Modern cryptography has produced a multitude of secure ciphers that protect our daily electronic transactions. However, once the cipher is implemented on a physical device (microprocessor, FPGA, ASIC etc.) it becomes vulnerable to side-channel and fault attacks. Side-channel attacks pose a unique challenge as an intersection of cryptography, electronics and statistics and pervading all aspects of modern hardware security. The attacks monitor closely the power consumption or electromagnetic emission of a cryptographic device and they are able to extract the secret key using statistical techniques. Fault injection attacks, on the other hand, take advantage of inserting some disturbances (such as glitches by changing e.g. voltage, clock, temperature etc.) into the system leading to faulty computations.
In this training we will provide introductions to both, side-channel and fault analysis, showcasing the core techniques for key recovery. During the training the students will get the chance to develop several basic side-channel tools in Matlab/Octave. Subsequently they will use them to perform attacks on datasets in order to extract the secret key.
Lejla Batina studied and worked as a research assistant at the Technical University Eindhoven where she got her professional doctorate in Engineering degree in Mathematics for Industry - in 2001. After that she worked as a cryptographer for Pijnenburg - Securealink (later SafeNet, BV), in Vught, The Netherlands. She got her Ph.D. degree from KU Leuven, Belgium in 2005 where she also continued with postdoctoral research. She is currently a professor in the Digital Security group of the Computing Science Department at the Radboud University and active participant in the CHES and IACR communities. Her research interests are hardware security, lightweight cryptography, cryptography for pervasive computing (smart cards, RFIDs, etc.), side-channel attacks/countermeasures and implementations of cryptography.
Kostas Papagiannopoulos received a degree in Electrical and Computer engineering from the National Technical University of Athens, Greece in 2011. He received his joint M.Sc. in Information Security from Radboud University, Technical University Eindhoven and University of Twente in 2014. He is currently a Ph.D. candidate in the Digital Security group of Radboud University in Nijmegen, the Netherlands. In addition he was a research visitor at the Riscure testing/evalution lab in Delft, in 2016. His research interests are side-channel attacks and countermeasures, high-performance cryptographic implementations, machine learning and information theory.
Niels Samwel received a BSc in Computer Science from Leiden University,The Netherlands in 2014. He received his joint MSc degree in Cyber Security from Radboud University, Technical University Eindhoven and University of Twente in 2016. He is currently a PhD student in the Digital Security group in the Radboud University, The Netherlands. In addition, he was a research visitor at the University of Pennsylvania in 2017 (working with Daniel Genkin) and at the University of Adelaide in 2018 (working with Yuval Yarom). His research interests are side-channel and fault attacks, countermeasures and cryptographic implementations.