• Publications
  • Influence
Fault Based Cryptanalysis of the Advanced Encryption Standard (AES)
TLDR
An implemen- tation independent fault attack on AES is presented, able to deter- mine the complete 128-bit secret key of a sealed tamper-proof smart- card by generating 128 faulty cipher texts.
Practical Attacks Against Privacy and Availability in 4G/LTE Mobile Communication Systems
TLDR
This work constitutes the first publicly reported practical attacks against LTE access network protocols and recommends that safety margins introduced into future specifications to address such trade-offs should incorporate greater agility to accommodate subsequent changes in the trade-off equilibrium.
Predicting Secret Keys Via Branch Prediction
TLDR
A new software side-channel attack enabled by the branch prediction capability common to all modern high-performance CPUs, which allows an unprivileged process to attack other processes running in parallel on the same processor, despite sophisticated partitioning methods such as memory protection, sandboxing or even virtualization.
On the power of simple branch prediction analysis
TLDR
The successful extraction of almost all secret key bits by the SBPA attack against an openSSL RSA implementation proves that the often recommended blinding or so called randomization techniques to protect RSA against side-channel attacks are, in the context of SBPA attacks, totally useless.
Advances on Access-Driven Cache Attacks on AES
  • M. Neve, J. Seifert
  • Computer Science, Mathematics
    Selected Areas in Cryptography
  • 17 August 2006
TLDR
This work shows that access-driven cache-based attacks are becoming easier to understand and analyze, and when such attacks are mounted against systems performing AES, only a very limited number of encryptions are required to recover the whole key with a high probability of success.
Fault Attacks on RSA with CRT: Concrete Results and Practical Countermeasures
TLDR
This article describes concrete results and practically validated countermeasures concerning differential fault attacks on RSA using the CRT, and is convinced that only sophisticated hardware countermeasures in combination with software countermeasures will be able to provide security.
Cloning Physically Unclonable Functions
TLDR
This work demonstrates that SRAM PUFs are not well suited as PUFs, as they do not meet several requirements that constitute an ideal PUF and produces the first physical clone of a Physically Unclonable Function was produced.
Sign Change Fault Attacks on Elliptic Curve Cryptosystems
TLDR
This paper presents a new type of fault attacks on elliptic curve scalar multiplications: Sign Change Attacks, which produces points which do not leave the curve and are not easily detected.
A new CRT-RSA algorithm secure against bellcore attacks
TLDR
This paper describes a new algorithm to prevent fault attacks on RSA signature algorithms using the Chinese Remainder Theorem (CRT-RSA), and proves that the new algorithm is secure against the Bellcore attack.
New Branch Prediction Vulnerabilities in OpenSSL and Necessary Software Countermeasures
TLDR
This paper presents a new and yet unforeseen side channel attack that is enabled by the recently published Simple Branch Prediction Analysis (SBPA), and shows that modular inversion is a natural target of SBPA attacks because it typically uses the Binary Extended Euclidean algorithm whose nature is an input-centric sequence of conditional branches.
...
...