Talks I gave (see also Speaker Deck).

• Harderning HSMs for banking-grade crypto wallets
  20/09/24, Tirana, Albania (USA) 30 min
  BSides Tirana
• Harderning HSMs for banking-grade crypto wallets
  07/08/24, Las Vegas, NV (USA) 40 min
  Black Hat
• Store now, break it later
  14/11/23, Istanbul (Turkey), 30 min
  Devconnect 2023, Cryptographic Resilience workshop
• Quantum computing doomsday planning
  02/11/23, Yverdon (Switzerland), 45 min, with Farida Aclimandos
  BlackAlps 2023
• SPHINCS+
  29/06/23, Paris (France), 55 min
  Quantum PEPR PQ-TLS project days
• Keynote
  15/06/23, Lausanne (Switzerland), 20 min
  CMTA Digital financial assets event
• Post-quantum crypto is coming!
  12/05/23, Bordeaux (France), 40 min
  Sthack
• UltraPlonkova: minimising parallel plonkish constraints using transformers
  25/04/23, Lyon (France), 3 min — interrupted
  Eurocrypt
• Too much crypto II
  30/11/22, Zurich (Switzerland), 20 min
  Too much crypto
• Zero-knowledge proofs: securing the future of crypto
  15/11/22, Riyadh (Saudi Arabia), 25 min
  Black Hat MEA
• SAFE: Faster and simpler hashing for ZKPs
  15/09/22, Berlin (Germany), 30 min
  ZK Summit 8
• Zero-knowledge proofs security, in practice
  25/06/22, Donostia - San Sebastián (Spain), 45 min
  EuskalHack
• The CMTA token
  03/06/22, Zurich (Switzerland), 15 min
  SNB-CIF Conference on Cryptoassets and Financial Innovation
• Post-quantum crypto is coming!
  02/05/22, Paris (France), 40 min
  Paris P2P Festival
• Security of ZKP projects: same but different
  22/04/22, Amsterdam (Netherlands), 30 min
  ZK Summit 7
• Zero-knowledge proofs security, in practice
  31/03/22, online, 60 min
  zkStudyClub
• Hunting for bugs in "Ethereum 2.0"
  25/03/22, Geneva (Switzerland), 45 min
  Insomni'Hack
• The CMTA token
  24/03/22, Zurich (Switzerland), 15 min
  CMTA & 4T-DLT event
• Post-quantum crypto is coming
  28/11/21, Riyadh (Saudi Arabia), 45 min
  @Hack
• Protecting digital assets: much more than cryptography
  10/03/21, Lausanne (Switzerland), 25 min
  Finance and Technology Conference
• Quantum computing vs. cryptography
  15/06/21, online, 60 min
  PoC
• Post quantum world: Is crypto ready? (panel)
  15/06/21, online, 40 min, with Eli Ben-Sasson and Michael Harte
  CogX Festival
• Auditing cryptography (panel)
  09/06/21, online, 45 min, with isis agora lovecruft, Taylor Hornby, and Thomas Pornin
  Zcon2Lite
• Quantum computing vs. cryptography
  04/05/21, online, 60 min
  Cyberpeace Institute
• Protecting digital assets: much more than crypto
  10/03/21, online, 30 min
  Swiss Cyber Security Days
• Attacking threshold wallets
  14/01/21, online, 10 min
  Real World Crypto (talk given by Omer Shlomovits)
• Attacks to deployed threshold signatures
  06/11/20, USA online, 25 min, with Omer Shlomovits
  NIST's Multi-Party Threshold Schemes workshop
• Post-quantum crypto: should you care?
  04/09/20, Kyiv (Ukraine) online, 45 min
  NoNameCon
• Multiple bugs in multi-party computation: Breaking cryptocurrency's strongest wallets
  06/08/20, Las Vegas, NV (USA) online, 35 min
  Black Hat
• Too much crypto
  09/01/20, New-York (USA), 25 min
  Real World Crypto
• Lessons from 3 years of crypto and blockchain audits
  07/08/19, Las Vegas, NV (USA), 50 min
  Black Hat
• Towards post-quantum crypto standards
  09/05/19, Gdańsk (Poland), 40 min
  InfoShare
• IoT, M2M, V2V: The needs for and evolution towards end-to-end encryption
  08/05/19, Gdańsk (Poland), 30 min
  InfoShare
• Attacking and defending blockchains: from horror stories to secure wallets
  05/12/18, London (UK), 40 min
  Black Hat Europe
• Blockchain security!
