Blog

Lowering the bar: deep learning for side-channel analysis

Lowering the bar: deep learning for side-channel analysis

We show we can break a lightly protected AES, an AES implementation with masking countermeasures and a protected ECC implementation using Deep Learning.
Efficient Reverse Engineering of Automotive Firmware

Efficient Reverse Engineering of Automotive Firmware

In this paper we evaluate the efficiency of reverse engineering the firmware of an automotive embedded controller unit.
Fault injection on automotive diagnostic protocols

Fault injection on automotive diagnostic protocols

From the beginning of the electronics era in vehicles, car manufacturers have been trying to simplify how to troubleshoot problems in their vehicles.
The Threat of Security Vulnerabilities in Today’s Connected Automotive World

The Threat of Security Vulnerabilities in Today’s Connected Automotive World

The evolution of automotive systems has brought us into a world where both highly connected and autonomously operated vehicles are becoming commonplace.
Mobile Banking application security

Mobile Banking application security

In this paper we present the critical security challenges that Mobile Banking applications face in today’s market.
Bypassing Secure Boot using Fault Injection

Bypassing Secure Boot using Fault Injection

Watch the video of this research presented at SHA2017
Escalating Privileges in Linux using Fault Injection

Escalating Privileges in Linux using Fault Injection

Today’s standard embedded device technology is not robust against Fault Injection (FI) attacks such as Voltage Fault Injection (V-FI)
Safety does not equal Security in Automotive

Safety does not equal Security in Automotive

A security assessment of the resilience against fault injection attacks in ASIL-D certified microcontrollers
Secure Application Programming in the presence of Side Channel Attacks

Secure Application Programming in the presence of Side Channel Attacks

This paper introduces a collection of secure programming patterns for security critical devices. These patterns help developers to mitigate the risk of side channel attacks.
My journey at Riscure: Diego Rivera

My journey at Riscure: Diego Rivera

Diego Rivera is a senior developer at the Riscure True Code team. Three years ago, Diego joined Riscure’s software development team and has been working with them on our tools since then. In ...
Security Highlight: A further look at faulTPM’s deepest secrets

Security Highlight: A further look at faulTPM’s deepest secrets

Recently, a new paper was published by Hans Niklas Jacob et al, titled "faulTPM: Exposing AMD fTPMs’ Deepest Secrets". The paper demonstrates the impact of a previously published Voltage Fault ...
Secure Implementation of Post Quantum Crypto in the spotlight

Secure Implementation of Post Quantum Crypto in the spotlight

Marc Witteman shares his thoughts on the latest developments in secure Post Quantum Crypto
My journey at Riscure: Nicole Fern

My journey at Riscure: Nicole Fern

Nicole Fern is a Senior Security Analyst at Riscure North America. In this role she works on both hardware and software projects, and is also involved in Riscure’s Training Academy as a trainer. ...
Security Highlight: ChatGPT vs Security Analyst

Security Highlight: ChatGPT vs Security Analyst

At Riscure, we like to explore new technologies that can help us better help our customers. Undoubtedly, the latest famous new applications are various versions of ChatGPT, a recently accessible ...
My journey at Riscure: Nisrine Jafri

My journey at Riscure: Nisrine Jafri

Nisrine Jafri is a Senior Security Analyst and Evaluator at Riscure. After switching from academia to industry work 2 years ago, Nisrine has been mainly working on Certification projects at ...
Security Highlight: a look at Ascon, a lightweight crypto algorithm

Security Highlight: a look at Ascon, a lightweight crypto algorithm

The contest for standardization of a lightweight crypto (LWC) algorithm has just finished. US standards body NIST selected Ascon as the winner. Ascon is an algorithm proposed by an international ...
My journey at Riscure: Chris Berg

My journey at Riscure: Chris Berg

Chris Berg is a Security Analyst at Riscure. Chris joined us 2 years ago and he has already worked as a security analyst and evaluator on multiple large certification projects. In this ...
Security Highlight: Exploiting persistent faults in crypto

Security Highlight: Exploiting persistent faults in crypto

At the most recent CHES workshop, Hossein Hadipour of the Graz University of Technology presented an important step forward in exploiting persistent faults in crypto.