Serge Vaudenay
Serge Vaudenay (born 5 April 1968) is a French cryptographer.
Serge Vaudenay entered the École Normale Supérieure in Paris as a normalien student in 1989. In 1992, he passed the agrégation in mathematics. He completed his Ph.D. studies at the computer science laboratory of École Normale Supérieure, and defended it in 1995 at the Paris Diderot University; his advisor was Jacques Stern.[1] From 1995 to 1999, he was a senior research fellow at French National Centre for Scientific Research (CNRS). In 1999, he moved to a professorship at the École Polytechnique Fédérale de Lausanne where he leads the Laboratory of Security and Cryptography (LASEC).[2] LASEC is host to two popular security programs developed by its members:
- iChair, developed by Thomas Baignères and Matthieu Finiasz, a popular on-line submission and review server used by many cryptography conferences; and,
- Ophcrack, a Microsoft Windows password cracker based on rainbow tables by Philippe Oechslin.
Vaudenay has published several papers related to cryptanalysis and design of block ciphers and protocols. He is one of the authors of the IDEA NXT (FOX) algorithm (together with Pascal Junod).[3] He was the inventor of the padding oracle attack on CBC mode of encryption.[4] Vaudenay also discovered a severe vulnerability in the SSL/TLS protocol; the attack he forged could lead to the interception of the password.[5] He also published a paper about biased statistical properties in the Blowfish cipher[6] and is one of the authors of the best attack on the Bluetooth cipher E0.[7] In 1997 he introduced decorrelation theory, a system for designing block ciphers to be provably secure against many cryptanalytic attacks.[8]
Vaudenay was appointed program chair of Eurocrypt 2006,[9] PKC 2005,[10] FSE 1998;[11] and in 2006 elected as board member of the International Association for Cryptologic Research.[12]
References
- ^ Serge Vaudenay at the Mathematics Genealogy Project
- ^ Serge Vaudenay appointed as a Full Professor of security and cryptography, EPFL, March 28, 2007.
- ^ Junod, Pascal; Vaudenay, Serge, "FOX : A New Family of Block Ciphers", Selected Areas in Cryptography (PDF), Lecture Notes in Computer Science, vol. 3357, Springer-Verlag, pp. 114–129.
- ^ Dennis Fisher (2010-09-13). "'Padding Oracle' Crypto Attack Affects Millions of ASP.NET Apps". Threat Post. Archived from the original on 2010-10-13.
{{cite news}}
: Unknown parameter|deadurl=
ignored (|url-status=
suggested) (help) - ^ Canvel, Brice; Hiltgen, Alain; Vaudenay, Serge; Vuagnoux, Martin (2003), "Password Interception in a SSL/TLS Channel", Advances in Cryptology - CRYPTO 2003 (PDF), Lecture Notes in Computer Science, vol. 2729, Springer-Verlag, pp. 583–599.
- ^ Vaudenay, Serge (1996), "On the weak keys of blowfish", Fast Software Encryption, Lecture Notes in Computer Science, vol. 1039, Springer-Verlag, pp. 27–32, doi:10.1007/3-540-60865-6_39.
- ^ Lu, Yi; Meier, Willi; Vaudenay, Serge (2005), "The Conditional Correlation Attack: A Practical Attack on Bluetooth Encryption", Advances in Cryptology – CRYPTO 2005, Lecture Notes in Computer Science, vol. 3621, Springer-Verlag, pp. 97–117, doi:10.1007/11535218_7.
- ^ Vaudenay, Serge (1998), "Provable security for block ciphers by decorrelation", STACS 98, Lecture Notes in Computer Science, vol. 1373, Springer-Verlag, pp. 249–275, doi:10.1007/BFb0028566.
- ^ Eurocrypt 2006 web site, retrieved 2010-01-23.
- ^ PKC 2005 call for papers, retrieved 2010-01-23. Archived February 29, 2008, at the Wayback Machine
- ^ FSE 1998 at DB&LP.
- ^ IACR board of directors, retrieved 2010-01-23.