October 11, 2024: publication of “Aggregated Dependency Score: A Dependency Score that Includes Transitive Dependencies”
24 septembre 2024 : publication de « Sempolda, un site Web pour explorer l'actualité politique en France sur les sujets qui vous intéressent »
Since January 2022, I am working as a Security Engineer at Datadog in the “software integrity and trust” team. Some of my contributions can be seen in my work GitHub account.
Before that, I had been working since April 2019 as a software engineer specialized in cryptography and cyber security in general at Misakey, a French startup which goal was to make an end-to-end encrypted platform for people to manage their personal data on the Web. See this article for more details on my work at Misakey. Misakey closed in July 2021.
From 2014 to 2018, I was a PhD student at EURECOM. My field of study was cryptography, and my supervisors were Refik Molva and Melek Önen. See my PhD thesis, Multi-User Searchable Encryption.
Even before (2011-2014), I was an engineering student at Télécom Paris and EURECOM.
You can find me on the Web on the following networks: LinkedIn, StackExchange (StackOverflow etc …), GitHub, GitLab, Matrix/Element Chat (formerly Riot), Twitter.
Personal Side-Projects
A few projects I am working on on my free time:
- Sempolda, a semantic search engine focused on news and politics.
- Mogahan, a platform where you learn programming from the ground up by building your own search engine.
You can see a more complete list of my personal projects, and their source code, on my GitLab.com profile.
I have a blog, mostly about technical topics. I don't write a lot in it for the moment.
I have a list of “things I like” (version française: une liste de choses que j'aime) if you're looking for nice content.
I would like to start writing a bit of popular science content, so I started with Une démonstration intuitive du théorème de Pythagore (an intuitive proof of Pythagoras theorem — in French).
Activity
Found Security Vulnerabilities
(that have been disclosed publicly)
- Improper handling of different key IDs for the same public keys in attacker-controlled metadata in Go-TUF (September 2022)
- A replay attack against ORY Hydra when using the “private_key_jwt” authentication method (April 2020)
Other Open-Source Activity
Research Activity
I haven't been active in academia since 2019
See the list of my academic publications as well as my DBLP page. I have been an invited reviewer for several conferences, including EUROCRYPT 2019, PETS 2019, ACNS 2018, ACSAC 2017, CANS 2017, SECRYPT 2017, ESORICS 2017, CANS 2016, ISC 2016, SECRYPT 2016.