Our training courses excel in being
practical and hands-on.

The courses

Our training courses excel in being practical and hands-on. During the course, you get to use open source tools as well as Riscure's own test tools on smart cards and embedded devices.

Bookings & enquiries

Give us a call

+31 (0)15 251 4090 (CET)

Mail us

inforequest@riscure.com

Enquiries and Bookings

Dates

  • Applies to all

The training can be purchased separately or combined with an Inspector purchase. Academia and groups (4 or more attendees) may benefit from a special arrangement, please contact Riscure sales (inforequest@riscure.com) for a quote. Riscure provides lunch, coffee/tea and beverages and training material. Equipment for the hands-on sessions will be provided, including a training computer, training cards/devices and equipment.Bookings


Bookings can be made via inforequest@riscure.com or your local reseller. Attendees are free to move their training 2 weeks in advance of the original starting date to another slot, when seats are still available. The full amount needs to be paid in advance of the training, no guarantees can be made regarding your booking if the amount is not received on time. Cancellation fees apply.

Read more

Side Channel Analysis

Dates

  • 04 Jun 2012 — 08 Jun 2012
  • 02 Jul 2012 — 06 Jul 2012
  • 06 Aug 2012 — 10 Aug 2012

Unobtrusive observation of physical properties, like power consumption and electromagnetic emanations, to identify key leakage are becoming commonplace in security evaluations. Performing side channel analysis introduces new challenges for developers and evaluators every time. Knowing the kind of analysis you need to perform, post-processing steps to take and alignment options to choose is essential.The training for side channel analysis is aimed to introduce these topics by showing real-world examples and teach good practice. Simultaneously, participants work with the Inspector SCA tool to gain hands-on experience with these techniques. The topics include:

  • Primer on passive side channels as a security threat
  • The process of performing side channel analysis testing
  • Inspection of a target using Simple Power Analysis (SPA)
  • Performing Differential- and Correlation Power Analysis on DES (DPA/CPA)
  • Performing Differential EM Analysis on a contactless card (DEMA-RF)
  • Advanced attacks on countermeasures in RSA and DES

Intended audience

  • Manufacturers, security evaluation labs and research institutes evaluating side channel tooling to expand or renew their setup.
  • Developers that make code to run on hardware which must be resistant against DPA, EMA and timing analysis.
  • Evaluation laboratories looking to get a better grip on performing side channel testing.
  • Government organizations seeking to analyze the threat posed by state-of-the-art side channel attacks.
  • Inspector customers that wish to train new Inspector users or refresh and update their own knowledge.

Prerequisites

  • Participants must have a basic understanding of security and cryptography.
  • Participants should have a basic understanding of embedded and smart card interfaces.
  • A basic conceptual understanding of side channel testing is recommended, but not required to follow the training.

Practical information


Riscure provides lunch, coffee/tea and beverages and training material. Equipment for the hands-on sessions will be provided. Each participant will receive a certificate of completion.

Price


€ 4750

Read more

Fault Injection

Dates

  • 11 Jun 2012 — 13 Jun 2012
  • 09 Jul 2012 — 11 Jul 2012
  • 13 Aug 2012 — 15 Aug 2012

Fault injection and perturbation testing techniques actively manipulate a side channel on a chip by applying short laser, voltage or clock cycle pulses. In this training course, we address questions like how to recognize where and when to inject a fault, what parameters can be used, and how to use statistics to analyze faults.The training for fault injection explains the fault injection testing process and you will use the Inspector FI tool to apply these techniques in practice. Tests are performed with the VC Glitcher and Diode Laser Station on real-world targets using best practices. Topics for the fault injection training include:

  • Primer on fault injection as a security threat
  • The process of performing fault injection testing
  • Voltage- and clock glitching a smart card PIN verification
  • Performing Differential Fault Analysis on a DES operation
  • Optical glitching using a multi pulse laser on an RSA operation

Intended audience

  • Manufacturers, security evaluation labs and research institutes evaluating side channel tooling to expand or renew their setup.
  • Developers that make code to run on hardware which must be resistant against DPA, EMA and timing analysis.
  • Evaluation laboratories looking to get a better grip on performing side channel testing.
  • Government organizations seeking to analyze the threat posed by state-of-the-art side channel attacks.
  • Inspector customers that wish to train new Inspector users or refresh and update their own knowledge.

Prerequisites

  • Participants must have a basic understanding of security and cryptography.
  • Participants should have a basic understanding of embedded and smart card interfaces.
  • A basic conceptual understanding of side channel testing is recommended, but not required to follow the training.

Practical information


Riscure provides lunch, coffee/tea and beverages and training material. Equipment for the hands-on sessions will be provided, including a training laptop, example cards and acquisition equipment. Each participant will receive a certificate of completion.

Price


€ 2850

Read more

Java Card Security

Dates

  • 14 Jun 2012 — 15 Jun 2012
  • 12 Jul 2012 — 13 Jul 2012
  • 16 Aug 2012 — 17 Aug 2012

Java Card applications in multi-application environments depend on platform strength to protect its secrets and isolate its data and functionality from other applets. In this training Riscure introduces the attendees to the security concepts and risks posed by the Java Card and GP platform in relation to security on all levels. Starting from basics, such as the architecture and assumptions of the card’s operating system, trainees move in to defense code development and applet development.The second half of the training is geared towards testing the actual platform using JCworkBench as test tool. JCworkBench takes a unique on-card test approach by deploying and executing the test on the smart card platform itself. Attendees will learn to develop, run and further specify test applets against a Java Card to identify security vulnerabilities.Price

€ 1900

Read more