Differences

This shows you the differences between two versions of the page.

--- public:research:main [2025-01-19 09:40] – xsvenda
+++ public:research:main [2025-01-28 18:20] (current) – [Usability of cryptographic APIs and tools] xjancar
@@ Line 65: / Line 65: @@
 ** Selected publications: **
+  * [2024] [[https://pyecsca.org/papers.html#pyecsca-reverse-engineering-black-box-elliptic-curve-cryptography-via-side-channel-analysis| Jančár, J.; Suchánek, V.; Švenda P.; Sedláček, V.; Chmielewski, L.:  pyecsca: Reverse engineering black-box elliptic curve cryptography via side-channel analysis]], In IACR Transactions on Cryptographic Hardware and Embedded Systems, Ruhr-University of Bochum, 2024, 355–381. **Received Honorable mention and Best Artifact Award**
   * [2020] Jančár, J.; Sedláček, V.; Sýs, M.; Švenda, P.: [[https://minerva.crocs.fi.muni.cz/| Minerva: The curse of ECDSA nonces; Systematic analysis of lattice attacks on noisy leakage of bit-length of ECDSA nonces]], In IACR Transactions on Cryptographic Hardware and Embedded Systems (CHES) 2020. **Received Best Paper Award**
   * [2020] Klinec D.; Matyas V.: [[:public:papers:monero_ifipsec20| Privacy-Friendly Monero Transaction Signing on a Hardware Wallet]], In IFIP TC 11 International Conference (SEC) 2020.
@@ Line 90: / Line 91: @@
 <collapse id="secapi" collapsed="true">
-**Last update: 17. 01. 2024**
+**Last update: 20. 01. 2025**
 **Contact:**  Vašek Matyáš <matyas@fi.muni.cz>
@@ Line 105: / Line 106: @@
 ** Selected publications: **
+  * [2024] Fourné M., De Almeida Braga D., Jancar J., Sabt M., Schwabe P., Barthe G.,  Fouque P., Acar Y.: [[public:papers:usablect_usenix24|“These results must be false”: A usability evaluation of constant-time analysis tools]], USENIX Security 2024.
   * [2022] Jancar J., Fourné M., De Almeida Braga D., Sabt M., Schwabe P., Barthe G., Fouque P., Acar Y.: [[public:papers:usablect_sp22|“They’re not that hard to mitigate”: What Cryptographic Library Developers Think About Timing Attacks]], IEEE S&P 2022.
   * [2022] Ukrop M., Balážová M., Žáčik P., Valčík E., Matyas V.: [[public:papers:eurousec2022|Assessing Real-World Applicability of Redesigned Developer Documentation for Certificate Validation Errors]], EuroUSEC 2022.
@@ Line 130: / Line 132: @@
 <collapse id="smartcards" collapsed="true">
-**Last update: 23.10.2024**
+**Last update: 19.1.2025**
 **Contact:** Petr Švenda <svenda@fi.muni.cz>
@@ Line 136: / Line 138: @@
 **More information, projects and resources:**
   * **Analysis of cryptographic implementations**
+    * SCRUTINY: tools aggregator [[https://github.com/crocs-muni/scrutiny|GitHib repo]]
     * [[:public:papers:usenix2016| Classification of RSA key origin based on public key only]], accurate popularity of libraries [[:public:papers:acsac2017|for TLS keys]], [[http://crcs.cz/rsapp | online checker]], [[https://github.com/crocs-muni/RSABias|classifier of private keys]]
     * ECTester - ECC implementation tester: [[https://github.com/crocs-muni/ECTester | GitHub repo]]
@@ Line 161: / Line 164: @@
 ** Selected publications: **
-  * [2024] Svenda, P.; Dufka, A.; Broz, M.; Lacko, R.; Jaros, T.; Zatovic, D.; Pospisil, J.: [[https://crocs.fi.muni.cz/papers/tpm_ches2024|TPMScan: A wide-scale study of security-relevant properties of TPM 2.0 chips]], In IACR Transactions on Cryptographic Hardware and Embedded Systems (CHES) 2024.
