Mathy Vanhoef

Mathy Vanhoef is a PostDoc at KU Leuven, where he investigates the security of network protocols. He previously worked on the RC4 NOMORE attack, and is now researching techniques to automatically discover logical vulnerabilities in implementations of network protocols.

Infos

Event(s):
34. Chaos Communication Congress, 33. Chaos Communication Congress
Language(s):
English
Track(s):
Security
Links:
Homepage
Twitter

Mathy Vanhoef is a postdoctoral researcher at KU Leuven, where he performs research on streamciphers, discovered a new attack on RC4 that made it possible to exploit RC4 as used in TLS in practice (the RC4 NOMORE attack), and found the HEIST attack against TLS. He also focuses on wireless security, where he turns commodity wifi cards into state-of-the art jammers, defeats MAC address randomization, and breaks protocols like WPA-TKIP. He also did research on information flow security to assure cookies don't fall in the hands of malicious individuals. Currently he is researching how to automatically fuzz network protocols, and detect *logical* flaws in implementations (e.g. downgrade attacks). Apart from research, he also knows a thing or two about low-level security, reverse engineering, and binary exploitation. He regularly participates in CTFs with KU Leuven's Hacknamstyle CTF team.

Statistics

English
158.2 wpm
894.2 spm
handshakekeyaccesspointattackclientframes4-wayencryptionnoncevulnerabledataattackswi-finetworkimpactdevicethinge.galgorithmmsg4meaningencryptedmessagespacketbitdevicesframeattackerclientsmessagemsg3standardbroadcastsendstreamcaseftstartnumbersecuredecryptgroupreplaylinuxpeoplewpa2explainconnectorder
50.6% Checking done50.6%
0.0% Syncing done0.0%
0.0% Transcribing done0.0%
49.4% Nothing done yet49.4%