Mohamed Sabt

Univ Rennes, CNRS, IRISA., SPICY.
In research work, there is no winning or losing, nor being superior or inferior. That is because...


Campus universitaire de Beaulieu

Rennes, France

I am an assistant professor (maître de conférences) at the University of Rennes (UR1) and security researcher at IRISA. I am the head of the M1 major of Software and System Security at the Cyberschool at UR1. My research focuses on identifying vulnerabilities in security protocols: design, implementations, and standards.

Since 2021, I am a member of the SPICY Team at IRISA. I joined UR1 in September 2018. Previously, I worked as PostDoc at IRISA within the EMSEC team. Before that, I spent one year as an R&D Engineer at Dejamobile. I obtained my PhD from Sorbonne Universités, Université de Technologie de Compiègne (UTC) in December 2016, while working at Orange Labs in Caen.


Jan 1, 2023 Got ANR JCJC Grant. It is called DRAMA: Attacks and Security Analysis of Digital Rights Management Systems.
Dec 14, 2022 Daniel has defended his thesis. Go and read his manuscript from here.
Apr 2, 2021 Rewarded by Netflix Bug bounty program. Related CVE is released. Related Android Security Bulletin is published.
Feb 16, 2021 Our work on SRP_Calc_client_key included in the major changes between OpenSSL 1.1.1i and OpenSSL 1.1.1j (changelog).
Dec 15, 2020 Following our recommendations, the amendment of SCP10 is finally out. Download from here.


Apr 1, 2023 Enter the Mozilla Hall of Fame through Firefox Bug Bounty Rewards.
Jul 1, 2021 Enter the Google Hall of Fame.
Mar 1, 2021 Security Contributor for ProtonMail.
Nov 14, 2017 Audience award of “Trophée des ingénieurs du futur”, Usine Nouvelle.
Apr 10, 2017 “Guy Deniélou” PhD award, Université de Technologie de Compiègne.