[HGI-news-int] tomorrow: CASA Distinguished Lecture: Mehdi Tibouchi

[English Newsletter of the Horst Goertz Institute of IT Security in Bochum]

New Link to Zoom Webinar
 ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌
[http://smoton.com/l3slzozn/s_873ph29v/files/CASA_HG_Website_Webheader.jpg]

­       ­       ­
­       CASA Distinguished Lectures NEWS        ­

­       ­       ­
­       📅 Next Lecture  ➡  Thursday  |  June 25, 2020  |  10.30 AM     ­
­       ­       ­

­       We had to update the link to the Zoom webinar.
You will find the new link below.

­       ­       ­
­
­

        ­
­       ­       ­

­
­
[http://smoton.com/l3slzozn/s_873ph29v/files/casaphoto.jpg]

        ­

­       ­       ­
­
Mehdi Tibouchi
NTT Secure Platform Laboratories, Tokyo

"Attacks on ECDSA with nonce leakage: recent progress and perspectives"

 <https://us02web.zoom.us/j/88453048122> ➡  <https://us02web.zoom.us/j/89298464327#success> NEW LINK to Zoom-Webinar<https://ruhr-uni-bochum.zoom.us/j/98905497365?pwd=bldPQUIreUJRS1gzOTU4Kyt0cldGZz09>
(Password, if required: 302025)<https://ruhr-uni-bochum.zoom.us/j/98905497365?pwd=bldPQUIreUJRS1gzOTU4Kyt0cldGZz09>


        ­



­       ­       ­
­
­

        ­
­       ­       ­

­       ­       ­
­       Abstract. Although it is one of the most popular signature schemes today, ECDSA presents a number of implementation pitfalls, in particular due to the very sensitive nature of the random value (known as the “nonce”) generated as part of the signing algorithm. It is known that any small amount of nonce exposure or nonce bias can in principle lead to a full key recovery: the key recovery is then a particular instance of Boneh and Venkatesan's hidden number problem. That observation has been practically exploited in many attacks in the literature, taking advantage of implementation defects or side-channel vulnerabilities in various concrete ECDSA implementations. However, most of the attacks so far have relied on at least 2 bits. of nonce bias.

In this talk, we discuss recent algorithmic developments allowing to go even further, and for instance break ECDSA in practice with less than 1 bit of leakage. We also discuss how those developments relate to concrete vulnerabilities in cryptographic libraries, and what can done to protect against them.

Bio. An alumni of ENS (Paris, France), Mehdi Tibouchi obtained his Ph.D. in computer science from Univ. Paris VII and Univ. Luxembourg in 2011. He is now distinguished researcher at NTT Corporation (Tokyo, Japan) and guest associate professor at Kyoto University (Kyoto, Japan). His research interests cover various mathematical aspects of public-key cryptography and cryptanalysis.

This is a public event. You are all invited to be part of that. A registration is not necessary.
Please feel free to forward the invitation.

All information about the Distinguished Lectures, our speakers and the Zoom Webinar links can be found here: https://casa.rub.de/en/news/distinguished-lectures         ­
­       ­       ­

­       ­       ­
­
­

        ­
­       ­       ­

­
Imprint:
Horst Görtz Institute for IT Security - Ruhr Universität Bochum
Universitätsstraße 150, 44780 BO


­



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ruhr-uni-bochum.de/pipermail/hgi-news-international/attachments/20200624/769a7540/attachment-0001.htm>