Petr Švenda

 svenda@fi.muni.cz
 @rngsec      PGP 0x62110517
 Scholar    ORCID  ORCID     GitHub
 Office A406, FI MUNI

Courses I teach
Low-level programming in C (PB071)
Security technologies (PV204)
Secure coding (PA193)
Secure network design (PA197)
PhD seminar on ITSec (PA168)

My coding and other projects
JCAlgTest (#smartcards, JavaCard performance testing)
Myst (#smartcards, Secure multi-party on JavaCards)
JCMathLib (#smartcards, ECPoint&Bignat open library)
RSA key classifier (#crypto, Pubkey to library classificator)
JCProfiler (#smartcards, JavaCard Applet speed profile)
WSNProtectLayer (#wsn/IoT, Transparent enc&auth proxy)
EACirc (#randomness, Randomness testing battery)
APDUPlay (#smartcards, APDU logging and manipulation)
JavaPresso (#smartcards, Source code packer for JavaCard)
My astrophotography pictures (#astro)

doc. Petr Švenda Ph.D. (associate professor)

I'm computer security researcher, lecturer and active member of the Centre for Research on Cryptography and Security at Masaryk University in Brno, Czech Republic. My main research areas are cryptographic protocols for limited devices, analysis and use of secure hardware and randomness assesment and entropy extraction. I also enjoy programming, especially in area of security-sensitive applications.

Current aim of my research

“I want to empower people running secure multiparty protocols on cryptographic smartcards.”

See full list of my publications. Read about research topics in CRoCS lab here. My older homepage is still available.

I have a strong passion for cryptographic smartcards, both for the research and development topics. We recently analyzed millions RSA keys extracted from smartcards to detect biases in generated public keys (USENIXSec'16, best paper award). Our follow-up lead to discovery of the weak RSA key generation algorithm on Infineon smartcards known as ROCA vulnerability (CVE-2017-15361) received The Real-World Impact award at ACM CCS 2017. The more precise method to measure the popularity of cryptographic libraries detects the significant variation in a source of certificates submitted weekly to Certificate Transparency and shows that OpenSSL is more popular than ever in internet-wide scans (ACSAC 2017).

The compromise-resistant ECC-based signing and key generation via secure multiparty computation protocol on a grid of smartcards was showcased at DEFCON 2017 with all details published at ACM CCS 2017. I co-developed library for Bignat and ECPoint for JavaCard platform which requires no vendor proprietary API JCMathLib showcased at BlackHat 2017 and used in ACM CCS 2017 prototype. In 2006 I started and still maintain the largest open-source database of performance and algorithmic support tests of smartcards with JavaCard platform (JCAlgTest project). I was involved in the laboratory testing of the resilience of smartcards hardware against power and fault analysis, reverse engineering of JavaCard bytecode from the power trace (paper), security code review of JavaCard applets and applications development. I worked on data retention compliant logging for AN.ON anonymity service at TU Dresden (paper) and massively parallel cloud security hardware platform (paper).

We work on non-tradition randomness testing battery based on genetic programming (EACirc project) with statistical tests continually adapted to analyzed binary sequence to find defects in cryptographic functions (paper). We also aim to provide guidance which part of an analyzed function is responsible for the observed defect. We proposed lightweight yet powerful bias detection method based on boolean functions (Secrypt 2017) with detection of previously unknown biases in Java Random and C rand generators. I was involved in practical entropy extractors from hardware sources available on mobile devices, especially from the microphone and camera input (paper, paper).

WSNs were my main Ph.D. research topic with thesis defended in 2009 (The link key security in wireless sensor networks, thesis). We inspect security protocols for networks with the assumption of an inevitability of partial compromise. We proposed several techniques how to maintain reasonably functional and secure network ranging from the node capture resilient key establishment (paper) over key strengthening mechanism called secrecy amplification (paper) to automatic protocol generation (paper). We developed transparent security platform via virtualized radio stack for TinyOS (WSNProtectLayer project).


I teach mostly security and applied cryptography focused courses (see list on the left), commonly with programming as the important component for deeper understanding. I really value feedback and participation - don't leave for yourself what you are happy and unhappy with.

I do supervise bc. and mgr. thesis - read first the list of available topics here and projects we work on. Then ask for a personal meeting - the majority of the thesis I supervise are customized based on a discussion with you. And don't be shy to approach me with your own favorite topic.


