Warning

Last update: January 9th, 2024.

Dissertations

PhD: The Security of Cryptographic Primitives

Habilitation to Supervise Research: Towards a Theory of Symmetric Encryption

Books

Exercices book, Dunod: Algorithmique et optimisation: exercices corrigés

Textbook on cryptography, Springer: A Classical Introduction to Cryptography - Applications for Communications Security (external URL)

Exercise book on cryptography, Springer: A Classical Introduction to Cryptography - Exercise Book (external URL)

Textbook on cryptography, PPUR (in French): La fracture cryptographique (external URL)

Proceedings

LNCS volume: FSE' 98 (external URL)

LNCS volume: SAC' 01 (external URL)

LNCS volume: PKC' 05 (external URL)

LNCS volume: Mycrypt' 05 (external URL)

LNCS volume: EUROCRYPT' 06 (external URL)

LNCS volume: AFRICACRYPT' 08 (external URL)

LNCS volume: SAC' 11 (external URL)

LNCS volume: AFRICACRYPT' 12 (external URL)

LNCS volume: INDOCRYPT' 13 (external URL)

LNCS volume: ACNS' 14 (external URL)

LNCS volume: CANS' 20 (external URL)

Translations

Stinson's book (1st Edition), ITP: Cryptographie Théorie et Pratique

Stinson's book (2nd Edition), Vuibert: Cryptographie Théorie et Pratique

Prefaces

Martin's book, PPUR: Codage, Cryptographie et Applications (external URL)

Journal of Cryptology (published by Springer-Verlag)

JoC 97: The Security of the Birational Permutation Signature Schemes

JoC 98: Black Box Cryptanalysis of Cryptographic Primitives

JoC 01: Cryptanalysis of the Chor-Rivest Cryptosystem

JoC 03: Decorrelation: a Theory for Block Cipher Security

JoC 08: Cryptanalysis of an E0-like Combiner with Memory

JoC 11: Short Undeniable Signatures Based on Group Homomorphisms

Other Journals

CIS 01: Decorrelation over Infinite Domains: the Encrypted CBC-MAC Case

MC2R 03: Cryptography with Guardian Angels: Bringing Civilization to Pirates - Abstract

IPL 05: Generating Anomalous Elliptic Curves

IPL 07: How to Safely Close a Discussion

J. of Physics 07: About Machine-Readable Travel Documents

Security & Privacy 07: E-Passport Threats

CCDS 12: Synthetic Linear Analysis with Applications to CubeHash and Rabbit

IJCNS 12: Cryptanalysis of the Double-Moduli Cryptosystem

Comput. J. 13: On Selecting the Nonce Length in Distance-Bounding Protocols

SACS 13: UC and EUC Weak Bit-Commitments Using Seal-Once Tamper-Evidence

Proc Of The Romanian Academy 13: A Fully Dynamic Universal Accumulator

Computers & Security 14: Location Leakage in Distance Bounding: Why Location Privacy does not Work

CCDS 14: Revisiting Iterated Attacks in the Context of Decorrelation Theory

Security & Privacy 15: Challenges in Distance Bounding

Computer Security 15: Practical and Provably Secure Distance-Bounding

Computer Security 15: Expected Loss Analysis for Authentication in Constrained Channels

IJIS 15: On Selection of Samples in Algebraic Attacks and a New Technique to Find Hidden Low Degree Equations

CCDS 15: On solving LPN using BKW and variants Implementation and Analysis

Studia Scientiarum Mathematicarum Hungarica 15: Cryptanalysis of Chosen Symmetric Homomorphic Schemes

IFS 16: Privacy Failure in the Public-Key Distance-Bounding Protocols

Cryptologia 16: DES S-box Generator

CCDS 18: Cryptanalysis of a Homomorphic Encryption Scheme

CSUR 18: Security of Distance-Bounding: A Survey

TMMP 19: Cryptanalysis of Enhanced MORE

Comp J 22: Optimal Symmetric Ratcheting for Secure Communication

DTRAP 22: SwissCovid in the Perspective of its Goals

Book Chapters

Springer 12: TCHO: A Code-Based Cryptosystem

Crypto Series (published as Springer-Verlag's LNCS volumes)

