Starting June 4, Riscure is offering open training for side channel analysis, fault injection and Java Card security testing every first two weeks of the month. Side channel testing encompasses DPA/CPA methods and techniques for applied to the power, EM and RF domains. Fault injection training includes using VCC, clock and optical perturbation methods. The Java Card training focusses on logical security for multi-application smart cards using the Java Card and GlobalPlatform architecture.
Side channel and fault injection attacks require an understanding of a broad range of topics. Side channel testing combines knowledge about physics, logic, statistics, cryptanalysis and the tooling. Although literature abound, building skills and experience is crucial to successfully perform real-world analyses. With the training and program, Riscure bridges this gap. Using Riscure Inspector, trainees are guided through the acquisition process, learn understanding power or EM traces, choose post-processing filters and identify leakage to perform a successful attack. Every attendee will discover and gradually acquire the competences to feel comfortable about the concepts and application of side channel analysis and fault injection testing.
The Java Card training focusses on multi-application environments. Java Cards depend on platform strength to protect its secrets and isolate its data and functionality from other applets. In this training Riscure introduces the attendees to the security concepts and risks posed by the Java Card and GP platform in relation to security on all levels. Starting from basics, such as the architecture and assumptions of the card’s operating system, trainees move in to defensive code writing and applet development.
The training can be purchased separately or combined with Riscure’s Inspector or JCworkBench security testing tools. Please contact Riscure sales (firstname.lastname@example.org) for a quote or call +31 (0)15 251 4090. For more information please visit https://www.riscure.com/services/training.