[crypto] [secdm at tue.nl: REMINDER: Crypto Working Group, December 11, 2015]

R. Hirschfeld ray at unipay.nl
Wed Dec 9 18:02:46 CET 2015 

------- Start of forwarded message -------
From: Secretariaat DM <secdm at tue.nl>
Subject: REMINDER: Crypto Working Group, December 11, 2015
Date: Wed, 9 Dec 2015 15:11:24 +0000

Dear all,

Just a reminder with the complete program of the CWG-meeting on Friday, December 11, 2015.

With kind regards / Met vriendelijke groeten,
Anita Klooster
secretary of the section Discrete Mathematics

[cid:image001.gif at 01CB8FB5.88A9C0F0]

Dept. of Mathematics and Computer Science
MF 4.058
Office hours: Monday and Friday 08.30-12.30 h / Tuesday and Wednesday 08.30-17.00 h
Telephone: +31 (0)40 2472254
Email: secdm at tue.nl<mailto:secdm at tue.nl>


CRYPTO WORKING GROUP


Friday, December 11, 2015

                                   De Kargadoor (http://www.kargadoor.nl/utrecht/zaalverhuur.html)
                               Oudegracht 36, Utrecht



Program

10.45 – 11.30 hrs.   Baris Ege (RU Nijmegen),
                                            Near Collision Side Channel Attacks

11.30 -  11.45 hrs.   Coffee / tea break

11.45 - 12.30 hrs.   Jon Solworth (Univ. of Illinois at Chicago),

Some thoughts on composition for security

12.30 -  14.00 hrs.   Lunch break (lunch not included)


14.00 - 14.45 hrs.   Isis Agora Lovecruft (Tor Project),
                              Tor's Circuit Level Crypto, Hacks, and the
                                               Proposed Change to an Authenticated Encryption Cipher


14.45 - 15.00 hrs.    Coffee / tea break


15.00 - 15.45 hrs.   Louiza Papachristodoulou (RU Nijmegen),

                                   Online Template Attacks on ECC




Abstract talk Baris Ege: Near Collision Side Channel Attacks

Side channel collision attacks are a powerful method to exploit side channel leakage. Other than a few exceptions, collision attacks usually combine leakage from distinct points in time, making them inherently bivariate. This work introduces the notion of near collisions to exploit the fact that values depending on the same sub-key can have similar while not identical leakage. We show how such knowledge can be exploited to mount a key recovery attack. The presented approach has several desirable features when compared to other state-of-the-art collision attacks: Near collision attacks are truly univariate. They have low requirements on the leakage functions, since they work well for leakages that are linear in the bits of the targeted intermediate state.

They are applicable in the presence of masking countermeasures if there exist distinguishable leakages, as in the case of leakage squeezing.

Results are backed up by a broad range of simulations for unprotected and masked implementations, as well as an analysis of the measurement set provided by DPA Contest v4
------- End of forwarded message -------

More information about the crypto mailing list