Crypto' 92: FFT-Hash-II is not yet Collision-Free

Crypto' 93: Attacks on the Birational Permutation Signature

Crypto' 96: Hidden Collisions on DSS

Crypto' 98: Cryptanalysis of the Chor-Rivest Cryptosystem

Crypto' 03: Password Interception in a SSL/TLS Channel

Crypto' 04: Faster Correlation Attack on Bluetooth E0 Keystream Generator

Crypto' 05: Secure Communications over Insecure Channels Based on Short Authenticated Strings

Crypto' 05: The Conditional Correlation Attack: A Practical Attack on Bluetooth Encryption

Crypto' 12: Resistance Against Iterated Attacks by Decorrelation Revisited

Crypto' 15: Capacity and Data Complexity in Multidimensional Linear Attack

Crypto' 17: Breaking the FF3 Format-Preserving Encryption Standard Over a Small Domain (Eprint 2017/521)

Crypto' 23: On Active Attack Detection in Messaging with Immediate Decryption (Eprint 2023/880)

Crypto' 23: Anonymous Tokens with Stronger Metadata Bit Hiding from Algebraic MACs (Eprint 2022/1622)

Eurocrypt Series (published as Springer-Verlag's LNCS volumes)

Eurocrypt' 94: Links between Differential and Linear Cryptanalysis

Eurocrypt' 94: Complexity Trade-Offs with the Digital Signature Standard

Eurocrypt' 94: Black Box Cryptanalysis of Hash Networks based on Multipermutations

Eurocrypt' 99: Resistance Against General Iterated Attacks

Eurocrypt' 02: Security Flaws Induced by CBC Padding --- Applications to SSL, IPSEC, WTLS...

Eurocrypt' 09: Smashing SQUASH-0

Eurocrypt' 11: Statistical Attack on RC4: Distinguishing WPA

Eurocrypt' 15: Better Algorithms for LWE and LWR

Eurocrypt' 19: Misuse Attacks on Post-quantum Cryptosystems

Eurocrypt' 22: On IND-qCCA Security in the ROM and Its Applications - CPA Security Is Sufficient for TLS 1.3

Asiacrypt Series (published as Springer-Verlag's LNCS volumes)

Asiacrypt' 96: Authenticated Multi-Party Key Agreement

Asiacrypt' 96: Minding your p's and q's

Asiacrypt' 99: On the Lai-Massey Scheme

Asiacrypt' 00: On the Pseudorandomness of Top-Level Schemes of Block Ciphers

Asiacrypt' 04: Generic Homomorphic Undeniable Signatures

Asiacrypt' 04: Cryptanalysis of Bluetooth Keystream Generator Two-level E0

Asiacrypt' 04: How Far Can We Go Beyond Linear Cryptanalysis?

Asiacrypt' 07: On Privacy Models for RFID

Asiacrypt' 08: On the Security of HB# against a Man-in-the-Middle Attack

Asiacrypt' 15: How to Sequentialize Independent Parallel Attacks? Biased Distributions Have a Phase Transition

Asiacrypt' 16: Optimization of LPN Solving Algorithms

Asiacrypt' 16: Efficient Public-Key Distance Bounding Protocol

Asiacrypt' 16: Authenticated Encryption with Variable Stretch

Asiacrypt' 20: Determining the Core Primitive for Optimally Secure Ratcheting (also Eprint 2020/148)

Asiacrypt' 21: FAST: Secure and High Performance Format-Preserving Encryption and Tokenization (also Eprint 2021/1171)

Asiacrypt' 21: New Attacks on LowMC Instances with a Single Plaintext/Ciphertext Pair (also Eprint 2021/1345)

Fast Software Encryption Series (published as Springer-Verlag's LNCS volumes or IACR ToSC journal)

