Publications

2024

  • Chain of Trust: Unraveling References Among Common Criteria Certified Products
    Adam Janovsky, Lukasz Chmielewski, Petr Svenda, Jan Jancar and Vashek Matyas,
    IFIP International Conference on ICT Systems Security and Privacy Protection, Springer Nature Switzerland, 2024, .
    Keywords: sec-certs, DOI website, paper website, BibTeX
  • TPMScan: A wide-scale study of security-relevant properties of TPM 2.0 chips
    Petr Svenda, Antonin Dufka, Milan Broz, Roman Lacko, Tomas Jaros, Daniel Zatovic and Josef Pospisil,
    IACR Transactions on Cryptographic Hardware and Embedded Systems, IACR, 2024, 714–734.
    Keywords: tpm, rsa, ecc, cc, fips140, sidechannel, pre-print PDF, DOI website, paper website, BibTeX
  • Trust-minimizing BDHKE-based e-cash mint using secure hardware and distributed computation
    Antonin Dufka, Jakub Janku and Petr Svenda,
    Proceedings of the 19th International Conference on Availability, Reliability and Security, Association for Computing Machinery, 2024.
    Keywords: smartcards, smpc, cryptocurrencies, javacard, e-cash, pre-print PDF, DOI website, paper website, BibTeX
  • pyecsca: Reverse engineering black-box elliptic curve cryptography via side-channel analysis
    Jan Jancar, Vojtech Suchanek, Petr Svenda, Vladimir Sedlacek and Lukasz Chmielewski,
    IACR Transactions on Cryptographic Hardware and Embedded Systems, Ruhr-University of Bochum, 2024, 355–381.
    Keywords: side-channel, ecc, pre-print PDF, DOI website, paper website, BibTeX
  • sec-certs: Examining the security certification practice for better vulnerability mitigation
    Adam Janovsky, Jan Jancar, Petr Svenda, Lukasz Chmielewski, Jiri Michalik and Vashek Matyas,
    Computers & Security, 2024.
    Keywords: sec-certs, DOI website, paper website, BibTeX

2023

  • Enabling Efficient Threshold Signature Computation via Java Card API
    Antonin Dufka and Petr Svenda,
    Proceedings of the 18th International Conference on Availability, Reliability and Security, Association for Computing Machinery, 2023, 11-20.
    Keywords: smartcards, smpc, cryptocurrencies, javacard, pre-print PDF, DOI website, BibTeX

2022

  • Assessing Real-World Applicability of Redesigned Developer Documentation for Certificate Validation Errors
    Martin Ukrop, Michaela Balážová, Pavol Žáčik, Eric Vincent Valčík and Vashek Matyas,
    Proceedings of the 2022 European Symposium on Usable Security, ACM, 2022, 131-144.
    Keywords: usablesec, red-hat, pre-print PDF, DOI website, BibTeX
  • DiSSECT: Distinguisher of Standard and Simulated Elliptic Curves via Traits
    Vladimir Sedlacek, Vojtech Suchanek, Antonin Dufka, Marek Sys and Vashek Matyas,
    Progress in Cryptology - AFRICACRYPT 2022, Springer Nature Switzerland, 2022, 493-517.
    pre-print PDF, DOI website, BibTeX
  • Even if users do not read security directives, their behavior is not so catastrophic
    Vashek Matyas, Kamil Malinka, Lydia Kraus, Lenka Knapova and Agata Kruzikova,
    Communications of the ACM, ACM, 2022, 37–40.
    Keywords: usablesec, directive, DOI website, BibTeX
  • JCAlgTest: Robust identification metadata for certified smartcards
    Petr Svenda, Rudolf Kvasnovsky, Imrich Nagy and Antonin Dufka,
    19th International Conference on Security and Cryptography, INSTICC, 2022, 597–604.
    Keywords: smartcards, javacard, DOI website, BibTeX
  • SHINE: Resilience via Practical Interoperability of Multi-party Schnorr Signature Schemes
    Antonin Dufka, Vladimir Sedlacek and Petr Svenda,
    Proceedings of the 19th International Conference on Security and Cryptography, SCITEPRESS, 2022, 305-316.
    Keywords: smartcards, smpc, cryptocurrencies, pre-print PDF, DOI website, BibTeX
  • Usability Insights from Establishing TLS Connections
    Lydia Kraus, Matej Grabovsky, Martin Ukrop, Katarina Galanska and Vashek Matyas,
    ICT Systems Security and Privacy Protection, Springer International Publishing, 2022.
    Keywords: usablesec, pre-print PDF, DOI website, BibTeX

