Blog

Premium Content Delivery on Android: how to guard an open platform

Premium Content Delivery on Android: how to guard an open platform

Defending an Android implementation of a secure media path also requires a unique set of methods. This whitepaper provides a high-level overview of Android security risks for the content ...
Lowering the bar: deep learning for side-channel analysis

Lowering the bar: deep learning for side-channel analysis

We show we can break a lightly protected AES, an AES implementation with masking countermeasures and a protected ECC implementation using Deep Learning.
Efficient Reverse Engineering of Automotive Firmware

Efficient Reverse Engineering of Automotive Firmware

In this paper we evaluate the efficiency of reverse engineering the firmware of an automotive embedded controller unit.
Fault injection on automotive diagnostic protocols

Fault injection on automotive diagnostic protocols

From the beginning of the electronics era in vehicles, car manufacturers have been trying to simplify how to troubleshoot problems in their vehicles.
The Threat of Security Vulnerabilities in Today’s Connected Automotive World

The Threat of Security Vulnerabilities in Today’s Connected Automotive World

The evolution of automotive systems has brought us into a world where both highly connected and autonomously operated vehicles are becoming commonplace.
Mobile Banking application security

Mobile Banking application security

In this paper we present the critical security challenges that Mobile Banking applications face in today’s market.
Bypassing Secure Boot using Fault Injection

Bypassing Secure Boot using Fault Injection

Watch the video of this research presented at SHA2017
Escalating Privileges in Linux using Fault Injection

Escalating Privileges in Linux using Fault Injection

Today’s standard embedded device technology is not robust against Fault Injection (FI) attacks such as Voltage Fault Injection (V-FI)
Safety does not equal Security in Automotive

Safety does not equal Security in Automotive

A security assessment of the resilience against fault injection attacks in ASIL-D certified microcontrollers
Security Highlight: a look at Ascon, a lightweight crypto algorithm

Security Highlight: a look at Ascon, a lightweight crypto algorithm

The contest for standardization of a lightweight crypto (LWC) algorithm has just finished. US standards body NIST selected Ascon as the winner. Ascon is an algorithm proposed by an international ...
My journey at Riscure: Chris Berg

My journey at Riscure: Chris Berg

Chris Berg is a Security Analyst at Riscure. Chris joined us 2 years ago and he has already worked as a security analyst and evaluator on multiple large certification projects. In this ...
Security Highlight: Exploiting persistent faults in crypto

Security Highlight: Exploiting persistent faults in crypto

At the most recent CHES workshop, Hossein Hadipour of the Graz University of Technology presented an important step forward in exploiting persistent faults in crypto.
My journey at Riscure: Anjana Miyar

My journey at Riscure: Anjana Miyar

Anjana Miyar is a Senior Security Analyst at Riscure North America. Anjana’s specialty lies in software security testing. Unlike many others, Anjana did not have prior security experience before ...
Security Highlight: Compromising printers via malicious third-party cartridges

Security Highlight: Compromising printers via malicious third-party cartridges

This fall, HP Inc. published an article describing a buffer overflow vulnerability in their printer software which would allow an attacker to obtain persistent remote code execution on the ...
Tunable Replica Circuit

Tunable Replica Circuit

At the Black Hat 2022, Daniel Nemiroff presented a talk on Tunable Replica Circuits. Riscure CTO of North America, Jasper van Woudenberg had an opportunity to listen to this presentation. Here ...
My journey at Riscure: Caroline Favrot Lee

My journey at Riscure: Caroline Favrot Lee

Caroline Favrot Lee is the Operations Director for Riscure North America. Caroline originally joined Riscure in 2012 as an accountant and office manager for the Riscure North American office, ...
Security Highlight: Marc Witteman on the roots of Riscure, device security, and pre-silicon

Security Highlight: Marc Witteman on the roots of Riscure, device security, and pre-silicon

The story of Riscure, like with many other technology businesses, started in the garage. Dissatisfied with the quality of then available hardware testing tooling, Marc Witteman founded Riscure ...
My Journey at Riscure: Pascal van Gimst

My Journey at Riscure: Pascal van Gimst

  How did you join Riscure? I was working in a research institute called TNO, where I was doing chip security testing in a group of 10 people. One of those people was Marc ...