Fault injection and perturbation testing techniques actively manipulate a side channel on a chip by applying short laser, voltage or clock cycle pulses. In this training course, we address questions like how to recognize where and when to inject a fault, what parameters can be used, and how to use statistics to analyze faults.

The training for fault injection explains the fault injection testing process and you will use the Inspector FI tool to apply these techniques in practice. Tests are performed with the VC Glitcher and Diode Laser Station on real-world targets using best practices. Topics for the fault injection training include:

• Primer on fault injection as a security threat
• The process of performing fault injection testing
• Voltage- and clock glitching a smart card PIN verification
• Performing Differential Fault Analysis on a DES operation
• Optical glitching using a multi pulse laser on an RSA operation

Intended audience

• Manufacturers, security evaluation labs and research institutes evaluating side channel tooling to expand or renew their setup.
• Developers of DPA, EMA and timing analysis resistant hardware.
• Evaluation laboratories looking to get a better grip on performing side channel testing.
• Government organizations seeking to analyze the threat posed by state-of-the-art side channel attacks.
• Inspector customers that wish to train new Inspector users or refresh and update their own knowledge.

Prerequisites

• Participants must have a basic understanding of security and cryptography.
• Participants should have a basic understanding of embedded and smart card interfaces.
• A basic conceptual understanding of side channel testing is recommended, but not required to follow the training.

Practical information

Riscure provides lunch, coffee/tea and beverages and training material. Equipment for the hands-on sessions will be provided, including a training laptop, example cards and acquisition equipment. Each participant will receive a certificate of completion.

Unobtrusive observation of physical properties, like power consumption and electromagnetic emanations, to identify key leakage are becoming commonplace in security evaluations. Performing side channel analysis introduces new challenges for developers and evaluators every time. Knowing the kind of analysis you need to perform, post-processing steps to take and alignment options to choose is essential.

The training for side channel analysis is aimed to introduce these topics by showing real-world examples and teach good practice. Simultaneously, participants work with the Inspector SCA tool to gain hands-on experience with these techniques. The topics include:

• Primer on passive side channels as a security threat
• The process of performing side channel analysis testing
• Inspection of a target using Simple Power Analysis (SPA)
• Performing Differential- and Correlation Power Analysis on DES (DPA/CPA)
• Performing Differential EM Analysis on a contactless card (DEMA-RF)
• Advanced attacks on countermeasures in RSA and DES

Intended audience

• Manufacturers, security evaluation labs and research institutes evaluating side channel tooling to expand or renew their setup.
• Developers that make code to run on hardware which must be resistant against DPA, EMA and timing analysis.
• Evaluation laboratories looking to get a better grip on performing side channel testing.
• Government organizations seeking to analyze the threat posed by state-of-the-art side channel attacks.
• Inspector customers that wish to train new Inspector users or refresh and update their own knowledge.

Prerequisites

• Participants must have a basic understanding of security and cryptography.
• Participants should have a basic understanding of embedded and smart card interfaces.
• A basic conceptual understanding of side channel testing is recommended, but not required to follow the training.

Practical information

Riscure provides lunch, coffee/tea and beverages and training material. Equipment for the hands-on sessions will be provided. Each participant will receive a certificate of completion.

The training can be purchased separately or combined with an Inspector purchase. Academia and groups (4 or more attendees) may benefit from a special arrangement, please contact Riscure sales (inforequest@riscure.com) for a quote. Riscure provides lunch, coffee/tea and beverages and training material. Equipment for the hands-on sessions will be provided, including a training computer, training cards/devices and equipment.

Bookings can be made via inforequest@riscure.com or your local reseller. Attendees are free to move their training 2 weeks in advance of the original starting date to another slot, when seats are still available. The full amount needs to be paid in advance of the training, no guarantees can be made regarding your booking if the amount is not received on time. Cancellation fees apply.

Bookings can be made via inforequest@riscure.com or your local reseller. Attendees are free to move their training 2 weeks in advance of the original starting date to another slot, when seats are still available. The full amount needs to be paid in advance of the training, no guarantees can be made regarding your booking if the amount is not received on time. Cancellation fees apply.

For more information about available training courses please visit the following link: http://www.riscure.com/services/training