Blog

Secure Application Programming in the presence of Side Channel Attacks

Secure Application Programming in the presence of Side Channel Attacks

This paper introduces a collection of secure programming patterns for security critical devices. These patterns help developers to mitigate the risk of side channel attacks.
Practical steps to evaluate and protect Secure Boot

Practical steps to evaluate and protect Secure Boot

This paper reveals common weaknesses in Secure Boot implementations and proposes practical steps to enhance security of this critical element of an embedded system.
Learn how to keep your Over-The-Air Updates secure?

Learn how to keep your Over-The-Air Updates secure?

A perspective from the analysts at Riscure Security Lab, which was shared during SEMS, Paris on April 30th, 2017 by CEO Marc Witteman.
Controlling PC on ARM using Fault Injection

Controlling PC on ARM using Fault Injection

Fault injection attacks are a powerful technique to influence the intended behavior of embedded systems.
Why is it so hard to make secure chips?

Why is it so hard to make secure chips?

Why is it so hard to make secure chips? from Riscure
Unboxing the White-Box

Unboxing the White-Box

Typical threat modeling applied in cryptography involves a malicious third party attempting to access content. Download the whitepaper.
Fast and Memory-Efficient Key Recovery in Side-Channel Attacks

Fast and Memory-Efficient Key Recovery in Side-Channel Attacks

Side-channel attacks are techniques to attack implementations of cryptographic algorithms by observing its physical parameter. Read more.
Risk mitigation for sensitive applets in a multi-application context

Risk mitigation for sensitive applets in a multi-application context

Java Cards typically host multiple applets. These are provided in binary CAP files, containing library code or applets.
How to secure HCE

How to secure HCE

How to secure HCE from Riscure
Secure Implementation of Post Quantum Crypto in the spotlight

Secure Implementation of Post Quantum Crypto in the spotlight

Marc Witteman shares his thoughts on the latest developments in secure Post Quantum Crypto
My journey at Riscure: Nicole Fern

My journey at Riscure: Nicole Fern

Nicole Fern is a Senior Security Analyst at Riscure North America. In this role she works on both hardware and software projects, and is also involved in Riscure’s Training Academy as a trainer. ...
Security Highlight: ChatGPT vs Security Analyst

Security Highlight: ChatGPT vs Security Analyst

At Riscure, we like to explore new technologies that can help us better help our customers. Undoubtedly, the latest famous new applications are various versions of ChatGPT, a recently accessible ...
My journey at Riscure: Nisrine Jafri

My journey at Riscure: Nisrine Jafri

Nisrine Jafri is a Senior Security Analyst and Evaluator at Riscure. After switching from academia to industry work 2 years ago, Nisrine has been mainly working on Certification projects at ...
Security Highlight: a look at Ascon, a lightweight crypto algorithm

Security Highlight: a look at Ascon, a lightweight crypto algorithm

The contest for standardization of a lightweight crypto (LWC) algorithm has just finished. US standards body NIST selected Ascon as the winner. Ascon is an algorithm proposed by an international ...
My journey at Riscure: Chris Berg

My journey at Riscure: Chris Berg

Chris Berg is a Security Analyst at Riscure. Chris joined us 2 years ago and he has already worked as a security analyst and evaluator on multiple large certification projects. In this ...
Security Highlight: Exploiting persistent faults in crypto

Security Highlight: Exploiting persistent faults in crypto

At the most recent CHES workshop, Hossein Hadipour of the Graz University of Technology presented an important step forward in exploiting persistent faults in crypto.
My journey at Riscure: Anjana Miyar

My journey at Riscure: Anjana Miyar

Anjana Miyar is a Senior Security Analyst at Riscure North America. Anjana’s specialty lies in software security testing. Unlike many others, Anjana did not have prior security experience before ...
Security Highlight: Compromising printers via malicious third-party cartridges

Security Highlight: Compromising printers via malicious third-party cartridges

This fall, HP Inc. published an article describing a buffer overflow vulnerability in their printer software which would allow an attacker to obtain persistent remote code execution on the ...