In this talk, I present five attacks on the user-controlled end-to-end security MEGA. Our attacks show that a malicious provider can break authentication and compromise file confidentiality and integrity.
Talks and presentations
We discuss leasons learnt from breaking MEGA for why end-to-end encrypted cloud storage is hard to design.
This talk discusses my experience as team coach of the Swiss National Hacking Team and preparing it for the European Cyber Security Challenge 2021.
This talks presents the results of applying cache side-channels to contemporary hardware and investigating AES lookup tables, AES key scheduling, and Argon2. The slides give a brief overview of the content described in this blog post
This talk briefly summarizes our improvements on time measurements inside SGX enclaves. It discusses our discovery of the “Poor man’s CMOV” phenomenon, which later led to the USENIX Security paper on the Frontal Attack.