Graham Steel

Research Fellow, INRIA

Move

Since September 2013 I am working as CEO of Cryptosense, a spin-off company commercializing my research in formal analysis of crypto security APIs.

Padding Oracle Attacks

Our recent work on padding oracle attacks has received some press and blog coverage, not all of it accurate. Please read the FAQ for more information.

Publications

From the LSV server or from DBLP.

Slides

Slides from recent seminars including my CRYPTO'12 talk.

Research

My research concerns formal analysis of information security problems. In particular, I'm interested in security APIs, security protocols, and security of embedded systems. Some highlights:

Tookan - a tool for analysing PKCS#11 security devices.
Get in touch if you'd like to try Tookan 2.
The Million Message Attack in 15 000 Messages, my talk explaining improvements to Bleichenbacher's classic RSA PKCS#1v1.5 attack presented at CRYPTO 2012.
Design of a new Key Management API for cryptographic devices, intended to address some of the shortcomings of legacy designs, with security proofs. Development of this API is ongoing thanks in part to funding from the DGA. The latest paper on the work will appear at ACM CCS 2012, dealing with revocation. A journal version of the first paper has been accepted to Information and Computation.
We recently discovered vulnerabilities in the API of the YubiHSM, a device made by Yubico to support authentication using their Yubikey tokens. See their Security Advisory for details. A paper on our analysis of Yubikey and YubiHSM will appear at STM 2012.
Cash machine PIN verification security, work which featured in an article on the Wired Magazine Threat Level blog.

Events

Analysis of Security APIs workshop series - co-organiser with Mike Bond. The 6th Edition, ASA-6 was held on 28th June as part of CSF 2012.
ACM SAC Security Track 2013, Programme Committee co-chair.
CSF 2013, Programme Committee member
Dagstuhl Seminar on security APIs, November 2012, co-organiser with Mike Bond, Riccardo Focardi and Sibylle Fröschle.
PROOFS workshop - Security Proofs for Embedded Systems, September 2012, Programme Committee member.
ACM SAC Security Track 2012, Programme Committee member.
Alan Turing Year workshop Is Cryptographic Theory Practically Relevant?, Cambridge, 31 January - 2 February 2012, Invited speaker.
FMATS, workshop on Formal Methods and tools for Security, Cambridge, December 7-8 2011, Invited speaker
Santa's Crypto in Prague on December 1st 2011, Invited speaker
Course at Tsinghua University, Beijing, in August 2011, Invited lecturer
SSTIC 2011 in Rennes June 9th 2011, Invited speaker.

Book

Mathematical and Algorithmic Foundations of the Internet, by Fabrizio Luccio, Linda Pagli, and me. CRC Press, July 2011. Recently described in the JOC as a "superb read".