Recent Publications

Published papers

Intra-Vehicle Information Security Framework

This paper presents an internal information security services framework for vehicular environments. The framework consists of a logical toolbox — a set of logical modules that are installed in a variety of embodiments (e.g., controllers) and which provide security functionality that vehicular applications require. The framework also includes several enablers, which are higher-level security functions that are integrated into vehicular applications. These enablers use the aforementioned tools to provide for many typical use-cases, such as secure logging, secure code update, and secure feature activation. Copyright belongs to Discretix Technologies Ltd. This paper was also published and presented in ESCAR 2009 (November, 2009) Download (PDF)

Challenges in Designing Content Protection Solutions

This paper presents some of the challenges that are encountered when developing content-protection products. The focus is on the implementation design part, rather than on general difficulties of content protection. The paper discusses some of the decision points and the difficulties that are encountered by one who tries to design and implement content protection products, with the main focus on security. Specifically, issues addressed are of robustness, of deciding on which scheme to support, and of the frequent need to extend the protected data-path, beyond what was intended by the scheme designer. Copyright belongs to Discretix Technologies Ltd. Download (PDF)

Challenges of Standardizing Renewable Broadcast Security

An important component of a secure broadcast scheme is a renewability mechanism. This mechanism enables the system to cope with successful attacks that are widely perceived to be inevitable. When standardizing a broadcast security scheme one needs to address not only the technical issues, such as secure delivery and update, but also the conceptual difficulty of overcoming the inherent unsuitability of standardization processes for providing timely response to attacks. This paper discusses some of the challenges of both types and suggests ways to overcome them. Copyright belongs to Discretix Technologies Ltd. Download (PDF)

When To Use Biometrics

Biometric systems become common over the years. Their ease of use for the end user and their perceived security make them seem to be the best solution to any problem involving user authentication. Although biometric systems can provide fast and secure user authentication with minimal user intervention, they have several inherent limitations making them inappropriate for most environments where authentication is used. The focus of this paper is not the possible use-cases of biometry, but rather it is those limitations that are neither biometry-type specific nor implementation specific and that make biometric measures limited in their scope of possible uses. Download (PDF)

DRM on Open Platforms

DRM requires that data is blocked by the device. Inherently, completely open platforms cannot provide means for such data blockage. Bridging these two contradicting requirements can be done by means of a secure and isolated subsystem that is integrated with the operating system. This paper draws the lines for the implementation of such a system - a system that adopts the smallest possible subset of secure environment components to provide an environment that allows arbitrary applications to run side by side with a DRM application.
This document was written by Hagai Bar-El and Yoav Weiss. It was written for and presented at the IEE, which also holds its publication rights. Download (PDF)

The Sorcerer’s Apprentice Guide to Fault Attacks

This paper covers the various methods that can be used to induce faults in semiconductors and exploit such errors maliciously. Several examples of attacks stemming from the exploiting of faults are explained. Finally a series of countermeasures to thwart these attacks are described. By Hagai Bar-El, Hamid Choukri, David Naccache, Michael Tunstall, and Claire Whelan In Workshop on Fault Detection and Tolerance in Cryptography, Florence, Italy, June 30, 2004. Also published in the Proceedings of the IEEE, Volume 94, Number 2 (February 2006). Download (PDF)


Granted patents

  • United States Patent 9,866,376 Method, System, and Device of Provisioning Cryptographic Data to Electronic Devices
  • United States Patent 8,687,813 Methods, Circuits, Devices and Systems of Provisioning of Cryptographic Data to One or More Electronic Devices
  • United States Patent 8,201,260 Device, System, And Method Of Digital Rights Management Utilizing Supplemental Content
  • UK Patent 2,434,673 Method, Device, and System of Securely Storing Data
  • US Patent 9,231,758 System, Device, and Method Of Provisioning Cryptographic Data To Electronic Devices
  • US Patent 7,467,304 System, Device, and Method of Selectively Allowing a Host Processor to Access Host-executable Code
  • US Patent 7,934,049 Methods Used in a Secure Yet Flexible System Architecture for Secure Devices with Flash Mass Storage Memory
  • US Patent 8,369,526 Device, System, and Method of Securely Executing Applications
  • US Patent 8,321,686 Secure Memory Card with Life Cycle Phases
  • US Patent 9,344,275 System, Device, and Method of Secure Entry and Handling of Passwords
  • US Patent 10,454,674 System, Method, and Device of Authenticated Encryption of Messages
  • US Patent 10,491,379 System, Device, and Method of Secure Entry and Handling of Passwords
  • European Patent 2,189,922 Memory System with Versatile Content Control


BibTeX Citation

For easy reference, you can download citation data of all publications in this BibTeX file.

Form is loading...

Form is loading...

  XML Feeds



All contents are licensed under the Creative Commons Attribution license.