* [2024] [[https://pyecsca.org/papers.html#pyecsca-reverse-engineering-black-box-elliptic-curve-cryptography-via-side-channel-analysis| Jančár, J.; Suchánek, V.; Švenda P.; Sedláček, V.; Chmielewski, L.: pyecsca: Reverse engineering black-box elliptic curve cryptography via side-channel analysis]], In IACR Transactions on Cryptographic Hardware and Embedded Systems, Ruhr-University of Bochum, 2024, 355–381. **Received Honorable mention and Best Artifact Award**
* [2020] Jančár, J.; Sedláček, V.; Sýs, M.; Švenda, P.: [[https://minerva.crocs.fi.muni.cz/| Minerva: The curse of ECDSA nonces; Systematic analysis of lattice attacks on noisy leakage of bit-length of ECDSA nonces]], In IACR Transactions on Cryptographic Hardware and Embedded Systems (CHES) 2020. **Received Best Paper Award**
* [2020] Jančár, J.; Sedláček, V.; Sýs, M.; Švenda, P.: [[https://minerva.crocs.fi.muni.cz/| Minerva: The curse of ECDSA nonces; Systematic analysis of lattice attacks on noisy leakage of bit-length of ECDSA nonces]], In IACR Transactions on Cryptographic Hardware and Embedded Systems (CHES) 2020. **Received Best Paper Award**
* [2020] Klinec D.; Matyas V.: [[:public:papers:monero_ifipsec20| Privacy-Friendly Monero Transaction Signing on a Hardware Wallet]], In IFIP TC 11 International Conference (SEC) 2020.
* [2020] Klinec D.; Matyas V.: [[:public:papers:monero_ifipsec20| Privacy-Friendly Monero Transaction Signing on a Hardware Wallet]], In IFIP TC 11 International Conference (SEC) 2020.
Line 90:
Line 91:
<collapse id="secapi" collapsed="true">
<collapse id="secapi" collapsed="true">
-
**Last update: 17. 01. 2024**
+
**Last update: 20. 01. 2025**
**Contact:** Vašek Matyáš <matyas@fi.muni.cz>
**Contact:** Vašek Matyáš <matyas@fi.muni.cz>
Line 105:
Line 106:
** Selected publications: **
** Selected publications: **
+
* [2024] Fourné M., De Almeida Braga D., Jancar J., Sabt M., Schwabe P., Barthe G., Fouque P., Acar Y.: [[public:papers:usablect_usenix24|“These results must be false”: A usability evaluation of constant-time analysis tools]], USENIX Security 2024.
* [2022] Jancar J., Fourné M., De Almeida Braga D., Sabt M., Schwabe P., Barthe G., Fouque P., Acar Y.: [[public:papers:usablect_sp22|“They’re not that hard to mitigate”: What Cryptographic Library Developers Think About Timing Attacks]], IEEE S&P 2022.
* [2022] Jancar J., Fourné M., De Almeida Braga D., Sabt M., Schwabe P., Barthe G., Fouque P., Acar Y.: [[public:papers:usablect_sp22|“They’re not that hard to mitigate”: What Cryptographic Library Developers Think About Timing Attacks]], IEEE S&P 2022.
* [2022] Ukrop M., Balážová M., Žáčik P., Valčík E., Matyas V.: [[public:papers:eurousec2022|Assessing Real-World Applicability of Redesigned Developer Documentation for Certificate Validation Errors]], EuroUSEC 2022.
* [2022] Ukrop M., Balážová M., Žáčik P., Valčík E., Matyas V.: [[public:papers:eurousec2022|Assessing Real-World Applicability of Redesigned Developer Documentation for Certificate Validation Errors]], EuroUSEC 2022.