+  * [2024] Svenda, P.; Dufka, A.; Broz, M.; Lacko, R.; Jaros, T.; Zatovic, D.; Pospisil, J.: [[https://crocs.fi.muni.cz/papers/tpm_ches2024|TPMScan: A wide-scale study of security-relevant properties of TPM 2.0 chips]], In IACR Transactions on Cryptographic Hardware and Embedded Systems (CHES) 2024. **Received Honorable Mention**
   * [2024] Jancar, J.; Suchanek, V.; Svenda, P.; Chmielwski, L.: [[https://crocs.fi.muni.cz/papers/tpm_ches2024|pyecsca: Reverse engineering black-box elliptic curve cryptography via side-channel analysis]], In IACR Transactions on Cryptographic Hardware and Embedded Systems (CHES) 2024.
   * [2020] Jančár, J.; Sedláček, V.; Sýs, M.; Švenda, P.: [[https://minerva.crocs.fi.muni.cz/|Minerva: The curse of ECDSA nonces; Systematic analysis of lattice attacks on noisy leakage of bit-length of ECDSA nonces]], In IACR Transactions on Cryptographic Hardware and Embedded Systems (CHES) 2020. **Received Best Paper Award**
@@ Line 178: / Line 181: @@
 {{ :public:research:curves.png?nolink&120|}}
-Likely the most theoretical and math-heavy research we do, though still with real-world consequences in mind. We approach elliptic curves from many different directions: we study ECC implementations, problems with ECC formulas, ECC key datasets and in general diverse mathematical ideas involving elliptic curves. Sometimes, this requires us to dive into lattice methods as well.
+Likely the most theoretical and math-heavy research we do, though still with real-world consequences in mind. We approach elliptic curves from many different directions: we study ECC implementations, problems with ECC formulas, ECC key datasets, and, in general, diverse mathematical ideas involving elliptic curves. Sometimes, this requires us to dive into lattice methods as well.
 In the past, we were systematically analyzing standardized elliptic curves. Lately, we have been mainly focusing on ECC with respect to side-channel attacks and the involvement of elliptic curves in the Bitcoin protocol.
@@ Line 192: / Line 195: @@
 **More information, projects and resources:**
+  * [[https://github.com/J08nY/pyecsca|PyECSCA (Python Elliptic Curve cryptography Side-Channel Analysis toolkit)]]
+  * [[https://github.com/crocs-muni/minerva|Minerva ECDSA vulnerability repository]]
+  * [[https://crocs-muni.github.io/ECTester/|ECTester (tool for analysis of ECC implementations)]]
   * [[https://dissect.crocs.fi.muni.cz/|DiSSECTion of standard curves]]
   * [[https://neuromancer.sk/std/|Database of standard curves]]
-  * [[https://github.com/crocs-muni/minerva|Minerva ECDSA vulnerability repository]]
-  * [[https://github.com/J08nY/pyecsca|PyECSCA (Python Elliptic Curve cryptography Side-Channel Analysis toolkit)]]
   * [[https://github.com/J08nY/ecgen|ecgen (tool for generating Elliptic curve domain parameters)]]
-  * [[https://crocs-muni.github.io/ECTester/|ECTester (tool for analysis of ECC implementations)]]
   * [[https://github.com/crocs-muni/fooling-primality-tests|Fooling primality tests on smartcards repository]]
   * [[https://github.com/crocs-muni/cm_factorization|4p-1 factorization method repository]]
@@ Line 209: / Line 212: @@
 ** Selected publications: **
+  * [2024] [[:public:papers:dcp_acns| Suchánek, V.; Sedláček, V.; Sýs, M.:  Decompose and conquer: ZVP attacks on GLV curves]], In ACNS - Applied Cryptography and Network Security
+  * [2024] [[https://pyecsca.org/papers.html#pyecsca-reverse-engineering-black-box-elliptic-curve-cryptography-via-side-channel-analysis| Jančár, J.; Suchánek, V.; Švenda P.; Sedláček, V.; Chmielewski, L.:  pyecsca: Reverse engineering black-box elliptic curve cryptography via side-channel analysis]], In IACR Transactions on Cryptographic Hardware and Embedded Systems, Ruhr-University of Bochum, 2024, 355–381. **Received Honorable mention and Best Artifact Award**
   * [2022] [[https://dissect.crocs.fi.muni.cz/| Sedláček, V.; Suchánek, V.; Dufka A.; Sýs, M.; Matyáš, V.:  DiSSECT: Distinguisher of Standard and Simulated Elliptic Curves via Traits]], In Progress in Cryptology - AFRICACRYPT 2022.
