Sản phẩm
Distributors:

Introducing esDynamic:

Build a consistent scientific
analysis platform
We design a system to provide experts with an efficient and
flexible data science platform. Leverage esDynamic unique
features to build a comprehensive analysis system combining
data and knowledge management, computation power and
measurement setup. 
 

  Complex analysis does not necessarily mean complexity to
undertake. Perform back to back analyses without the extra
work to manage multiple data format and tools. Advanced
material is available for the cryptography side-channel and laser
fault injection use cases.

The industry leading platform
for crypto security testing.
Introducing esDynamic:
Mastering cryptography is key to making sure your connected
products and services are secure. Every algorithm can be
probed and hacked by side-channel attacks. The choices you
make are directly linked to the quality of the tests and analysis
you conduct. We built esDynamic to solve exactly this challenge.
Do the right tests and get the analysis you need to make the
right choices and decisions.
  

  Identify, manage and solve
security challenges in mobile
and connected devices.
Why experts choose esDynamic:
The worlds most important companies use our industry leading
platform and tools to make sure their mobile and connected
products and services are appropriately secure. We help them
de-risk their businesses and prepare for successful futures.

  Hands-on education for security
experts of embedded systems.
Introducing esDynamic Learning:
eShard have developed a new efficient way of learning online.
We believe that the best way to acquire knowledge is to be
hands-on following and learning from pre-defined practical use
cases. We understand the time pressures security experts are
under and have developed flexible learning methods that enable
users to complete learning at times that suit them. Everyone is
different, everyone works at their own pace.

  Identify, manage and solve
security challenges in mobile
and connected devices.
Exploring a new way to acquire hands-on
knowledge
esDynamic delivers the best way to learn. The software is
browser based, in the cloud, accessible through a simple log
in/password. Use our collaboration feature allowing a trainee
and an eShard expert to interact on the same space at the same
time, enabling an effective transfer of knowledge and learning
experience.
We have developed a large library of specialized trainings that
targets all levels of expertise. Beginners have the opportunity
to quickly progress with dedicated sessions. Experts will be
able to expand their knowledge in a given area. The principle
is simple: sessions are targeted and relate to specific points
in given technologies where eShard are experts, for example,
cryptography side-channel, mobile application reverse
engineering and deep learning.
Every session commences with a digital interaction with one of
our experts, giving an overview of the module at a high level.
The user is then able to conduct the learning at their pace
with our expert available online for support and help. Start by
understanding the module you are about to undertake, try the
exercises and test your knowledge. Finally, at the end of the
learning module there is a review with an opportunity to check
the learning and ask any questions with one of our experts.

How it is organised:
Mode 1 – On-site for privileged collaboration with the trainer.
Full days dedicated to the training.
Mode 2 – Remote access using online esDynamic platform.  

 

Ref. Subject Case
1 How to trace a binary Explanation
2 How to fault a binary Explanation
3 esTracer/esFaulter Presentation Explanation
4 Open Source Frameworks Presentation Explanation
5 Frameworks Summary Explanation
6 Binary handler configuration Tutorial
7 Generate a launcher to trace or fault an Android native library Tutorial
8 Trace or fault an Android native library Tutorial
9 First steps with esTracer Tutorial
10 esTracer graphical view Tutorial
11 What is traced with esTracer and heuristic to focus on interesting area Tutorial
12 First steps with esFaulter Tutorial
13 Align traces acquired with esTracer Tutorial
14 Tracer memory access Tutorial
15 Customize register tracing Tutorial
16 Trace based on kind of instruction Tutorial
17 esFaulter Log Tutorial
18 Multi-faults injection with esFaulter Tutorial
19 Notion of relative/absolute instruction range option with esFaulter Tutorial
20 How to narrow the area to attack with esTracer & esFaulter Tutorial

 

  How to trace a binary : We explain the different theoretical ways to trace a binary (registers,
memory access ...) with their assets and drawbacks.
How to fault a binary : We explain the different theoretical ways to fault a binary (static,
dynamic ...) with their assets and drawbacks.
esTracer/esFaulter Presentation : We present how to trace/fault a binary with the eShard
esTracer/esFaulter frameworks.

Open Source Frameworks Presentation : We present how to trace/fault a binary with open
source tools: Unicorn, Side Channel Marvels, Rainbow. [
1,2]
Frameworks Summary : We summarize and compare the assets/drawbacks/performance (trace
size, execution time...) for each framework.
Binary handler configuration : This tutorial explains the concept of the BinaryHandlerConfiguration object. It eases the interaction of a binary with esTracer and esFaulter.
Generate a launcher to trace or fault an Android native library : This tutorial explains
how to create a launcher binary in order to analyze a native Android library with esTracer or
esFaulter.
Trace or fault an Android native library : This tutorial explains how to configure esTracer
or esFaulter to analyze a native Android library.
First steps with esTracer : This tutorial explains how to generate a trace with esTracer. The
different options (program counter range, instruction range ...) to narrow the area of interest are
explained.
esTracer graphical view : This tutorial explains how to get and display the graphical representation of a trace file.
What is traced with esTracer and heuristic to focus on interesting area : This tutorial
explains the different areas of a trace file obtained with esTracer. Also, heuristics enabling to
automatically focus on areas of interest are listed.
First steps with esFaulter : This tutorial explains how to fault a binary with esFaulter. The
different options (program counter range, instruction range, fault model ...) to narrow the area of
interest or the attack effects are explained.
Align traces acquired with esTracer : This tutorial explains how the concept of traces resynchronisation.
Tracer memory access : This tutorial explains how to trace the memory access with esTracer.
Customize register tracing : This tutorial explains how to customize the register tracing with
esTracer to trace for instance only the written registers.
Trace based on kind of instruction : This tutorial explains how to configure esTracer to trace
only specific instructions, for instance only mul.
esFaulter Log : This tutorial explains the format of log obtained with esFaulter. The APIs to
parse it and extract information are also given.
Multi-faults injection with esFaulter : This tutorial explains how to inject several faults with
esFaulter.
Notion of relative/absolute instruction range option with esFaulter : This tutorial explains
the notion of relative and absolute instruction value used in esFaulter.
How to narrow the area to attack with esTracer & esFaulter : This tutorial explains
common options of esTracer and esFaulter to narrow the area of interest.
  

