Workshop on Physical Attacks

Invited Speakers

Building Technical Attacks into Common Criteria Evaluations (slides)
Tony Boswell, SiVenture - now a part of Cisco, UK

Most of the Common Criteria assurance requirements and evaluation methodology are quite generic. This serves us well in the task of providing a common structure for security evaluations that can be applied to any type of IT product, but is less helpful when it comes to achieving consistent evaluations over time and in different laboratories. It also fails to answer questions about whether evaluations are really addressing attacks that are close to the state of the art, and that are relevant to the ways that products are used. So over a number of years the JHAS group and its predecessors have built more detail into both evaluation methodology and the attacks that are required for vulnerability analysis. As time passes it remains vital to update the detail and technique for improvements in attacks, and for the changes in the platforms and deployment environments in modern products. Today, smart cards are viewed as one of the most successful application areas of Common Criteria, and some of the major changes currently underway in the use of CC have been inspired by the way smart card evaluations have developed. This has required not just developing the technical attack methods, but of assessing them against a reference work function (attack potential) and bringing them from research topics into common use. An unprecedented level of collaboration and sharing of experience has been needed in order to bring this about. And the job is not yet done: indeed in several ways it is getting harder. In this talk we will look into what we are trying to achieve in a Common Criteria evaluation, and the ways that mainstream CC and smart card CC have evolved over time to build more technical detail into the way that evaluations are carried out. We will look at why so much success has been achieved, the challenges that we have to address in the coming years, and hence some discussion topics for the relationship between CC and technical research.

The speaker: Tony Boswell began working in IT security as a security evaluator in one of the original UK government Evaluation Facilities in 1987. Since then he has worked on a wide range of secure system developments and evaluations (including the ITSEC E6 certifications of the Mondex purse and the MULTOS smart card operating system) in the government and commercial domains. Much of Tony's recent work has been on smart card security projects and on server and application-level virtualisation. Tony has been involved in UK and international interpretation of evaluation requirements for smart cards since 1995, and continues to contribute to multi-national technical community work on interpretation and maintenance of Common Criteria evaluation requirements, as well as assisting hardware and software developers to take their products through Common Criteria evaluations. He is currently a Principal Consultant and CLEF Technical Manager at SiVenture (

To the Speakers  To the Program

Software Countermeasures: Present and Future Challenges (slides)
Christophe Giraud, Oberthur Technologies, France

In this talk we will firstly present the main software countermeasures which are used in embedded environments to counteract physical attacks. In the second part, we will discuss how difficult it is to adapt a countermeasure proved to be secure in a particular model to a countermeasure secured in another model. Moreover, we will demonstrate that some chips present some complex leakages leading to a full rewriting of the original countermeasures. In the third part of this talk, we will then see that even when an implementation includes side-channel and fault countermeasures, the so-called combined attacks allow one to recover the secret key. This will demonstrate why the next generation of countermeasures must simultaneously thwart side-channel and fault attacks.

The speaker: Christophe Giraud has been working in the Cryptography & Security group of Oberthur Technologies since the end of the 90's. He worked as a cryptographic algorithms developer and he worked on side channel analysis and fault injection on embedded applications and cryptographic implementations. He was also in charge of several security studies in mobile, banking and pay-TV environments. Christophe is now leading the Security group whose goal is to ensure the high level of security of Oberthur's products. He is the author of more than 20 international publications in Computer Science and holds more than 30 patents in the field, many of them being used in smart card technologies.

To the Speakers  To the Program

Elliptic Curves and Fault Attacks (slides)
Marc Joye, Technicolor, France

The speaker: I received a PhD degree in Applied Sciences (Cryptography) from the Université Catholique de Louvain (UCL) in 1997 and an Habilitation (HDR) degree in Computer Science from the Université de Toulouse II in 2003. In 1998 and 1999, I was a post-doctoral fellow of the National Science Council, Republic of China. From 1999 to 2006, I was with the Card Security Group, Gemplus (now Gemalto), France. Since August 2006, I have been with Technicolor (formerly Thomson), France. I am author and co-author of 100+ scientific papers and hold several patents. I served in numerous program committees and was program chair for CT-RSA 2003, CHES 2004, ACM-DRM 2008, FDTC 2010, ACM-DRM 2010, Pairing 2010, and InfoSecHiComNet 2011. I am member of the IACR and co-founder of the UCL Crypto Group.

To the Speakers  To the Program

Building Secure Hardware (slides)
Stefan Mangard, Infineon Technologies, Germany

The speaker: Stefan was born in 1978 in Schruns, Austria. He has received a Dipl.-Ing. degree (equivalent to M.Sc.) and a Ph.D. degree in computer engineering (Telematik) from Graz University of Technology, Austria. The assessors of the Ph.D. thesis were Reinhard Posch from Graz University of Technology, Austria and Bart Preneel from KU Leuven, Belgium. As a master student Stefan has spent one semester at Johns Hopkins University (Baltimore, MD, USA). As a member of the VLSI & Security research group at the Institute for Applied Information Processing and Communications (IAIK) at Graz Universtity of Technology, Stefan has been working on side-channel attacks and countermeasures from 2001 to 2007. Together with Elisabeth Oswald and Thomas Popp he wrote the first book on power analysis attacks. In April 2007, Stefan joined Infineon Technologies Munich as member of the security innovation group at the Chip Card & Security division. Since September 2010, he is working as security architect. Since 2010, he also teaching courses on the secure implementation of cryptography at TU München.

To the Speakers  To the Program

Challenges in Leakage-Resilient Symmetric Cryptography (slides)
Krzysztof Pietrzak, IST, Austria

I will discuss some challenges and progress on symmetric leakage-resilient cryptosystems. As an illustrative example we'll revisit the leakage-resilient stream-cipher from Eurocrypt'09 and show how two recent results on "overcoming weak expectations" and on "how to fake auxiliary input" finally allow to prove an exact security bound which gives meaningful security guarantees when the cipher is instantiated with a standard block-cipher like AES.

The speaker: Krzysztof Pietrzak received his PhD from ETH Zurich in 2005, followed by postdoc positions at ENS Paris and CWI Amsterdam. Since August 2012 he works as an assistant professor at the Institute of Science and Technology (IST) Austria. Krzysztof is interested in theoretical and practical aspects of cryptography, in 2010 he received an ERC starting grant for the "Provable Security for Physical Cryptography" project.

To the Speakers  To the Program