   * [2021] [[:public:papers:formulas_asiacrypt21| Sedláček, V.; Chi-Domínguez, J.J.; Jančár, J.; Brumley, B.B.:  A formula for disaster: a unified approach to elliptic curve special-point-based attacks]], In Advances in Cryptology – ASIACRYPT 2021.
@@ Line 261: / Line 266: @@
   * [2015] [[http://www.imt.ro/romjist/Volum18/Number18_1/pdf/02-MSys.pdf| Sýs M., Říha Z.,  Matyáš V., Márton K.,  Suciu A.: On the Interpretation of Results from the NIST Statistical Test Suite]], ROMJIST Journal, 2015.
   * [2014] {{:public:crocs:sys_space_2014.pdf| Sýs M., Říha Z.: Faster randomness testing with NIST STS}},SPACE 2014, Fourth International Conference on Security, Privacy, and Applied Cryptography Engineering, 2014.
-</collapse>
-===== Social and behavioral aspects of security =====
-Our end-user oriented usable security projects focus on computer security and interactions of systems with end-users. We started in our first significant project in this area in 2014, in cooperation with three industrial partners, Faculty of social studies, and Faculty of law.
-The project aimed to identify influences that make users change their risky behavior to more secure one. Four sets of experiments ran in cooperation with commercial companies (ESET, Netsuite and SodatSW). Every experiment targeted a different target group and used a different technique (warning, security dialogue, e-learning, user-friendly password recovery, etc.). This project was unique for the cooperation of three different faculties of MU and three commercial companies, who wanted to understand their users better and increase their products' overall security by improving interfaces and processes used by their end-users.
-We also finished a project in cooperation with the Faculty of social studies and AHEAD Itec/Monet+ company. It aimed at user testing of selected authentication methods (NFC token, smart card with card reader, fingerprint and PIN code). Results from this project are available here: https://crocs.fi.muni.cz/public/papers/2020-tacr-report
-<button icon="fa fa-caret-down" collapse="social">Find out more</button>
-<button  icon="fa fa-file-text-o">[[:publications:keywords:usablesec|Publications]]</button>
-<button icon="fa fa-lightbulb-o">[[:research:usable-sec:main| Internal wiki]]</button>
-<collapse id="social" collapsed="true">
-**Last update: 21. 1. 2021**
-**Contact:** Vašek Matyáš <matyas@fi.muni.cz>, Agáta Kružíková <kruzikova@mail.muni.cz>
-**Involved people:**
-{{:public:crocs:matyas.jpg?50|}}  {{:public:crocs:stavova.jpg?50|}} {{:public:crocs:ukrop.jpg?50|}} {{:public:crocs:janca.jpg?50|}}  {{:public:crocs:malinka.jpg?50|}}
-  * [[https://is.muni.cz/auth/osoba/409872|Agáta Kružíková]] 2016-now
-  * [[https://is.muni.cz/auth/osoba/344|Vašek Matyáš]] 2013-now
-**Former participants:** Radim Janča (2014-2016); Lydia Kraus (2018-2020); Kamil Malinka (2013-2016); Vlasta Šťavová (2014-2019); Martin Ukrop (2016-2018); Lenka Knapová (2018-2020)
-** Selected publications: **
-  * [2018] Stavova, V., Dedkova, L., Ukrop, M., and Matyas, V. (in press). A large-scale comparative study of beta testers and standard users. Communications of the ACM. ACM, 2018, 64–71.
