Chip & System Security Testing 
Reconciling how and how in a single and collaborative platform empowering experts.
SOLUTIONS

  • > Side Channel Analysis

    Ready-to-use side channel tools to assess cryptography algorithms.

  • > Fault Injection: Laser, EM & Glitching

    Make sure your chip withstands different techniques of physical fault injections.

  • > Firmware Security Analysis

    Qualify embedded code binaries without physical devices and benches.

  • > Security Failure Analysis

    Photoemission analysis to explore internal information in a chip.

  • > Vulnerability Research

    Dynamic analyses at a system level for investigating potential vulnerabilities.

TECHNOLOGIES

  • > Data Science Platform

    esDynamic is a complete data focused platform to leverage the know-how of your team for complex analyses.

  • > esFirmware Engine

    Assess the security of the firmware of IoT devices against logical and physical attacks.

  • > esReven Engine

    Record and replay vulnerability researches within reverse engineering processes and tools.

PROFESSIONAL SERVICES

  • > Cybersecurity Training

    Grow your expertise with training modules driven by a coach.

  • > Hardware Evaluation Lab

    High-end laboratory capabilities specialized in hardware security evaluations.

Mobile & Backend Security Testing 
Onboard your Mobile Engineering Team into your security challenges with hands-on training, security verifications, and more.
EXPERTISE

  • > Mobile App Security

    Know the threats and risks of your Mobile App.

  • > DevSecOps

    Integrate the security protections verification in your CI/CD pipeline.

SOLUTIONS

  • > Mobile App Security Testing (MAST)

    esChecker SaaS: automating the security testing of your mobile app binary.

PROFESSIONAL SERVICES

  • > Mobile App Penetration Testing

    Testing the resiliency of your Mobile App, SDK or RASP tool.

  • > Backend Penetration Testing

    Testing the resiliency of your Web App, API or Backend Systems.

  • > Coaching for Mobile App Developers

    Providing insights into the mobile app threats and how attackers work by a learning-by-doing approach.

Our Company 
Passionate about security and wanting to work in an exciting and innovative environment? Full time and internship opportunities starting 2023.
OUR COMPANY

  • > Events

CAREERS

  • > Meet our experts

  • > Open positions

    Join our team!

FOLLOW US
Blog
Contact us
eShard
/
escoaching
/
Lattice Side Channel
Advanced

Lattice attacks for side-channel analysis

In this module, you will learn about lattice attacks and how they can be combined with side-channel analysis to break public key implementations. After an introductions to lattices, we will review the Hidden Number Problem, which is at the core of most of the lattices attacks on ECDSA. We will then study the most common side-channel leakage scenarios on ECDSA leading to a full private key recovery. As an evaluator, you will learn how to estimate the criticality of attacks leading to partial key recovery.

Covered Topics

  • Understand lattices
  • Understand the Hidden Number Problem
  • Understand the main lattice attack vectors on ECDSA

Exercises

  • Solve a Hidden Number Problem using LLL
  • Implement a lattice attack on ECDSA with weak most significant bits
  • Implement a lattice attack on ECDSA with weak least significant bits

Requirements

  • Familiar with Elliptic Curves
  • Basic knowledge in coding (Python)
  • Familiar with side-channel concepts (module SCAE.1)
Contact us

Practical information

Overall duration: 1-day if in-person / flexible duration if online.

Schedule: 9am-1pm - 2pm-6 pm CET (in-person)

Number of trainees: 1 max.

Our Coaches

Guillaume
Bethouart
CopyRights eShard 2023.
All rights reserved
Privacy policy | Legal Notice
SECURITY TESTING SOLUTIONS
Side Channel AnalysisLaser & EM Fault InjectionFirmware Security AnalysisSecurity Failure AnalysisVulnerability ResearchMAST: Mobile Application Security Testing
TECHNOLOGIES
Data Science PlatformesFirmware EngineesReven Engine
PROFESSIONAL SERVICES
Cybersecurity TrainingHardware Evaluation LabPenetration Testing for Backend and WebAppPenetration Testing for Mobile Applications
COMPANY
About usJoin our team!EventsBlog