Nicky Mouha

Nicky Mouha is a Researcher in Cryptography with more than 15 years of experience. Besides his research, he is involved in various standardization activities, mainly at NIST and ISO. He invented the MILP- and SAT-based techniques for differential and linear cryptanalysis, designed the lightweight Chaskey algorithm (standardized in ISO/IEC 29192-6), and discovered vulnerabilities in the cryptographic software of billions of devices. At RSAC 2023, he will explain how he discovered CVE-2022-37454, a buffer overflow vulnerability in the SHA-3 implementation submitted to NIST that remained undetected for well over a decade. This vulnerability affects several widely-used software projects that have integrated this code, including the Python and PHP scripting languages.