-  * [2017] Stavova, V., Matyas, V., Just M. and Ukrop, M.:Factors Influencing the Purchase of Security Software for Mobile Devices – Case Study, Infocommunications Journal, 2017, 18–23.
-  * [2016] Stavova, V., Matyas, V. and Just M.: Codes v. People: A Comparative Usability Study of Two Password Recovery Mechanisms, WISTP 2016.
-  * [2016] Stavova, V., Matyas, V. and Just M.: On the impact of warning interfaces for enabling the detection of Potentially Unwanted Applications, EuroUSEC 2016.
-  * [2015] {{public:papers:stavova_memics2016.pdf|Stavova, V., Matyas, V. and Malinka K.: The challenge of increasing safe response of antivirus software users, MEMICS 2015.}}
 </collapse>
@@ Line 352: / Line 322: @@
 <collapse id="cryptocurrencies" collapsed="true">
-**Last update: 22. 10. 2024**
+**Last update: 19. 1. 2025**
 **Contact:** Petr Svenda <svenda@fi.muni.cz>
 **More information, projects and resources:**
+  * Tools
+    * BlockSci (fork) adapted to CoinJoins, [[https://github.com/crocs-muni/blocksci|Github repository]]
+    * CoinJoin analysis toolset, [[https://github.com/crocs-muni/coinjoin-analysis|Github repository]]
   * Weak keys detection and analysis
     * Extraction of public keys from Bitcoin blockchain, [[https://github.com/crocs-muni/bitcoin-keys-analysis|Github repository]]
@@ Line 374: / Line 347: @@
 **Involved people:**
+  * [[https://is.muni.cz/auth/osoba/485181|Stanislav Bobon]] 2024-now (BlockSci extensions to CoinJoins)
   * [[https://is.muni.cz/auth/osoba/445281|Antonín Dufka]] 2019-now (threshold cryptography)
-  * [[https://is.muni.cz/auth/osoba/408788|Jan Kvapil]] 2022-now (self sovereign identity)
+  * [[https://is.muni.cz/auth/osoba/484647|Jiri Gavenda]] 2024-now (Wasabi 2.x coinjoin analysis)
+  * [[https://is.muni.cz/auth/osoba/408788|Jan Kvapil]] 2022-now (key usage policies)
+  * [[https://is.muni.cz/auth/osoba/492758|David Rajnoha]] 2022-now (weak BIP32 seeds, JoinMarket analysis)
+  * [[https://is.muni.cz/auth/osoba/540471|Martin Seckar]] 2024-now (key usage policies)
   * [[https://is.muni.cz/auth/osoba/500362|Milan Sorf]] 2022-now (analysis of hardware wallets)
-  * [[https://is.muni.cz/auth/osoba/492758|David Rajnoha]] 2022-now (weak BIP32 seeds)
-  * [[https://is.muni.cz/auth/osoba/525330|Stepan Yakimovich]] 2022-now (Bitcoin pub keys extraction)
   * [[https://is.muni.cz/auth/osoba/4085|Petr Švenda]] 2019-now (project lead, some initial implementations)
-**Former participants:** Dušan Klinec 2017-2022 (Monero on Trezor T, attack on Ledger's Monero); Filip Vass 2021-2022 (EU SSI framework); Denis Varga 2021-2022 (CoinJoin protocols analysis); K. Raczova 2020-2021 (usability of Bitcoin wallets); Adam Parak 2021-2022 (building blocks of hardware wallets); Jan Kubeša 2019-2022 (weak Bitcoin EC keys);
+**Former participants:** Stepan Yakimovich 2022-2023 (Bitcoin pub keys extraction), Dušan Klinec 2017-2022 (Monero on Trezor T, attack on Ledger's Monero); Filip Vass 2021-2022 (EU SSI framework); Denis Varga 2021-2022 (CoinJoin protocols analysis); K. Raczova 2020-2021 (usability of Bitcoin wallets); Adam Parak 2021-2022 (building blocks of hardware wallets); Jan Kubeša 2019-2022 (weak Bitcoin EC keys);
 ** Selected publications: **
@@ Line 396: / Line 371: @@
 We believe that the open-source security tools are crucial not only for the general accessibility, but also to produce more robust secure software and hardware products and their more transparent security certifications. Not only the dedicated testing laboratories, but also end-users shall be able to replicate majority of the steps carried during the certification like Common Criteria or FIPS140-2.
