Marc Bevand
Profile
I live in the San Francisco Bay Area, and work for Google as an Information Security Engineer. I graduated in 2003 from EPITA (École Pour l'Informatique et les Techniques Avancées), a computer science school located near Paris, France. I am passionate about free and open source software, high-performance computing, GPGPU, computer and network security, assembly optimization (AMD64, x86, ATI CAL IL), low-level programming, reverse engineering, security vulnerability research and exploitation, Linux, BSD, Solaris kernels internals, operating systems design, computer architecture, etc.
Talks
-
MD5 Chosen-Prefix Collisions on GPUs [whitepaper];
Black Hat USA 2009, Las Vegas, NV, USA (July 30, 2009).
In December 2008, an MD5 chosen-prefix collision attack was performed on a PlayStation 3 cluster to create a rogue CA certificate. A new implementation of this attack has been researched and developped to run an order of magnitude faster and more efficiently on video card GPUs, which now makes the attack practical to anybody. In addition, an MD5 password hash bruteforcer tool has been built on top of this implementation and achieves a speed of 1.5 billion MD5 hash/sec on an ATI Radeon HD 4850 X2, or 725 million MD5 hash/sec on an ATI Radeon HD 4850.
Source code: bday/ -
Breaking UNIX crypt() on the PlayStation 3; ToorCon 10, San Diego, CA, USA (September 28, 2008).
A UNIX crypt() password bruteforcing tool has been developed and optimized for the Cell B.E. processor. The major advance resides in a new set of bitslice DES "S-Box circuits" that average 45.5 gates per S-box by using all the logical instructions of the SPU ISA. This allows the bruteforcer to fully exploit the SPU cores of the Cell processor.
Source code: cell-bf/
Papers and Articles
| [md5-amd64] | MD5 optimized for AMD64 |
| [shellcode-amd64] | A Short Shellcode for AMD64 |
| [rc4-amd64] | RC4 implementation for AMD64 |
Useful Information
- Resume (Curriculum Vitæ): [pdf]
- The traditional .plan
- Miscellaneous things can be found in the public directory
Contact
- <m.bevand (at) gmail.com>
- Phone
- +1.310.254.8705 (cell)