2021

  • A formula for disaster: a unified approach to elliptic curve special-point-based attacks
    Vladimir Sedlacek, Jesús-Javier Chi-Domínguez, Jan Jancar and Billy Bob Brumley,
    Advances in Cryptology – ASIACRYPT 2021, Springer, 2021.
    Keywords: ecc, cryptoimplementations, libraries, side-channel, pre-print PDF, BibTeX
  • Challenges Faced by Teaching Assistants in Computer Science Education Across Europe
    Emma Riese, Madeleine Loras, Martin Ukrop and Tomas Effenberger,
    Proceedings of the 2021 ACM Conference on Innovation and Technology in Computer Science Education, ACM, 2021.
    pre-print PDF, DOI website, BibTeX
  • How Do Users Chain Email Accounts Together?
    Lydia Kraus, Maria Svidronova and Elizabeth Stobert,
    IFIP International Conference on ICT Systems Security and Privacy Protection, Springer, Cham, 2021, .
    Keywords: usablesec, pre-print PDF, BibTeX
  • The Stack: Unplugged Activities for Teaching Computer Science (poster)
    Valdemar Svabensky and Martin Ukrop,
    Proceedings of the 52nd ACM Technical Symposium on Computer Science Education, ACM, 2021.
    pre-print PDF, DOI website, BibTeX

2020

  • Biased RSA private keys: Origin attribution of GCD-factorable keys
    Adam Janovsky, Matus Nemec, Petr Svenda, Peter Sekan and Vashek Matyas,
    25th European Symposium on Research in Computer Security (ESORICS) 2020, Springer, 2020.
    Keywords: rsa, bias, classification, smartcard, cryptoimplementations, BibTeX
  • Evolution of SSL/TLS Indicators and Warnings in Web Browsers
    Lydia Kraus, Martin Ukrop, Vashek Matyas and Tobias Fiebig,
    27th International Workshop on Security Protocols (SPW 2019), Springer International Publishing, 2020, 267–280.
    Keywords: usablesec, pre-print PDF, DOI website, BibTeX
  • Fooling primality tests on smartcards
    Vladimir Sedlacek, Jan Jancar and Petr Svenda,
    25th European Symposium on Research in Computer Security (ESORICS) 2020, Springer, 2020.
    Keywords: ecc, primality, pseudoprimes, smartcards, cryptoimplementations, pre-print PDF, DOI website, BibTeX
  • JCMathLib: Wrapper Cryptographic Library for Transparent and Certifiable JavaCard Applets
    Vasilios Mavroudis and Petr Svenda,
    IEEE, 2020, 64–71.
    Keywords: ecc, smartcards, opentools, smpc, DOI website, BibTeX
  • Minerva: The curse of ECDSA nonces; Systematic analysis of lattice attacks on noisy leakage of bit-length of ECDSA nonces
    Jan Jancar, Vladimir Sedlacek, Petr Svenda and Marek Sys,
    Conference on Cryptographic Hardware and Embedded Systems (CHES) 2020, Ruhr-University of Bochum, Transactions on Cryptographic Hardware and Embedded Systems, 2020.
    Keywords: ecc, smartcards, libraries, leakage, side-channel, cryptoimplementations, DOI website, BibTeX
  • Privacy-Friendly Monero Transaction Signing on a Hardware Wallet
    Dusan Klinec and Vashek Matyas,
    ICT Systems Security and Privacy Protection - 35th IFIP TC 11 International Conference, SEC 2020, Maribor, Slovenia, September 21-23, 2020, Proceedings, Springer, 2020, volume 580 of {IFIP} Advances in Information and Communication Technology, 338–351.
    Keywords: monero, bulletproofs, hardware wallets, cryptocurrency, cryptoimplementations, smpc, pre-print PDF, DOI website, BibTeX
  • Teaching Lab: Training Novice Computer Science Teachers (poster)
    Martin Ukrop, Valdemar Svabensky and Imrich Nagy,
    Proceedings of the 2020 ACM Conference on Innovation and Technology in Computer Science Education, ACM, 2020.
    pre-print PDF, DOI website, BibTeX
  • User Testing of Mobile Banking Authentication Methods: UX Testing, User Interviews and Quantitative Survey
    Agata Kruzikova, Lenka Knapova, Ondrej Gabrhelik, David Smahel, Lenka Dedkova, Vashek Matyas, Petr Dolezal and Martina Smahelova,
    Technical report, Masaryk University, 2020.
    pre-print PDF, BibTeX
  • Will You Trust This TLS Certificate? Perceptions of People Working in IT (Extended Version)
    Martin Ukrop, Lydia Kraus and Vashek Matyas,
    Digital Threats: Research and Practice, Association for Computing Machinery, 2020.
    Keywords: usablesec, red-hat, pre-print PDF, DOI website, BibTeX