  • Chain of Trust: Unraveling References Among Common Criteria Certified Products
    Adam Janovsky, Lukasz Chmielewski, Petr Svenda, Jan Jancar and Vashek Matyas,
    IFIP International Conference on ICT Systems Security and Privacy Protection, Springer Nature Switzerland, 2024, .
    Keywords: sec-certs, DOI website, paper website, BibTeX
  • TPMScan: A wide-scale study of security-relevant properties of TPM 2.0 chips
    Petr Svenda, Antonin Dufka, Milan Broz, Roman Lacko, Tomas Jaros, Daniel Zatovic and Josef Pospisil,
    IACR Transactions on Cryptographic Hardware and Embedded Systems, IACR, 2024, 714–734.
    Keywords: tpm, rsa, ecc, cc, fips140, sidechannel, pre-print PDF, DOI website, paper website, BibTeX
  • The Power of Many: Securing Organisational Identity Through Distributed Key Management
    Mariia Bakhtina, Jan Kvapil, Petr Svenda and Matulevicius Raimundas,
    Advanced Information Systems Engineering, Springer Nature Switzerland, 2024, 475–491.
    Keywords: distributed control, key management, organisational digital identity, security, threshold signatures, zero trust, pre-print PDF, DOI website, BibTeX
  • Trust-minimizing BDHKE-based e-cash mint using secure hardware and distributed computation
    Antonin Dufka, Jakub Janku and Petr Svenda,
    Proceedings of the 19th International Conference on Availability, Reliability and Security, Association for Computing Machinery, 2024.
    Keywords: smartcards, smpc, cryptocurrencies, javacard, e-cash, pre-print PDF, DOI website, paper website, BibTeX
  • pyecsca: Reverse engineering black-box elliptic curve cryptography via side-channel analysis
    Jan Jancar, Vojtech Suchanek, Petr Svenda, Vladimir Sedlacek and Lukasz Chmielewski,
    IACR Transactions on Cryptographic Hardware and Embedded Systems, Ruhr-University of Bochum, 2024, 355–381.
    Keywords: side-channel, ecc, pre-print PDF, DOI website, paper website, BibTeX
  • sec-certs: Examining the security certification practice for better vulnerability mitigation
    Adam Janovsky, Jan Jancar, Petr Svenda, Lukasz Chmielewski, Jiri Michalik and Vashek Matyas,
    Computers & Security, 2024.
    Keywords: sec-certs, DOI website, paper website, BibTeX
  • Enabling Efficient Threshold Signature Computation via Java Card API
    Antonin Dufka and Petr Svenda,
    Proceedings of the 18th International Conference on Availability, Reliability and Security, Association for Computing Machinery, 2023, 11-20.
    Keywords: smartcards, smpc, cryptocurrencies, javacard, pre-print PDF, DOI website, BibTeX
  • The adoption rate of JavaCard features by certified products and open-source projects
    Lukas Zaoral, Antonin Dufka and Petr Svenda,
    Proceedings of the 22nd Smart Card Research and Advanced Application Conference, Lecture Notes in Computer Science, vol 14530, Springer, 2023, 169–189.
    Keywords: cryptographic hardware, javacard, common criteria, fips140, smartcards, DOI website, BibTeX
  • JCAlgTest: Robust identification metadata for certified smartcards
    Petr Svenda, Rudolf Kvasnovsky, Imrich Nagy and Antonin Dufka,
    19th International Conference on Security and Cryptography, INSTICC, 2022, 597–604.
    Keywords: smartcards, javacard, DOI website, BibTeX
  • Large-scale randomness study of security margins for 100+ cryptographic functions
    Dusan Klinec, Marek Sys, Karel Kubicek, Petr Svenda and Vashek Matyas,
    INSTICC, 2022, 134–146.
    DOI website, BibTeX
  • SHINE: Resilience via Practical Interoperability of Multi-party Schnorr Signature Schemes
    Antonin Dufka, Vladimir Sedlacek and Petr Svenda,
    Proceedings of the 19th International Conference on Security and Cryptography, SCITEPRESS, 2022, 305-316.
    Keywords: smartcards, smpc, cryptocurrencies, pre-print PDF, DOI website, BibTeX
  • Biased RSA private keys: Origin attribution of GCD-factorable keys
    Adam Janovsky, Matus Nemec, Petr Svenda, Peter Sekan and Vashek Matyas,
    25th European Symposium on Research in Computer Security (ESORICS) 2020, Springer, 2020.
    Keywords: rsa, bias, classification, smartcard, cryptoimplementations, BibTeX
  • Fooling primality tests on smartcards
    Vladimir Sedlacek, Jan Jancar and Petr Svenda,
