Mathy Vanhoef is a PostDoc at KU Leuven, where he investigates the security of network protocols. He previously worked on the RC4 NOMORE attack, and is now researching techniques to automatically discover logical vulnerabilities in implementations of network protocols.
Mathy Vanhoef is a postdoctoral researcher at KU Leuven, where he performs research on streamciphers, discovered a new attack on RC4 that made it possible to exploit RC4 as used in TLS in practice (the RC4 NOMORE attack), and found the HEIST attack against TLS. He also focuses on wireless security, where he turns commodity wifi cards into state-of-the art jammers, defeats MAC address randomization, and breaks protocols like WPA-TKIP. He also did research on information flow security to assure cookies don’t fall in the hands of malicious individuals. Currently, he is researching how to automatically fuzz network protocols, and detect *logical* flaws in implementations (e.g. downgrade attacks). Apart from research, he also knows a thing or two about low-level security, reverse engineering, and binary exploitation.