures
  06/11/20, USA online, 25 min, with Omer Shlomovits
  NIST's Multi-Party Threshold Schemes workshop

• Post-quantum crypto: should you care?
  04/09/20, Kyiv (Ukraine) online, 45 min
  NoNameCon

• Multiple bugs in multi-party computation: Breaking cryptocurrency's strongest wallets
  06/08/20, Las Vegas, NV (USA) online, 35 min
  Black Hat

• Too much crypto
  09/01/20, New-York (USA), 25 min
  Real World Crypto

• Lessons from 3 years of crypto and blockchain audits
  07/08/19, Las Vegas, NV (USA), 50 min
  Black Hat

• Towards post-quantum crypto standards
  09/05/19, Gdańsk (Poland), 40 min
  InfoShare

• IoT, M2M, V2V: The needs for and evolution towards end-to-end encryption
  08/05/19, Gdańsk (Poland), 30 min
  InfoShare

• Attacking and defending blockchains: from horror stories to secure wallets
  05/12/18, London (UK), 40 min
  Black Hat Europe

• Blockchain security!
  15/09/18, Novi Sad (Serbia), 40 min
  Balccon

• From quantum physics to post-quantum digital security
  27/06/18, Sofia (Bulgaria), 15 min
  Web.it Festival

• Quantum cyber blockchain IoT
  23/03/18, Geneva (Switzerland), 45 min
  Insomni'Hack

• Post-quantum crypto
  10/11/17, Lisbon, Portugal, 50 min
  BSides Lisbon

• Automated crypto bugs discovery
  26/07/17, Las Vegas, NV (USA), 50 min
  BSidesLV

• Automated testing of crypto software using differential fuzzing
  26/07/17, Las Vegas, NV (USA), 50 min
  Black Hat

• Криптография сегодня (Cryptography today)
  05/06/17, Repino (Russia), 25 min
  CTCrypt

• How secure are secure messengers?
  18/05/17, Zurich (Switzerland), 25 min
  SIGS Technology Summit

• Hunting for vulnerabilities in Signal
  08/04/17, Miami Beach, FL (USA), 45 min
  Infiltrate

• Hunting for vulnerabilities in Signal
  23/03/17, Heidelberg (Germany), 45 min
  Troopers

• Quantum-Safe Crypto Why & How?
  17/02/17, Sierre (Switzerland), 45 min
  SecureIT

• Latest hacking trends
  12/10/16, Geneva (Switzerland), 15 min
  Fédération des Entreprises Romandes

• SGX secure enclaves in practice: security and crypto review
  04/08/16, Las Vegas, NE (USA), 50 min
  Black Hat
  Also get the paper, tools, and SGX application

• What's up Argon2?
  02/08/16, Las Vegas, NE (USA), 30 min
  BSidesLV

• How to compute with secrets and not die trying
  22/06/16, Lausanne (Switzerland), 45 min
  EPFL Summer Research Institute

• Quantum computing and postquantum crypto
  16/06/16, Bern (Switzerland), 45 min
  SIGS Technology Summit

• Crypto fuzzing?
  04/06/16, Warsaw (Poland), 45 min
  Warcon

• Crypto code: the 9 circles of testing
  18/03/16, Geneva (Switzerland), 45 min
  Insomni'Hack

• Crypto code: the 9 circles of testing
  16/03/16, Heidelberg (Germany), 30 min
  Troopers

• Crypto, Quantum, Post-Quantum
  15/01/16, Washington, DC (USA), 20 min
  Shmoocon

• Password Hashing Competition
  15/01/16, Gaithersburg, MD (USA), 50 min
  NIST

• PHC releases Argon2
  05/11/15, Yverdon, Switzerland), 7 min
  Cybersecurity Conference (rump session)

• Quantum computers vs. computers security
  07/08/15, Las Vegas, NE (USA), 30 min
  DEF CON

• FOSS crypto
  06/07/15, Beauvais (France), 40min
  RMLL

• Secure communications: past, present, future
  23/06/15, Bern (Switzerland), 25min
  SIGS Technology Summit

• NSA surprises, not?
  01/04/15, Zurich (Switzerland), 30min
  SIGS Special Event

• Cryptographic backdooring
  26/03/15, Singapore, 45min
  SyScan

• CAESAR & NORX, the future of authenticated encryption?
  29/12/14, Hamburg (Germany), 60 min, with Philipp Jovanovic
  31th Chaos Communication Congress

• Cryptographic backdooring
  21/11/14, Paris (France), 45min
  NoSuchCon

• Cryptocoding v2
  13/11/14, Moscow (Russia), 45min
  Zeronights

• PHC
  06/11/14, Yverdon (Switzerland), 3 min
  Application Security Forum Western Switzerland (rump session)

