Karthikeyan Bhargavan

Karthik is a researcher at INRIA, the French national lab for computer science. He is based in Paris where he leads a team called Prosecco (“programming securely with cryptography”) and is the principal investigator of an ERC starting grant on provably secure implementations of cryptographic protocols. Karthik and his colleagues develop new programming languages like F* (fstar-lang.org) and use them to build and verify protocols like TLS (milts.org).

Along the way, they sometimes find and disclose implementation bugs and protocol flaws like Triple Handshake (secure-resumption.com), FREAK (smacktls.com), and Logjam (weakdh.org). Partly as a consequence of these attacks, and partly motivated by stronger security theorems for the web, Karthik is loosely involved with the TLS working group in the design on TLS 1.3. Karthik was trained at IIT New Delhi and the University of Pennsylvania. Before coming to Paris in 2009, he worked as a researcher at Microsoft Research in Cambridge, England for several years.

Appearing at:

Skip, Freak, and Logjam: Moving past a legacy of weakness in TLS