-Existing certification process produces trove of interesting, but hard to automatically process data. We extract, process and analyze these datasets to aid quick identification of potentially vulnerable products, provide ecosystem insight, and reason about the overall state of security. We also map and evaluate the existing open-source security software from several categories including (but not limited to) operating systems, browsers, password managers, and encryption tools. Majority of our other research results are accompanied with open-source tooling.
+Existing certification process produces trove of interesting, but hard to automatically process data. We extract, process and analyze these datasets to aid quick identification of potentially vulnerable products, provide ecosystem insight, and reason about the overall state of security. Majority of our other research results are accompanied with open-source tooling.
@@ Line 403: / Line 378: @@
 <collapse id="opentools" collapsed="true">
-**Last update: 22. 10. 2024**
+**Last update: 21. 1. 2025**
 **Contact: Petr Švenda <svenda@fi.muni.cz> **
@@ Line 412: / Line 387: @@
   * JCAlgTest [[https://github.com/crocs-muni/JCAlgTest | GitHub repository]] - tools for thorough testing of smart card capabilities
   * TPMAlgtest[[https://github.com/crocs-muni/tpm2-algtest | GitHub repository]] - tools for thorough testing of TPM capabilities
+  * SCRUTINY [[https://github.com/crocs-muni/scrutiny | GitHub repository]] - hardware and software security testing and reference profile comparison tools.
 **Involved people:**
   * [[https://is.muni.cz/auth/osoba/168968|Milan Brož]] 2019-now (disk encryption, TPM analysis)
-  * [[https://is.muni.cz/auth/osoba/adamjanovsky|Adam Janovský]] 2020-now (security certificates analysis)
   * [[https://is.muni.cz/auth/osoba/445358|Ján Jančár]] 2018-now (security certificates analysis)
-  * [[https://is.muni.cz/auth/osoba/394036|Lukáš Němec]] 2019-now (existing open-source tools)
+  * [[https://is.muni.cz/auth/osoba/374297|Martin Ukrop]] 2022-now (sec-certs projects lead)
+  * [[https://is.muni.cz/auth/osoba/adamjanovsky|Adam Janovský]] 2020-now (security certificates analysis)
   * [[https://is.muni.cz/auth/osoba/4085|Petr Švenda]] 2019-now (security certificates analysis, continuous  certification tools)
+**Past members:** Lukáš Němec 2019-2022 (existing open-source tools),
 ** Selected publications: **
+  * [2024] Janovsky, A., Jancar, J.; Svenda, P.; Chmielewski, L.; Michalik, J.; Matyas, V.: [[https://arxiv.org/abs/2311.17603|sec-certs: Examining the security certification practice for better vulnerability mitigation]], In Computers and Security journal vol.143, 2024.
+  * [2024] Jancar, J.; Suchanek, V.; Svenda, P.; Sedlacek, V.; Chmielewski, L.: [[https://pyecsca.org|pyecsca: Reverse engineering black-box elliptic curve cryptography via side-channel analysis]], In IACR Transactions on Cryptographic Hardware and Embedded Systems (CHES) 2024. Received Honorable mention and Best artifact awards.
   * [2024] Svenda, P.; Dufka, A.; Broz, M.; Lacko, R.; Jaros, T.; Zatovic, D.; Pospisil, J.: [[https://crocs.fi.muni.cz/papers/tpm_ches2024|TPMScan: A wide-scale study of security-relevant properties of TPM 2.0 chips]], In IACR Transactions on Cryptographic Hardware and Embedded Systems (CHES) 2024.