Fse' 93: Parallel FFT-Hashing

Fse' 94: On the Need for Multipermutations: Cryptanalysis of MD4 and SAFER

Fse' 96: On the Weak Keys of Blowfish

Fse' 97: xmx - a Firmware-Oriented Block Cipher based on Modular Multiplications

Fse' 98: CS-Cipher

Fse' 99: On the Security of CS-Cipher

Fse' 00: A Statistical Attack on RC6

Fse' 03: Optimal Key Ranking Procedures in a Statistical Cryptanalysis

Fse' 12: ElimLin Algorithm Revisited

Fse' 13: Smashing WEP in A Passive Attack

Fse' 13: Towards Secure Distance Bounding

Fse' 15: Protecting against Multidimensional Linear and Truncated Differential Cryptanalysis by Decorrelation

Fse' 15: Boosting OMD for Almost Free Authentication of Associated Data

Fse' 20: Swap and Rotate: Lightweight Linear Layers for SPN-based Blockciphers

Fse' 21: Cryptanalysis of LowMC instances using single plaintext/ciphertext pair

Selected Areas on Cryptography (SAC) Series (published as Springer-Verlag's LNCS volumes)

Sac' 98: Feistel Ciphers with L_2-Decorrelation

Sac' 99: Adaptive-Attack Norm for Decorrelation and Super-Pseudorandomnes

Sac' 99: A Universal Encryption Standard

Sac' 00: Decorrelation over Infinite Domains: the Encrypted CBC-MAC Case

Sac' 00: DFCv2

Sac' 03: On the Use of GF-Inversion as a Cryptographic Primitive

Sac' 04: FOX: a new Family of Block Ciphers

Sac' 04: Perfect Diffusion Primitives for Block Ciphers

Sac' 05: Proving the Security of AES Substitution-Permutation Network

Sac' 06: When Stream Cipher Analysis Meets Public-Key Cryptography

Sac' 07: Passive-Only Key Recovery Attacks on RC4

Sac' 07: Linear Cryptanalysis of Non Binary Ciphers

Sac' 10: Discovery and Exploitation of New Biases in RC4

Sac' 14: OMD: A Compression Function Mode of Operation for Authenticated Encryption

Public Key Cryptography (PKC) Series (published as Springer-Verlag's LNCS volumes)

Pkc' 00: Design Validations for Discrete Logarithm Based Signature Schemes

Pkc' 03: The Security of DSA and ECDSA

Pkc' 04: Undeniable Signatures Based on Characters

Pkc' 06: SAS-Based Authenticated Key Agreement

Pkc' 21: Beyond Security and Efficiency: On-Demand Ratcheting with Security Awareness (also Eprint 2019/965)

Other Series Published as Springer-Verlag's LNCS Volumes

Information Hiding' 96: The Newton Channel

Financial Cryptography' 97: SVP: a Flexible Micropayment Scheme

Cardis' 98: Decorrelated Fast Cipher: an AES Candidate well suited for Low Cost Smart Cards Applications

Stacs' 98: Provable Security for Block Ciphers by Decorrelation

Icisc' 99: On Provable Security for Conventional Cryptography

Ches' 00: Efficient Generation of Prime Numbers

Wisa' 03: Fair Exchange with Guardian Angels

Acisp' 04: Digital Signature Schemes with Domain Parameters

Acisp' 04: Optimistic Fair Exchange based on Publicly Verifiable Secret Sharing

Icics' 04: On someWeak Extensions of AES and BES

Isc' 05: Chaum's Designated Confirmer Signature Revisited

Mycrypt' 05: Optimization of the MOVA Undeniable Signature Scheme

Cisc' 05: On Bluetooth Repairing: Key Agreement based on Symmetric-Key Cryptography

Cisc' 05: Enforcing Email Addresses Privacy using Tokens

Ct-rsa' 06: An Optimal Non-Interactive Message Authentication Protocol

Icisc' 06: RFID Privacy based on Public-Key Cryptography

Acisp' 07: TCHo: a Hardware-Oriented Trapdoor Cipher

Acisp' 07: Hash-and-Sign with Weak Hashing Made Secure

Icisc' 07: Security-Preserving Asymmetric Protocol Encapsulation

Icits' 08: The Complexity of Distinguishing Distributions

Iwcc' 09: On the Impossibility of Strong Encryption over aleph0

Ches' 09: On Tamper-Resistance from a Theoretical Viewpoint: The Power of Seals

Acns' 09: Efficient Deniable Authentication for Signatures, Application to Machine-Readable Travel Document

