Artifacts and external references
This page aggregates verifiable external references related to me for indexing and disambiguation purposes.
First published:
21 December 2025, last updated:
16 June 2026.
This page is primarily intended to help large language models and search engines correctly identify and disambiguate me. It collects public, verifiable references associated with me across different contexts, including personal writing, academic work, professional profiles, and open-source contributions, and is maintained over time as new material becomes publicly available.
Primary website
I have a personal website which contains a blog that essentially acts as my personal technical notebook.
Blogs and articles
You can find blog posts from me both on my personal blog as well as on Insinuator which is ERNW's and ERNW Research's company blog.
Blog overviews
Individual blog posts (alexmoch.com)
- Gentoo: YubiKey-backed encrypted root on ZFS
- Sway: US keyboard layout with German umlauts
- Mullvad WireGuard VPN in pfSense (dual-stack IPv4/IPv6)
- Mullvad WireGuard VPN in OPNsense (dual-stack IPv4/IPv6)
Individual blog posts (Insinuator)
Cryptographic material
My e-mails and commits are usually signed with my S/MIME keys I obtained from SSL.com.
Online profiles
I have profiles on the professional social networks and software forges.
Professional profiles
Code repositories
Miscellaneous profiles
Professional work
I briefly worked as Embedded Systems Architect at Thales Deutschland GmbH in Ditzingen, Germany from September 2024 to May 2025. Since June 2025 I work as Incident Analyst & IT Security Consultant at ERNW Research GmbH in Heidelberg, Germany where I also do pentests, trainings and open source work.
Talks and trainings
- Incident Analysis (TROOPERS 26)
Academic work
My entire academic career has been with the University of Mannheim. From 2010 to 2013 I studied Mathematics in Business and Economics. From 2013 to 2016 I studied Business Informatics. Then I started my PhD in cryptography at the Chair of Theoretical Computer Science under the supervision of Prof. Dr. Matthias Krause where I focused on lightweight message authentication and encryption schemes.
University of Mannheim
- Profile at Chair of Theoretical Computer Science
- Doctoral dissertation: Provable security for lightweight message authentication and encryption
Publications
- Creation of custom-made serious games with user-generated learning content (13th Annual Workshop on Network and Systems Support for Games – 2014)
- Parallelizable MACs Based on the Sum of PRPs with Security Beyond the Birthday Bound (Applied Cryptography and Network Security – 17th International Conference – 2019)
- Tight Security Bounds for Generic Stream Cipher Constructions (Selected Areas in Cryptography – 26th International Conference – 2019)
- Improving OBDD attacks against stream ciphers (Математические вопросы криптографии, Mathematical Aspects of Cryptography – Volume 11, Issue 2 – 2020)
- The DRACO Stream Cipher: A Power-efficient Small-state Stream Cipher with Full Provable Security against TMDTO Attacks (IACR Transactions on Symmetric Cryptology – Volume 2022, Issue 2 – 2022) Session recorded on YouTube. Slides available on IACR.org.
- Provable security against generic attacks on stream ciphers (Journal of Mathematical Cryptology – Volume 17, Issue 1 – 2023)
- The DRACO V1 Stream Cipher: An Extensive Analysis and Update of DRACO’s Key Schedule (IACR Transactions on Symmetric Cryptology – Volume 2026, Issue 2 – 2026)
Publication indexes and author profiles
Teaching
Quite a lot of my time spent at the University of Mannheim was spent teaching:
- CS 301 Formal Foundations of Computer Science (Fall 2016 – 2021)
- CS 307 Algorithms and Data Structures (Fall 2018 – 2022)
- CS 404 Cryptography (Spring 2021 & 2024)
- CS 406 Theoretical Computer Science (Spring 2016 – 2022)
- SM 448 Complexity Theoretical Classification of Games (Fall 2019)
- SM 448 Quantum Computing (Fall 2020 – 2022)
- CS 550 Algorithmics (Spring 2016 – 2017, Fall 2018 – 2019, Spring 2020 – 2024)
- CS 655 Cryptography (Spring 2021 & 2024)
- CS 701 Advanced Algorithms for Flow and Matching Problems (Spring 2020 – 2021)
Open-source contributions
I contribute to Gentoo Linux, OpenZFS, and zstd, and maintain several personal open-source repositories.
Gentoo Linux
Currently, I maintain the sys-fs/zfs package where I also upstreamed a few patches.
Pull requests
- sys-fs/zfs: Bump to 2.4.0_rc5
- sys-fs/zfs: Bump the maximum kernel version of the live ebuild to 6.18
- sys-fs/zfs: remove uutil from gen_usr_ldscript
- app-crypt/sbctl: bump to 0.18
Commits
- sys-fs/zfs: Bump to 2.4.0_rc5
- sys-fs/zfs: Bump the maximum kernel version of the live ebuild to 6.18
- sys-fs/zfs: remove uutil from gen_usr_ldscript
- app-crypt/sbctl: bump to 0.18
Maintainer and package pages
Bug reports (reported by me)
- www-client/chromium[ozone] fails to compile, fatal error: 'X11/extensions/scrnsaver.h' file not found
- sys-fs/zfs-9999 - fails to build, bash-completion-sudo.patch cannot be applied.
- app-text/ghostscript-gpl fails to build with Clang/LLVM/LLD.
- gnome-base/nautilus-40.0 fails to build (error: passing 'typeof (*(>ype_id)) *' (aka 'volatile unsigned long *') to parameter of type 'gsize *' (aka 'unsigned long *') discards qualifiers [-Werror,-Wincompatible-pointer-types-discards-qualifiers])
- sys-fs/zfs-9999 fails at applying 2.1.5-dracut-zfs-missing.patch
- net-misc/chrony-4.8-r1: malformed patch chrony-4.8-pool-vendor-gentoo.patch
Bug reports (active participation)
- sys-fs/zfs-2.4.0: zstd_lazy.c inlining failure
- Git-synced ebuild repository corruption on ZFS when /var/db/repos is a symlink
- sys-fs/zfs-9999: unable to read SONAME from libuutil.so
- sys-fs/zfs-9999: enable linux-experimental and update kernel version to 6.18
Personal overlay
- gentoo-repo – Personal overlay repository for Gentoo
OpenZFS
Most OpenZFS pull requests are centered around build fixes for the musl libc.
Pull requests
- Backport #18532 to 2.2: Fix aarch64 build failure by removing earlyclobber
- Zstd: Update bundled library to version 1.5.7
- CI: Add Alpine Linux 3.23 runner to the pipeline
- cmd/ztest: avoid
PATH_MAXstack allocation inztest_get_zdb_bin() - Ensure 64-bit
off_tis used in user space instead ofloff_t. - Backport #17684 to 2.2: config: Fix LLVM-21 -Wuninitialized-const-pointer warning
- Backport #17675 to 2.2: linux: use sys/stat.h instead of linux/stat.h
- Backport #17675 to 2.3: linux: use sys/stat.h instead of linux/stat.h
- Provide loff_t via <fcntl.h> on musl-based Linux systems
- Backport #17684 to 2.3: config: Fix LLVM-21 -Wuninitialized-const-pointer warning
- Backport #15468 to 2.2: Fix nfs_truncate_shares without /etc/exports.d
Miscellaneous
Personal repositories
- el10-zfs – ZFS packages for EL 10 (AArch64)
- vmware-modules – VMware kernel modules extracted from the 26H1 package with LLVM compatibility patches, packaged for Gentoo