Publications
Nowadays, I mostly work on SHA-3 candidates. This result is the first practical attack against Edon-R, although it is not an attack against a standard security notion.
Practical Key Recovery Attack against Secret-IV Edon-R, . CT-RSA 2010
This paper presents a side-channel attack against HMAC-SHA1. The main idea is to recover some information when the key enters the hash function as a message, and to exploit the fact that there are two such computations with related key. This idea can also be used against other members of the MD4 family. The papers includes practical experiments.
Practical Electromagnetic Template Attack on HMAC, . CHES 2009
This paper studies what happens when scheme proved secure in the ROM are used with an imperfect hash function. We also show that various proposition to instantiate a ROM are in fact insecure.
How Risky is the Random Oracle Model?, . Crypto 2009
This paper shows a preimage attack on MD4. The attack is not practical, but it is an important result to understand the security of current hash functions. Here is the preproceeding version of the paper, and the slides used for the presentation. A video should be available in the FSE website in the near future.
MD4 is Not One-Way, . FSE 2008 ©IACR | Slides
This paper introduces a new attack against the provably secure hash function based on quasi-cyclic codes of Finiasz, Gaborit, and Sendrier. It will be presented at CT-RSA 2008; this is a preliminary version.
Cryptanalysis of a Hash Function Based on Quasi-Cyclic Codes, . CT-RSA 2008
This paper describes an attack on HMAC-MD4; it was presented in CRYPTO 2007. The attack uses differential paths found with my differential path search algorithm. Here is the paper and the slides of the presentation. The full version of the paper is in preparation.
Full Key-Recovery Attacks on HMAC/NMAC-MD4 and NMAC-MD5, . CRYPTO 2007 ©IACR | Slides
I presented at the ECRYPT Workshop on Hash Function in May 2007 how to compute differential paths in MD4, which the main result of my master thesis. Here is the paper and the slides of the presentation.
Automatic Search of Differential Path in MD4, . ECRYPT Hash Workshop 2007 | Slides
My first published result on hash functions describes how to have some freedom in finding collisions in MD4 and MD5, and gives a practical attack against APOP using this property. Here is the pre-proceeding version of the paper, and the slides used in the presentation. A video of the talk is available on the FSE website.
Message Freedom in MD4 and MD5 Collisions: Application to APOP, . FSE 2007 ©IACR | Slides
Before working with Pierre-Alain in the ENS, I did an internship with Carlos Cid at Royal Holloway. We worked on XSL and we wrote a paper that was presented in ASIACRYPT'05:
An Analysis of the XSL Algorithm, . ASIACRYPT 2005 ©IACR
You can also read my master thesis with mostly describe Wang's attack and try to automate the differential path search. Warning, it is in french...
Étude et automatisation de l'attaque de Wang sur MD4, . Master thesis
![[Alice and Bob]](alice.png "Alice and Bob")