Tool for security analysis of RSA and ECC implementations in crypto libraries and cards

Set of tools for exhaustive implementation testing of existing RSA and ECC implementations and verify that the required security-relevant checks like known invalid inputs tested (EC point not on curve, invalid curve parameters…) are performed. Automatic analysis of library output artifacts (generated keys, side-channel leakage…) is collected and any deviances (even if not directly exploitable) from the common behavior are searched for detected. A black-box analysis is performed, allowing for analysis also on the closed, proprietary devices. The typical use-case scenarios are:

  • Automatic testing during development (e.g., Continuous Integration),
  • Initial thorough analysis of a specific card or library.
  • Generation of behavioral forensic profiles for later comparison of the libraries including the closed, proprietary ones.


For more detailed insights, please see the following:

[1] P. Svenda, M. Nemec, P. Sekan, R. Kvasnovsky, D. Formanek, D. Komarek and V. Matyas, The Million-Key Question – Investigating the Origins of RSA Public Keys, USENIX Security 2016,

[2] J. Jancar, P. Svenda, Tests support and behavior of elliptic curve cryptography implementations on JavaCards,