Preface xiii Emmanuel PROUFF, Guénaël RENAULT, Matthieu RIVAIN and Colin O'FLYNN -- Part 1. White-Box Cryptography -- Chapter 1. Introduction to White-Box Cryptography 3 Pierre GALISSANT and Louis GOUBIN -- 1.1. Introductory remarks -- 1.2. Basic notions for white-box cryptography -- 1.3. Proposed (and broken) solutions -- 1.4. Generic strategies to build white-box implementations -- 1.5. Applications of white-box cryptography -- 1.6. Notes and further references -- 1.7. References -- Chapter 2. Gray-Box Attacks against White-Box Implementations 23 Aleksei UDOVENKO -- 2.1. Introduction -- 2.2. Specifics of white-box side-channels -- 2.3. Fault injections -- 2.4. Exact matching attack -- 2.5. Linear decoding analysis/algebraic attacks -- 2.6. Countermeasures against the algebraic attack -- 2.7. Conclusions -- 2.8. Notes and further references -- 2.9. References -- Chapter 3. Tools for White-Box Cryptanalysis 53 Philippe TEUWEN -- 3.1. Introduction -- 3.2. Tracing programs -- 3.3. Target recognition -- 3.4. Acquiring traces for side-channel analysis -- 3.5. Preprocessing traces -- 3.6. Differential computation analysis -- 3.7. Linear decoding analysis also known as algebraic attack -- 3.8. Injecting faults -- 3.9. Differential fault analysis -- 3.10. Coping with external encodings -- 3.11. Conclusion -- 3.12. Notes and further references -- 3.13. References -- Chapter 4. Code Obfuscation 73 Sebastian SCHRITTWIESER and Stefan KATZENBEISSER -- 4.1. Introduction -- 4.2. Obfuscation methods -- 4.3. Attacks against obfuscation -- 4.4. Application of code obfuscation -- 4.5. Conclusions -- 4.6. Notes and further references -- 4.7. References -- Part 2. Randomness and Key Generation -- Chapter 5. True Random Number Generation 95 Viktor FISCHER, Florent BERNARD and Patrick HADDAD -- 5.1. Introduction -- 5.2. TRNG design -- 5.3. Randomness and sources of randomness -- 5.4. Randomness extraction and digitization -- 5.5. Post-processing of the raw binary signal -- 5.6. Stochastic modeling and entropy rate management of the TRNG -- 5.7. TRNG testing and testing strategies -- 5.8. Conclusion -- 5.9. Notes and further references -- 5.10. References -- Chapter 6. Pseudorandom Number Generation 115 Jean-René REINHARD and Sylvain RUHAULT -- 6.1. Introduction -- 6.2. PRNG with ideal noise source -- 6.3. PRNG with imperfect noise sources -- 6.4. Standard PRNG with inputs -- 6.5. Notes and further references -- 6.6. References -- Chapter 7. Prime Number Generation and RSA Keys 131 Marc JOYE and Pascal PAILLIER -- 7.1. Introduction -- 7.2. Primality testing methods -- 7.3. Generation of random units -- 7.4. Generation of random primes -- 7.5. RSA key generation -- 7.6. Exercises -- 7.7. Notes and further references -- 7.8. References -- Chapter 8. Nonce Generation for Discrete Logarithm-Based Signatures 151 Akira TAKAHASHI and Mehdi TIBOUCHI -- 8.1. Introduction -- 8.2. The hidden number problem and randomness failures -- 8.3. Lattice attacks -- 8.4. Fourier transform attack -- 8.5. Preventing randomness failures -- 8.6. Notes and further references -- 8.7. Acknowledgment -- 8.8. References -- Chapter 9. Random Error Distributions in Post-Quantum Schemes 173 Thomas PREST -- 9.1. Introduction -- 9.2. Why post-quantum schemes need random errors -- 9.3. Distributions for random errors -- 9.4. Sampling algorithms -- 9.5. Notes and further references -- 9.6. References -- Part 3. Real-World Applications -- Chapter 10. ROCA and Minerva Vulnerabilities 205 Jan JANCAR, Petr SVENDA and Marek SYS -- 10.1. The Return of Coppersmith's Attack -- 10.2. Minerva -- 10.3. References -- Chapter 11. Security of Automotive Systems 225 Lennert WOUTERS, Benedikt GIERLICHS and Bart PRENEEL -- 11.1. Introduction -- 11.2. The embedded automotive attacker -- 11.3. An overview of automotive attacks -- 11.4. Application of physical attacks in automotive security -- 11.5. Case study: Tesla Model X keyless entry system -- 11.6. Conclusion -- 11.7. References -- Chapter 12. Practical Full Key Recovery on a Google Titan Security Key 245 Laurent IMBERT, Victor LOMNE, Camille MUTCHLER and Thomas ROCHE -- 12.1. Introduction -- 12.2. Preliminaries -- 12.3. Reverse-engineering and vulnerability of the ECDSA algorithm -- 12.4. A key-recovery attack -- 12.5. Take-home message -- 12.6. References -- Chapter 13. An Introduction to Intentional Electromagnetic Interference Exploitation 257 José LOPES ESTEVES -- 13.1. IEMI: history and definition -- 13.2. Information security threats related to electromagnetic susceptibility -- 13.3. Electromagnetic fault injection -- 13.4. Destruction, denial of service -- 13.5. Denial of service on radio front-ends -- 13.6. Signal injection in communication interfaces -- 13.7. Signal injection attacks on sensors and actuators -- 13.8. IEMI-covert channel -- 13.9. Electromagnetic watermarking -- 13.10. Conclusion -- 13.11. References -- Chapter 14. Attacking IoT Light Bulbs 279 Colin O'FLYNN and Eyal RONEN -- 14.1. Introduction -- 14.2. Preliminaries -- 14.3. Hardware AES and AES-CTR attacks -- 14.4. AES-CCM bootloader attack -- 14.5. Application of attack -- 14.6. Notes and further references -- 14.7. References -- List of Authors -- Index -- Summary of Volume 1 -- Summary of Volume 2.