This post explains how to use LD_PRELOAD to customize or change the behavior of a library function. I use this trick to force the pseudo-random number generator (PRNG) to return a fixed number (cut off the PRNG) in order to perform some attacks on white-box implementations of ECDSA in the WhibOx contest.

This post explains how to implement the field multiplication taking place in the computation of MixColumns. I used to implement it in an ugly way when I was a student :)

This post explains the main idea of the Differential Fault Attack on AES with faults injected before the MixColumns in the 9-th round. For the original paper, we refer to [Piret and Quisquater, CHES 2003].

In this post, we figure out how to multiplying two 32-bit positive numbers by only using 32-bit variables.

This post explains how to use SIFA to attack AES implementations protected with both masking and detection-based fault countermeasures. The nice idea of this attack was presented in the paper [Dobraunig et al., ASIACRYPT 2018] that I enjoyed reading very much.

This post presents the main idea of the Statistical Ineffective Fault Attack (SIFA) in [Dobraunig et al., CHES 2018]. SIFA is applicable in a very broad range of cipher implementations, even in the presence of countermeasures.