2021—: I'm simultaneously working on two major projects: 1. Capsule Social, a startup that's building Blogchain, a decentralized discourse platform. 2. Dr. Kobushi's Labyrinthine Laboratory, an indie puzzle adventure game. I am also Cryptographer in Residence at Eden Block, where I contribute scientific oversight into venture capital investment in the blockchain/applied cryptography space.
2018—2021: I founded Symbolic Software, a Paris-based applied cryptography team that offered offers security audits, cryptographic protocol design and formal verification services. Symbolic Software has completed and delivered over 250 software and cryptographic audits for clients all around the world and also publishes well-known research software for applied cryptographers. In 2021, as I pivoted to focus on Capsule Social (see above), Symbolic Software became also a video game publisher.
2015—2019: Wrote and defended my Ph.D. thesis, Formal Verification for Real-World Cryptographic Protocols and Implementations, at Inria Paris, after 3½ years of research with team PROSECCO. I also designed and taught the computer security course at New York University's Paris campus, where I served as an adjunct professor.
My CV is also available as a PDF file.
SoftwareMy software is published by my small Paris-based company, Symbolic Software. Over the years, I've worked on probably over a dozen projects; here are the ones that matter and that are actively maintained:
- Verifpal (2019—): New software for verifying the security of cryptographic protocols. Building upon contemporary research in symbolic formal verification, Verifpal's main aim is to appeal more to real-world practitioners, students and engineers without sacrificing comprehensive formal verification features. Used by Google, Zoom, Bosch and others.
- Noise Explorer (2018—): Online engine for designing, reasoning about, formally verifying and implementing arbitrary Noise Handshake Patterns. Based on our formal treatment of the Noise Protocol Framework, Noise Explorer can validate any Noise Handshake Pattern and then translate it into a model ready for automated verification and also into a production-ready software implementation written in Go or in Rust.
- Dr. Kobushi's Labyrinthine Laboratory (2022—): Ambitious indie puzzle adventure game! Features over 100 levels, story, dialog, and innovative gameplay. Only the third ever commercial video game to be written in the Go programming language. It's a really nice game, check it out!
- Piccolo: Othello (2021—): Othello software for macOS and iOS written in Rust and Swift. Featured in Apple's What We're Playing, Games We Love, and Best Games Made in France. #1 top overall game in the Japan Mac App Store from April to July 2021.
- Verifpal: Cryptographic Protocol Analysis for the Real World (with G. Nicolas, M. Tiwari), 21st International Conference on Cryptology in India, 2020
- EverParse: Verified Secure Zero-Copy Parsers for Authenticated Message Formats (with A. Delignat-Lavaud, C. Fournet, T. Ramananandro, N. Swamy, T. Chahed), 28th USENIX Security Symposium, 2019
- Noise Explorer: Fully Automated Modeling and Verification for Arbitrary Noise Protocols (with G. Nicolas, K. Bhargavan), 4th IEEE European Symposium on Security and Privacy, 2019
- Ledger Design Language: Designing and Deploying Formally Verified Public Ledgers (with N. Kulatova), Workshop on Security Protocol Implementations, 2018
- Verified Models and Reference Implementations for the TLS 1.3 Standard Candidate (with K. Bhargavan, B. Blanchet), 38th IEEE Symposium on Security and Privacy, 2017
- Formal Modeling and Verification for Domain Validation and ACME (with K. Bhargavan, A. Delignat-Lavaud), Financial Cryptography and Data Security, 2017
- Automated Verification for Secure Messaging Protocols and their Implementations: A Symbolic and Computational Approach (with K. Bhargavan, B. Blanchet), 2nd IEEE European Symposium on Security and Privacy, 2017
- Formal Verification of Smart Contracts (with K. Bhargavan, A. Delignat-Lavaud, C. Fournet, A. Gollamudi, G. Gonthier, A. Rastogi, T. Sibut-Pinote, N. Swamy, S. Zanella-Beguelin), 11th ACM SIGPLAN Workshop on Programming Languages and Analysis for Security, 2016
- FlexTLS: A Tool for Testing TLS Implementations (with B. Beurdouche, A. Delignat-Lavaud, A. Pironti, K. Bhargavan), 9th USENIX Workshop on Offensive Technologies, 2015
- The Broader Implications of Apple’s Content Scanning Push, Swiss Cyber Storm, 2021
- Verifpal: Cryptographic Protocol Analysis for the Real World, IACR Real World Cryptography Symposium, 2021
- Noise Explorer: Fully Automated Modeling and Verification for Arbitrary Noise Protocols, IACR Real World Cryptography Symposium, 2019
I host Cryptography FM, a podcast with news and a featured interview covering the latest developments in theoretical and applied cryptography. Whether it's a new innovative paper on lattice-based cryptography or a novel attack on a secure messaging protocol, we'll get the people behind it on Cryptography FM to talk about it.
- 2022-02-11: Rust on iOS and Mac Catalyst: A Simple, Updated Guide
- 2021-12-12: On Paying Open Source Maintainers
- 2021-06-20: Adventures in Writing Othello Software for iOS and macOS
- 2021-06-02: On the Feasibility of Secure Traceability in End-to-End Encrypted Messaging
- 2020-11-26: On the Apple Silicon M1 MacBook Pro
- 2020-09-07: Fear and Loathing in Protocol Analysis
- 2020-05-27: Why StopCOVID Fails as a Privacy-Preserving Design
- 2020-04-25: iPhone SE and the Commodification of the Pocket Computer
- 2020-04-17: An Investigation Into PEPP-PT
- 2020-03-29: Thoughts on 'Half-Life: Alyx' and G-Man
- 2019-04-11: Selfie's Reflections on Formal Verification for TLS 1.3: Largely Opaque
- 2018-10-26: Repairing a ThinkPad with a Corrupt Thunderbolt Firmware Chip
- 2015-11-25: On Encryption and Terrorists