I recently attended CHES 2023 and presented a work-in-progress poster on pyecsca: Reverse-engineering elliptic curve cryptography implementations via side-channel analysis. Check it out below and also on GitHub.

I recently presented an updated version of the RedHat Research Day talk on analyzing the security certifications landscape. It has more cool results, and also memes. The slides are available.

I recently presented joint work with Petr Švenda, Adam Janovský, Jiří Michalík and Stanislav Boboň on analyzing the security certifications landscape at Red Hat Research Day 2022. The slides are available. The web frontend to our open-source tool is over at seccerts.org. Thanks to Red Hat Research for the opportunity as well as Red Hat employees that are cooperating in this research.

I recently presented the paper “They’re not that hard to mitigate”: What Cryptographic Library Developers Think About Timing Attacks on Real World Crypto 2022 and IEEE Security & Privacy 2022. If you want to get more info on the paper including a pre-print and additional material, check out its page. The RWC slides are available as well as the IEEE S&P slides.

Furthermore, the level of interest in the talk and the tools for analysis of constant-time cryptographic code motivated me to start a Github page collecting these tools at crocs-muni.github.io/ct-tools/. I hope that in the future this page can have tutorials and guides on using these tools crowdsourced from the community.

When I was in San Francisco for IEEE S&P I abused my jetlag and went for a very early walk around SF. I also took some photos.

Thanks a lot for the following photos from RWC 2022 to Benoit Viguier!

I recently presented our work on the Minerva group of vulnerabilities on the Cryptographic Hardware and Embedded Security conference. Our joint work with Vladimir Sedlacek, Petr Svenda and Marek Sys received the CHES 2020 Best Paper Award . The slides for the short conference talk can be found here.

I gave a short talk during the rump session at the 23rd Workshop on Elliptic Curve Cryptography highlighting some interesting aspects of the Minerva attack. The slides can be found here.

I gave a lightning talk during the student session of the 2019 SummerSchool on real-world Crypto and Privacy in Šibenik, Croatia, focusing on the research into JavaCard and smart-card security that is performed at CRoCS, the slides can be found here.

Recently, I presented work on the ECTester tool for testing black-box elliptic curve cryptography implementations during SantaCrypt 2018 in Prague, Czech republic. The presentation can be found here.