Home Page

warning: Declaration of views_plugin_style_default::options(&$options) should be compatible with views_object::options() in /home/alfredo/Public/alfredo.pironti.eu/research/sites/all/modules/views/plugins/views_plugin_style_default.inc on line 0.

Alfredo Pironti

Cyber Security Specialist

e-mail: alfredo at pironti.eu (where 'at' stands for '@')

Picture of Alfredo Pironti


News

Sep 16, 2015: RFC 7627: my proposal to prevent the Triple Handshake attacks on TLS becomes an Internet standard.
Aug 10, 2015: My paper on FlexTLS: a tool for testing TLS implementations won the Best Paper award at WOOT 15.
Jun 25, 2015: RFC 7568: my proposal to deprecate SSL 3.0 in favor of TLS becomes an Internet Standard.
May 20, 2015: My paper on state machine flaws in TLS implementations won the Distinguished Paper award at IEEE S&P 15.
Feb 11, 2015: My paper on compound authentication appeared at NDSS 15.

Short Bio and Research

I am a cyber security specialist and security researcher in formal methods for security protocol implementations and security-aware applications. My current research interests include traffic analysis and side channel analysis; I recently focused on miTLS, a verified implementation of the TLS security protocol in the computational model of cryptography, via refinement types. I was a member of the Prosecco research group at INRIA and of the Secure Distributed Computing project at the MSR-INRIA Joint Centre. My main collaborators are Karthikeyan Bhargavan, Cédric Fournet, Markulf Kohlweiss and Pierre-Yves Strub.

I received my PhD in 2010 at Politecnico di Torino, supervised by Riccardo Sisto. During my PhD I co-developed a framework, called spi2java, that allows to semi-automatically generate Java implementations of security protocols formally specified in the spi calculus language.

For half a year, I have been a visiting PhD student at the Microsoft Research Centre, Cambridge, UK, and the Open University, UK, supervised by Jan Jürjens. During my visit, I developed novel formally-based methodologies to design and develop monitors for legacy security protocols implementations.

I am a member of the CryptoForma network, aimed at bridging the gap between symbolic and computational formal methods.