Jan Jancar

2024

Chain of Trust: Unraveling References Among Common Criteria Certified Products
Adam Janovsky, Lukasz Chmielewski, Petr Svenda, Jan Jancar and Vashek Matyas,
IFIP International Conference on ICT Systems Security and Privacy Protection, Springer Nature Switzerland, 2024, .
Keywords: sec-certs, DOI website, paper website, BibTeX

@InProceedings{2024-ifipsec-janovsky,
  title = {Chain of Trust: Unraveling References Among Common Criteria Certified Products},
  author = {Adam Janovsky and Lukasz Chmielewski and Petr Svenda and Jan Jancar and Vashek Matyas},
  booktitle = {IFIP International Conference on ICT Systems Security and Privacy Protection},
  pages = {},
  publisher = {Springer Nature Switzerland},
  address = {Cham},
  year = {2024},
  isbn = {978-3-031-65175-5},
  doi = {10.1007/978-3-031-65175-5_14},
  url = {https://www.sciencedirect.com/science/article/pii/S0167404824001974},
  keywords = {sec-certs},
  edition = {volume 710},
  editor = {Nikolaos Pitropakis, Sokratis Katsikas, Steven Furnell, Konstantinos Markantonakis},
}

Details

pyecsca: Reverse engineering black-box elliptic curve cryptography via side-channel analysis
Jan Jancar, Vojtech Suchanek, Petr Svenda, Vladimir Sedlacek and Lukasz Chmielewski,
IACR Transactions on Cryptographic Hardware and Embedded Systems, Ruhr-University of Bochum, 2024, 355–381.
Keywords: side-channel, ecc, pre-print PDF, DOI website, paper website, BibTeX

@InProceedings{2024-ches-jancar,
  title = {pyecsca: Reverse engineering black-box elliptic curve cryptography via side-channel analysis},
  author = {Jan Jancar and Vojtech Suchanek and Petr Svenda and Vladimir Sedlacek and Lukasz Chmielewski},
  booktitle = {IACR Transactions on Cryptographic Hardware and Embedded Systems},
  publisher = {Ruhr-University of Bochum},
  year = {2024},
  keywords = {side-channel,ecc},
  doi = {10.46586/tches.v2024.i4.355-381},
  url = {https://tches.iacr.org/index.php/TCHES/article/view/11796},
  pages = {355–381},
}

Details

sec-certs: Examining the security certification practice for better vulnerability mitigation
Adam Janovsky, Jan Jancar, Petr Svenda, Lukasz Chmielewski, Jiri Michalik and Vashek Matyas,
Computers & Security, 2024.
Keywords: sec-certs, DOI website, paper website, BibTeX

@Article{2023-seccerts-janovsky,
  title = {sec-certs: Examining the security certification practice for better vulnerability mitigation},
  author = {Adam Janovsky and Jan Jancar and Petr Svenda and Lukasz Chmielewski and Jiri Michalik and Vashek Matyas},
  journal = {Computers & Security},
  volume = {143},
  year = {2024},
  issn = {0167-4048},
  doi = {10.1016/j.cose.2024.103895},
  url = {https://www.sciencedirect.com/science/article/pii/S0167404824001974},
  keywords = {sec-certs},
}

Details

“These results must be false”: A usability evaluation of constant-time analysis tools
Marcel Fourné, Daniel De Almeida Braga, Jan Jancar, Mohamed Sabt, Peter Schwabe, Gilles Barthe, Pierre-Alain Fouque and Yasemin Acar,
Proceedings of the 33rd USENIX Security Symposium, USENIX Association, 2024, to appear.
Keywords: constant-time, cryptoimplementations, usablesec, libraries, side-channel, pre-print PDF, BibTeX

@InProceedings{2024-usenix-jancar,
  title = {“These results must be false”: A usability evaluation of constant-time analysis tools},
  author = {Marcel Fourné and Daniel De Almeida Braga and Jan Jancar and Mohamed Sabt and Peter Schwabe and Gilles Barthe and Pierre-Alain Fouque and Yasemin Acar},
  booktitle = {Proceedings of the 33rd USENIX Security Symposium},
  pages = {to appear},
  publisher = {USENIX Association},
  year = {2024},
  keywords = {constant-time, cryptoimplementations, usablesec, libraries, side-channel},
}

Details

2023

Optical Cryptanalysis: Recovering Cryptographic Keys from Power LED Light Fluctuations
Ben Nassi, Ofek Vayner, Etay Iluz, Dudi Nassi, Or Hai Cohen, Jan Jancar, Daniel Genkin, Eran Tromer, Boris Zadov and Yuval Elovici,
30th ACM Conference on Computer and Communications Security (CCS'2023), ACM, 2023, 268–280.
Keywords: cryptolibs, leakage, side-channel, cryptoimplementations, DOI website, BibTeX