• SHA-1 backdooring and exploitation
  09/08/14, Las Vegas, NE (USA), 60 min
  DEF CON (Skytalks)

• PHC: the candidates
  05/08/14, Las Vegas, NE (USA), 30 min
  PasswordsCon

• SHA-1 backdooring and exploitation
  05/08/14, Las Vegas, NE (USA), 30 min
  BSidesLV

• Crypto coding (bis)
  05/06/14, Rennes (France), 1h
  Institute of Mathematics of Rennes (IRMAR)

• Crypto coding
  05/06/14, Rennes (France), 50 min
  SSTIC

• PHC: status quo
  03/06/14, Zurich (Switzerland), 50 min
  Area41

• Beyond modes: Building a secure record protocol from a cryptographic sponge permutation
  26/02/14, San Francisco, CA (USA), 20 min
  CT-RSA 2014

• CBEAM: Efficient authenticated encryption from feebly one-way phi functions
  26/02/14, San Francisco, CA (USA), 20 min
  CT-RSA 2014

• NORX+PHC
  06/01/14, Schloss Dagstuhl (Germany), 30 min
  Seminar "Symmetric cryptography"

• Randomness in cryptography
  11/12/13, Lausanne (Switzerland), 50 min
  Hackers@EPFL's seminar

• The Password Hashing Competition
  16/10/13, Yverdon (Switzerland), 10 min
  Application Security Forum Western Switzerland (rump session)

• Password hashing: the future is now
  31/07/13, Las Vegas, NE (USA), 25 min
  Black Hat

• The Password Hashing Competition
  30/07/13, Las Vegas, NE (USA), 30 min
  PasswordsCon

• Crypto competitions
  13/05/13, Passau (Germany), 45 min
  University of Passau

• A cryptography coding standard?
  21/01/13, Costa Adeje (Tenerife, Spain), 30 min
  Workshop "Internet Crypto"

• BLAKE2
  17/01/13, Mondorf-les-Bains (Luxembourg), 30 min
  Seminar "Early symmetric crypto"

• A cryptography coding standard?
  16/01/13, Mondorf-les-Bains (Luxembourg), 5 min
  Seminar "Early symmetric crypto"

• Hash-flooding DoS reloaded: attacks and defenses
  29/12/12, Hamburg (Germany), 60 min, with Daniel J. Bernstein and Martin Boßlet
  29th Chaos Communication Congress

• Hash-flooding DoS reloaded: attacks and defenses
  08/11/12, Yverdon (Switzerland), 50 min, with Martin Boßlet
  Application Security Forum Western Switzerland

• SHA-3: should we care?
  02/11/12, Lucerne (Switzerland), 50 min
  Hashdays

• Cryptography: myths and reality
  01/11/12, Lucerne (Switzerland), 45 min
  Hashdays (manager session)

• Heavy Quark for secure AEAD
  06/07/12, Stockholm (Sweden), 20 min
  DIAC 2012

• SipHash: a fast short-input PRF
  05/07/12, Stockholm (Sweden), 20 min
  DIAC 2012

• BLAKE 2012 update
  23/03/12, Washington, DC (USA), 20 min
  Third SHA-3 conference

• Insomni'Hash
  02/03/12, Geneva (Switzerland), 45 min
  Insomni'Hack

• Attacking KLEIN
  19/01/12, Schloss Dagstuhl (Germany), 30 min
  Seminar "Symmetric cryptography"

• BLAKE SIMD: past, present, future
  16/01/12, Schloss Dagstuhl (Germany), 30 min
  Seminar "Symmetric cryptography"

• Cryptanalysis vs. reality
  28/10/11, Abu Dhabi (United Arab Emirates), 50 min
  Black Hat Abu Dhabi 2011

• Cryptanalysis vs. reality
  28/10/11, Lucerne (Switzerland), 50 min
  Hashdays

• Cryptanalysis vs. reality + Small cryptanalysis
  29/06/11, Schloss Dagstuhl (Germany), 40 min
  Seminar "International view of the state-of-the-art in cryptography and security and its use in practice"

• Quo vadis BLAKE?
  23/05/11, Warsaw (Poland), 60 min
  Workshop "Quo Vadis Cryptology?"