* [[:public:papers:usenix2016| Classification of RSA key origin based on public key only]], accurate popularity of libraries [[:public:papers:acsac2017|for TLS keys]], [[http://crcs.cz/rsapp | online checker]], [[https://github.com/crocs-muni/RSABias|classifier of private keys]]
* [[:public:papers:usenix2016| Classification of RSA key origin based on public key only]], accurate popularity of libraries [[:public:papers:acsac2017|for TLS keys]], [[http://crcs.cz/rsapp | online checker]], [[https://github.com/crocs-muni/RSABias|classifier of private keys]]
Likely the most theoretical and math-heavy research we do, though still with real-world consequences in mind. We approach elliptic curves from many different directions: we study ECC implementations, problems with ECC formulas, ECC key datasets and in general diverse mathematical ideas involving elliptic curves. Sometimes, this requires us to dive into lattice methods as well.
+
Likely the most theoretical and math-heavy research we do, though still with real-world consequences in mind. We approach elliptic curves from many different directions: we study ECC implementations, problems with ECC formulas, ECC key datasets, and, in general, diverse mathematical ideas involving elliptic curves. Sometimes, this requires us to dive into lattice methods as well.
In the past, we were systematically analyzing standardized elliptic curves. Lately, we have been mainly focusing on ECC with respect to side-channel attacks and the involvement of elliptic curves in the Bitcoin protocol.
In the past, we were systematically analyzing standardized elliptic curves. Lately, we have been mainly focusing on ECC with respect to side-channel attacks and the involvement of elliptic curves in the Bitcoin protocol.
* [2024] [[:public:papers:dcp_acns| Suchánek, V.; Sedláček, V.; Sýs, M.: Decompose and conquer: ZVP attacks on GLV curves]], In ACNS - Applied Cryptography and Network Security
+
* [2024] [[https://pyecsca.org/papers.html#pyecsca-reverse-engineering-black-box-elliptic-curve-cryptography-via-side-channel-analysis| Jančár, J.; Suchánek, V.; Švenda P.; Sedláček, V.; Chmielewski, L.: pyecsca: Reverse engineering black-box elliptic curve cryptography via side-channel analysis]], In IACR Transactions on Cryptographic Hardware and Embedded Systems, Ruhr-University of Bochum, 2024, 355–381. **Received Honorable mention and Best Artifact Award**
* [2022] [[https://dissect.crocs.fi.muni.cz/| Sedláček, V.; Suchánek, V.; Dufka A.; Sýs, M.; Matyáš, V.: DiSSECT: Distinguisher of Standard and Simulated Elliptic Curves via Traits]], In Progress in Cryptology - AFRICACRYPT 2022.
* [2022] [[https://dissect.crocs.fi.muni.cz/| Sedláček, V.; Suchánek, V.; Dufka A.; Sýs, M.; Matyáš, V.: DiSSECT: Distinguisher of Standard and Simulated Elliptic Curves via Traits]], In Progress in Cryptology - AFRICACRYPT 2022.
* [2021] [[:public:papers:formulas_asiacrypt21| Sedláček, V.; Chi-Domínguez, J.J.; Jančár, J.; Brumley, B.B.: A formula for disaster: a unified approach to elliptic curve special-point-based attacks]], In Advances in Cryptology – ASIACRYPT 2021.
* [2021] [[:public:papers:formulas_asiacrypt21| Sedláček, V.; Chi-Domínguez, J.J.; Jančár, J.; Brumley, B.B.: A formula for disaster: a unified approach to elliptic curve special-point-based attacks]], In Advances in Cryptology – ASIACRYPT 2021.
Line 366:
Line 371:
We believe that the open-source security tools are crucial not only for the general accessibility, but also to produce more robust secure software and hardware products and their more transparent security certifications. Not only the dedicated testing laboratories, but also end-users shall be able to replicate majority of the steps carried during the certification like Common Criteria or FIPS140-2.
We believe that the open-source security tools are crucial not only for the general accessibility, but also to produce more robust secure software and hardware products and their more transparent security certifications. Not only the dedicated testing laboratories, but also end-users shall be able to replicate majority of the steps carried during the certification like Common Criteria or FIPS140-2.