2019

  • BoolTest: The Fast Randomness Testing Strategy Based on Boolean Functions with Application to DES, 3-DES, MD5, MD6 and SHA-256
    Marek Sys, Dusan Klinec, Karel Kubicek and Petr Svenda,
    E-Business and Telecommunications, Springer International Publishing, 2019, 123–149.
    Keywords: randomness, hypothesis, boolean, BibTeX
  • I Want to Break Square-free: The 4p−1 Factorization Method and Its RSA Backdoor Viability
    Vladimir Sedlacek, Dusan Klinec, Marek Sys, Petr Svenda and Vashek Matyas,
    Proceedings of the 16th International Joint Conference on e-Business and Telecommunications (ICETE 2019) - Volume 2: SECRYPT, SciTePress, 2019, 25-36.
    Keywords: ecc, factorization, smartcards, cryptoimplementations, pre-print PDF, DOI website, BibTeX
  • Postcards from the Post-HTTP World: Amplification of HTTPS Vulnerabilities in the Web Ecosystem
    Stefano Calzavara, Riccardo Focardi, Matus Nemec, Alvise Rabitti and Marco Squarcina,
    2019 IEEE Symposium on Security and Privacy (SP), IEEE, 2019.
    DOI website, BibTeX
  • Reflective Diary for Professional Development of Novice Teachers
    Martin Ukrop, Valdemar Svabensky and Jan Nehyba,
    Proceedings of the 50th ACM Technical Symposium on Computer Science Education, ACM, 2019, 1088–1094.
    pre-print PDF, DOI website, BibTeX
  • Will You Trust This TLS Certificate? Perceptions of People Working in IT
    Martin Ukrop, Lydia Kraus, Vashek Matyas and Heider Ahmad Mutleq Wahsheh,
    Proceedings of the 35rd Annual Computer Security Applications Conference (ACSAC'2019), ACM, 2019.
    Keywords: usablesec, red-hat, pre-print PDF, DOI website, BibTeX

2018

  • A Large-scale Comparative Study of Beta Testers and Regular Users
    Vlasta Stavova, Lenka Dedkova, Martin Ukrop and Vashek Matyas,
    Communications of the ACM, ACM, 2018, 64–71.
    Keywords: usablesec, eset, pre-print PDF, DOI website, BibTeX
  • Why Johnny the Developer Can't Work with Public Key Certificates: An Experimental Study of OpenSSL Usability
    Martin Ukrop and Vashek Matyas,
    Topics in Cryptology – CT-RSA 2018: The Cryptographers' Track at the RSA Conference 2018, Springer International Publishing, 2018, 45–64.
    Keywords: usablesec, red-hat, pre-print PDF, DOI website, BibTeX

