BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//pretalx.devconf.info//devconf-cz-2025//talk//MDSWTY
BEGIN:VTIMEZONE
TZID:CET
BEGIN:STANDARD
DTSTART:20001029T040000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10
TZNAME:CET
TZOFFSETFROM:+0200
TZOFFSETTO:+0100
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000326T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=3
TZNAME:CEST
TZOFFSETFROM:+0100
TZOFFSETTO:+0200
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-devconf-cz-2025-MDSWTY@pretalx.devconf.info
DTSTART;TZID=CET:20250612T101500
DTEND;TZID=CET:20250612T105000
DESCRIPTION:Side-channel attacks are a common threat to cryptographic imple
 mentations. Unfortunately\, most available tooling to combat this threat h
 as limited usability\, especially in black-box testing scenarios. This tal
 k presents lessons learned from testing RSA implementations (Marvin Attack
 )\, ECDSA implementations (Minerva vulnerability)\, and how these lessons 
 have been applied to test ML-KEM.\n\nThe talk will briefly discuss issues 
 with approaches used by Box Test\, TVLA\, and deduct\, and how these issue
 s can be addressed. The proposed approach is suitable for black-box testin
 g\, including with algorithms that use rejection sampling. It is algorithm
 - and architecture-agnostic\, can be performed remotely (over a network)\,
  and\, despite using statistical methods\, allows for verification of the 
 absence of side-channel leakage. The tool\, presented as free open-source 
 software\, has been used in the speaker’s CI system for a couple of year
 s.
DTSTAMP:20260311T011048Z
LOCATION:E104 (capacity 72)
SUMMARY:Black box side-channel leakage verification using statistical appro
 ach - Alicja Kario
URL:https://pretalx.devconf.info/devconf-cz-2025/talk/MDSWTY/
END:VEVENT
END:VCALENDAR