-
Existing certification process produces trove of interesting, but hard to automatically process data. We extract, process and analyze these datasets to aid quick identification of potentially vulnerable products, provide ecosystem insight, and reason about the overall state of security. We also map and evaluate the existing open-source security software from several categories including (but not limited to) operating systems, browsers, password managers, and encryption tools. Majority of our other research results are accompanied with open-source tooling.
+
Existing certification process produces trove of interesting, but hard to automatically process data. We extract, process and analyze these datasets to aid quick identification of potentially vulnerable products, provide ecosystem insight, and reason about the overall state of security. Majority of our other research results are accompanied with open-source tooling.
Line 373:
Line 378:
<collapse id="opentools" collapsed="true">
<collapse id="opentools" collapsed="true">
-
**Last update: 22. 10. 2024**
+
**Last update: 21. 1. 2025**
**Contact: Petr Švenda <svenda@fi.muni.cz> **
**Contact: Petr Švenda <svenda@fi.muni.cz> **
Line 382:
Line 387:
* JCAlgTest [[https://github.com/crocs-muni/JCAlgTest | GitHub repository]] - tools for thorough testing of smart card capabilities
* JCAlgTest [[https://github.com/crocs-muni/JCAlgTest | GitHub repository]] - tools for thorough testing of smart card capabilities
* TPMAlgtest[[https://github.com/crocs-muni/tpm2-algtest | GitHub repository]] - tools for thorough testing of TPM capabilities
* TPMAlgtest[[https://github.com/crocs-muni/tpm2-algtest | GitHub repository]] - tools for thorough testing of TPM capabilities
+
* SCRUTINY [[https://github.com/crocs-muni/scrutiny | GitHub repository]] - hardware and software security testing and reference profile comparison tools.
* [2024] Janovsky, A., Jancar, J.; Svenda, P.; Chmielewski, L.; Michalik, J.; Matyas, V.: [[https://arxiv.org/abs/2311.17603|sec-certs: Examining the security certification practice for better vulnerability mitigation]], In Computers and Security journal vol.143, 2024.
+
* [2024] Jancar, J.; Suchanek, V.; Svenda, P.; Sedlacek, V.; Chmielewski, L.: [[https://pyecsca.org|pyecsca: Reverse engineering black-box elliptic curve cryptography via side-channel analysis]], In IACR Transactions on Cryptographic Hardware and Embedded Systems (CHES) 2024. Received Honorable mention and Best artifact awards.
* [2024] Svenda, P.; Dufka, A.; Broz, M.; Lacko, R.; Jaros, T.; Zatovic, D.; Pospisil, J.: [[https://crocs.fi.muni.cz/papers/tpm_ches2024|TPMScan: A wide-scale study of security-relevant properties of TPM 2.0 chips]], In IACR Transactions on Cryptographic Hardware and Embedded Systems (CHES) 2024.
* [2024] Svenda, P.; Dufka, A.; Broz, M.; Lacko, R.; Jaros, T.; Zatovic, D.; Pospisil, J.: [[https://crocs.fi.muni.cz/papers/tpm_ches2024|TPMScan: A wide-scale study of security-relevant properties of TPM 2.0 chips]], In IACR Transactions on Cryptographic Hardware and Embedded Systems (CHES) 2024.
* [2022] Petr Svenda, Rudolf Kvasnovsky, Imrich Nagy and Antonin Dufka: [[public:papers:jcalgtest_secrypt22|JCAlgTest: Robust identification metadata for certified smartcards]], In SECRYPT'22
* [2022] Petr Svenda, Rudolf Kvasnovsky, Imrich Nagy and Antonin Dufka: [[public:papers:jcalgtest_secrypt22|JCAlgTest: Robust identification metadata for certified smartcards]], In SECRYPT'22