~~NOTOC~~ ====== Keyword: Cryptoimplementations ====== If you have published anything not in the list, please add the bibliography entry to the list. Instructions can be found in the [[https://gitlab.fi.muni.cz/labak/wiki-publications|GitLab repository]] Note down also the information on rejections and authorship percentages. We keep track of our lab efforts and author shares are useful for dissertation proposal/dissertation/habilitation/... There is a [[:internal:crocs:submissions|dedicated page where to write them]]. ==== 2024==== * **“These results must be false”: A usability evaluation of constant-time analysis tools**\\ [[:publications:authors:marcel-fourne|Marcel Fourné]], [[:publications:authors:daniel-de-almeida-braga|Daniel De Almeida Braga]], [[:publications:authors:jan-jancar|Jan Jancar]], [[:publications:authors:mohamed-sabt|Mohamed Sabt]], [[:publications:authors:peter-schwabe|Peter Schwabe]], [[:publications:authors:gilles-barthe|Gilles Barthe]], [[:publications:authors:pierre-alain-fouque|Pierre-Alain Fouque]] and [[:publications:authors:yasemin-acar|Yasemin Acar]],\\ //Proceedings of the 33rd USENIX Security Symposium//, USENIX Association, 2024, to appear.\\ Keywords: [[:publications:keywords:constant-time|constant-time]], [[:publications:keywords:cryptoimplementations|cryptoimplementations]], [[:publications:keywords:usablesec|usablesec]], [[:publications:keywords:libraries|libraries]], [[:publications:keywords:side-channel|side-channel]], {{:publications:pdf:2024-usenix-jancar.pdf|pre-print PDF}}, ++ BibTeX |@InProceedings{2024-usenix-jancar, title = {“These results must be false”: A usability evaluation of constant-time analysis tools}, author = {Marcel Fourné and Daniel De Almeida Braga and Jan Jancar and Mohamed Sabt and Peter Schwabe and Gilles Barthe and Pierre-Alain Fouque and Yasemin Acar}, booktitle = {Proceedings of the 33rd USENIX Security Symposium}, pages = {to appear}, publisher = {USENIX Association}, year = {2024}, keywords = {constant-time, cryptoimplementations, usablesec, libraries, side-channel}, } ++ ==== 2023==== * **Optical Cryptanalysis: Recovering Cryptographic Keys from Power LED Light Fluctuations**\\ [[:publications:authors:ben-nassi|Ben Nassi]], [[:publications:authors:ofek-vayner|Ofek Vayner]], [[:publications:authors:etay-iluz|Etay Iluz]], [[:publications:authors:dudi-nassi|Dudi Nassi]], [[:publications:authors:or-hai-cohen|Or Hai Cohen]], [[:publications:authors:jan-jancar|Jan Jancar]], [[:publications:authors:daniel-genkin|Daniel Genkin]], [[:publications:authors:eran-tromer|Eran Tromer]], [[:publications:authors:boris-zadov|Boris Zadov]] and [[:publications:authors:yuval-elovici|Yuval Elovici]],\\ //30th ACM Conference on Computer and Communications Security (CCS'2023)//, ACM, 2023, 268–280.\\ Keywords: [[:publications:keywords:cryptolibs|cryptolibs]], [[:publications:keywords:leakage|leakage]], [[:publications:keywords:side-channel|side-channel]], [[:publications:keywords:cryptoimplementations|cryptoimplementations]], [[http://dx.doi.org/10.1145/3576915.3616620|DOI website]], ++ BibTeX |@InProceedings{2023-ccs-jancar, title = {Optical Cryptanalysis: Recovering Cryptographic Keys from Power LED Light Fluctuations}, author = {Ben Nassi and Ofek Vayner and Etay Iluz and Dudi Nassi and Or Hai Cohen and Jan Jancar and Daniel Genkin and Eran Tromer and Boris Zadov and Yuval Elovici}, booktitle = {30th ACM Conference on Computer and Communications Security (CCS'2023)}, pages = {268–280}, publisher = {ACM}, address = {New York, NY, USA}, year = {2023}, isbn = {9798400700507}, doi = {10.1145/3576915.3616620}, keywords = {cryptolibs, leakage, side-channel, cryptoimplementations}, } ++ ==== 2022==== * **“They’re not that hard to mitigate”: What Cryptographic Library Developers Think About Timing Attacks**\\ [[:publications:authors:jan-jancar|Jan Jancar]], [[:publications:authors:marcel-fourne|Marcel Fourné]], [[:publications:authors:daniel-de-almeida-braga|Daniel De Almeida Braga]], [[:publications:authors:mohamed-sabt|Mohamed Sabt]], [[:publications:authors:peter-schwabe|Peter Schwabe]], [[:publications:authors:gilles-barthe|Gilles Barthe]], [[:publications:authors:pierre-alain-fouque|Pierre-Alain Fouque]] and [[:publications:authors:yasemin-acar|Yasemin Acar]],\\ //43rd IEEE Symposium on Security and Privacy//, IEEE, 2022.\\ Keywords: [[:publications:keywords:constant-time|constant-time]], [[:publications:keywords:cryptoimplementations|cryptoimplementations]], [[:publications:keywords:usablesec|usablesec]], [[:publications:keywords:libraries|libraries]], [[:publications:keywords:side-channel|side-channel]], {{:publications:pdf:2022-sp-jancar.pdf|pre-print PDF}}, ++ BibTeX |@InProceedings{2022-sp-jancar, title = {“They’re not that hard to mitigate”: What Cryptographic Library Developers Think About Timing Attacks}, author = {Jan Jancar and Marcel Fourné and Daniel De Almeida Braga and Mohamed Sabt and Peter Schwabe and Gilles Barthe and Pierre-Alain Fouque and Yasemin Acar}, booktitle = {43rd IEEE Symposium on Security and Privacy}, publisher = {IEEE}, address = {San Francisco}, location = {San Francisco}, year = {2022}, keywords = {constant-time, cryptoimplementations, usablesec, libraries, side-channel}, language = {eng}, } ++ ==== 2021==== * **A formula for disaster: a unified approach to elliptic curve special-point-based attacks**\\ [[:publications:authors:vladimir-sedlacek|Vladimir Sedlacek]], [[:publications:authors:jesus-javier-chi-dominguez|Jesús-Javier Chi-Domínguez]], [[:publications:authors:jan-jancar|Jan Jancar]] and [[:publications:authors:billy-bob-brumley|Billy Bob Brumley]],\\ //Advances in Cryptology – ASIACRYPT 2021//, Springer, 2021.\\ Keywords: [[:publications:keywords:ecc|ecc]], [[:publications:keywords:cryptoimplementations|cryptoimplementations]], [[:publications:keywords:libraries|libraries]], [[:publications:keywords:side-channel|side-channel]], {{:publications:pdf:2021-asiacrypt-formulas.pdf|pre-print PDF}}, ++ BibTeX |@InProceedings{2021-asiacrypt-formulas, title = {A formula for disaster: a unified approach to elliptic curve special-point-based attacks}, author = {Vladimir Sedlacek and Jesús-Javier Chi-Domínguez and Jan Jancar and Billy Bob Brumley}, booktitle = {Advances in Cryptology – ASIACRYPT 2021}, publisher = {Springer}, year = {2021}, isbn = {978-3-030-64837-4}, keywords = {ECC, cryptoimplementations, libraries, side-channel}, } ++ ==== 2020==== * **Biased RSA private keys: Origin attribution of GCD-factorable keys**\\ [[:publications:authors:adam-janovsky|Adam Janovsky]], [[:publications:authors:matus-nemec|Matus Nemec]], [[:publications:authors:petr-svenda|Petr Svenda]], [[:publications:authors:peter-sekan|Peter Sekan]] and [[:publications:authors:vashek-matyas|Vashek Matyas]],\\ //25th European Symposium on Research in Computer Security (ESORICS) 2020//, Springer, 2020.