~~NOTOC~~ ====== Jan Jancar ====== If you have published anything not in the list, please add the bibliography entry to the list. Instructions can be found in the [[https://gitlab.fi.muni.cz/labak/wiki-publications|GitLab repository]] Note down also the information on rejections and authorship percentages. We keep track of our lab efforts and author shares are useful for dissertation proposal/dissertation/habilitation/... There is a [[:internal:crocs:submissions|dedicated page where to write them]]. ==== 2024==== * **Chain of Trust: Unraveling References Among Common Criteria Certified Products**\\ [[:publications:authors:adam-janovsky|Adam Janovsky]], [[:publications:authors:lukasz-chmielewski|Lukasz Chmielewski]], [[:publications:authors:petr-svenda|Petr Svenda]], [[:publications:authors:jan-jancar|Jan Jancar]] and [[:publications:authors:vashek-matyas|Vashek Matyas]],\\ //IFIP International Conference on ICT Systems Security and Privacy Protection//, Springer Nature Switzerland, 2024, .\\ Keywords: [[:publications:keywords:sec-certs|sec-certs]], [[http://dx.doi.org/10.1007/978-3-031-65175-5_14|DOI website]], [[https://www.sciencedirect.com/science/article/pii/S0167404824001974|paper website]], ++ BibTeX |@InProceedings{2024-ifipsec-janovsky, title = {Chain of Trust: Unraveling References Among Common Criteria Certified Products}, author = {Adam Janovsky and Lukasz Chmielewski and Petr Svenda and Jan Jancar and Vashek Matyas}, booktitle = {IFIP International Conference on ICT Systems Security and Privacy Protection}, pages = {}, publisher = {Springer Nature Switzerland}, address = {Cham}, year = {2024}, isbn = {978-3-031-65175-5}, doi = {10.1007/978-3-031-65175-5_14}, url = {https://www.sciencedirect.com/science/article/pii/S0167404824001974}, keywords = {sec-certs}, edition = {volume 710}, editor = {Nikolaos Pitropakis, Sokratis Katsikas, Steven Furnell, Konstantinos Markantonakis}, } ++ * **pyecsca: Reverse engineering black-box elliptic curve cryptography via side-channel analysis**\\ [[:publications:authors:jan-jancar|Jan Jancar]], [[:publications:authors:vojtech-suchanek|Vojtech Suchanek]], [[:publications:authors:petr-svenda|Petr Svenda]], [[:publications:authors:vladimir-sedlacek|Vladimir Sedlacek]] and [[:publications:authors:lukasz-chmielewski|Lukasz Chmielewski]],\\ //IACR Transactions on Cryptographic Hardware and Embedded Systems//, Ruhr-University of Bochum, 2024, 355–381.\\ Keywords: [[:publications:keywords:side-channel|side-channel]], [[:publications:keywords:ecc|ecc]], {{:publications:pdf:2024-ches-jancar.pdf|pre-print PDF}}, [[http://dx.doi.org/10.46586/tches.v2024.i4.355-381|DOI website]], [[https://tches.iacr.org/index.php/TCHES/article/view/11796|paper website]], ++ BibTeX |@InProceedings{2024-ches-jancar, title = {pyecsca: Reverse engineering black-box elliptic curve cryptography via side-channel analysis}, author = {Jan Jancar and Vojtech Suchanek and Petr Svenda and Vladimir Sedlacek and Lukasz Chmielewski}, booktitle = {IACR Transactions on Cryptographic Hardware and Embedded Systems}, publisher = {Ruhr-University of Bochum}, year = {2024}, keywords = {side-channel,ecc}, doi = {10.46586/tches.v2024.i4.355-381}, url = {https://tches.iacr.org/index.php/TCHES/article/view/11796}, pages = {355–381}, } ++ * **sec-certs: Examining the security certification practice for better vulnerability mitigation**\\ [[:publications:authors:adam-janovsky|Adam Janovsky]], [[:publications:authors:jan-jancar|Jan Jancar]], [[:publications:authors:petr-svenda|Petr Svenda]], [[:publications:authors:lukasz-chmielewski|Lukasz Chmielewski]], [[:publications:authors:jiri-michalik|Jiri Michalik]] and [[:publications:authors:vashek-matyas|Vashek Matyas]],\\ //Computers & Security//, 2024.