Serge Vaudenay entered the École Normale Supérieure in Paris as a normalien student in 1989. In 1992, he passed the agrégation in mathematics. He completed his Ph.D. studies at the computer science laboratory of École Normale Supérieure, and defended it in 1995 at the Paris Diderot University; his advisor was Jacques Stern. From 1995 to 1999, he was a senior research fellow at French National Centre for Scientific Research (CNRS). In 1999, he moved to a professorship at the École Polytechnique Fédérale de Lausanne where he leads the Laboratory of Security and Cryptography (LASEC). LASEC is host to two popular security programs developed by its members:
- iChair, developed by Thomas Baignères and Matthieu Finiasz, a popular on-line submission and review server used by many cryptography conferences; and,
- Ophcrack, a Microsoft Windows password cracker based on rainbow tables by Philippe Oechslin.
Vaudenay has published several papers related to cryptanalysis and design of block ciphers and protocols. He is one of the authors of the IDEA NXT (FOX) algorithm (together with Pascal Junod). He was the inventor of the padding oracle attack on CBC mode of encryption. Vaudenay also discovered a severe vulnerability in the SSL/TLS protocol; the attack he forged could lead to the interception of the password. He also published a paper about biased statistical properties in the Blowfish cipher and is one of the authors of the best attack on the Bluetooth cipher E0. In 1997 he introduced decorrelation theory, a system for designing block ciphers to be provably secure against many cryptanalytic attacks.
- Serge Vaudenay at the Mathematics Genealogy Project
- Serge Vaudenay appointed as a Full Professor of security and cryptography, EPFL, March 28, 2007.
- Junod, Pascal; Vaudenay, Serge, "FOX : A New Family of Block Ciphers", Selected Areas in Cryptography, Lecture Notes in Computer Science 3357, Springer-Verlag, pp. 114–129.
- Dennis Fisher (2010-09-13). "'Padding Oracle' Crypto Attack Affects Millions of ASP.NET Apps". Threat Post.
- Canvel, Brice; Hiltgen, Alain; Vaudenay, Serge; Vuagnoux, Martin (2003), "Password Interception in a SSL/TLS Channel", Advances in Cryptology - CRYPTO 2003, Lecture Notes in Computer Science 2729, Springer-Verlag, pp. 583–599.
- Vaudenay, Serge (1996), "On the weak keys of blowfish", Fast Software Encryption, Lecture Notes in Computer Science 1039, Springer-Verlag, pp. 27–32, doi:10.1007/3-540-60865-6_39.
- Lu, Yi; Meier, Willi; Vaudenay, Serge (2005), "The Conditional Correlation Attack: A Practical Attack on Bluetooth Encryption", Advances in Cryptology – CRYPTO 2005, Lecture Notes in Computer Science 3621, Springer-Verlag, pp. 97–117, doi:10.1007/11535218_7.
- Vaudenay, Serge (1998), "Provable security for block ciphers by decorrelation", STACS 98, Lecture Notes in Computer Science 1373, Springer-Verlag, pp. 249–275, doi:10.1007/BFb0028566.
- Eurocrypt 2006 web site, retrieved 2010-01-23.
- PKC 2005 call for papers, retrieved 2010-01-23.[dead link]
- FSE 1998 at DB&LP.
- IACR board of directors, retrieved 2010-01-23.
|This biographical article relating to a computer specialist is a stub. You can help Wikipedia by expanding it.|