    25th European Symposium on Research in Computer Security (ESORICS) 2020, Springer, 2020.
    Keywords: ecc, primality, pseudoprimes, smartcards, cryptoimplementations, pre-print PDF, DOI website, BibTeX
  • JCMathLib: Wrapper Cryptographic Library for Transparent and Certifiable JavaCard Applets
    Vasilios Mavroudis and Petr Svenda,
    IEEE, 2020, 64–71.
    Keywords: ecc, smartcards, opentools, smpc, DOI website, BibTeX
  • Minerva: The curse of ECDSA nonces; Systematic analysis of lattice attacks on noisy leakage of bit-length of ECDSA nonces
    Jan Jancar, Vladimir Sedlacek, Petr Svenda and Marek Sys,
    Conference on Cryptographic Hardware and Embedded Systems (CHES) 2020, Ruhr-University of Bochum, Transactions on Cryptographic Hardware and Embedded Systems, 2020.
    Keywords: ecc, smartcards, libraries, leakage, side-channel, cryptoimplementations, DOI website, BibTeX
  • BoolTest: The Fast Randomness Testing Strategy Based on Boolean Functions with Application to DES, 3-DES, MD5, MD6 and SHA-256
    Marek Sys, Dusan Klinec, Karel Kubicek and Petr Svenda,
    E-Business and Telecommunications, Springer International Publishing, 2019, 123–149.
    Keywords: randomness, hypothesis, boolean, BibTeX
  • Efficient On-Chip Randomness Testing Utilizing Machine Learning Techniques
    Vojtech Mrazek, Marek Sys and Petr Svenda,
    IEEE Transactions on Very Large Scale Integration (VLSI) Systems, IEEE, 2019.
    Keywords: fpga, genetic-algorithms, randomness, distinguishers, DOI website, BibTeX
  • Evaluating Dynamic Approaches to Key (Re-)Establishment in Wireless Sensor Networks
    Lukas Nemec, Vashek Matyas, Radim Ostadal, Petr Svenda and Pierre-Louis Palant,
    Sensors, Multidisciplinary Digital Publishing Institute, 2019.
    Keywords: wsn, DOI website, paper website, BibTeX
  • I Want to Break Square-free: The 4p−1 Factorization Method and Its RSA Backdoor Viability
    Vladimir Sedlacek, Dusan Klinec, Marek Sys, Petr Svenda and Vashek Matyas,
    Proceedings of the 16th International Joint Conference on e-Business and Telecommunications (ICETE 2019) - Volume 2: SECRYPT, SciTePress, 2019, 25-36.
    Keywords: ecc, factorization, smartcards, cryptoimplementations, pre-print PDF, DOI website, BibTeX
  • Adaptive Secrecy Amplification with Radio Channel Key Extraction
    Lukas Nemec, Radim Ostadal, Vashek Matyas and Petr Svenda,
    2018 14th International Conference on Distributed Computing in Sensor Systems (DCOSS), 2018, 123-130.
    Keywords: wsn, DOI website, BibTeX
  • Entropy Crowdsourcing – Protocols for Link Key Updates in Wireless Sensor Networks
    Lukas Nemec, Radim Ostadal, Vashek Matyas and Petr Svenda,
    Security Protocols Workshop XXVI, Springer International Publishing, 2018, 84-92.
    Keywords: wsn, BibTeX
  • A Touch of Evil: High-Assurance Cryptographic Hardware from Untrusted Components
    Vasilios Mavroudis, Andrea Cerulli, Petr Svenda, Dan Cvrcek, Dusan Klinec and George Danezis,
    24th ACM Conference on Computer and Communications Security (CCS'2017), ACM, 2017, 1583–1600.
    Keywords: smartcards, smpc, BibTeX
  • Measuring Popularity of Cryptographic Libraries in Internet-Wide Scans
    Matus Nemec, Dusan Klinec, Petr Svenda, Peter Sekan and Vashek Matyas,
    Proceedings of the 33rd Annual Computer Security Applications Conference (ACSAC 2017), ACM, 2017.
    Keywords: cryptolibs, rsa, fingerprinting, smartcard, cryptoimplementations, DOI website, BibTeX
  • The Efficient Randomness Testing using Boolean Functions
    Marek Sys, Dusan Klinec and Petr Svenda,
    The 14th International Conference on Security and Cryptography (Secrypt'2017), SCITEPRESS, 2017, 92–103.
    Keywords: eacirc, randomness, BibTeX
  • The Return of Coppersmith’s Attack: Practical Factorization of Widely Used RSA Moduli
    Matus Nemec, Marek Sys, Petr Svenda, Dusan Klinec and Vashek Matyas,
    24th ACM Conference on Computer and Communications Security (CCS'2017), ACM, 2017, 1631–1648.
    Keywords: rsa, cryptoimplementations, BibTeX
  • Attackers in Wireless Sensor Networks Will Be Neither Random Nor Jumping – Secrecy Amplification Case
    Radim Ostadal, Petr Svenda and Vashek Matyas,