  15/09/18, Novi Sad (Serbia), 40 min
  Balccon
• From quantum physics to post-quantum digital security
  27/06/18, Sofia (Bulgaria), 15 min
  Web.it Festival
• Quantum cyber blockchain IoT
  23/03/18, Geneva (Switzerland), 45 min
  Insomni'Hack
• Post-quantum crypto
  10/11/17, Lisbon, Portugal, 50 min
  BSides Lisbon
• Automated crypto bugs discovery
  26/07/17, Las Vegas, NV (USA), 50 min
  BSidesLV
• Automated testing of crypto software using differential fuzzing
  26/07/17, Las Vegas, NV (USA), 50 min
  Black Hat
• Криптография сегодня (Cryptography today)
  05/06/17, Repino (Russia), 25 min
  CTCrypt
• How secure are secure messengers?
  18/05/17, Zurich (Switzerland), 25 min
  SIGS Technology Summit
• Hunting for vulnerabilities in Signal
  08/04/17, Miami Beach, FL (USA), 45 min
  Infiltrate
• Hunting for vulnerabilities in Signal
  23/03/17, Heidelberg (Germany), 45 min
  Troopers
• Quantum-Safe Crypto Why & How?
  17/02/17, Sierre (Switzerland), 45 min
  SecureIT
• Latest hacking trends
  12/10/16, Geneva (Switzerland), 15 min
  Fédération des Entreprises Romandes
• SGX secure enclaves in practice: security and crypto review
  04/08/16, Las Vegas, NE (USA), 50 min
  Black Hat
  Also get the paper, tools, and SGX application
• What's up Argon2?
  02/08/16, Las Vegas, NE (USA), 30 min
  BSidesLV
• How to compute with secrets and not die trying
  22/06/16, Lausanne (Switzerland), 45 min
  EPFL Summer Research Institute
• Quantum computing and postquantum crypto
  16/06/16, Bern (Switzerland), 45 min
  SIGS Technology Summit
• Crypto fuzzing?
  04/06/16, Warsaw (Poland), 45 min
  Warcon
• Crypto code: the 9 circles of testing
  18/03/16, Geneva (Switzerland), 45 min
  Insomni'Hack
• Crypto code: the 9 circles of testing
  16/03/16, Heidelberg (Germany), 30 min
  Troopers
• Crypto, Quantum, Post-Quantum
  15/01/16, Washington, DC (USA), 20 min
  Shmoocon
• Password Hashing Competition
  15/01/16, Gaithersburg, MD (USA), 50 min
  NIST
• PHC releases Argon2
  05/11/15, Yverdon (Switzerland), 7 min
  Cybersecurity Conference (rump session)
• Quantum computers vs. computers security
  07/08/15, Las Vegas, NE (USA), 30 min
  DEF CON
• FOSS crypto
  06/07/15, Beauvais (France), 40 min
  RMLL
• Secure communications: past, present, future
  23/06/15, Bern (Switzerland), 25 min
  SIGS Technology Summit
• NSA surprises, not?
  01/04/15, Zurich (Switzerland), 30 min
  SIGS Special Event
• Cryptographic backdooring
  26/03/15, Singapore, 45 min
  SyScan
• CAESAR & NORX, the future of authenticated encryption?
  29/12/14, Hamburg (Germany), 60 min, with Philipp Jovanovic
  31st Chaos Communication Congress
• Cryptographic backdooring
  21/11/14, Paris (France), 45 min
  NoSuchCon
• Cryptocoding v2
  13/11/14, Moscow (Russia), 45 min
  Zeronights
• PHC
  06/11/14, Yverdon (Switzerland), 3 min
  Application Security Forum Western Switzerland (rump session)
• SHA-1 backdooring and exploitation
  09/08/14, Las Vegas, NE (USA), 60 min
  DEF CON (Skytalks)
• PHC: the candidates
  05/08/14, Las Vegas, NE (USA), 30 min
  PasswordsCon
• SHA-1 backdooring and exploitation
  05/08/14, Las Vegas, NE (USA), 30 min
  BSidesLV
• Crypto coding (bis)
  05/06/14, Rennes (France), 1 hr
  Institute of Mathematics of Rennes (IRMAR)
• Crypto coding
  05/06/14, Rennes (France), 50 min
  SSTIC
• PHC: status quo
  03/06/14, Zurich (Switzerland), 50 min
  Area41
• Beyond modes: Building a secure record protocol from a cryptographic sponge permutation
  26/02/14, San Francisco, CA (USA), 20 min
  CT-RSA 2014
• CBEAM: Efficient authenticated encryption from feebly one-way phi functions
  26/02/14, San Francisco, CA (USA), 20 min
  CT-RSA 2014
• NORX+PHC
  06/01/14, Schloss Dagstuhl (Germany), 30 min
  Seminar "Symmetric cryptography"
• Randomness in cryptography
  11/12/13, Lausanne (Switzerland), 50 min
  Hackers@EPFL's seminar
• The Password Hashing Competition
  16/10/13, Yverdon (Switzerland), 10 min
  Application Security Forum Western Switzerland (rump session)
• Password hashing: the future is now
  31/07/13, Las Vegas, NE (USA), 25 min
  Black Hat
• The Password Hashing Competition
  30/07/13, Las Vegas, NE (USA), 30 min
  PasswordsCon
• Crypto competitions
  13/05/13, Passau (Germany), 45 min
  University of Passau
• A cryptography coding standard?
