[[https://github.com/crocs-muni/APDUPlay | APDUPlay ]] (**#smartcards**, APDU logging and manipulation)\\
[[https://github.com/crocs-muni/APDUPlay | APDUPlay ]] (**#smartcards**, APDU logging and manipulation)\\
[[https://github.com/petrs/JavaPresso | JavaPresso ]] (**#smartcards**, Source code packer for JavaCard)\\
[[https://github.com/petrs/JavaPresso | JavaPresso ]] (**#smartcards**, Source code packer for JavaCard)\\
-
[[http://astrolight.cz | My astrophotography pictures]] (**#astro**)\\
+
[[https://www.fi.muni.cz/~xsvenda/astrolight/ | My astrophotography pictures]] (**#astro**)\\
</col>
</col>
<col xs="7" sm="8" lg="8">
<col xs="7" sm="8" lg="8">
-
====== RNDr. Petr Švenda Ph.D. ======
+
====== doc. Petr Švenda Ph.D. (associate professor) ======
<TEXT size="large">
<TEXT size="large">
Line 51:
Line 51:
==== Secure hardware ====
==== Secure hardware ====
-
I have a strong passion for cryptographic smartcards, both for the research and development topics. We recently analyzed millions RSA keys extracted from smartcards to detect biases in generated public keys ({{:publications:pdf:2016-usenixsec-svenda.pdf|USENIXSec'16, best paper award}}). Our follow-up lead to discovery of the weak RSA key generation algorithm on Infineon smartcards known as [[https://roca.crocs.fi.muni.cz/ | ROCA vulnerability (CVE-2017-15361)]] received The Real-World Impact award at [[https://acmccs.github.io/papers/ | ACM CCS 2017]]. The more precise method to measure the popularity of cryptographic libraries detects the significant variation in a source of certificates submitted weekly to Certificate Transparency and shows that OpenSSL is more popular than ever in internet-wide scans ([[https://crocs.fi.muni.cz/papers/acsac2017 | ACSAC 2017]]).
+
I have a strong passion for cryptographic smartcards, both for the research and development topics. We recently analyzed millions RSA keys extracted from smartcards to detect biases in generated public keys ({{:publications:pdf:2016-usenixsec-svenda.pdf|USENIXSec'16, best paper award}}). Our follow-up lead to discovery of the weak RSA key generation algorithm on Infineon smartcards known as [[https://roca.crocs.fi.muni.cz/ | ROCA vulnerability (CVE-2017-15361)]] received The Real-World Impact award at [[https://acmccs.github.io/papers/ | ACM CCS 2017]]. The more precise method to measure the popularity of cryptographic libraries detects the significant variation in a source of certificates submitted weekly to Certificate Transparency and shows that OpenSSL is more popular than ever in internet-wide scans ([[https://crocs.fi.muni.cz/papers/acsac2017 |ACSAC 2017]]).
The compromise-resistant ECC-based signing and key generation via secure multiparty computation protocol on a grid of smartcards was showcased at [[https://enigmabridge.com/mpc.html|DEFCON 2017]] with all details published at [[https://trojantolerance.org | ACM CCS 2017]]. I co-developed library for Bignat and ECPoint for JavaCard platform which requires no vendor proprietary API [[http://opencryptojc.org/|JCMathLib]] showcased at [[https://www.blackhat.com/us-17/briefings.html#opencrypto-unchaining-the-javacard-ecosystem | BlackHat 2017]] and used in [[https://trojantolerance.org | ACM CCS 2017]] prototype. In 2006 I started and still maintain the largest open-source database of performance and algorithmic support tests of smartcards with JavaCard platform ([[http://jcalgtest.org |JCAlgTest project]]).
The compromise-resistant ECC-based signing and key generation via secure multiparty computation protocol on a grid of smartcards was showcased at [[https://enigmabridge.com/mpc.html|DEFCON 2017]] with all details published at [[https://trojantolerance.org | ACM CCS 2017]]. I co-developed library for Bignat and ECPoint for JavaCard platform which requires no vendor proprietary API [[http://opencryptojc.org/|JCMathLib]] showcased at [[https://www.blackhat.com/us-17/briefings.html#opencrypto-unchaining-the-javacard-ecosystem | BlackHat 2017]] and used in [[https://trojantolerance.org | ACM CCS 2017]] prototype. In 2006 I started and still maintain the largest open-source database of performance and algorithmic support tests of smartcards with JavaCard platform ([[http://jcalgtest.org |JCAlgTest project]]).