BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//Talks.cam//talks.cam.ac.uk//
X-WR-CALNAME:Talks.cam
BEGIN:VEVENT
SUMMARY:Lessons Learned from Four Years of Implementation Attacks against 
 Real-World Targets - Paar\, C (Ruhr University Bochum)
DTSTART:20120201T144500Z
DTEND:20120201T153000Z
UID:TALK36096@talks.cam.ac.uk
CONTACT:Mustapha Amrani
DESCRIPTION:Over the last few years we were able to break various real-wor
 ld security systems using various flavours of physical attacks. About thre
 e years ago we were able to break KeeLoq\, which is a 64 bit block cipher 
 that is popular for remote keyless entry (RKE) systems. Even though the at
 tack seems almost straightforward in hindsight\, there where many practica
 l and theoretical problems to overcome. More recently we were able to brea
 k certain types of the DESFire contactless smart card\, which are widely u
 sed\, e.g.\, for payment application. We also completely broke the bit str
 eam encryption used in Xilinx FPGAs. In all both cases we were able to rec
 over the keys for either 3DES or AES using power analysis attacks. In cont
 rast to KeeLoq\, both 3DES and AES are considered very secure from a class
 ical cryptanalyitical point of view. Interesingly\, the real-world implica
 tions of these key-extraction attacks are highly dependend on the system d
 esign (and not on the cipher used).  In addition to summarizing the above 
 mentioned work\, I will try to draw some meaningful conclusions. This incl
 udes the often considerable practial hurdles an attacker has to overcome a
 nd the important role that system design plays.
LOCATION:Seminar Room 1\, Newton Institute
END:VEVENT
END:VCALENDAR