    International Conference on Cryptology and Network Security (CANS 2016), Springer, 2016.
    Keywords: wsn, BibTeX
  • Avalanche Effect in Improperly Initialized CAESAR Candidates
    Martin Ukrop and Petr Svenda,
    Proceedings 11th Doctoral Workshop on Mathematical and Engineering Methods in Computer Science, Telč, Czech Republic, 21st-23rd October 2016, Open Publishing Association, 2016, volume 233 of Electronic Proceedings in Theoretical Computer Science, 72-81.
    Keywords: eacirc, randomness, pre-print PDF, DOI website, BibTeX
  • New results on reduced-round Tiny Encryption Algorithm using genetic programming
    Karel Kubicek, Jiri Novotny, Petr Svenda and Martin Ukrop,
    IEEE Infocommunications, 2016.
    Keywords: eacirc, randomness, pre-print PDF, paper website, BibTeX
  • Reconsidering Attacker Models in Ad-hoc Networks
    Radim Ostadal, Petr Svenda and Vashek Matyas,
    24th International Workshop on Security Protocols (SPW 2016), Springer, 2016.
    Keywords: wsn, BibTeX
  • The Million-Key Question – Investigating the Origins of RSA Public Keys
    Petr Svenda, Matus Nemec, Peter Sekan, Rudolf Kvasnovsky, David Formanek, David Komarek and Vashek Matyas,
    FI MU Report Series, FIMU-RS-2016-03, Masaryk University, 2016, 1–83.
    Keywords: rsa, BibTeX
  • The Million-Key Question – Investigating the Origins of RSA Public Keys
    Petr Svenda, Matus Nemec, Peter Sekan, Rudolf Kvasnovsky, David Formanek, David Komarek and Vashek Matyas,
    The 25th USENIX Security Symposium (UsenixSec'2016), USENIX, 2016, 893–910.
    Keywords: rsa, cryptoimplementations, pre-print PDF, BibTeX
  • Architecture Considerations for Massively Parallel Hardware Security Platform
    Dan Cvrcek and Petr Svenda,
    The 5th International Conference on Security, Privacy, and Applied Cryptography Engineering (SPACE–2015), LNCS 9354, Springer, 2015, 269–288.
    DOI website, BibTeX
  • Challenges of fiction in network security – perspective of virtualized environments
    Vit Bukac, Radim Ostadal, Petr Svenda, Tatevik Baghdasaryan and Vashek Matyas,
    Cambridge International Workshop on Security Protocols, Springer, 2015.
    BibTeX
  • On Secrecy Amplification Protocols
    Radim Ostadal, Petr Svenda and Vashek Matyas,
    The 9th WISTP International Conference on Information Security Theory and Practice (WISTP–2015), LNCS 9311, Springer, 2015, 3–19.
    Keywords: wsn, DOI website, BibTeX
  • WSNProtectLayer: Security Middleware for Wireless Sensor Networks
    Vashek Matyas, Petr Svenda, Andriy Stetsko, Dusan Klinec, Filip Jurnecka and Martin Stehlik,
    Securing Cyber-Physical Systems, CRC Press, 2015, 119-162.
    Keywords: wsn, DOI website, BibTeX
  • A New Approach to SA in Partially Compromised Networks
    Radim Ostadal, Petr Svenda and Vashek Matyas,
    Security, Privacy, and Applied Cryptography Engineering – 4th Int. Conf., SPACE 2014, LNCS 8804, Springer, 2014.
    Keywords: wsn, BibTeX
  • Constructing empirical tests of randomness
    Marek Sys, Petr Svenda, Martin Ukrop and Vashek Matyas,
    2014 11th International Conference on Security and Cryptography (SECRYPT), 2014, 1–9.
    pre-print PDF, BibTeX
  • Constructing empirical tests of randomness
    Marek Sys, Petr Svenda, Martin Ukrop and Vashek Matyas,
    Proceedings of the 11th International Conference on Security and Cryptography, 2014.
    Keywords: eacirc, randomness, pre-print PDF, DOI website, BibTeX
  • Determining cryptographic distinguishers for eStream and SHA-3 candidate functions with evolutionary circuits
    Petr Svenda, Martin Ukrop and Vashek Matyas,
    E-Business and Telecommunications, Springer Berlin Heidelberg, 2014, 290–305.
    Keywords: eacirc, randomness, pre-print PDF, DOI website, BibTeX
  • On the origin of yet another channel
    Petr Svenda and Vashek Matyas,
    Springer, 2013.
    Keywords: eacirc, pre-print PDF, BibTeX
  • Towards cryptographic function distinguishers with evolutionary circuits
    Petr Svenda, Martin Ukrop and Vashek Matyas,
    Proceedings of the 10th International Conference on Security and Cryptography, 2013, 135–146.
    Keywords: eacirc, randomness, pre-print PDF, DOI website, BibTeX

See full list of my publications.