< but I now live in
[Belfast](https://en.wikipedia.org/wiki/Belfast).
Email: `mjos@iki.fi`.
PGP keys are available at [`https://keybase.io/mjos`](https://keybase.io/mjos).
## Work
Focus of my current research is in next-generation and quantum resistant
cryptographic algorithms. I'm seeking collaboration in:
* Post-Quantum algorithm and parameter selection for standardisation
within IETF, ETSI, ISO, etc. I am already involved with this work, so
actively seeking input and new partners.
* Integration of new AEAD ciphers and quantum resistant key exchange
and public key algorithms into standard cryptographic libraries such
as OpenSSL and derivatives.
However I've worked in and around information security for some 20 years and my
interests are actually much broader than that. I generally like to code, hack,
and tinker. For example, here's a
[wee file compressor](https://github.com/mjosaarinen/weesrc)
that I wrote recently.
### Quantum-Resistant TLS, IPSec, etc.
The August 2015
[NSA announcement](https://www.nsa.gov/ia/programs/suiteb_cryptography/)
of transition to a "quantum resistant suite" essentially means that
these technologies will also have to be adopted by the wider security
industry. Therefore quantum resistance is very much an acute
engineering concern. The algorithms themselves are not very
mature yet. In addition academics and government agencies some major
[vendors](http://research.microsoft.com/apps/pubs/default.aspx?id=249336)
are already actively working in this space.
### New AEADs
Another area where I am active is the NIST-Sponsored
[CAESAR project](http://competitions.cr.yp.to/caesar-submissions.html).
CAESAR seeks to select next generation Authenticated Encryption (AEAD)
algorithms; some of these can eventually replace the AES-GCM AEAD in
most applications. Our own second-round CAESAR candidate is
[STRIBOB](http://www.stribob.com), but naturally I've been analyzing all
candidates. Some of these new ciphers will have to eventually be integrated
into TLS, IPSec, SSH, et al. At first stage this would be experimental in
order to measure performance within realistic usage profiles, later
full-scale deployment.
## Recent publications and preprints
**2016**
* [**Arithmetic Coding and Blinding Countermeasures for
Lattice-Based Signatures**](https://eprint.iacr.org/2016/276).
Submitted for publication. ePrint 2016/276, IACR 2016.
* [**The BRUTUS Automatic Cryptanalytic Framework**](http://dx.doi.org/10.1007/s13389-015-0114-1).
J. Cryptographic Engineering, Vol. 6, No. 1, pp 75-82. Springer 2016.
**2015**
* [**The BLAKE2 Cryptographic Hash and Message Authentication Code
(MAC)**](https://tools.ietf.org/html/rfc7693).
*With Jean-Philippe Aumasson.* RFC 7693. IETF 2015.
* [**Gaussian Sampling Precision in Lattice
Cryptography**](https://eprint.iacr.org/2015/953).
Submitted for publication. ePrint 2015/953, IACR 2015.
* [**WHIRLBOB, the Whirlpool based Variant of STRIBOB**](http://dx.doi.org/10.1007/978-3-319-26502-5_8).
*With Billy B. Brumley.* Proc. NordSec 2015, LNCS 9417, pp. 106-122.
Springer 2015.
* [**STRIBOB: Authenticated Encryption from GOST R
34.11-2012 LPS Permutation**](http://mi.mathnet.ru/eng/mvk146).
Mat. Vopr. Kriptogr., Vol. 6, No. 2, pp. 67-78.
Steklov Mathematical Institute of RAS 2015.
**2014**
* [**Simple AEAD Hardware Interface (SAEHI) in a SoC: Implementing
an On-Chip Keyak/WhirlBob
Coprocessor**](http://dx.doi.org/10.1145/2666141.2666144).
Proc. TrustED '14, pp. 51-56. ACM 2014.
* [**CBEAM: Efficient Authenticated Encryption from Feebly
One-Way Phi Functions**](http://dx.doi.org/10.1007/978-3-319-04852-9_13).
Proc. CT-RSA 2014. LNCS 8366, pp. 251-269. Springer 2014.
* [**Beyond Modes: Building a Secure Record Protocol from a
Cryptographic Sponge Permutation**](http://dx.doi.org/10.1007/978-3-319-04852-9_14).
Proc. CT-RSA 2014. LNCS 8366, pp. 270-285. Springer 2014.
**2013**
* [**Developing a Grey Hat C2 and RAT for APT Security Training and
Assessment**](https://mjos.fi/doc/saarinen_hrpaper.pdf).
For GreHack 2013 Hacking Conference. Grenoble, France, 15 November 2013.
* [**Related-Key Attacks Against Full Hummingbird-2**](http://dx.doi.org/10.1007/978-3-662-43933-3_24).
Proc. FSE 2013. LNCS 8424, pp. 467-482. Springer 2013.
**2012**
* [**A Do-It-All-Cipher for RFID: Design Requirements (Extended
Abstract)**](https://eprint.iacr.org/2012/317).
*With Daniel Engels.* ePrint 2012/317, IACR 2012.
* [**The BLUEJAY Ultra-Lightweight Hybrid Cryptosystem**](http://dx.doi.org/10.1109/SPW.2012.11).
Proc. TrustED 2012 (SPW 2012), pp. 27-32. IEEE Computer Society 2012.
* [**Cycling Attacks on GCM, GHASH and Other Polynomial MACs and Hashes**](http://dx.doi.org/10.1007/978-3-642-34047-5_13).
Proc. FSE 2012. LNCS 7549, pp. 216-225. Springer 2012.
**2011**
* [**Practical Attack on 8 Rounds of the Lightweight Block Cipher KLEIN**](http://dx.doi.org/10.1007/978-3-642-25578-6_11).
*With Jean-Philippe Aumasson and Maria Naya-Plasencia.*
Proc. INDOCRYPT 2011. LNCS 7107, pp. 134-145. Springer 2011.
* [**Cryptographic Analysis of All 4 x 4 - Bit S-Boxes**](http://dx.doi.org/10.1007/978-3-642-28496-0_7).
Proc. SAC 2011. LNCS 7118, pp. 118-133. Springer 2012.
* [**The Hummingbird-2 Lightweight Authenticated Encryption Algorithm**](http://dx.doi.org/10.1007/978-3-642-25286-0_2).
*With Danel Engels, Peter Schweitzer, and Eric M. Smith*.
Proc. RFIDSec 2011. LNCS 7055, pp. 19-31, Springer 2012.
* [**Cryptanalysis of Hummingbird-1**](http://dx.doi.org/10.1007/978-3-642-21702-9_19).
Proc. FSE 2011. LNCS 6733, pp. 328-341, Springer 2011.
### For info on my publications (and patents etc) before 2011, see my [CV](https://mjos.fi/doc/saarinen_cv.pdf).
]]>