We study cryptosystems based on supersingular isogenies. This is an active area of
research in post-quantum cryptography. Our first contribution is to give a very powerful active …

We show that elliptic-curve cryptography implementations on mobile devices are vulnerable
to electromagnetic and power side-channel attacks. We demonstrate full extraction of …

Digital Signature Schemes such as DSA, ECDSA, and RSA are widely deployed to protect
the integrity of security protocols such as TLS, SSH, and IPSec. In TLS, for instance, RSA …

Although it is one of the most popular signature schemes today, ECDSA presents a number
of implementation pitfalls, in particular due to the very sensitive nature of the random value …

Trusted Execution Environments (TEEs) such as ARM TrustZone are in widespread use in
both mobile and embedded devices, and they are used to protect sensitive secrets while …

In this paper, we study the Learning With Errors problem and its binary variant, where
secrets and errors are binary or taken in a small interval. We introduce a new variant of the …

We present our discovery of a group of side-channel vulnerabilities in implementations of
the ECDSA signature algorithm in a widely used Atmel AT90SC FIPS 140-2 certified …

The recent Hertzbleed disclosure demonstrates how remote-timing analysis can reveal
secret information previously only accessible to local-power analysis. At worst, this …

Diffie-Hellman key exchange (DHKE) is a widely adopted method for exchanging
cryptographic key material in real-world protocols like TLS-DH (E). Past attacks on TLS-DH …

Public-key cryptography algorithms, especially elliptic curve cryptography (ECC) and elliptic
curve digital signature algorithm (ECDSA) have been attracting attention from many …