This is an old revision of the document!


RNDr. Petr Švenda, Ph.D., assistant professor

<columns 100% 21% 79%>


Security researcher at
CRoCS laboratory at
Faculty of Informatics at
Masaryk University in
Brno, Czech Republic.
Mail: svenda@fi.muni.cz
ORCID: 0000-0002-9784-7624
Twitter: @rngsec
PGP: 0x89CEB31C
Office: FIMU A406


My social links
Google Scholar
ResearchGate
Academia.edu
MUNI portal
LinkedIn
Twitter @rngsec
GitHub @petrs

Courses I teach
Low-level programming in C
Security technologies
Secure coding
Secure network design
Domain-specific devel C/C++

My coding and other projects
JCAlgTest (smartcards)
JCMathLib (smartcards)
RSA key classifier (crypto)
WSNProtectLayer (wsn/IoT)
EACirc (randomness)
APDUPlay (smartcards)
Secure MPC (smartcards)
My astrophotography (astro)

<newcolumn>

I'm computer security researcher, lecturer and active member of Centre for Research on Cryptography and Security (CRoCS). My main research areas are cryptographic protocols for limited devices, analysis and use of secure hardware and randomness assesment and entropy extraction. I also enjoy programming, especially in area of security-sensitive applications. The text below is an attempt to put my work into some context.

See full list of my publications. Read about research topics in CRoCS lab here. My older homepage is still available.

Secure hardware

I have a strong passion for cryptographic smartcards, both for the research and development topics. We recently analyzed millions RSA keys extracted from smartcards to detect biases in generated public keys (USENIXSec'16, best paper award). Our follow-up work on RSA key generation analysis was accepted for this year ACM CCS 2017. The more precise method to measure popularity of cryptographic libraries in internet-wide scans was accepted for ACSAC 2017. I co-developed library for Bignat and ECPoint for JavaCard platform which requires no vendor proprietary API JCMathLib showcased at BlackHat 2017. The compromise-resistant signing and key generation via secure multiparty computation protocol on a grid of smartcards was showcased at DEFCON 2017 and accepted for publication at ACM CCS 2017. In 2006 I started and still maintain the largest open-source database of performance and algorithmic support tests of smartcards with JavaCard platform (JCAlgTest project). I was involved in the laboratory testing of the resilience of smartcards hardware against power and fault analysis, reverse engineering of JavaCard bytecode from the power trace (paper), security code review of JavaCard applets and applications development. I worked on data retention compliant logging for AN.ON anonymity service at TU Dresden (paper) and massively parallel cloud security hardware platform (paper).

Randomness and entropy extraction

We work on non-tradition randomness testing battery based on genetic programming (EACirc project) with statistical tests continually adapted to analyzed binary sequence to find defects in cryptographic functions (paper). We also aim to provide guidance which part of an analyzed function is responsible for the observed defect. We proposed lightweight yet powerful bias detection method based on boolean functions ( Secrypt 2017) with detection of previously unknown biases in Java Random and C rand generators. I was involved in practical entropy extractors from hardware sources available on mobile devices, especially from the microphone and camera input (paper, paper).

Wireless Sensor Networks (WSNs)

WSNs were my main Ph.D. research topic with thesis defended in 2009 (The link key security in wireless sensor networks, thesis). We inspect security protocols for networks with the assumption of an inevitability of partial compromise. We proposed several techniques how to maintain reasonably functional and secure network ranging from the node capture resilient key establishment (paper) over key strengthening mechanism called secrecy amplification (paper) to automatic protocol generation (paper). We developed transparent security platform via virtualized radio stack for TinyOS (WSNProtectLayer project).


Teaching and thesis supervision

I teach mostly security and applied cryptography focused courses (see list on the left), commonly with programming as the important component for deeper understanding. I really value feedback and participation - don't leave for yourself what you are happy and unhappy with.

I do supervise bc. and mgr. thesis - read first the list of available topics here and projects we work on. Then ask for a personal meeting - the majority of a thesis I supervise are customized based on a discussion with you. And don't be shy to approach me with your own favorite topic.

