CHES 2023 Challenge
Our (former) ninja Valence Cristiani participated and won the CHES 2023 challenge, which consisted in proposing side-channel attacks on a masked implementation of the AES. Furthermore he also hacked the challenge rules and was able to propose a zero trace attack ! Find more details of his work here .
A Side Journey To Titan
Illustration made by Romain Flamand
We discovered a side-channel vulnerability in the Google Titan Security Key. More precisely, we were able to extract the full long term ECDSA secret key linked to a FIDO U2F account from the Google Titan Security Key. Furthermore our side journey showed that the vulnerability also applies on other products. Find more details and the full write-up of our work here .
We are happy to share our last research work Side-channel Attacks on Blinded Scalar Multiplications Revisited, which has been presented at the conference CARDIS 2019 in November 11-13 2019 in Prague, Czech Republic. The preprint version of the article is available on the Cryptology ePrint Archive.
Ledger Challenge 2018
NinjaLab participated and won the Ledger challenge 2018. More precisely, we found a side-channel vulnerability in the ECC public-key generation operation of the cryptographic library of the Ledger Nano S, allowing us to extract the full long term ECC secret key linked to a Bitcoin account. More details are available here.