@InProceedings{2023-ccs-jancar,
  title = {Optical Cryptanalysis: Recovering Cryptographic Keys from Power LED Light Fluctuations},
  author = {Ben Nassi and Ofek Vayner and Etay Iluz and Dudi Nassi and Or Hai Cohen and Jan Jancar and Daniel Genkin and Eran Tromer and Boris Zadov and Yuval Elovici},
  booktitle = {30th ACM Conference on Computer and Communications Security (CCS'2023)},
  pages = {268–280},
  publisher = {ACM},
  address = {New York, NY, USA},
  year = {2023},
  isbn = {9798400700507},
  doi = {10.1145/3576915.3616620},
  keywords = {cryptolibs, leakage, side-channel, cryptoimplementations},
}

2022

“They’re not that hard to mitigate”: What Cryptographic Library Developers Think About Timing Attacks
Jan Jancar, Marcel Fourné, Daniel De Almeida Braga, Mohamed Sabt, Peter Schwabe, Gilles Barthe, Pierre-Alain Fouque and Yasemin Acar,
43rd IEEE Symposium on Security and Privacy, IEEE, 2022.
Keywords: constant-time, cryptoimplementations, usablesec, libraries, side-channel, pre-print PDF, BibTeX

@InProceedings{2022-sp-jancar,
  title = {“They’re not that hard to mitigate”: What Cryptographic Library Developers Think About Timing Attacks},
  author = {Jan Jancar and Marcel Fourné and Daniel De Almeida Braga and Mohamed Sabt and Peter Schwabe and Gilles Barthe and Pierre-Alain Fouque and Yasemin Acar},
  booktitle = {43rd IEEE Symposium on Security and Privacy},
  publisher = {IEEE},
  address = {San Francisco},
  location = {San Francisco},
  year = {2022},
  keywords = {constant-time, cryptoimplementations, usablesec, libraries, side-channel},
  language = {eng},
}

Details

2021

A formula for disaster: a unified approach to elliptic curve special-point-based attacks
Vladimir Sedlacek, Jesús-Javier Chi-Domínguez, Jan Jancar and Billy Bob Brumley,
Advances in Cryptology – ASIACRYPT 2021, Springer, 2021.
Keywords: ecc, cryptoimplementations, libraries, side-channel, pre-print PDF, BibTeX

@InProceedings{2021-asiacrypt-formulas,
  title = {A formula for disaster: a unified approach to elliptic curve special-point-based attacks},
  author = {Vladimir Sedlacek and Jesús-Javier Chi-Domínguez and Jan Jancar and Billy Bob Brumley},
  booktitle = {Advances in Cryptology – ASIACRYPT 2021},
  publisher = {Springer},
  year = {2021},
  isbn = {978-3-030-64837-4},
  keywords = {ECC, cryptoimplementations, libraries, side-channel},
}

Details

2020

Fooling primality tests on smartcards
Vladimir Sedlacek, Jan Jancar and Petr Svenda,
25th European Symposium on Research in Computer Security (ESORICS) 2020, Springer, 2020.
Keywords: ecc, primality, pseudoprimes, smartcards, cryptoimplementations, pre-print PDF, DOI website, BibTeX

@InProceedings{2020-esorics-foolingprimes,
  title = {Fooling primality tests on smartcards},
  author = {Vladimir Sedlacek and Jan Jancar and Petr Svenda},
  booktitle = {25th European Symposium on Research in Computer Security (ESORICS) 2020},
  publisher = {Springer},
  year = {2020},
  doi = {10.1007/978-3-030-59013-0\_11},
  keywords = {ECC, primality, pseudoprimes, smartcards, cryptoimplementations},
}

Details

Minerva: The curse of ECDSA nonces; Systematic analysis of lattice attacks on noisy leakage of bit-length of ECDSA nonces
Jan Jancar, Vladimir Sedlacek, Petr Svenda and Marek Sys,
Conference on Cryptographic Hardware and Embedded Systems (CHES) 2020, Ruhr-University of Bochum, Transactions on Cryptographic Hardware and Embedded Systems, 2020.
Keywords: ecc, smartcards, libraries, leakage, side-channel, cryptoimplementations, DOI website, BibTeX

@InProceedings{2020-tches-minerva,
  title = {Minerva: The curse of ECDSA nonces; Systematic analysis of lattice attacks on noisy leakage of bit-length of ECDSA nonces},
  author = {Jan Jancar and Vladimir Sedlacek and Petr Svenda and Marek Sys},
  booktitle = {Conference on Cryptographic Hardware and Embedded Systems (CHES) 2020},
  publisher = {Ruhr-University of Bochum, Transactions on Cryptographic Hardware and Embedded Systems},
  year = {2020},
  issn = {2569-2925},
  doi = {10.13154/tches.v2020.i4.281-308},
  keywords = {ECC, smartcards, libraries, leakage, side-channel, cryptoimplementations},
}

Details