Publications

Don’t Get Knocked Off the Curve: An Overview of Fault Injection Attacks on Elliptic Curve Cryptosystems

Don’t Get Knocked Off the Curve: An Overview of Fault Injection Attacks on Elliptic Curve Cryptosystems

Elliptic curve cryptography (ECC) is ubiquitous and used to secure everything from internet ...
How to Tame a Light Switch

How to Tame a Light Switch

Who would expect a light switch to offer up an extra entry point into your home network? This ...
Professionalizing Fault Injection

Professionalizing Fault Injection

Hobbyists and hackers are typically not well-funded, but often have excellent technical ...
Inspector Pre-Silicon SCA: Revolutionizing Side Channel Analysis with Advanced Detection

Inspector Pre-Silicon SCA: Revolutionizing Side Channel Analysis with Advanced Detection

Discover the benefits of pre-silicon side channel analysis and learn how to apply Inspector ...
Automotive Security Checklist

Automotive Security Checklist

We curated a list of the most essential security considerations that we recommend when ...
Securing Embedded Devices: 9 Considerations for Success

Securing Embedded Devices: 9 Considerations for Success

We curated a list of the most essential security considerations that we recommend when ...
Exploring genomic sequence alignment for improving side-channel analysis

Exploring genomic sequence alignment for improving side-channel analysis

This paper explores a novel approach to improving Side-Channel Analysis (SCA) alignment, ...
Forgotten Essence Of The Backend Penetration Testing

Forgotten Essence Of The Backend Penetration Testing

This whitepaper delves into the root causes of unnoticed vulnerabilities during backend ...
The Threat of Security Vulnerabilities in Today’s Connected Automotive World

The Threat of Security Vulnerabilities in Today’s Connected Automotive World

Testing and verifying security robustness throughout all stages of development, starting from ...
Five things you should know to avoid the most common security errors

Five things you should know to avoid the most common security errors

We discuss the most common security issues and offer recommendations that can help mitigate ...
3 Reasons Why Your Payment App Needs To Get EMVCo Certified And How App Shielding Can Help You Get There

3 Reasons Why Your Payment App Needs To Get EMVCo Certified And How App Shielding Can Help You Get There

This paper looks at the three main reasons why mobile payment apps need to get EMVCo certified ...
Security Pitfalls in TEE Development

Security Pitfalls in TEE Development

Discover the security pitfalls in TEE development and learn how to avoid common mistakes to ...
Broadband service providers – a security view

Broadband service providers – a security view

This paper discusses the current developments of the market for the device and network ...
From Classical Smartcards to Integrated Secure Elements

From Classical Smartcards to Integrated Secure Elements

In this whitepaper, Riscure experts discuss critical factors that vendors need to consider ...
Fault Mitigation Patterns

Fault Mitigation Patterns

To make it easier for developers to protect their security-critical devices, Riscure created ...
The Price We Pay for Faults

The Price We Pay for Faults

This paper explains the background and risk of fault injection, and proposes to use secure ...
State of Security for Smart Home Devices

State of Security for Smart Home Devices

Riscure analyzed the security of commonly used smart home devices such as WiFi routers, ...
Security certification considerations when choosing a secure product

Security certification considerations when choosing a secure product

Understanding Common Criteria and Evaluation Assurance Levels, and putting these into context ...
Demystifying Secure Development for Devices & Apps

Demystifying Secure Development for Devices & Apps

Understanding security testing, evaluation and certification, and how they benefit the design, ...
Security implications of accepting transactions on smartphones

Security implications of accepting transactions on smartphones

This publication discusses the security implications of accepting transactions on smartphones ...
Attacking AUTOSAR using Software and Hardware Attacks

Attacking AUTOSAR using Software and Hardware Attacks

This paper describes several scenarios how software and hardware attacks can compromise the ...
Premium Content Delivery on Android: how to guard an open platform

Premium Content Delivery on Android: how to guard an open platform

In this publication, we discuss the state of security of Android applications for premium ...
Lowering the bar: deep learning for side-channel analysis

Lowering the bar: deep learning for side-channel analysis

We show we can break a lightly protected AES, an AES implementation with masking ...
Side-channel based intrusion detection for industrial control systems

Side-channel based intrusion detection for industrial control systems

In this publication, the researchers propose an alternative approach to detecting software ...
13 steps to improve security and privacy when developing a smart lock

13 steps to improve security and privacy when developing a smart lock

Our findings show that smart locks can introduce new security risks. We provide 13 ...
Learning from the HCE security experience to improve security of mobile banking applications

Learning from the HCE security experience to improve security of mobile banking applications

In this paper we present the critical security challenges that Mobile Banking applications ...
Analyzing the security of Cloud-Based Payment apps on Android

Analyzing the security of Cloud-Based Payment apps on Android

In this paper we study the use of security features at a large scale, by analyzing all HCE ...
There Will Be Glitches: Extracting and Analyzing Automotive Firmware Efficiently

There Will Be Glitches: Extracting and Analyzing Automotive Firmware Efficiently

This paper describes multiple techniques for analyzing and extracting automotive firmware ...
Fault injection on automotive diagnostic protocols

Fault injection on automotive diagnostic protocols

This study presents fault injection as a technique to bypass the security of diagnosis ...
Efficient Reverse Engineering of Automotive Firmware

Efficient Reverse Engineering of Automotive Firmware

In this paper we evaluate the efficiency of reverse engineering the firmware of an automotive ...
Secure Application Programming in the presence of Side Channel Attacks

Secure Application Programming in the presence of Side Channel Attacks

This paper introduces a collection of secure programming patterns for security critical ...
Practical steps to evaluate and protect Secure Boot implementations on embedded devices

Practical steps to evaluate and protect Secure Boot implementations on embedded devices

This paper reveals common weaknesses in Secure Boot implementations and proposes practical ...
Safety does not equal Security in Automotive

Safety does not equal Security in Automotive

This work aims to address the lack of attention on fault injection attacks by investigating ...
Fast and Memory-Efficient Key Recovery in Side-Channel Attacks

Fast and Memory-Efficient Key Recovery in Side-Channel Attacks

This work aims to bridge the gap between theory and practice in key enumeration and puts ...
Risk mitigation for sensitive applets in a multi-application context

Risk mitigation for sensitive applets in a multi-application context

We explain security guidelines proposed by Global Platform and introduce a new Riscure product ...
Unboxing the White-Box

Unboxing the White-Box

This publication discusses the nuances and challenges associated with white-box testing ...
Practical optical fault injection on secure microcontrollers

Practical optical fault injection on secure microcontrollers

In this article we focus on optical fault injection, a semi-invasive fault injection attack ...

Please enter your email for access

By entering your email, you also sign up for occasional updates. After providing your email, you will have immediate access to all publications & webinars.

By checking this box you agree to process your data according to Riscure's privacy policy:

You have Successfully Subscribed!