AI-Sectools project outputs

The catalogue of security tools, methods and libraries developed and extended during AI-SecTools project (VJ02010010) by Masaryk University (CRoCS) partner. Results from VUT partner are summarized here

List of reports (in Czech, see tools repositories and reserach papers for documentation in English): Etapa 3, Etapa 4, Etapa 9, Etapa 10, Etapa 15, Etapa 16

Security certification

| Tool | Repo stats | Target domain | Info | Reports & Publications | Notes | |----------|----------|----------|----------|----------|----------| | sec-certs | | | A tool for data scraping, analysis and advanced searching of security certificates from Common Criteria and FIPS 140-2/3 schemes. | Etapa3/2022, Etapa10/2023, Etapa_16/2024, [Computers & Security'24/143] | | | scrutiny | | | An automated toolkit to analyze secure hardware, and build user-verifiable hardware profiles. SCRUTINY provides high-level frameworks to verify profiles against its reference values. | | |

Smartcards

| Tool | Repo stats | Target domain | Info | Reports & Publications | Notes | |----------|----------|----------|----------|----------|----------| | JCAlgTest | | | Automated testing tool for algorithms from JavaCard API supported by particular smart card. Performance testing of almost all available methods. The results for more than 100+ cards available at https://jcalgtest.org. | Etapa4/2022, [SECRYPT'22] | | | jcAIDScan | | | An automated scanner for JavaCard packages installed and supported by target card. Evaluates all packages from JavaCard API specification up to JC API 3.0.5. | | | | JCProfilerNext | | | Performance profiler for on-card JavaCard code. Provides a completely automated preprocessing, compilation, installation and profiling of JavaCard code on JavaCard smart cards. Produces interactive performance graphs. | Etapa4/2022, Etapa09/2023, Etapa10/2023, Etapa15/2024, swmodul_c1/2024, [CARDIS'23] | |

Trusted Platform Modules

| Tool | Repo stats | Target domain | Info | Reports & Publications | Notes | |----------|----------|----------|----------|----------|----------| |TPMAlgTest | | | A scanner for Trusted Platform Module algorithms, performance and properties of cryptographic implementation. | Etapa_15/2024, [CHES'24] | |

Side-channels

| Tool | Repo stats | Target domain | Info | Reports & Publications | Notes | |----------|----------|----------|----------|----------|----------| |scrutiny-power-traces-analyzer | | | The SCRUTINY analyzer for power traces of cryptographic operations captured from smartcards with three main modules implemented: Traces comparer, Trace classifier and CO template finder. | Etapa15/2024 | | |Catalogue of constant-timeness checkers | | | The list of tools for testing and verification of constant-timeness of programs. | Etapa04/2022, [IEEE S&P'22], [USENIXSec'24] | | | Attack on DPA-protected Kyber | | | Supplementary materials (source code, example traces and simulations) for the Breaking DPA-protected Kyber via the pair-pointwise multiplication paper. The attack uses the mkm4 Kyber implementation. | Etapa_15/2024, [ACNS'24] | |

Software cryptographic libraries

| Tool | Repo stats | Target domain | Info | Reports & Publications | Notes | |----------|----------|----------|----------|----------|----------| | JCMathLib - ECPoint library | | | Provides software re-implementation of low-level operations like ECPoint or BigInteger without any use of proprietary API. Used for JavaCard capabilities testing. | Etapa04/2022, Etapa09/2023 | | | ECTester | | | ECTester is a tool for testing and analysis of elliptic curve cryptography implementations on JavaCards and inside cryptographic libraries. | Etapa04/2022, swmodulc1/2024 | | | pyecsca | | | Python Elliptic Curve cryptography Side-Channel Analysis toolkit. Reverse engineer the curve model, coordinate system, addition formulas, scalar multiplier and even finite-field implementation details from blackbox implementations using side-channels. | Etapa10/2023, Etapa16/2024, swmodulc1/2024, [CHES'24] | | | ec-detector | | | EC detector is a code parser that can determine, with some degree of confidence, which elliptic curves a given piece of code contains. | Etapa04/2022 | | | sca25519 | | | This repository contains three implementations of X25519 in C and assembly for the Cortex-M4 with countermeasures against side-channel and fault injection attacks. The first implementation is unprotected, the second implementation contains countermeasure required for the case of ephemeral scalar multiplication, and the third implementation contains the most countermeasures for the case of static scalar multiplication. | Etapa09/2023, Etapa15/2024, [eprint] | |

Self-Encrypting Drives

| Tool | Repo stats | Target domain | Info | Reports & Publications | Notes | |----------|----------|----------|----------|----------|----------| | opal-toolset | | | A set of tools for managing and analysing self-encrypting devices with Opal standard. | Etapa_16/2024, [under review] | |

Randomness testing

| Tool | Repo stats | Target domain | Info | Reports & Publications | Notes | |----------|----------|----------|----------|----------|----------| | booltest | | | Statical randomness testing tool for TRNG and PRNG generators based on boolean polynomials. | | | | cooltest | | | Statical randomness testing tool for TRNG and PRNG generators based on a histogram construction. | Etapa_16/2024, [under review] | | | Randomness Testing Toolkit | | | Set of statistical randomness tests (NIST STS, Dieherader, TestU01) unified under same interface and results evaluation. | | |

Development was supported by the AI-SecTools (VJ02010010) project.