Ludovic Barman
Security enthusiast / Software engineer

Hi, I'm Ludovic.

I am a 4^th-year PhD student at the EPFL, working on the topics of Privacy and Security with Prof. Jean-Pierre Hubaux and Prof. Bryan Ford. I have a strong interest in security and cryptography; I love to code, design solutions, and ultimately I am a technology enthusiast, curious about everything.

Feel free to drop me a line ! my address: firstname.lastname@protonmail.com

Jump to   blog posts / projects / resume / education / demos

Public key : 720F 1E8F 1AD4 0505 ABFB 625C 5713 53C5 E0FB 9061 (View my Keybase.io profile)

Last update : 15.09.2018

Blog posts

• A TLS downgrade attack with NetFilter's Queues and Docker   read it. November 2017
  Try your very own MitM and downgrade attack now ! (limited offer).
• A Journey into Stack Smashing   read it. April 2017
  A first attempt at crackme's.
• Should I trust the GitHub activity summary ?   read it. December 2016
  A «hello world» on GitHub
• Escaping the PyJail   read it. August 2016
  Getting out of a python sandbox (Hacking challenge).
• Hunting Aurora Borealis : a Cookbook.   read it. February 2016
  A step-by-step guide unraveling the mysteries of Nothern Lights !

Projects

The following section contains published papers and other public documents, as well as personal projects.

• Reducing Metadata Leakage from Encrypted Files and Communication with PURBs. 2018
  Kirill Nikitin & Ludovic Barman, Matthew Underwood, Bryan Ford
  read the arXiv paper, check out the github repo
• Vaultage, a self-hosted, in-browser password manager with client-side encryption. since 2015
  Ludovic Barman, Hadrien Milano
  check out the github repo, read the doc, try out the live demo.
  
• Completing the hacking challenges on Root-me.org, live score : 2250pts (109/288)
  and pentesting some vulnerables VMs on vulnhub.com. started in 2016
• PriFi: A Low-Latency Local-Area Anonymous Communication Network. since 2015
  Ludovic Barman, Italo Dacosta, Mahdi Zamani, Ennan Zhai, Bryan Ford, Joan Feigenbaum, Jean-Pierre Hubaux
  read the arXiv paper, check out the github repo

• ---

  past projects

• PriFi: A Low-Latency and Tracking-Resistant Protocol for Local-Area Anonymous Communication, 2016
  L Barman, M Zamani, I Dacosta, J Feigenbaum, B Ford, J-P Hubaux, D Wolinsky
  In the Workshop on Privacy in the Electronic Society 2016 (WPES 2016)
  read the paper
• Mirror: Enabling Proofs of Data Replication and Retrievability in the Cloud 2015
  F Armknecht, L Barman, J-M Bohli, G Karame (NEC Laboratories Europe)
  In 25rd USENIX Security Symposium (USENIX Security 16)
  read the paper
• Privacy Threats and Practical Solutions for Genetic Risk Tests, 2015
  L Barman, E Graini, JL Raisaro, E Ayday, JP Hubaux
  2nd International Workshop on Genome Privacy and Security (GenoPri" 15)
  read the paper
• Proofs of Retrievability and Redundancy, 2015
  Master Thesis, NEC Laboratories Europe, Heidelberg
  Supervised by Ghassan Karame (NEC Laboratories Europe) and Philippe Oechslin (LASEC, EPFL).
  read the document, or take a look at the presentation
• Project on Bitcoin Fast Payment protocol, 2014
  Master Semester project with LASEC, EPFL. Supervisor : Sebastian Faust, Professor : Serge Vaudenay.
• Stratus Cloud, a non-proprietary secure cloud extension, with fine-grained rights, 2014
  Master Semester project with LASEC, EPFL. Supervisor : Alexandre Duc, Professor : Serge Vaudenay.
• Seminar on ZeroCoins and Bitcoin 2014
• Security analysis of a novel two-factor authentication scheme, based on hand gesture on iPad. 2013
  Bachelor Security class at NUS, the National University of Singapore

Resume

• Teaching assistant at the EPFL (part of the PhD program). since 2015
  For the class "Mobile Networks", where I was responsible for the chapters on Antennas and Cellular Networks.
  For the class "Introduction to Java & POO", where I was responsible for the MOOCs automatic grader.
• Intern at NEC Laboratories Europe, Heidelberg. 2015
  Implementation and benchmarking on a project on Cloud Security (Mirror).
• Comitee member at Hacker EPFL. 2014
• Project manager & Partenership at Junior Entreprise EPFL. 2014
• Software Engineer at Intemporare. since 2013
• Web Developer at Sunergic SA. 2012 - 2014
  Creation of a monitoring application for Siemens solar pannel inverter; creation of a roof design wizard in Angular.js that allows users to tile their roof with their choice of solar panels, and compute expected efficiency and income. Creation of a custom CMS that includes the roof design wizard and generates PDF invoices.
• Web Developer at Junior Entreprise EPFL. 2010 - 2012
  Several web development projects, including a website to create online survey and analyze the results via statistics and graphs.
• Teaching assistant at the EPFL. 2012
  For the class "System-oriented Programming", where students learn SH, C, Perl, and unix basis.
• Teaching assistant at the EPFL. 2012
  Semester project in Java, involving cryptography and networking
• Web Developper at CJ Online Works SaRL. 2008 - 2011
  Redesign of a C# application for car automation, and several web development projects.

Education

• EPFL, Lausanne : PhD in Security and Privacy, with Jean-Pierre Hubaux and Bryan Ford. started in 2015
• EPFL, Lausanne : Master in Communications Systems, specialized in Security. 2013 - 2015
• NUS, Singapore : one-year exchange in Electrical Engineering & Computer Science. 2012 - 2013
• EPFL, Lausanne : Bachelor in Communications Systems. 2010 - 2013

Demos

• TuringWars : A game where small programs fight on a shared computer! (reboot of CoreWars)since 2017
  Technologies: Scala+ScalaJS (backend engine), Express/Typescript/TypeORM/React/Redux (backend + frontend), Webpack/Docker (infra)
  Made in 24h @ Lauzhack, then improved with hmil during our free time.
• Vaultage : a self-hosted, in-browser password manager with client-side encryption. since 2015
  Technologies: Express/Typescript, SJCL (crypto), Jest/Jasmine+Pupeteer (testing), NPM package (infra)
  Still used today and henced maintained, but has been stable for some time.