  21/01/13, Costa Adeje (Tenerife, Spain), 30 min
  Workshop "Internet Crypto"
• BLAKE2
  17/01/13, Mondorf-les-Bains (Luxembourg), 30 min
  Seminar "Early symmetric crypto"
• A cryptography coding standard?
  16/01/13, Mondorf-les-Bains (Luxembourg), 5 min
  Seminar "Early symmetric crypto"
• Hash-flooding DoS reloaded: attacks and defenses
  29/12/12, Hamburg (Germany), 60 min, with Daniel J. Bernstein and Martin Boßlet
  29th Chaos Communication Congress
• Hash-flooding DoS reloaded: attacks and defenses
  08/11/12, Yverdon (Switzerland), 50 min, with Martin Boßlet
  Application Security Forum Western Switzerland
• SHA-3: should we care?
  02/11/12, Lucerne (Switzerland), 50 min
  Hashdays
• Cryptography: myths and reality
  01/11/12, Lucerne (Switzerland), 45 min
  Hashdays (manager session)
• Heavy Quark for secure AEAD
  06/07/12, Stockholm (Sweden), 20 min
  DIAC 2012
• SipHash: a fast short-input PRF
  05/07/12, Stockholm (Sweden), 20 min
  DIAC 2012
• BLAKE 2012 update
  23/03/12, Washington, DC (USA), 20 min
  Third SHA-3 conference
• Insomni'Hash
  02/03/12, Geneva (Switzerland), 45 min
  Insomni'Hack
• Attacking KLEIN
  19/01/12, Schloss Dagstuhl (Germany), 30 min
  Seminar "Symmetric cryptography"
• BLAKE SIMD: past, present, future
  16/01/12, Schloss Dagstuhl (Germany), 30 min
  Seminar "Symmetric cryptography"
• Cryptanalysis vs. reality
  28/10/11, Abu Dhabi (United Arab Emirates), 50 min
  Black Hat Abu Dhabi 2011
• Cryptanalysis vs. reality
  28/10/11, Lucerne (Switzerland), 50 min
  Hashdays
• Cryptanalysis vs. reality + Small cryptanalysis
  29/06/11, Schloss Dagstuhl (Germany), 40 min
  Seminar "International view of the state-of-the-art in cryptography and security and its use in practice"
• Quo vadis BLAKE?
  23/05/11, Warsaw (Poland), 60 min
  Workshop "Quo Vadis Cryptology?"
• Smaller Quarks!
