ROCA and Minerva Vulnerabilities

Warning

This publication doesn't include Institute of Computer Science. It includes Faculty of Informatics. Official publication website can be found on muni.cz.
Authors

JANČÁR Ján ŠVENDA Petr SÝS Marek

Year of publication 2025
Type Chapter of a book
MU Faculty or unit

Faculty of Informatics

Citation
Description The chapter in the book describes principles and lessons learned from ROCA and Minerva vulnerabilities. ROCA and Minerva are two examples of real-world practically exploitable vulnerabilities found in cryptographic smartcards certified to high security levels under the Common Criteria certification scheme. Both vulnerabilities allow the extraction of the corresponding private key -- RSA primes for ROCA and private scalar for ECDSA in the case of Minerva. The exploitation utilizes a lattice-reduction-based algorithm in both cases.
Related projects:

You are running an old browser version. We recommend updating your browser to its latest version.

More info