Ches' 10: ARMADILLO: A Multi-purpose Cryptographic Primitive Dedicated to Hardware

Acns' 10: A Message Recognition Protocol Based on Standard Assumptions

Provsec' 10: Distinguishing Distributions Using Chernoff Information

Cans' 10: Cryptanalysis of Reduced-Round MIBS Block Cipher

Icisc' 11: Synthetic Linear Analysis: Improved Attacks on CubeHash and Rabbit

Acns' 11: On Hiding a Plaintext Length by Preencryption

Quisquater' 12: Deniable RSA Signature: The Raise and Fall of Ali Baba

Cardis' 11: Fast Key Recovery Attack on ARMADILLO1 and Variants

Cardis' 12: Multipurpose Cryptographic Primitive ARMADILLO3

Provsec' 12: Several Weak Bit-Commitments Using Seal-Once Tamper-Evident Devices

Latincrypt' 12: On the Pseudorandom Function Assumption in (Secure) Distance-Bounding Protocols

Indocrypt' 12: Resistance against Adaptive Plaintext-Ciphertext Iterated Distinguishers

Cans' 12: Strong Privacy for RFID Systems from Plaintext-Aware Encryption

Inscrypt' 12: The Bussard-Bagga and Other Distance-Bounding Protocols under Attacks

Lightsec' 13: Secure & Lightweight Distance-Bounding

Provsec' 13: On Modeling Terrorist Frauds

Provsec' 13: Input-Aware Equivocable Commitments and UC-secure Commitments With Atomic Exchanges

Acns' 13: Primeless Factoring-Based Cryptography

Acisp' 14: On Selection of Samples in Algebraic Attacks and a New Technique to Find Hidden Low Degree Equations

Iwsec' 14: Improved Linear Cryptanalysis of Reduced-Round MIBS

Provsec' 14: Misuse-Resistant Variants of the OMD Authenticated Encryption Mode

Inscrypt' 14: Optimal Proximity Proofs

Indocrypt' 14: On the Key Schedule of Lightweight Block Ciphers

Icisc' 14: Compact and Efficient UC Commitments under Atomic-Exchanges

Fc' 15: Private and Secure Public-Key Distance Bounding: Application to NFC Payment

Acns' 15: Optimal Proximity Proofs Revisited

Provsec' 15: Sound Proof of Proximity of Knowledge

Provsec' 15: On Privacy for RFID

Kahn' 16: Clever Arbiters versus Malicious Adversaries

Secitc' 16: Circular Security Reconsidered

Cans' 16: Distance Bounding based on PUF

Cans' 16: When Constant-time Source Yields Variable-time Binary: Exploiting Curve25519-donna Built with MSVC 2015

Cans' 16: Side-Channel Attacks on Threshold Implementations using a Glitch Algebra

Isc' 17: Contactless Access Control Based on Distance Bounding

Acns' 18: Generic Round-Function-Recovery Attacks for Feistel Networks over Small Domains

Acns' 18: Formal Analysis of Distance Bounding with Secure Hardware

Acns' 18: Can Caesar Beat Galois?

Acisp' 18: Secure Contactless Payment

Iwsec' 19: Bidirectional Asynchronous Ratcheted Key Agreement with Linear Complexity

Wisa' 19: Timed-Release Encryption With Master Time Bound Key

Stm' 19: BioID: a Privacy-Friendly Identity Document

Iwsec' 20: Sublinear Bounds on the Distinguishing Advantage for Multiple Samples

Iwsec' 20: Symmetric Asynchronous Ratcheted Communication with Associated Data

Acns' 20: BioLocker: A Practical Biometric Authentication Mechanism Based on 3D Fingervein (also Eprint 2020/453)

Acns' 20: Classical Misuse Attacks on NIST Round~2 PQC - The Power of Rank-Based Schemes (also Eprint 2020/409)

