I am a PhD student. As my thesis is a collaboration between Belgium and France, I am working under the supervision of Pr Jean-Jacques Quisquater at the Université Catholique de Louvain and under the supervision of Pr Thierry Berger at the Université de Limoges. I have been a member of the UCL Crypto Group and of the LACO since 1999.

I have a master in mathematic engineering and an advanced degree in cryptography, code and mathematical calculation from the Université de Limoges.

My current researches deal with applied cryptography to computer science especially in wireless, heavy LAN, group and real-time protocol.

• SPAM: eMail Address Protection Study

Nowadays spams saturate our mailboxes. Indeed three emails out of four are unsolicited. This increasing phenomenon represents a considerable resource expense for Internet Service Providers as well as for end-users. The principal defenses are various kinds of filters, but their efficiency is limited; even recent legal measures appear to merely bother spammers. The problem of spams would be tackled at its roots if spam harvest engines could not discover the user's address.

Based on a wide scope of experiments, this paper intends to provide practical numbers and figures concerning the protection of email addresses at the gathering level, analyze the evolution of the spam escalation on different sites and measure the impact of spywares.The results enable the user to acquire a practical understanding of the spam threats, demonstrate what the actual behavior of spammers is, and increase public awareness on optimal protection of their email addresses.

This study reveals the first concrete numbers and figures about the early stage of spam flood. Even if people have intuitions about what happens and how to protect themselves, it remain an intuition and no quantitative analysis has yet been published.

Link: eMail Address Protection Study

• European Project InspireD

The INSPIRED project aims at developing the next generation of security technology necessary for real trusted access of users to e-services in a mobile or fixed environment. INSPIRED builds on European technical and marketing expertise in smart card systems and will enable the development of a new generation of networked mobile objects. INSPIRED addresses the requirements for trust and security in networked applications with a multi-layer RTD approach going from the secure chip architecture to the communication protocols and the integration of all necessary software elements.

INSPIRED will develop the Trusted Personal Device (TPD) to provide Trust and Security to users and on-line services in the future ambient intelligence and ubiquitous computing environments.

The concept of an individual object representing the root of trust is the paradigm which definitely made the success of the smart card. INSPIRED intends to rely on it and to extend it to the next generation of secure communicating devices. These devices will have different form factors and features depending of the targeted applications. INSPIRED aims at defining the common technical foundations to allow cost-efficient product developments of devices with extended features and performances that can better be integrated in heterogeneous networks.

Link: http://www.inspiredproject.com/

• Internet-0

This is a cooperation project between the UCL Crypto Group and the MIT Media Lab.

Internet-0 is an experiment networking at the ultra-lightweight scale. Instead of relying on the architectural notions of Internet 1 with its routing, its servers, and its layered network stacks; we are toying with very small, cheap, and simple ways to bring Internet Protocols all the way to the physical interface.

Link: http://cba.mit.edu/projects/I0/

• Keylength.com, Cryptographic Key Length Recommendation

In most cryptographic functions, key lengths are important security parameters (cf. Wikipedia). Despite the availability of many publications, choosing a good key size to protect your system from attacks could be a headache.

In 1999, Arjen K. Lenstra and Eric R. Verheul described mathematic formulas providing key length recommendations for most cryptographic systems. Arjen K. Lenstra updated his paper in 2004. This web site implements these formulas and allows you to quickly evaluate the minimum security requirements for your system.

It also provides the key size recommended in 2005 by the European Network of Excellence for Cryptology ECRYPT and the National Institute of Standards and Technology NIST.

Link: http://www.keylength.com

• eMail Address Protection Study, Damien Giry, Michael Neve, Short Paper Proceedings of Information Security and Cryptology - CISC 2005, Higher Education Press, pp. 247-256, Beijing, China, December 2005.

Download the extended version: eMail Address Protection Study.