</columns>


  • Attackers in Wireless Sensor Networks Will Be Neither Random Nor Jumping – Secrecy Amplification Case
    Radim Ostadal, Petr Svenda and Vashek Matyas,
    International Conference on Cryptology and Network Security (CANS 2016), Springer, 2016.
    Keywords: wsn, BibTeX
  • Avalanche Effect in Improperly Initialized CAESAR Candidates
    Martin Ukrop and Petr Svenda,
    Proceedings 11th Doctoral Workshop on Mathematical and Engineering Methods in Computer Science, Telč, Czech Republic, 21st-23rd October 2016, Open Publishing Association, 2016, volume 233 of Electronic Proceedings in Theoretical Computer Science, 72-81.
    Keywords: eacirc, randomness, pre-print PDF, DOI website, BibTeX
  • New results on reduced-round Tiny Encryption Algorithm using genetic programming
    Karel Kubicek, Jiri Novotny, Petr Svenda and Martin Ukrop,
    IEEE Infocommunications, 2016.
    Keywords: eacirc, randomness, pre-print PDF, paper website, BibTeX
  • Reconsidering Attacker Models in Ad-hoc Networks
    Radim Ostadal, Petr Svenda and Vashek Matyas,
    24th International Workshop on Security Protocols (SPW 2016), Springer, 2016.
    Keywords: wsn, BibTeX
  • The Million-Key Question – Investigating the Origins of RSA Public Keys
    Petr Svenda, Matus Nemec, Peter Sekan, Rudolf Kvasnovsky, David Formanek, David Komarek and Vashek Matyas,
    FI MU Report Series, FIMU-RS-2016-03, Masaryk University, 2016, 1–83.
    Keywords: rsa, BibTeX
  • The Million-Key Question – Investigating the Origins of RSA Public Keys
    Petr Svenda, Matus Nemec, Peter Sekan, Rudolf Kvasnovsky, David Formanek, David Komarek and Vashek Matyas,
    The 25th USENIX Security Symposium (UsenixSec'2016), USENIX, 2016, 893–910.
    Keywords: rsa, cryptoimplementations, pre-print PDF, BibTeX
  • Architecture Considerations for Massively Parallel Hardware Security Platform
    Dan Cvrcek and Petr Svenda,
    The 5th International Conference on Security, Privacy, and Applied Cryptography Engineering (SPACE–2015), LNCS 9354, Springer, 2015, 269–288.
    DOI website, BibTeX
  • Challenges of fiction in network security – perspective of virtualized environments
    Vit Bukac, Radim Ostadal, Petr Svenda, Tatevik Baghdasaryan and Vashek Matyas,
    Cambridge International Workshop on Security Protocols, Springer, 2015.
    BibTeX
  • On Secrecy Amplification Protocols
    Radim Ostadal, Petr Svenda and Vashek Matyas,
    The 9th WISTP International Conference on Information Security Theory and Practice (WISTP–2015), LNCS 9311, Springer, 2015, 3–19.
    Keywords: wsn, DOI website, BibTeX
  • WSNProtectLayer: Security Middleware for Wireless Sensor Networks
    Vashek Matyas, Petr Svenda, Andriy Stetsko, Dusan Klinec, Filip Jurnecka and Martin Stehlik,
    Securing Cyber-Physical Systems, CRC Press, 2015, 119-162.
    Keywords: wsn, DOI website, BibTeX
  • A New Approach to SA in Partially Compromised Networks
    Radim Ostadal, Petr Svenda and Vashek Matyas,
    Security, Privacy, and Applied Cryptography Engineering – 4th Int. Conf., SPACE 2014, LNCS 8804, Springer, 2014.
    Keywords: wsn, BibTeX
  • Constructing empirical tests of randomness
    Marek Sys, Petr Svenda, Martin Ukrop and Vashek Matyas,
    2014 11th International Conference on Security and Cryptography (SECRYPT), 2014, 1–9.
    pre-print PDF, BibTeX
  • Constructing empirical tests of randomness
    Marek Sys, Petr Svenda, Martin Ukrop and Vashek Matyas,
    Proceedings of the 11th International Conference on Security and Cryptography, 2014.
    Keywords: eacirc, randomness, pre-print PDF, DOI website, BibTeX
  • Determining cryptographic distinguishers for eStream and SHA-3 candidate functions with evolutionary circuits
    Petr Svenda, Martin Ukrop and Vashek Matyas,
    E-Business and Telecommunications, Springer Berlin Heidelberg, 2014, 290–305.
    Keywords: eacirc, randomness, pre-print PDF, DOI website, BibTeX
  • On the origin of yet another channel
    Petr Svenda and Vashek Matyas,
    Springer, 2013.
    Keywords: eacirc, pre-print PDF, BibTeX
  • Towards cryptographic function distinguishers with evolutionary circuits
    Petr Svenda, Martin Ukrop and Vashek Matyas,
    Proceedings of the 10th International Conference on Security and Cryptography, 2013, 135–146.
    Keywords: eacirc, randomness, pre-print PDF, DOI website, BibTeX

See full list of my publications.