Ludovic Barman
Security, Privacy, Coding
Hi, I'm Ludovic !
I am a 4th-year PhD student at EPFL in the Laboratory for Data Security and the Decentralized & Distributed Systems Laboratory, co-advised by Prof. Jean-Pierre Hubaux and Prof. Bryan Ford.
I have a strong interest in security, privacy and applied cryptography; my line of work notably include anonymity networks & quantification and protection of sensitive metadata. I love to code, design solutions, and ultimately I am a technology enthusiast, curious about everything.
Contact: firstname.lastname@protonmail.com
Looking for a printable CV ? Just print this page to get the magically cleaned-up version, or contact me.
Table of contents: projects / blog posts / past positions / education / demos
Public key : 720F 1E8F 1AD4 0505 ABFB 625C 5713 53C5 E0FB 9061
Projects & Papers
- [Project] Traffic-Analysis of Wearable Devices over Bluetooth Classic and BLE since 2018
L. Barman, A. Pyreglis, J-P. Hubaux - [Project] Drand & LeagueOfEntropy.com: Provable Distributed Randomness 2018
My contribution to this team project is mostly code.
website, paper, code, various press articles - [Paper] Reducing Metadata Leakage from Encrypted Files and Communication with PURBs 2018
K. Nikitin & L. Barman, M. Underwood, W. Lueks, B. Ford, J-P. Hubaux
website, press article, paper, presentation, code, real-world use - [Paper] PriFi: Low-Latency Metadata Protection for Organizational Networks since 2015
L. Barman, I. Dacosta, M. Zamani, E. Zhai, B. Ford, J. Feigenbaum, J-P. Hubaux
website, arXiv preprint, code - [Project] Vaultage, a self-hosted, in-browser password manager with client-side encryption since 2015
L. Barman & H. Milano
code, doc, live demo - [Paper] PriFi: A Low-Latency and Tracking-Resistant Protocol for Local-Area Anonymous Communication 2016
L. Barman, M. Zamani, I. Dacosta, J. Feigenbaum, B. Ford, J-P. Hubaux, D. Wolinsky
In the Workshop on Privacy in the Electronic Society 2016 (WPES 2016)
paper - [Paper] Mirror: Enabling Proofs of Data Replication and Retrievability in the Cloud 2015
F. Armknecht, L. Barman, J-M. Bohli, G. Karame (NEC Laboratories Europe)
In 25rd USENIX Security Symposium (USENIX Security 16)
paper - [Paper] Privacy Threats and Practical Solutions for Genetic Risk Tests 2015
L. Barman, E. Graini, J-L. Raisaro, E. Ayday, J-P. Hubaux
2nd International Workshop on Genome Privacy and Security (GenoPri" 15)
paper - [Master Thesis] Proofs of Retrievability and Redundancy 2015
Master Thesis, NEC Laboratories Europe, Heidelberg
Supervised by G. Karame (NEC Laboratories Europe) and P. Oechslin (LASEC, EPFL).
thesis, presentation
Blog posts
- Padmé: Efficiently hiding file sizes read it January 2020
- IoT Home Automation with 3D-Printing read it say Hi to Gasparov January 2019
Keeping my fish and plants alive while I'm away - A TLS downgrade attack with NetFilter's Queues and Docker read it November 2017
Try your very own MitM and downgrade attack now ! (limited offer) - A Journey into Stack Smashing read it April 2017
A first attempt at crackme's - Should I trust the GitHub activity summary ? read it December 2016
A «hello world» on GitHub - Escaping the PyJail read it August 2016
Getting out of a python sandbox (Hacking challenge) - Hunting Aurora Borealis : a Cookbook read it February 2016
A step-by-step guide to find Northern Lights
Past Positions
- Developper at Enfants des Collines, Lausanne
2018, 2019
Implementation from scratch of a custom ERP (Typescript/TypeORM/NodeJs/Docker) - Teaching assistant at the EPFL (part of the PhD program)
since 2015
For the class "Information Security and Privacy", for which I notably spent three weeks rebuilding the old infrastructure in favor of a more reliable setup with dockers and Continuous Integration. I also designed several exercises such as a TLS downgrade attack & implementation of a PAKE protocol.
For the class "Mobile Networks", in which I help builing hands-on exercises about Wireless networks and their security, as well as some privacy aspects of user mobility.
For the class "Introduction to Java & POO", in which I was responsible for the MOOCs automatic grader. - Intern at NEC Laboratories Europe, Heidelberg
2015
Implementation and benchmarking on a project on Cloud Security (Mirror) - Committee member at Hacker EPFL 2014
- Project manager & Partnership at Junior Entreprise EPFL 2014
- Software Engineer at Intemporare 2013 - 2019
- Web Developer at Sunergic SA
2012 - 2014
I created a web application for monitoring Siemens solar panels, as well as a web application to enable clients to design a roof (through a graphical wizard) and estimate the expected efficiency and profit. This application has been used by several partners of Sunergic and Romande Energie - Web Developer at Junior Entreprise EPFL
2010 - 2012
Several web development projects, including a website to create online survey and analyze the results via statistics and graphs - Teaching assistant at EPFL
2012
For the class "System-oriented Programming", where students learn SH, C, Perl, and basic knowledge of Unix - Teaching assistant at EPFL
2012
Supervision of semester projects for students in Java, involving cryptography and networking - Web Developer at CJ Online Works SaRL
2008 - 2011
Improvements of a C# application for car automation, and several web development projects
Education
- EPFL, Lausanne : PhD in Security and Privacy, with profs. Jean-Pierre Hubaux and Bryan Ford started in 2015
- EPFL, Lausanne : Master in Communications Systems, specialized in Security 2013 - 2015
- NUS, Singapore : one-year exchange in Electrical Engineering & Computer Science 2012 - 2013
- EPFL, Lausanne : Bachelor in Communications Systems 2010 - 2013
Demos
- Vaultage : a self-hosted, in-browser password manager with client-side encryption since 2015
Technologies: Express/Typescript, SJCL (crypto), Jest/Jasmine+Pupeteer (testing), NPM package (infra)
Still used today and henced maintained. - TuringWars : A game where small programs fight on a shared computer! (reboot of CoreWars)since 2017
Technologies: Scala+ScalaJS (backend engine), Express/Typescript/TypeORM/React/Redux (backend + frontend), Webpack/Docker (infra)
Made in 24h @ Lauzhack, then improved with hmil during our free time. Development stalled.