   * [2022] Petr Svenda, Rudolf Kvasnovsky, Imrich Nagy and Antonin Dufka: [[public:papers:jcalgtest_secrypt22|JCAlgTest: Robust identification metadata for certified smartcards]], In SECRYPT'22
@@ Line 442: / Line 422: @@
 ====== Archived research projects in CRoCS laboratory ======
+<callout type="info" icon="true">Click <button  icon="fa fa-caret-down" collapse="archived">Find out more</button> to see older projects, which are not currently actively pursued further, but may be activated again later (as happened for multiple projects already).
+</callout>
-Below, you can find older projects, which are not currently actively pursued further, but may be activated again later (as happened for multiple projects already).
-<button  icon="fa fa-caret-down" collapse="archived">Find out more</button>
 <collapse id="archived" collapsed="true">
+===== Social and behavioral aspects of security =====
+Our end-user oriented usable security projects focus on computer security and interactions of systems with end-users. We started in our first significant project in this area in 2014, in cooperation with three industrial partners, Faculty of social studies, and Faculty of law.
+The project aimed to identify influences that make users change their risky behavior to more secure one. Four sets of experiments ran in cooperation with commercial companies (ESET, Netsuite and SodatSW). Every experiment targeted a different target group and used a different technique (warning, security dialogue, e-learning, user-friendly password recovery, etc.). This project was unique for the cooperation of three different faculties of MU and three commercial companies, who wanted to understand their users better and increase their products' overall security by improving interfaces and processes used by their end-users.
+We also finished a project in cooperation with the Faculty of social studies and AHEAD Itec/Monet+ company. It aimed at user testing of selected authentication methods (NFC token, smart card with card reader, fingerprint and PIN code). Results from this project are available here: https://crocs.fi.muni.cz/public/papers/2020-tacr-report
+<button icon="fa fa-caret-down" collapse="social">Find out more</button>
+<button  icon="fa fa-file-text-o">[[:publications:keywords:usablesec|Publications]]</button>
+<button icon="fa fa-lightbulb-o">[[:research:usable-sec:main| Internal wiki]]</button>
+**Last update: 21. 1. 2021**
+**Contact:** Vašek Matyáš <matyas@fi.muni.cz>, Agáta Kružíková <kruzikova@mail.muni.cz>
+**Involved people:**
+{{:public:crocs:matyas.jpg?50|}}  {{:public:crocs:stavova.jpg?50|}} {{:public:crocs:ukrop.jpg?50|}} {{:public:crocs:janca.jpg?50|}}  {{:public:crocs:malinka.jpg?50|}}
+  * [[https://is.muni.cz/auth/osoba/409872|Agáta Kružíková]] 2016-now
+  * [[https://is.muni.cz/auth/osoba/344|Vašek Matyáš]] 2013-now
+**Former participants:** Radim Janča (2014-2016); Lydia Kraus (2018-2020); Kamil Malinka (2013-2016); Vlasta Šťavová (2014-2019); Martin Ukrop (2016-2018); Lenka Knapová (2018-2020)
+** Selected publications: **
+  * [2018] Stavova, V., Dedkova, L., Ukrop, M., and Matyas, V. (in press). A large-scale comparative study of beta testers and standard users. Communications of the ACM. ACM, 2018, 64–71.
+  * [2017] Stavova, V., Matyas, V., Just M. and Ukrop, M.:Factors Influencing the Purchase of Security Software for Mobile Devices – Case Study, Infocommunications Journal, 2017, 18–23.
+  * [2016] Stavova, V., Matyas, V. and Just M.: Codes v. People: A Comparative Usability Study of Two Password Recovery Mechanisms, WISTP 2016.
+  * [2016] Stavova, V., Matyas, V. and Just M.: On the impact of warning interfaces for enabling the detection of Potentially Unwanted Applications, EuroUSEC 2016.
+  * [2015] {{public:papers:stavova_memics2016.pdf|Stavova, V., Matyas, V. and Malinka K.: The challenge of increasing safe response of antivirus software users, MEMICS 2015.}}
 ----
@@ Line 708: / Line 722: @@
 </collapse>
-===== Archived projects =====
-<callout type="info" icon="true">Click to see [[:public:research:main_archived | Archived projects]]. Older projects, which are not currently actively pursued further, but may be activated again later (as happened for multiple projects already).
-</callout>