Selected Publications

Doing cryptanalysis on a small cluster built from 20 ODROID-C2 boards for under 1500 USD.
To appear in the proceedings of LATINCRYPT 2017, 2017

Recent Publications

Doing cryptanalysis on a small cluster built from 20 ODROID-C2 boards for under 1500 USD.

Prøst was a contestant in the CAESAR competition for Authenticated Encryption. I optimised Prøst for the ARM11 microprocessor …

Recent Posts

More Posts

In the RFC for TLS 1.3 (RFC8446) especially, the key exchange is defined in terms of (EC)DH key shares being exchanged. This limits us to algorithms which support non-interactive key exchanges, while this is not necessary for the security of TLS 1.3 as defined by RFC8446.1 As we would like to implement (post-quantum) KEMs into TLS 1.3, we will now describe the changes to the spec that would be required. As we can phrase (EC)DH key exchange as a key exchange with Key Encapsulation Mechanisms, this does not actually change TLS.

CONTINUE READING

The new TLS 1.3 standard [1] does not yet provide any support for post-quantum algorithms. In this blog post we’ll be talking about how we could negotiate a post-quantum key exchange using a (post-quantum) Key Encapsulation Mechanism (KEM). In the NIST Standardisation effort [2], many KEMs are currently under consideration.

CONTINUE READING

Teaching

I have been involved as a teaching assistant in the following courses:

  • Functional Programming (2013-2017)
  • Operating Systems (2014-2017)
  • Object-Oriented Programming for Science students (2015)
  • Operating Systems Security (2016-2017)
  • Hacking in C (2018)

Contact