Contributions
Well, all the public things I work or have worked on are available here. I don't twit, facebook or have a blog but you can find news about what I do on The Tally Ho!
Conferences
- "libecc: a flexible open-source ECC library for embedded devices" with Ryad Benadjila at SemSecuElec seminar in Rennes, France.
- "Journey to a RTE-free X.509 parser " with Ryad Benadjila and Patricia Mouy at SSTIC 2019 in Rennes, France. Also alvailable is the complete article (pdf version, in french). Video is available here on SSTIC website.
- "Développer sa bibliothèque de signature sur courbe" at SSTIC 2016 in Rennes, France. 5 minutes rump on ReadyNAS work. Slides in french.
- "Eurisko : développement d'une carte électronique sécurisée" with Ryad Benadjila, David Diallo, Mathieu Renard, Jean-Pierre Flori, Karim Khalfallah, Arnaud Fontaine, Philippe Trébuchet at SSTIC 16 in Rennes, France. Also alvailable is the complete article (pdf version, in french)
- "Cloud ISO 14001 (i.e. low power ARM-based grsec-enabled server) - Take 3" at SSTIC 2015 in Rennes, France. 5 minutes rump on ReadyNAS work. Slides in french.
- "Cloud ISO 14001 (i.e. low power ARM-based grsec-enabled server) - Take 2" at SSTIC 2014 in Rennes, France. 5 minutes rump on ReadyNAS work. Slides in french.
- "Cloud ISO 14001 (i.e. low power ARM-based grsec-enabled server)" at SSTIC 2013 in Rennes, France. 5 minutes rump on ReadyNAS Duo v2 (ARMv5TE) and 102 (ARMv7) work. Slides in french.
- "Sécurité de Remote Desktop Protocol" with Raphaël Rigo and Aurélien Bordes at SSTIC 12 in Rennes, France (french title would translate to "Remote Desktop Protocol Security"). Also alvailable is the complete article (pdf version, in french)
- "De la radio logicielle à la radio matérielle - Evolution de la menace" with Chaouki Kasmi at C&ESAR 2011 in Rennes, France. Link to full article (in french too) below.
- "Mobile IPv6 - Panorama de la technologie" at C&ESAR 2011 in Rennes, France.
- "Presentation of SSTIC 2010 Challenge's Solution" at SSTIC 2010 in Rennes, France. Complete solution available in french and english.
- "IPv6 Routing Header Security" with Philippe Biondi at CanSecWest 07 in Vancouver, Canada. Led to the publication of RFC 5095. More details and notes here.
- "Scapy and IPv6 Networking" with Philippe Biondi at HITB 06 in Kuala Lumpur, Malaysia
- "Mobile IPv6 Security" with Guillaume Valadon at PacSec 06 in Tokyo, Japan. Additional versions of the slides available below:
- "La sécurité dans Mobile IPv6" with Guillaume Valadon
at SSTIC 06 in Rennes, France
(french title would translate to "Mobile IPv6 security").
- PPT version of the slides (still in french)
- Complete article (pdf version, in french)
- "Backdoors furtives et autres fourberies dans le noyau" with Olivier Matz and Pierre Lalet at SSTIC 04 in Rennes, France. (french title would translate to "Stealth backdoors and other kernel deceits"). Link to complete article available below.
Articles, publications
- "Eurisko : développement d'une carte électronique sécurisée", SSTIC 16 proceedings with Ryad Benadjila, David Diallo, Mathieu Renard, Jean-Pierre Flori, Karim Khalfallah, Arnaud Fontaine, Philippe Trébuchet (in french)
- "La sécurité de Remote Desktop Protocol", SSTIC 12 proceedings, with Raphaël Rigo and Aurélien Bordes (in french)
- De la radio matérielle à la radio logicielle: impact sur l'étude de la sécurité des réseaux sans fil with Chaouki Kasmi and Pierre-Michel Ricordel, C&ESAR 2011 Conference proceedings (in french).
- (Best) Solution to SSTIC 2010 Challenge, June 2010: French version, English version.
- "IPv6 Type 0 - Routing Header" (PDF version here), article in IETF Journal, Volume 3 Issue 2, October 2007
- "Mobile IPv6", article in MISC magazine #27, September/October 2006, with Guillaume Valadon (in french)
- "La sécurité dans Mobile IPv6", SSTIC 06 proceedings, with Guillaume Valadon (in french)
- "Backdoors furtives et autres fourberies dans le noyau", SSTIC 04 proceedings, with Olivier Matz and Pierre Lalet (in french)
IETF Internet Drafts
- draft-ebalard-mext-ipsec-ro: this memo specifies an improved alternate route optimization procedure for Mobile IPv6. It is designed specifically for environments where IPsec/IKE is used between peers. The document also describes the complete removal of HAO and RH2 extensions from exchanged packets. If you are interested by the topic, I have dedicated a page about the ongoing implementation for Linux (UMIP and Linux kernel)
- draft-ebalard-mext-pfkey-enhanced-migrate: this memo describes the need for an interface between Mobile IPv6 and IPsec/IKE. and shows how the two protocols can work together. Simply put, such a mechanism is required to allow negotiation of transport mode IPsec SA protecting MIPv6 signaling traffic. It is also required to prevent rekeying of tunnel mode SA (protecting data traffic) upon movement, reducing handover time, and power consumption. The protocol described in the memo extends PF_KEY framework. The protocol is implemented in Linux kernel (starting with 2.6.28), racoon IKEv1 daemon, StrongSwan IKEv2 daemon. Additional information is available here and here
- draft-ebalard-mext-hld-security: this memo describes the possible threats and security impacts associated with the use of this insecure NDP-based mechanism as a trigger to drop IPsec protection of data traffic for the MN. It also provides some results on the implementation of the attacks against UMIP.
- draft-bauer-mext-aero-solspace: this memo analyzes potential solutions proposed for NEMO Route Optimization solutions (Global HAHA and CRON) for aeronautical environments.