Guillaume Endignoux
About Me
Hello world, I am Guillaume, currently working as a software engineer in Zurich. Although I specialized in information security during my studies, with a master's thesis in cryptography, I am more broadly interested in many aspects of software engineering (see my open-source contributions).
My focus on what I would call "foundations" of software and security, has led me to work on a wide range of topics including cryptography, firmware, file formats, data compression, performance and privacy. But I also enjoy writing software higher up the stack, such as a 3D visualization of surrounding mountains with OpenGL.
I have published several research papers and given talks, notably on cryptography, file formats and privacy topics.
I am always eager to learn and teach, so don't hesitate to reach me on Mastodon for any question or just to get news. You can also subscribe to my blog's RSS feed.
Featured publications See all publications
Improving Stateless Hash-Based Signatures
Jean-Philippe Aumasson, Guillaume Endignoux
CT-RSA 2018
Paper Slides CitationAbstract Abstract
We present several optimizations to SPHINCS, a stateless hash-based signature scheme proposed by Bernstein et al. in 2015: PORS, a more secure variant of the HORS few-time signature scheme used in SPHINCS; secret key caching, to speed-up signing and reduce signature size; batch signing, to amortize signature time and reduce signature size when signing multiple messages at once; mask-less constructions to reduce the key size and simplify the scheme; and Octopus, a technique to eliminate redundancies from authentication paths in Merkle trees. Based on a refined analysis of the subset resilience problem, we show that SPHINCS' parameters can be modified to reduce the signature size while retaining a similar security level and computation time. We then propose Gravity-SPHINCS, our variant of SPHINCS embodying the aforementioned tricks. Gravity-SPHINCS has shorter keys (32 and 64 bytes instead of ≈1 KB), shorter signatures (≈30 KB instead of 41 KB), and faster signing and verification for a same security level as SPHINCS.
Caradoc: a Pragmatic Approach to PDF Parsing and Validation
Guillaume Endignoux, Olivier Levillain, Jean-Yves Migeon
Proceedings of the 37th IEEE Symposium on Security and Privacy Workshops (SPW 2016)
Paper Slides Video CitationAbstract Abstract
PDF has become a de facto standard for exchanging electronic documents, for visualization as well as for printing. However, it has also become a common delivery channel for malware, and previous work has highlighted features that lead to security issues. In our work, we focus on the structure of the format, independently from specific features. By methodically testing PDF readers against hand-crafted files, we show that the interpretation of PDF files at the structural level may cause some form of denial of service, or be ambiguous and lead to rendering inconsistencies among readers. We then propose a pragmatic solution by restricting the syntax to avoid common errors, and propose a formal grammar for it. We explain how data consistency can be validated at a finer-grained level using a dedicated type checker. Finally, we assess this approach on a set of real-world files and show that our proposals are realistic.
ORide: A Privacy-Preserving yet Accountable Ride-Hailing Service
Anh Pham, Italo Dacosta, Guillaume Endignoux, Juan Ramon Troncoso Pastoriza, Kevin Huguenin, Jean-Pierre Hubaux
USENIX Security Symposium 2017
Paper CitationAbstract Abstract
In recent years, ride-hailing services (RHSs) have become increasingly popular, serving millions of users per day. Such systems, however, raise significant privacy concerns, because service providers are able to track the precise mobility patterns of all riders and drivers. In this paper, we propose ORide (Oblivious Ride), a privacy-preserving RHS based on somewhat-homomorphic encryption with optimizations such as ciphertext packing and transformed processing. With ORide, a service provider can match riders and drivers without learning their identities or location information. ORide offers riders with fairly large anonymity sets (e.g., several thousands), even in sparsely populated areas. In addition, ORide supports key RHS features such as easy payment, reputation scores, accountability, and retrieval of lost items. Using real data-sets that consist of millions of rides, we show that the computational and network overhead introduced by ORide is acceptable. For example, ORide adds only several milliseconds to ride-hailing operations, and the extra driving distance for a driver is less than 0.5 km in more than 75% of the cases evaluated. In short, we show that a RHS can offer strong privacy guarantees to both riders and drivers while maintaining the convenience of its services.
Featured projects See more projects
OpenSK
U2F/FIDO2 firmware for security keys written in Rust.
OpenSK is a firmware for security keys entirely written in Rust. During my work at Google, I was part of the team that developed it. Building upon the Tock operating system, the OpenSK project included implementing cryptographic algorithms for embedded systems, a CBOR codec, a USB driver, and doing a lot of low-level debugging. We also contributed many improvements to Tock.
Gravity-SPHINCS
An experimental post-quantum cryptographic signature algorithm.
Gravity-SPHINCS is the result of my master's thesis on cryptography, in which I studied various improvements to the SPHINCS hash-based scheme. The resulting scheme, named Gravity-SPHINCS was submitted to the post-quantum cryptography standardization effort organized by NIST. I wrote a reference implementation in C (mandatory for the submission) and an alternative implementation in Rust (which I find more readable).
Caradoc
A PDF parser and validator.
Because PDF is the format of choice for exchanging electronic documents, it has become a natural target for malware delivery. However, due to its complex and sometimes ambiguous syntax, practical implementations of PDF parsers have different behaviors, especially when it comes to ill-formed files. Hence, a malware creator can use these discrepancies to evade a malware detector (which relies on parser A), while delivering a payload for a targeted PDF reader (which relies on parser B), so that only B would see the payload.
In this project, we formalized a strict subset of the PDF language that should be unequivocally parsed by common implementations. We then implemented a validator for this language, as well as a normalizer to convert common PDF files into the strict subset.
BlaBla-AVX2
Optimized implementation of BlaBla for SSE2/SSSE3/AVX2.
An implementation of the BlaBla stream cipher in C, with optimisations for Intel processors supporting SSE2, SSSE3 or AVX2 instructions. Simple benchmarks suggest around 15% speed improvement over similar ChaCha implementations (and same number of rounds), due to the choice of rotation constants in BlaBla's permutation.