\\ Keywords: [[:publications:keywords:sec-certs|sec-certs]], [[http://dx.doi.org/10.1016/j.cose.2024.103895|DOI website]], [[https://www.sciencedirect.com/science/article/pii/S0167404824001974|paper website]], ++ BibTeX |@Article{2023-seccerts-janovsky, title = {sec-certs: Examining the security certification practice for better vulnerability mitigation}, author = {Adam Janovsky and Jan Jancar and Petr Svenda and Lukasz Chmielewski and Jiri Michalik and Vashek Matyas}, journal = {Computers & Security}, volume = {143}, year = {2024}, issn = {0167-4048}, doi = {10.1016/j.cose.2024.103895}, url = {https://www.sciencedirect.com/science/article/pii/S0167404824001974}, keywords = {sec-certs}, } ++ * **“These results must be false”: A usability evaluation of constant-time analysis tools**\\ [[:publications:authors:marcel-fourne|Marcel Fourné]], [[:publications:authors:daniel-de-almeida-braga|Daniel De Almeida Braga]], [[:publications:authors:jan-jancar|Jan Jancar]], [[:publications:authors:mohamed-sabt|Mohamed Sabt]], [[:publications:authors:peter-schwabe|Peter Schwabe]], [[:publications:authors:gilles-barthe|Gilles Barthe]], [[:publications:authors:pierre-alain-fouque|Pierre-Alain Fouque]] and [[:publications:authors:yasemin-acar|Yasemin Acar]],\\ //Proceedings of the 33rd USENIX Security Symposium//, USENIX Association, 2024, to appear.\\ Keywords: [[:publications:keywords:constant-time|constant-time]], [[:publications:keywords:cryptoimplementations|cryptoimplementations]], [[:publications:keywords:usablesec|usablesec]], [[:publications:keywords:libraries|libraries]], [[:publications:keywords:side-channel|side-channel]], {{:publications:pdf:2024-usenix-jancar.pdf|pre-print PDF}}, ++ BibTeX |@InProceedings{2024-usenix-jancar, title = {“These results must be false”: A usability evaluation of constant-time analysis tools}, author = {Marcel Fourné and Daniel De Almeida Braga and Jan Jancar and Mohamed Sabt and Peter Schwabe and Gilles Barthe and Pierre-Alain Fouque and Yasemin Acar}, booktitle = {Proceedings of the 33rd USENIX Security Symposium}, pages = {to appear}, publisher = {USENIX Association}, year = {2024}, keywords = {constant-time, cryptoimplementations, usablesec, libraries, side-channel}, } ++ ==== 2023==== * **Optical Cryptanalysis: Recovering Cryptographic Keys from Power LED Light Fluctuations**\\ [[:publications:authors:ben-nassi|Ben Nassi]], [[:publications:authors:ofek-vayner|Ofek Vayner]], [[:publications:authors:etay-iluz|Etay Iluz]], [[:publications:authors:dudi-nassi|Dudi Nassi]], [[:publications:authors:or-hai-cohen|Or Hai Cohen]], [[:publications:authors:jan-jancar|Jan Jancar]], [[:publications:authors:daniel-genkin|Daniel Genkin]], [[:publications:authors:eran-tromer|Eran Tromer]], [[:publications:authors:boris-zadov|Boris Zadov]] and [[:publications:authors:yuval-elovici|Yuval Elovici]],\\ //30th ACM Conference on Computer and Communications Security (CCS'2023)//, ACM, 2023, 268–280.\\ Keywords: [[:publications:keywords:cryptolibs|cryptolibs]], [[:publications:keywords:leakage|leakage]], [[:publications:keywords:side-channel|side-channel]], [[:publications:keywords:cryptoimplementations|cryptoimplementations]], [[http://dx.doi.org/10.1145/3576915.3616620|DOI website]], ++ BibTeX |@InProceedings{2023-ccs-jancar, title = {Optical Cryptanalysis: Recovering Cryptographic Keys from Power LED Light Fluctuations}, author = {Ben Nassi and Ofek Vayner and Etay Iluz and Dudi Nassi and Or Hai Cohen and Jan Jancar and Daniel Genkin and Eran Tromer and Boris Zadov and Yuval Elovici}, booktitle = {30th ACM Conference on Computer and Communications Security (CCS'2023)}, pages = {268–280}, publisher = {ACM}, address = {New York, NY, USA}, year = {2023}, isbn = {9798400700507}, doi = {10.1145/3576915.3616620}, keywords = {cryptolibs, leakage, side-channel, cryptoimplementations}, } ++ ==== 2022==== * **“They’re not that hard to mitigate”: What Cryptographic Library Developers Think About Timing Attacks**\\ [[:publications:authors:jan-jancar|Jan Jancar]], [[:publications:authors:marcel-fourne|Marcel Fourné]], [[:publications:authors:daniel-de-almeida-braga|Daniel De Almeida Braga]], [[:publications:authors:mohamed-sabt|Mohamed Sabt]], [[:publications:authors:peter-schwabe|Peter Schwabe]], [[:publications:authors:gilles-barthe|Gilles Barthe]], [[:publications:authors:pierre-alain-fouque|Pierre-Alain Fouque]] and [[:publications:authors:yasemin-acar|Yasemin Acar]],\\ //43rd IEEE Symposium on Security and Privacy//, IEEE, 2022.