  Attack analysis

Ref. Subject Case
1 Creating your own distinguisher for attack Tutorial
2 ECC: Basic SPA on ECC Tutorial
3 ECC: SPA on Montgomery Ladder Tutorial
4 ECC: How to attack Double and Add with CPA on input How to
5 ECC: How to attack intermediate values in Scalar multiplication How to
6 How to perform a 2nd order attack How to
7 The Attack analysis API Tutorial
8 The Attack analysis widget Tutorial
9 AES: How to attack encrypt How to
10 AES: How to attack decrypt How to
11 DES: How to attack encrypt How to
12 DES: How to attack decrypt How to
13 RSA: Statistical side-channel analysis on SFM RSA Use case
14 RSA: Chosen message simple side-channel analysis on SFM RSA Use case
15 RSA: Chosen Operand Statistical side-channel analysis on CRT-RSA Use case
16 RSA: Chosen message simple side-channel analysis on CRT RSA Use case
17 RSA: Correlation side-channel analysis in SFM RSA intermediate com
putations
Use case
18 RSA: Simple side-channel observation on CRT RSA Traces to locate area
for recombination attack
Use case
19 RSA: Statistical side-channel attack in the CRT RSA recombination final
multiplication to recover the first secret prime of q from the signature
knowledge
Use case

 

  Creating your own distinguisher for attack : Tutorial to create a distinguisher for attack.
ECC: Basic SPA on ECC : Read the secret key bits from side-channel traces of an ECC encryption. [1]

ECC: SPA on Montgomery Ladder : Retrieve the secret key bits by reading the Montgomery
Ladder exponentiation.
ECC: How to attack Double and Add with CPA on input : Explaining how to discriminate
the double from the add operation in order to recover the secret key with a CPA.
ECC: How to attack intermediate values in Scalar multiplication : Explaining how to
target specific intermediate values during the scalar multiplication.
How to perform a 2nd order attack : Explaining how to select two target frames and get the
outcome of the different frame combinations. Learn how to highlight the points of interest when
leakage has been found. [
2,3]
The Attack analysis API : This tutorial provides a quick hands-on and presentation of the
esDynamic SCA Attack API.
The Attack analysis widget : This tutorial provides a quick hands-on and presentation of the
attack analysis widget.
AES: How to attack encrypt : How to attack an AES trace set and recover intermediate key
(with ready-to-use selection function).
AES: How to attack decrypt : How to attack an AES trace set and recover intermediate key
(with ready-to-use selection function).
DES: How to attack encrypt : Explaining how to setup and perform a side-channel attack
analysis on DES encryption.
DES: How to attack decrypt : Explaining how to setup and perform a side-channel attack
analysis on DES decryption.
RSA: Statistical side-channel analysis on SFM RSA : This notebook presents how to
use correlation analysis to recover the secret exponent in an StraightForward RSA Method. The
targeted implementation is atomic and using Montgomery modular exponentiation.
RSA: Chosen message simple side-channel analysis on SFM RSA : This notebook presents
how to use chosen message analysis with Montgomery arithmetic to recover the secret exponent
in an StraightForward RSA Method in a single trace. The targeted implementation is atomic and
using Montgomery modular exponentiation. [
4]
RSA: Chosen Operand Statistical side-channel analysis on CRT-RSA : This notebook
presents how to use chosen message statistical analysis with Montgomery arithmetic to recover
the secret exponent in CRT-RSA. The targeted implementation is atomic and using Montgomery
modular exponentiations.
RSA: Chosen message simple side-channel analysis on CRT RSA : This notebook presents
how to use chosen message single analysis with Montgomery arithmetic to recover the secret exponent in CRT-RSA. The targeted implementation is atomic and using Montgomery modular exponentiations. [
4]
RSA: Correlation side-channel analysis in SFM RSA intermediate computations : This
notebook performs a ZEMD (Zero-Exponent-Message-Data) statistical analysis on intermediate
data of the computation to recover the secret exponent. This technique can also threaten regular
exponentiations like the Square and Multiply always or Montgomery Ladder ones. [
5] 

RSA: Simple side-channel observation on CRT RSA Traces to locate area for recombination attack : This notebook perform simple side-channel analysis in a CRT RSA traces to
identify the different computation areas and identify the area related to the CRT recombination
part involving the secret prime value q.
RSA: Statistical side-channel attack in the CRT RSA recombination final multiplication to recover the first secret prime of q from the signature knowledge : This notebook
perform the CRT recombination attack to recover the first bytes of the prime secret factor q which
composes the public modulus. The attack could be repeated to recover the remaining bytes. [
6]

 

1
Tìm kiếm