• Wireless Security Design Overview, Nidal Aboudagga, Damien Giry, Jean-Jacques Quisquater, In R. Pellikaan, editor(s), Twenty-fifth Symposium on Information Theory in the Benelux, pp. 153-160, Werkgemeenschap voor Informatie- en Comm, June 2004.

Today, Wireless Network has become more and more present in open area or large companies and security enhancement is needed to control authentication and confidentiality. The 802.11 Working Group introduced the 802.11i amendment as the final stage of the Robust Security Network standard, which superseded the old WEP technology. This paper describes the technical evolution of wireless security and introduces the future 802.11i with the most recent IEEE draft.

Download the extended version: PDF or PS.

• Modes of Operation: Survey, Damien Giry, Michael Neve

Modes of Operation specify how data will be encrypted and decrypted, when using symmetric key block cipher algorithms. There is a wide variety of modes available, but only five are recommended by the American National Institute of Standards and Technologies (NIST). Those recommendations should not be considered as standards.

The five modes --- the Electronic Code Book mode (ECB), the Cipher Block Chaining mode (CBC), the Cipher Feedback mode (CFB), the Output Feedback mode (OFB) and the Counter mode (CTR) --- can provide data confidentiality and are presented as secure as the underlying cipher algorithm used. We will also describe a hybrid mode, "f8-mode", combining the properties of OFB and CTR modes, that is already used in mobile communication applications (3G).

Download Draft 1: PDF.

• My first step in cryptography world as a French introduction to RSA and Elgamal.

• Hewlett-Packard security consultant on TCPA architecture.

A Trusted Platform is a platform that can be trusted by local users and by remote entities. TCPA uses a behavioral definition of trust: an entity can be trusted if it always behaves in the expected manner for the intended purpose.

The basis for trusting a platform is a declaration by a known authority that a platform with a given identity can be trusted to measure and report the way it is operating. That operating information can be associated with data stored on the platform, to prevent the release of that data if the platform is not operating as expected. Other authorities provide declarations that describe the operating information the platform ought to produce when it is operating properly.

The local user and remote entities trust the judgment of the authorities; so, when they receive proof of the identity of the platform, information about the current platform environment, and proof about the expected platform environment, they can decide whether to trust the platform to behave in a sufficiently trustworthy and predictable manner. The local user and/or remote entities must take this decision themselves because the level of trust in a platform can vary with the intended use of that platform, and only the local user and/or remote entities know that intended purpose.

Links: https://www.trustedcomputinggroup.org/home

• Alcatel security consultant to adapt real-time protocol.

The first part of the study is an overview of the Alcatel Report: RTP (together with RTCP) is currently the preferred protocol to carry/design real-time applications over IP-based networks. Two types of solutions are being discussed for securing RTP/RTCP: IPsec/IKE and SRTP. We will compare these two solutions and apply them to specific cases of Multiparty Network.

I am a windows 2003 system administrator: 150 personal computers in a Microsoft Windows 2003 domain.

I have done the migration from Windows NT 4 to Windows 2000 Server 2 in 2001. I have also done the migration from windows 2000 Server to Windows 2003 Server in 2004. Our network is based on the most up to date technology in security system. We use strong firewall and anti-virus products, all managed directly by the domain controller (GPO, AD, etc.).

Our domain is enhanced with a UNIX environment and we are using NAS, etc.

What is the Web of Trust (WoT)? The WoT is a certification system that allows your identity to be validated for use in your personal certificate. When you first enroll in the thawte personal e-mail certificate system, your identity is not trusted. The name in your certificate appears as "thawte personal freemail". To include your full name in your certificate, you will need to get in touch with WoT notaries who, on being shown the relevant proof, will validate your ID.

A certificate: what and why? A personal e-mail certificate is a link between your identity and your e-mail address certified by a certification authority.It allows you to secure your e-mail communications by digitally signing your e-mails and encrypting them. Thawte offers the possibility to get such personal certificate absolutely free of charge.

I am a Thawte Web of Trust Notary. If you want to be empowered by me, click here.