Marc Bevand
Homepage | Blog | Travel blog | Google+
Profile
I am currently traveling the world with my wife, visiting approximately 20 countries in Europe, Asia, Oceania, and South America. Previously I used to work for Google in Mountain View, CA as an Information Security Engineer. I graduated in 2003 from EPITA (École Pour l'Informatique et les Techniques Avancées), a computer science school located near Paris, France. I am passionate about: computer and network security, reverse engineering, security vulnerability research and exploitation, high-performance computing, GPGPU, assembly optimization, free and open source software, Unix kernels internals, decentralized cryptocurrencies (Bitcoin), entrepreneurship, angel investing, etc.
Talks
-
MD5 Chosen-Prefix Collisions on GPUs [whitepaper];
Black Hat USA 2009, Las Vegas, NV, USA (July 30, 2009).
In December 2008, an MD5 chosen-prefix collision attack was performed on a PlayStation 3 cluster to create a rogue CA certificate. A new implementation of this attack has been researched and developped to run an order of magnitude faster and more efficiently on video card GPUs, which now makes the attack practical to anybody. In addition, an MD5 password hash bruteforcer tool has been built on top of this implementation and achieves a speed of 1.5 billion MD5 hash/sec on an ATI Radeon HD 4850 X2, or 725 million MD5 hash/sec on an ATI Radeon HD 4850.
Source code: bday/ -
Breaking UNIX crypt() on the PlayStation 3; ToorCon 10, San Diego, CA, USA (September 28, 2008).
A UNIX crypt() password bruteforcing tool has been developed and optimized for the Cell B.E. processor. The major advance resides in a new set of bitslice DES "S-Box circuits" that average 45.5 gates per S-box by using all the logical instructions of the SPU ISA. This allows the bruteforcer to fully exploit the SPU cores of the Cell processor.
Source code: cell-bf/
Papers and Articles
| [md5-amd64] | MD5 optimized for AMD64 |
| [shellcode-amd64] | A Short Shellcode for AMD64 |
| [rc4-amd64] | RC4 implementation for AMD64 |
Useful Information
- My resume (curriculum vitæ)
- The traditional .plan
- Miscellaneous things can be found in the public directory
Contact
- <m.bevand (at) gmail.com>
- Phone
- +1.310.254.8705 (cell)