• Smaller Quarks!
  20/05/11, Tallinn (Estonia), 5 min
  ECRYPT2 Hash Workshop 2011 (rump session)

• Eve's SHA3 candidate: malicious hashing
  20/05/11, Tallinn (Estonia), 20 min
  ECRYPT2 Hash Workshop 2011

• Tuple cryptanalysis of ARX with application to BLAKE and Skein
  20/05/11, Tallinn (Estonia), 20 min
  ECRYPT2 Hash Workshop 2011

• Multiset analysis of ARX with application to 3fish (WIP)
  21/03/11, Lausanne (Switzerland), 5 min
  ECRYPT2 3rd "SHA-3 hash-bash" research retreat

• State of the hash: SHA-3 and beyond
  06/11/10, Lucerne (Switzerland), 50 min
  Hashdays

• BLAKE — status quo
  24/08/10, Santa Barbara (USA), 12 min
  Second SHA-3 conference

• Distinguisher for full final round of Fugue-256
  23/08/10, Santa Barbara (USA), 12 min
  Second SHA-3 conference

• Quark: a lightweight hash
  17/08/10, Santa Barbara (USA), 25 min
  CHES 2010

• Distinguisher for full final round of Fugue-256
  20/04/10, Paris (France), 5 min
  ECRYPT2 2nd "SHA-3 hash-bash" research retreat

• 10 years of cryptographic hashing
  22/01/10, Lausanne (Switzerland), 25 min
  10th LASEC anniversary (EPFL)

• Differential and invertibility properties of BLAKE
  11/01/10, Remich (Luxembourg), 30 min
  Seminar "Early symmetric crypto"

• On recent higher-order cryptanalysis techniques
  15/12/09, Tokyo (Japan), 45 min
  Sony System Technologies Lab

• Improved cryptanalysis of Skein
  10/12/09, Tokyo (Japan), 20 min
  Asiacrypt 2009

• On Hamsi
  07/12/09, Tokyo (Japan), 5 min
  Asiacrypt 2009 (rump session)

• Design and analysis of symmetric cryptographic algorithms
  01/12/09, Lausanne (Switzerland), 45 min
  PhD public defense

• Efficient FPGA implementations of high-dimensional cube testers on the stream cipher Grain-128
  10/09/09, Lausanne (Switzerland), 20 min, with Luca Henzen
  SHARCS 2009

• Zero-sum distinguishers
  08/09/09, Lausanne (Switzerland), 5 min
  HES 2009 (rump session)

• Algebraic methods for cryptanalysis
  19/06/09, Windisch (Switzerland), 25 min
  Meeting of the Swiss Mathematics Society (GMFH)

• Security and privacy preservation in human-involved networks
  24/04/09, Zurich (Switzerland), 25 min
  iNetSec 2009

• SHA-3 proposal BLAKE
  26/02/09, Leuven (Belgium), 18 min
  First SHA-3 conference

• Improved analysis of Threefish
  24/02/09, Leuven (Belgium), 4 min
  FSE 2009 (rump session)

• Cube testers and key-recovery attacks on reduced-round MD6 and Trivium
  23/02/09, Leuven (Belgium), 25 min
  FSE 2009

• Cube testers: theory and practice
  12/01/09, Schloss Dagstuhl (Germany), 40 min
  Seminar "Symmetric cryptography"

• Faster multicollisions
  15/12/08, Kharagpur (India), 25 min
  INDOCRYPT 2008

• Preimages attacks on 3-pass HAVAL and step-reduced MD5
  14/08/08, Sackville (Canada), 25 min
  SAC 2008

• How (not) to dither blockcipher-based hash functions?
  13/06/08, Casablanca (Morocco), 30 min
  Africacrypt 2008

• (Second) preimage attacks on Codefish
  12/06/08, Casablanca (Morocco), 3 min
  Africacrypt 2008 (rump session)

• Preimage attacks on HAVAL and MD5
  12/06/08, Casablanca (Morocco), 5 min
  Africacrypt 2008 (rump session)

• Preimages of HAVAL and MD5
  05/06/08, Leiden (Netherlands), 30 min
  Workshop "Hash functions in cryptology: theory and practice"

• The hash function family LAKE
  11/02/08, Lausanne (Switzerland), 30 min
  FSE 2008

• The odd couple: MQV and HMQV
  12/12/07, Lausanne (Switzerland), 90 min
  Seminar "Advanced topics in cryptology" (EPFL)

• Analysis of multivariate hash functions
  30/11/07, Seoul (South Korea), 25 min
  ICISC 2007

• Kryptographie im 21. Jahrhundert
  09/10/07, Windisch (Switzerland), 30 min, with Willi Meier and Simon Fischer
  Seminar "Transfer transparent"

• Asymmetric encryption with 2 XOR's: the cipher TCHo
  01/10/07, Lausanne (Switzerland), 30 min
  Seminar "Lightweight cryptography" (EPFL)

• Multivariate hash functions: constructions and security
  01/10/07, Lausanne (Switzerland), 30 min
  Seminar "Lightweight cryptography" (EPFL)

• TCHo: a hardware-oriented trapdoor cipher
  03/07/07, Townsville (Australia), 25 min
  ACISP 2007

• On a bias of Rabbit
  01/02/07, Bochum (Germany), 15 min
  SASC 2007