János Folláth

Staff Software Engineer at Arm

Cambridge, England, United Kingdom
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts

Summary

🤩
Rockstar
🎓
Top School
János Folláth is a Staff Software Engineer based in Cambridge with over a decade of experience building secure, high-performance systems at Arm. He combines deep academic training — a PhD in Digital Communication and a Master's in Computer Science — with practical cryptography and systems work dating back to university research and lecturing. At Arm he focuses on backend and security engineering, bringing a specialist's attention to cryptographic correctness and optimization. His open-source contributions to the widely used mbedtls project include hardening RSA routines, adding certificate validation tests, and fixing certificate chain verification bugs, showing a knack for finding subtle vulnerabilities. Previously he designed new Gaussian samplers and lattice-reduction algorithms in C++, reflecting an uncommon blend of theoretical cryptography and production engineering. Colleagues rely on him for rigor, quietly improving security-critical code paths that most users never see.
code10 years of coding experience
job3 years of employment as a software developer
bookMaster's degree, Computer Science, Master's degree, Computer Science at University of Debrecen
languagesEnglish, German, Hungarian
stackoverflow-logo

Stackoverflow

Stats
11reputation
1kreached
1answer
0questions
github-logo-circle

Github Skills (16)

it-security10
c-programming10
x50910
rsa10
cryptography10
security10
libcrypto9
tls139
libtls9
crypto9
tls129
crypt9
mtls9
mbed6
hash6

Programming languages (5)

ShellCMakefileGroovyPython

Github contributions (5)

github-logo-circle
Mbed-TLS/mbedtls

Feb 2016 - Jan 2023

An open source, portable, easy to use, readable and flexible TLS library, and reference implementation of the PSA Cryptography API. Releases are on a varying cadence, typically around 3 - 6 months between releases.
Role in this project:
userBack-end & Security Engineer
Contributions:14 releases, 836 reviews, 1175 commits in 7 years
Contributions summary:János primarily contributed to the security and optimization of the RSA encryption and decryption routines. Their contributions involved implementing tests for overflow and underflow conditions within the RSA algorithms, with specific focus on the library/rsa.c source file. Furthermore, the user added tests for certificate validation, specifically addressing scenarios with potential security vulnerabilities in X509 certificate handling, by creating tests for silently dropping trailing extra bytes in .der certificates. The user also added new test suites for signature algorithm extensions and fixed a bug that prevented valid certificates from being verified due to an issue with the certificate chain.
cryptography-libraryapisslcryptographycryptography-api
yanesca/mbedtls

Oct 2015 - Dec 2024

An open source, portable, easy to use, readable and flexible SSL library
Contributions:1 release, 13 PRs, 270 pushes in 9 years 3 months
xmakesslreadableperl5ssl-library
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
János Folláth - Staff Software Engineer at Arm