2017

  • A Touch of Evil: High-Assurance Cryptographic Hardware from Untrusted Components
    Vasilios Mavroudis, Andrea Cerulli, Petr Svenda, Dan Cvrcek, Dusan Klinec and George Danezis,
    24th ACM Conference on Computer and Communications Security (CCS'2017), ACM, 2017, 1583–1600.
    Keywords: smartcards, smpc, BibTeX
  • Measuring Popularity of Cryptographic Libraries in Internet-Wide Scans
    Matus Nemec, Dusan Klinec, Petr Svenda, Peter Sekan and Vashek Matyas,
    Proceedings of the 33rd Annual Computer Security Applications Conference (ACSAC 2017), ACM, 2017.
    Keywords: cryptolibs, rsa, fingerprinting, smartcard, cryptoimplementations, DOI website, BibTeX
  • The Return of Coppersmith’s Attack: Practical Factorization of Widely Used RSA Moduli
    Matus Nemec, Marek Sys, Petr Svenda, Dusan Klinec and Vashek Matyas,
    24th ACM Conference on Computer and Communications Security (CCS'2017), ACM, 2017, 1631–1648.
    Keywords: rsa, cryptoimplementations, BibTeX

2016

  • Avalanche Effect in Improperly Initialized CAESAR Candidates
    Martin Ukrop and Petr Svenda,
    Proceedings 11th Doctoral Workshop on Mathematical and Engineering Methods in Computer Science, Telč, Czech Republic, 21st-23rd October 2016, Open Publishing Association, 2016, volume 233 of Electronic Proceedings in Theoretical Computer Science, 72-81.
    Keywords: eacirc, randomness, pre-print PDF, DOI website, BibTeX
  • New results on reduced-round Tiny Encryption Algorithm using genetic programming
    Karel Kubicek, Jiri Novotny, Petr Svenda and Martin Ukrop,
    IEEE Infocommunications, 2016.
    Keywords: eacirc, randomness, pre-print PDF, paper website, BibTeX
  • Reconsidering Attacker Models in Ad-hoc Networks
    Radim Ostadal, Petr Svenda and Vashek Matyas,
    24th International Workshop on Security Protocols (SPW 2016), Springer, 2016.
    Keywords: wsn, BibTeX
  • The Million-Key Question – Investigating the Origins of RSA Public Keys
    Petr Svenda, Matus Nemec, Peter Sekan, Rudolf Kvasnovsky, David Formanek, David Komarek and Vashek Matyas,
    FI MU Report Series, FIMU-RS-2016-03, Masaryk University, 2016, 1–83.
    Keywords: rsa, BibTeX
  • The Million-Key Question – Investigating the Origins of RSA Public Keys
    Petr Svenda, Matus Nemec, Peter Sekan, Rudolf Kvasnovsky, David Formanek, David Komarek and Vashek Matyas,
    The 25th USENIX Security Symposium (UsenixSec'2016), USENIX, 2016, 893–910.
    Keywords: rsa, cryptoimplementations, pre-print PDF, BibTeX

2015

  • Architecture Considerations for Massively Parallel Hardware Security Platform
    Dan Cvrcek and Petr Svenda,
    The 5th International Conference on Security, Privacy, and Applied Cryptography Engineering (SPACE–2015), LNCS 9354, Springer, 2015, 269–288.
    DOI website, BibTeX
  • On Secrecy Amplification Protocols
    Radim Ostadal, Petr Svenda and Vashek Matyas,
    The 9th WISTP International Conference on Information Security Theory and Practice (WISTP–2015), LNCS 9311, Springer, 2015, 3–19.
    Keywords: wsn, DOI website, BibTeX

2014

2013

2012

2011

2009