\\ Keywords: [[:publications:keywords:rsa|rsa]], [[:publications:keywords:bias|bias]], [[:publications:keywords:classification|classification]], [[:publications:keywords:smartcard|smartcard]], [[:publications:keywords:cryptoimplementations|cryptoimplementations]], ++ BibTeX |@InProceedings{2020-esorics-privrsabias, title = {Biased RSA private keys: Origin attribution of GCD-factorable keys}, author = {Adam Janovsky and Matus Nemec and Petr Svenda and Peter Sekan and Vashek Matyas}, booktitle = {25th European Symposium on Research in Computer Security (ESORICS) 2020}, publisher = {Springer}, year = {2020}, keywords = {RSA, bias, classification, smartcard, cryptoimplementations}, } ++ * **Fooling primality tests on smartcards**\\ [[:publications:authors:vladimir-sedlacek|Vladimir Sedlacek]], [[:publications:authors:jan-jancar|Jan Jancar]] and [[:publications:authors:petr-svenda|Petr Svenda]],\\ //25th European Symposium on Research in Computer Security (ESORICS) 2020//, Springer, 2020.\\ Keywords: [[:publications:keywords:ecc|ecc]], [[:publications:keywords:primality|primality]], [[:publications:keywords:pseudoprimes|pseudoprimes]], [[:publications:keywords:smartcards|smartcards]], [[:publications:keywords:cryptoimplementations|cryptoimplementations]], {{:publications:pdf:2020-esorics-foolingprimes.pdf|pre-print PDF}}, [[http://dx.doi.org/10.1007/978-3-030-59013-0\_11|DOI website]], ++ BibTeX |@InProceedings{2020-esorics-foolingprimes, title = {Fooling primality tests on smartcards}, author = {Vladimir Sedlacek and Jan Jancar and Petr Svenda}, booktitle = {25th European Symposium on Research in Computer Security (ESORICS) 2020}, publisher = {Springer}, year = {2020}, doi = {10.1007/978-3-030-59013-0\_11}, keywords = {ECC, primality, pseudoprimes, smartcards, cryptoimplementations}, } ++ * **Minerva: The curse of ECDSA nonces; Systematic analysis of lattice attacks on noisy leakage of bit-length of ECDSA nonces**\\ [[:publications:authors:jan-jancar|Jan Jancar]], [[:publications:authors:vladimir-sedlacek|Vladimir Sedlacek]], [[:publications:authors:petr-svenda|Petr Svenda]] and [[:publications:authors:marek-sys|Marek Sys]],\\ //Conference on Cryptographic Hardware and Embedded Systems (CHES) 2020//, Ruhr-University of Bochum, Transactions on Cryptographic Hardware and Embedded Systems, 2020.\\ Keywords: [[:publications:keywords:ecc|ecc]], [[:publications:keywords:smartcards|smartcards]], [[:publications:keywords:libraries|libraries]], [[:publications:keywords:leakage|leakage]], [[:publications:keywords:side-channel|side-channel]], [[:publications:keywords:cryptoimplementations|cryptoimplementations]], [[http://dx.doi.org/10.13154/tches.v2020.i4.281-308|DOI website]], ++ BibTeX |@InProceedings{2020-tches-minerva, title = {Minerva: The curse of ECDSA nonces; Systematic analysis of lattice attacks on noisy leakage of bit-length of ECDSA nonces}, author = {Jan Jancar and Vladimir Sedlacek and Petr Svenda and Marek Sys}, booktitle = {Conference on Cryptographic Hardware and Embedded Systems (CHES) 2020}, publisher = {Ruhr-University of Bochum, Transactions on Cryptographic Hardware and Embedded Systems}, year = {2020}, issn = {2569-2925}, doi = {10.13154/tches.v2020.i4.281-308}, keywords = {ECC, smartcards, libraries, leakage, side-channel, cryptoimplementations}, } ++ * **Privacy-Friendly Monero Transaction Signing on a Hardware Wallet**\\ [[:publications:authors:dusan-klinec|Dusan Klinec]] and [[:publications:authors:vashek-matyas|Vashek Matyas]],\\ //ICT Systems Security and Privacy Protection - 35th IFIP TC 11 International Conference, SEC 2020, Maribor, Slovenia, September 21-23, 2020, Proceedings//, Springer, 2020, volume 580 of {IFIP} Advances in Information and Communication Technology, 338--351.