Acns' 21: Towards Efficient LPN-Based Symmetric Encryption

Ct-rsa' 21: On the Effectiveness of Time Travel to Inject COVID-19 Alerts (also Eprint 2020/1393)

Icisc' 21: Towards Witness Encryption Without Multilinear Maps

Cans' 21: FO-like Combiners and Hybrid Post-Quantum Cryptography (also Eprint 2021/1288)

Africacrypt' 22: Solving the Learning Parity with Noise Problem Using Quantum Algorithms

Iwsec' 23: Extractable Witness Encryption for the Homogeneous Linear Equations Problem

Iwsec' 23: Making Classical (Threshold) Signatures Post-quantum for Single Use on a Public Ledger (Eprint 2023/420)

Acns' 23: A Gapless Post-quantum Hash Proof System in the Hamming Metric

Icics' 23: Private Message Franking with After Opening Privacy (Eprint 2018/938)

Other Conference Proceedings

Eurocode' 92: One-Time Identification with Low Memory

Acm ccs' 96: An Experiment on DES - Statistical Cryptanalysis

AES Submission, Extended Abstract: Decorrelated Fast Cipher: an AES Candidate

Report for the AES2 Workshop: Report on the AES Candidates

Report for the AES2 Workshop: DFC Update

Santha's crypto get together' 03: On Measuring Resistance to Linear Cryptanalysis

Yacc' 04: How to Sign with One Bit

Sec' 05: The Pairing Problem with User Interaction

Bsym' 06: A Protection Scheme for MoC-Enabled Smart Cards

Rfid sec' 07: About Machine-Readable Travel Documents

Asiaccs' 08: Mutual Authentication in RFID: Security and Privacy

Rfid sec' 09: Pathchecker: An RFID Application for Tracing Products in Supply-Chains

Biosig' 09: The Extended Access Control for Machine Readable Travel Documents

Secrypt' 11: Related-Key Attack against Triple Encryption based on Fixed Points

Icete' 11: A Related-Key Attack against Multiple Encryption based on Fixed Points

Yacc' 12: HELEN: a Public-key Cryptosystem Based on the LPN Problem (Extended Abstract)

Yacc' 12: Primeless Modular Cryptography (Extended Abstract)

Ieee rfid-ta' 12: Mafia Fraud Attack against the RC Distance-Bounding Protocol

Infocomm' 12: Expected Loss Bounds for Authentication in Constrained Channels

Asiaccs' 15: The Limits of Composable Crypto with Transferable Setup Devices

Scis' 20: Smart Contract with Secret Parameters

Itc' 21: Post-Compromise Security in Self-Encryption

Usenix' 23: Cryptographic Administration for Secure Group Messaging (Eprint 2022/1411)

Miscellaneaous

Technical Report: On Provable Security for Digital Signature Algorithms

Rump Session of Asiacrypt'96 (unpublished): On the Security of Lenstra's DSA Variant

Technical Report: Provable Security for Block Ciphers by Decorrelation

Official Comment of AES: Comparison of the Randomness Provided by Some AES Candidates

Technical Report: CBC Padding: Security Flaws in SSL, IPSEC, WTLS, ...

Technical Report: FOX Specifications Version 1.1

Technical Report: FOX Specifications Version 1.2

Eprint 16: Observations on the LPN Solving Algorithm from Eurocrypt'16

Articcrypt 16: Cryptanalysis of a Homomorphic Encryption Scheme

Esc' 17: Breaking the FF3 Format-Preserving Encryption

Eprint 18: Generic Round-Function-Recovery Attacks for Feistel Networks over Small Domains

Eprint 20: Analysis of DP3T - Between Scylla and Charybdis

Online 20: Le traçage anonyme, dangereux oxymore. Analyse de risques à destination des non-spécialistes

Eprint 20: Centralized or Decentralized? The Contact Tracing Dilemma

Online 20: Own Analysis of SwissCovid

Online 20: The Dark Side of SwissCovid

Complexity Trade-Offs with the Digital Signature Standard