\\ Keywords: [[:publications:keywords:constant-time|constant-time]], [[:publications:keywords:cryptoimplementations|cryptoimplementations]], [[:publications:keywords:usablesec|usablesec]], [[:publications:keywords:libraries|libraries]], [[:publications:keywords:side-channel|side-channel]], {{:publications:pdf:2022-sp-jancar.pdf|pre-print PDF}}, ++ BibTeX |@InProceedings{2022-sp-jancar, title = {“They’re not that hard to mitigate”: What Cryptographic Library Developers Think About Timing Attacks}, author = {Jan Jancar and Marcel Fourné and Daniel De Almeida Braga and Mohamed Sabt and Peter Schwabe and Gilles Barthe and Pierre-Alain Fouque and Yasemin Acar}, booktitle = {43rd IEEE Symposium on Security and Privacy}, publisher = {IEEE}, address = {San Francisco}, location = {San Francisco}, year = {2022}, keywords = {constant-time, cryptoimplementations, usablesec, libraries, side-channel}, language = {eng}, } ++ ==== 2021==== * **A formula for disaster: a unified approach to elliptic curve special-point-based attacks**\\ [[:publications:authors:vladimir-sedlacek|Vladimir Sedlacek]], [[:publications:authors:jesus-javier-chi-dominguez|Jesús-Javier Chi-Domínguez]], [[:publications:authors:jan-jancar|Jan Jancar]] and [[:publications:authors:billy-bob-brumley|Billy Bob Brumley]],\\ //Advances in Cryptology – ASIACRYPT 2021//, Springer, 2021.\\ Keywords: [[:publications:keywords:ecc|ecc]], [[:publications:keywords:cryptoimplementations|cryptoimplementations]], [[:publications:keywords:libraries|libraries]], [[:publications:keywords:side-channel|side-channel]], {{:publications:pdf:2021-asiacrypt-formulas.pdf|pre-print PDF}}, ++ BibTeX |@InProceedings{2021-asiacrypt-formulas, title = {A formula for disaster: a unified approach to elliptic curve special-point-based attacks}, author = {Vladimir Sedlacek and Jesús-Javier Chi-Domínguez and Jan Jancar and Billy Bob Brumley}, booktitle = {Advances in Cryptology – ASIACRYPT 2021}, publisher = {Springer}, year = {2021}, isbn = {978-3-030-64837-4}, keywords = {ECC, cryptoimplementations, libraries, side-channel}, } ++ ==== 2020==== * **Fooling primality tests on smartcards**\\ [[:publications:authors:vladimir-sedlacek|Vladimir Sedlacek]], [[:publications:authors:jan-jancar|Jan Jancar]] and [[:publications:authors:petr-svenda|Petr Svenda]],\\ //25th European Symposium on Research in Computer Security (ESORICS) 2020//, Springer, 2020.\\ Keywords: [[:publications:keywords:ecc|ecc]], [[:publications:keywords:primality|primality]], [[:publications:keywords:pseudoprimes|pseudoprimes]], [[:publications:keywords:smartcards|smartcards]], [[:publications:keywords:cryptoimplementations|cryptoimplementations]], {{:publications:pdf:2020-esorics-foolingprimes.pdf|pre-print PDF}}, [[http://dx.doi.org/10.1007/978-3-030-59013-0\_11|DOI website]], ++ BibTeX |@InProceedings{2020-esorics-foolingprimes, title = {Fooling primality tests on smartcards}, author = {Vladimir Sedlacek and Jan Jancar and Petr Svenda}, booktitle = {25th European Symposium on Research in Computer Security (ESORICS) 2020}, publisher = {Springer}, year = {2020}, doi = {10.1007/978-3-030-59013-0\_11}, keywords = {ECC, primality, pseudoprimes, smartcards, cryptoimplementations}, } ++ * **Minerva: The curse of ECDSA nonces; Systematic analysis of lattice attacks on noisy leakage of bit-length of ECDSA nonces**\\ [[:publications:authors:jan-jancar|Jan Jancar]], [[:publications:authors:vladimir-sedlacek|Vladimir Sedlacek]], [[:publications:authors:petr-svenda|Petr Svenda]] and [[:publications:authors:marek-sys|Marek Sys]],\\ //Conference on Cryptographic Hardware and Embedded Systems (CHES) 2020//, Ruhr-University of Bochum, Transactions on Cryptographic Hardware and Embedded Systems, 2020.\\ Keywords: [[:publications:keywords:ecc|ecc]], [[:publications:keywords:smartcards|smartcards]], [[:publications:keywords:libraries|libraries]], [[:publications:keywords:leakage|leakage]], [[:publications:keywords:side-channel|side-channel]], [[:publications:keywords:cryptoimplementations|cryptoimplementations]], [[http://dx.doi.org/10.13154/tches.v2020.i4.281-308|DOI website]], ++ BibTeX |@InProceedings{2020-tches-minerva, title = {Minerva: The curse of ECDSA nonces; Systematic analysis of lattice attacks on noisy leakage of bit-length of ECDSA nonces}, author = {Jan Jancar and Vladimir Sedlacek and Petr Svenda and Marek Sys}, booktitle = {Conference on Cryptographic Hardware and Embedded Systems (CHES) 2020}, publisher = {Ruhr-University of Bochum, Transactions on Cryptographic Hardware and Embedded Systems}, year = {2020}, issn = {2569-2925}, doi = {10.13154/tches.v2020.i4.281-308}, keywords = {ECC, smartcards, libraries, leakage, side-channel, cryptoimplementations}, } ++