\\ Keywords: [[:publications:keywords:monero|monero]], [[:publications:keywords:bulletproofs|bulletproofs]], [[:publications:keywords:hardware-wallets|hardware wallets]], [[:publications:keywords:cryptocurrencies|cryptocurrencies]], [[:publications:keywords:cryptoimplementations|cryptoimplementations]], {{:publications:pdf:2020-ifipsec-klinec.pdf|pre-print PDF}}, [[http://dx.doi.org/10.1007/978-3-030-58201-2\_23|DOI website]], ++ BibTeX |@InProceedings{2020-ifipsec-klinec, title = {Privacy-Friendly Monero Transaction Signing on a Hardware Wallet}, author = {Dusan Klinec and Vashek Matyas}, booktitle = {{ICT} Systems Security and Privacy Protection - 35th {IFIP} {TC} 11 International Conference, {SEC} 2020, Maribor, Slovenia, September 21-23, 2020, Proceedings}, series = {{IFIP} Advances in Information and Communication Technology}, volume = {580}, pages = {338--351}, publisher = {Springer}, year = {2020}, doi = {10.1007/978-3-030-58201-2\_23}, keywords = {Monero, Bulletproofs, hardware wallets, cryptocurrencies, cryptoimplementations}, } ++ * **Privacy-Friendly Monero Transaction Signing on a Hardware Wallet**\\ [[:publications:authors:dusan-klinec|Dusan Klinec]] and [[:publications:authors:vashek-matyas|Vashek Matyas]],\\ //ICT Systems Security and Privacy Protection - 35th IFIP TC 11 International Conference, SEC 2020, Maribor, Slovenia, September 21-23, 2020, Proceedings//, Springer, 2020, volume 580 of {IFIP} Advances in Information and Communication Technology, 338--351.\\ Keywords: [[:publications:keywords:monero|monero]], [[:publications:keywords:bulletproofs|bulletproofs]], [[:publications:keywords:hardware-wallets|hardware wallets]], [[:publications:keywords:cryptocurrency|cryptocurrency]], [[:publications:keywords:cryptoimplementations|cryptoimplementations]], [[:publications:keywords:smpc|smpc]], {{:publications:pdf:2020-ifipsec-klinec.pdf|pre-print PDF}}, [[http://dx.doi.org/10.1007/978-3-030-58201-2\_23|DOI website]], ++ BibTeX |@InProceedings{2020-ifipsec-klinec, title = {Privacy-Friendly Monero Transaction Signing on a Hardware Wallet}, author = {Dusan Klinec and Vashek Matyas}, booktitle = {{ICT} Systems Security and Privacy Protection - 35th {IFIP} {TC} 11 International Conference, {SEC} 2020, Maribor, Slovenia, September 21-23, 2020, Proceedings}, series = {{IFIP} Advances in Information and Communication Technology}, volume = {580}, pages = {338--351}, publisher = {Springer}, year = {2020}, doi = {10.1007/978-3-030-58201-2\_23}, keywords = {Monero, Bulletproofs, hardware wallets, cryptocurrency, cryptoimplementations, SMPC}, } ++ ==== 2019==== * **I Want to Break Square-free: The 4p−1 Factorization Method and Its RSA Backdoor Viability**\\ [[:publications:authors:vladimir-sedlacek|Vladimir Sedlacek]], [[:publications:authors:dusan-klinec|Dusan Klinec]], [[:publications:authors:marek-sys|Marek Sys]], [[:publications:authors:petr-svenda|Petr Svenda]] and [[:publications:authors:vashek-matyas|Vashek Matyas]],\\ //Proceedings of the 16th International Joint Conference on e-Business and Telecommunications (ICETE 2019) - Volume 2: SECRYPT//, SciTePress, 2019, 25-36.\\ Keywords: [[:publications:keywords:ecc|ecc]], [[:publications:keywords:factorization|factorization]], [[:publications:keywords:smartcards|smartcards]], [[:publications:keywords:cryptoimplementations|cryptoimplementations]], {{:publications:pdf:2019-secrypt-sedlacek.pdf|pre-print PDF}}, [[http://dx.doi.org/10.5220/0007786600250036|DOI website]], ++ BibTeX |@Conference{2019-secrypt-sedlacek, title = {I Want to Break Square-free: The 4p−1 Factorization Method and Its RSA Backdoor Viability}, author = {Vladimir Sedlacek and Dusan Klinec and Marek Sys and Petr Svenda and Vashek Matyas}, booktitle = {Proceedings of the 16th International Joint Conference on e-Business and Telecommunications (ICETE 2019) - Volume 2: SECRYPT}, pages = {25-36}, organization = {INSTICC}, publisher = {SciTePress}, year = {2019}, isbn = {978-989-758-378-0}, doi = {10.5220/0007786600250036}, keywords = {ECC, factorization, smartcards, cryptoimplementations}, } ++ ==== 2017==== * **Measuring Popularity of Cryptographic Libraries in Internet-Wide Scans**\\ [[:publications:authors:matus-nemec|Matus Nemec]], [[:publications:authors:dusan-klinec|Dusan Klinec]], [[:publications:authors:petr-svenda|Petr Svenda]], [[:publications:authors:peter-sekan|Peter Sekan]] and [[:publications:authors:vashek-matyas|Vashek Matyas]],\\ //Proceedings of the 33rd Annual Computer Security Applications Conference (ACSAC 2017)//, ACM, 2017.\\ Keywords: [[:publications:keywords:cryptolibs|cryptolibs]], [[:publications:keywords:rsa|rsa]], [[:publications:keywords:fingerprinting|fingerprinting]], [[:publications:keywords:smartcard|smartcard]], [[:publications:keywords:cryptoimplementations|cryptoimplementations]], [[http://dx.doi.org/10.1145/3134600.3134612|DOI website]], ++ BibTeX |@InProceedings{2017-acsac-nemec, title = {Measuring Popularity of Cryptographic Libraries in Internet-Wide Scans}, author = {Matus Nemec and Dusan Klinec and Petr Svenda and Peter Sekan and Vashek Matyas}, booktitle = {Proceedings of the 33rd Annual Computer Security Applications Conference (ACSAC 2017)}, publisher = {ACM}, year = {2017}, doi = {10.1145/3134600.3134612}, keywords = {cryptolibs, RSA, fingerprinting, smartcard, cryptoimplementations}, } ++ * **The Return of Coppersmith’s Attack: Practical Factorization of Widely Used RSA Moduli**\\ [[:publications:authors:matus-nemec|Matus Nemec]], [[:publications:authors:marek-sys|Marek Sys]], [[:publications:authors:petr-svenda|Petr Svenda]], [[:publications:authors:dusan-klinec|Dusan Klinec]] and [[:publications:authors:vashek-matyas|Vashek Matyas]],\\ //24th ACM Conference on Computer and Communications Security (CCS'2017)//, ACM, 2017, 1631--1648.\\ Keywords: [[:publications:keywords:rsa|rsa]], [[:publications:keywords:cryptoimplementations|cryptoimplementations]], ++ BibTeX |@InProceedings{2017-ccs-nemec, title = {The Return of Coppersmith’s Attack: Practical Factorization of Widely Used RSA Moduli}, author = {Matus Nemec and Marek Sys and Petr Svenda and Dusan Klinec and Vashek Matyas}, booktitle = {24th ACM Conference on Computer and Communications Security (CCS'2017)}, pages = {1631--1648}, publisher = {ACM}, year = {2017}, isbn = {978-1-4503-4946-8/17/10}, keywords = {RSA, cryptoimplementations}, } ++ ==== 2016==== * **The Million-Key Question -- Investigating the Origins of RSA Public Keys**\\ [[:publications:authors:petr-svenda|Petr Svenda]], [[:publications:authors:matus-nemec|Matus Nemec]], [[:publications:authors:peter-sekan|Peter Sekan]], [[:publications:authors:rudolf-kvasnovsky|Rudolf Kvasnovsky]], [[:publications:authors:david-formanek|David Formanek]], [[:publications:authors:david-komarek|David Komarek]] and [[:publications:authors:vashek-matyas|Vashek Matyas]],\\ //The 25th USENIX Security Symposium (UsenixSec'2016)//, USENIX, 2016, 893--910.\\ Keywords: [[:publications:keywords:rsa|rsa]], [[:publications:keywords:cryptoimplementations|cryptoimplementations]], {{:publications:pdf:2016-usenixsec-svenda.pdf|pre-print PDF}}, ++ BibTeX |@InProceedings{2016-usenixsec-svenda, title = {The Million-Key Question -- Investigating the Origins of RSA Public Keys}, author = {Petr Svenda and Matus Nemec and Peter Sekan and Rudolf Kvasnovsky and David Formanek and David Komarek and Vashek Matyas}, booktitle = {The 25th USENIX Security Symposium (UsenixSec'2016)}, pages = {893--910}, publisher = {USENIX}, year = {2016}, isbn = {978-1-931971-32-4}, keywords = {RSA, cryptoimplementations}, } ++