Table of contents

  • This session has been presented April 25, 2014.

Description

  • Speaker

    Cédric Murdica - Secure-IC

Elliptic Curve Cryptography (ECC) is believed to be unbreakable in the black box model, where the cryptanalyst has access to inputs and outputs only. However, it is not enough if the cryptosystem is embedded on a device that is physically accessible to potential attackers. In addition to inputs and outputs, the attacker can study the physical behaviour of the device such as the execution time or the power consumption. These attacks are called side-channel attacks.<br/> In this talk we present some attacks we called Same-Values Analysis. The attacks are named after the same principle: they take advantage of same values occurring within an Elliptic Curve Scalar Multiplication (ECSM). They differ from the targeted implementation or from the method used to detect the occurrence of the same values. In the first part of the talk, we analyse the Unified Formulae and the Side-Channel Atomicity countermeasures. These countermeasures permit to protect against one of the first side-channel attack on ECC: the Simple Power Analysis. We show that these coutermeasures bring vulnerabilities since they succumbs to some of our Same-Values Analysis. The attacks are powerful since the attacker does not need to know the input or output point of the ECSM. Moreover, only a single trace is required to recover all bits of the scalar.<br/> In the second part, we focus on another Same-Values Analysis. It exploits the occurrence of particular points. These points verify that, within an elliptic curve operation (e.g. an addition or a doubling), two distinct intermediate variables have the same values. The attacker chooses the suitable base point such that the particular point will occur during the ECSM only if some conditions of the scalar are met.

Next sessions

  • SoK: Security of the Ascon Modes

    • June 20, 2025 (13:45 - 14:45)

    • IRMAR - Université de Rennes - Campus Beaulieu Bat. 22, RDC, Rennes - Amphi Lebesgue

    Speaker : Charlotte Lefevre - Radboud University

    The Ascon authenticated encryption scheme and hash function of Dobraunig et al (Journal of Cryptology 2021) were recently selected as winner of the NIST lightweight cryptography competition. The mode underlying Ascon authenticated encryption (Ascon-AE) resembles ideas of SpongeWrap, but not quite, and various works have investigated the generic security of Ascon-AE, all covering different attack[…]

  • Comprehensive Modelling of Power Noise via Gaussian Processes with Applications to True Random Number Generators

    • June 27, 2025 (13:45 - 14:45)

    • IRMAR - Université de Rennes - Campus Beaulieu Bat. 22, RDC, Rennes - Amphi Lebesgue

    Speaker : Maciej Skorski - Laboratoire Hubert Curien

    The talk examines power noise modelling through Gaussian Processes for secure True Random Number Generators.   While revisiting one-sided fractional Brownian motion, we obtain novel contributions by quantifying posterior uncertainty in exact analytical form, establishing quasi-stationary properties, and developing rigorous time-frequency analysis. These results are applied to model oscillator[…]

    • Cryptography

    • TRNG

  • CryptoVerif: a computationally-sound security protocol verifier

    • September 05, 2025 (13:45 - 14:45)

    • IRMAR - Université de Rennes - Campus Beaulieu Bat. 22, RDC, Rennes - Amphi Lebesgue

    Speaker : Bruno Blanchet - Inria

    CryptoVerif is a security protocol verifier sound in the computational model of cryptography. It produces proofs by sequences of games, like those done manually by cryptographers. It has an automatic proof strategy and can also be guided by the user. It provides a generic method for specifying security assumptions on many cryptographic primitives, and can prove secrecy, authentication, and[…]

    • Cryptography

Show previous sessions
Page top