Inspector Gadget

We are happy to share our last research work Inspector Gadget, co-authored by Camille Mutschler (former engineer and PhD student at NinjaLab and currently teaching and research fellow at the LIRMM / university of Montpellier), Laurent Imbert (research director at the CNRS / LIRMM) and Thomas Roche (co-founder and security expert at NinjaLab), published in the international Journal IACR Communications in Cryptology. This work introduces InspectorGadget, an Open-Source Python-based software for assessing and comparing the complexity of masking gadgets. We illustrate its advantages with a fair comparison of several masked versions of Kyber compression function. InspectorGadget is distributed under the GPL v.3 license. It is freely available here.


CHES 2023 Challenge

Our (former) ninja Valence Cristiani participated and won the CHES 2023 challenge, which consisted in proposing side-channel attacks on a masked implementation of the AES. Furthermore he also hacked the challenge rules and was able to propose a zero trace attack ! Find more details of his work here .


A Side Journey To Titan

Illustration made by Romain Flamand

We discovered a side-channel vulnerability in the Google Titan Security Key. More precisely, we were able to extract the full long term ECDSA secret key linked to a FIDO U2F account from the Google Titan Security Key. Furthermore our side journey showed that the vulnerability also applies on other products. Find more details and the full write-up of our work here .


CARDIS 2019

We are happy to share our last research work Side-channel Attacks on Blinded Scalar Multiplications Revisited, which has been presented at the conference CARDIS 2019 in November 11-13 2019 in Prague, Czech Republic. The preprint version of the article is available on the Cryptology ePrint Archive.


Ledger Challenge 2018

NinjaLab participated and won the Ledger challenge 2018. More precisely, we found a side-channel vulnerability in the ECC public-key generation operation of the cryptographic library of the Ledger Nano S, allowing us to extract the full long term ECC secret key linked to a Bitcoin account. More details are available here.

Theme: Illdy. © Copyright 2024 NinjaLab. All Rights Reserved.