SOLUTIONS
> Side Channel Analysis
Ready-to-use side channel tools to assess cryptography algorithms.
> Fault Injection: Laser, EM & Glitching
Make sure your chip withstands different techniques of physical fault injections.
> Firmware Security Analysis
Qualify embedded code binaries without physical devices and benches.
> Security Failure Analysis
Photoemission analysis to explore internal information in a chip.
> Vulnerability Research
Dynamic analyses at a system level for investigating potential vulnerabilities.
> esDynamic for EDU SCA and FI
A learning center for academics to teach and perform side-channel analysis and fault injection
TECHNOLOGIES
> Data Science Platform
esDynamic is a complete data focused platform to leverage the know-how of your team for complex analyses.
> esFirmware Engine
Assess the security of the firmware of IoT devices against logical and physical attacks.
> esReven Engine
Record and replay vulnerability researches within reverse engineering processes and tools.
PROFESSIONAL SERVICES
> Cybersecurity Training
Grow your expertise with training modules driven by a coach.
> Hardware Evaluation Lab
High-end laboratory capabilities specialized in hardware security evaluations.
EXPERTISE
> Mobile App Security
Onboard your Team into your Security Challenges.
> DevSecOps
Integrate the security protections verification in your CI/CD pipeline.
> PCI MPoC
Prepare your product to meet this new mobile payment standard.
SOLUTIONS
> Mobile App Security Testing (MAST)
esChecker SaaS: automating the security testing of your mobile app binary.
PROFESSIONAL SERVICES
> Mobile App Penetration Testing
Testing the resiliency of your Mobile App, SDK or RASP tool.
> Backend Penetration Testing
Testing the resiliency of your Web App, API or Backend Systems.
> Coaching for Mobile App Developers
Providing insights into the mobile app threats and how attackers work by a learning-by-doing approach.
Go to our German website
OUR COMPANY
> Events
CAREERS
> Meet our experts
> Open positions
Join our team!
FOLLOW US
Twitter
Linkedin
Youtube
Github
Gitlab
Lattice attacks for side-channel analysis
In this module, you will learn about lattice attacks and how they can be combined with side-channel analysis to break public key implementations. After an introductions to lattices, we will review the Hidden Number Problem, which is at the core of most of the lattices attacks on ECDSA. We will then study the most common side-channel leakage scenarios on ECDSA leading to a full private key recovery. As an evaluator, you will learn how to estimate the criticality of attacks leading to partial key recovery.
Covered Topics
- Understand lattices
- Understand the Hidden Number Problem
- Understand the main lattice attack vectors on ECDSA
Exercises
- Solve a Hidden Number Problem using LLL
- Implement a lattice attack on ECDSA with weak most significant bits
- Implement a lattice attack on ECDSA with weak least significant bits
Requirements
- Familiar with Elliptic Curves
- Basic knowledge in coding (Python)
- Familiar with side-channel concepts (module SCAE.1)
Practical information
Overall duration: 1-day if in-person / flexible duration if online.
Schedule: 9am-1pm - 2pm-6 pm CET (in-person)
Number of trainees: 1 max.