  20/05/11, Tallinn (Estonia), 5 min
  ECRYPT2 Hash Workshop 2011 (rump session)
• Eve's SHA3 candidate: malicious hashing
  20/05/11, Tallinn (Estonia), 20 min
  ECRYPT2 Hash Workshop 2011
• Tuple cryptanalysis of ARX with application to BLAKE and Skein
  20/05/11, Tallinn (Estonia), 20 min
  ECRYPT2 Hash Workshop 2011
• Multiset analysis of ARX with application to 3fish (WIP)
  21/03/11, Lausanne (Switzerland), 5 min
  ECRYPT2 3rd "SHA-3 hash-bash" research retreat
• State of the hash: SHA-3 and beyond
  06/11/10, Lucerne (Switzerland), 50 min
  Hashdays
• BLAKE — status quo
  24/08/10, Santa Barbara (USA), 12 min
  Second SHA-3 conference
• Distinguisher for full final round of Fugue-256
  23/08/10, Santa Barbara (USA), 12 min
  Second SHA-3 conference
• Quark: a lightweight hash
  17/08/10, Santa Barbara (USA), 25 min
  CHES 2010
• Distinguisher for full final round of Fugue-256
  20/04/10, Paris (France), 5 min
  ECRYPT2 2nd "SHA-3 hash-bash" research retreat
• 10 years of cryptographic hashing
  22/01/10, Lausanne (Switzerland), 25 min
  10th LASEC anniversary (EPFL)
• Differential and invertibility properties of BLAKE
  11/01/10, Remich (Luxembourg), 30 min
  Seminar "Early symmetric crypto"
• On recent higher-order cryptanalysis techniques
  15/12/09, Tokyo (Japan), 45 min
  Sony System Technologies Lab
• Improved cryptanalysis of Skein
  10/12/09, Tokyo (Japan), 20 min
  Asiacrypt 2009
• On Hamsi
  07/12/09, Tokyo (Japan), 5 min
  Asiacrypt 2009 (rump session)
• Design and analysis of symmetric cryptographic algorithms
  01/12/09, Lausanne (Switzerland), 45 min
  PhD public defense
• Efficient FPGA implementations of high-dimensional cube testers on the stream cipher Grain-128
  10/09/09, Lausanne (Switzerland), 20 min, with Luca Henzen
  SHARCS 2009
• Zero-sum distinguishers
  08/09/09, Lausanne (Switzerland), 5 min
  HES 2009 (rump session)
• Algebraic methods for cryptanalysis
  19/06/09, Windisch (Switzerland), 25 min
  Meeting of the Swiss Mathematics Society (GMFH)
• Security and privacy preservation in human-involved networks
  24/04/09, Zurich (Switzerland), 25 min
  iNetSec 2009
• SHA-3 proposal BLAKE
  26/02/09, Leuven (Belgium), 18 min
  First SHA-3 conference
• Improved analysis of Threefish
  24/02/09, Leuven (Belgium), 4 min
  FSE 2009 (rump session)
• Cube testers and key-recovery attacks on reduced-round MD6 and Trivium
  23/02/09, Leuven (Belgium), 25 min
  FSE 2009
• Cube testers: theory and practice
  12/01/09, Schloss Dagstuhl (Germany), 40 min
  Seminar "Symmetric cryptography"
• Faster multicollisions
  15/12/08, Kharagpur (India), 25 min
  INDOCRYPT 2008
• Preimages attacks on 3-pass HAVAL and step-reduced MD5
  14/08/08, Sackville (Canada), 25 min
  SAC 2008
• How (not) to dither blockcipher-based hash functions?
  13/06/08, Casablanca (Morocco), 30 min
  Africacrypt 2008
• (Second) preimage attacks on Codefish
  12/06/08, Casablanca (Morocco), 3 min
  Africacrypt 2008 (rump session)
• Preimage attacks on HAVAL and MD5
  12/06/08, Casablanca (Morocco), 5 min
  Africacrypt 2008 (rump session)
• Preimages of HAVAL and MD5
  05/06/08, Leiden (Netherlands), 30 min
  Workshop "Hash functions in cryptology: theory and practice"
• The hash function family LAKE
  11/02/08, Lausanne (Switzerland), 30 min
  FSE 2008
• The odd couple: MQV and HMQV
  12/12/07, Lausanne (Switzerland), 90 min
  Seminar "Advanced topics in cryptology" (EPFL)
• Analysis of multivariate hash functions
  30/11/07, Seoul (South Korea), 25 min
  ICISC 2007
• Kryptographie im 21. Jahrhundert
  09/10/07, Windisch (Switzerland), 30 min, with Willi Meier and Simon Fischer
  Seminar "Transfer transparent"
• Asymmetric encryption with 2 XOR's: the cipher TCHo
  01/10/07, Lausanne (Switzerland), 30 min
  Seminar "Lightweight cryptography" (EPFL)
• Multivariate hash functions: constructions and security
  01/10/07, Lausanne (Switzerland), 30 min
  Seminar "Lightweight cryptography" (EPFL)
• TCHo: a hardware-oriented trapdoor cipher
  03/07/07, Townsville (Australia), 25 min
  ACISP 2007
• On a bias of Rabbit
  01/02/07, Bochum (Germany), 15 min
  SASC 2007