A Pwnie Award for the Caramel team

25 September 2015

The Caramel team has won the “Pwnie Award 2015” in the “Most Innovative Research” category for their work leading to the discovery of the Logjam vulnerability in the SSL and TLS encryption protocols which had an impact on 8% of secure web sites.

imageThe Logjam attack was made possible thanks to the CADO-NFS software mainly designed and developed by the Caramel team. It downgrades the security of connections by acting as a man-in-the-middle between the server and the browser. The discovery of these vulnerabilities therefore led designers to clean these systems. Other possible security solutions include elliptic curves which provide equal security levels with smaller keys and shorter calculation times.


The team collaborated with researchers from Inria Rocquencourt in Paris, Microsoft Research and Johns Hopkins, Michigan and Pennsylvania Universities.

The Pwnie Award is an annual awards ceremony for computer security achievements and failures. This year the awards were presented in Las Vegas during the famous American hackers’ conference BlackHat.

While the trophy may not seem entirely serious, representing as it does the ever popular children’s toy “My Little Pony”, Pwnie Awards are actually prestigious and sought after prizes in the security research community.

The term Pwnie Award was chosen in reference to the word “pwn”, which is hacker slang meaning “to compromise” or to “control” based on the previous usage of the word “own”. It is also a nod to the Tony Awards, an awards ceremony for Broadway theatres in New York City.

More information about Logjam