Personal page: Dr. Tomáš Rosa

I was born in 1974 in Prague, Czech Republic. Twenty five years later, I received M.Sc. degree in theoretical computer science at the Faculty of Electrical Engineering (FEE) at the Czech Technical University in Prague (CTU in Prague). The theme of my doctoral dissertation thesis reads “Modern Cryptology: Standards Are Not Enough” (online version of the Ph.D. thesis). It was honored by the Best Doctoral Work Award of the Rector of Czech Technical University in Prague for the year of 2004. As an external lecturer and researcher, I cooperate with the Department of Algebra of the Faculty of Mathematics and Physics of the Charles University and the Department of Computer Science of FEE CTU in Prague. My hobbies are (besides the cryptology and mathematics) traveling, skiing, pipe collecting, and the Tea. Here is a personal page of my colleague and friend Dr. Vlastimil Klíma who I often cooperate on research projects with. You can also find some of our joint publications there.

Membership: Cryptoworld (CZ)

Quick Links: Cryptology For Practice (CZ), PicNic – HF RFID Emulator/Spyware

Work experience:

2004 – yet Senior Cryptologist with Raiffeisenbank (merged with eBanka in summer 2008)

Having successfully established information security department for eBanka (c.f. bellow), I enjoy working in the department as a senior cryptologist, or broadly speaking as an information security mathematician. That means solving information security problems using formal models and methods. As a leader in online banking systems, eBanka requires its systems to be under close and continuous security supervision during their design and maintenance. That presents me various very interesting problems from the area of modern cryptology. Besides that I also closely participate on design and implementation of the whole information security strategy of eBanka.

2003 – 2004 Information Security Director with eBanka

The mission of this job was to provide technology vision and leadership to start developing and implementing information security program in the modern dynamic bank. I was responsible for establishing a secure environment for its information assets. That included, but was not limited to: security surveys and risk analyses, development of security policies, standards, procedures and guidelines, design and analysis of security countermeasures, intrusion detection, incident handling, disaster recovery planning, etc. Besides this position I continued working on cryptology research, mainly in the area of applied cryptography and cryptanalysis. In fact, this job gave me very good inspiration for that, since I could easily recognize how modern cryptology fits into the whole puzzle of information security. Seeing the lack of essential cryptologic knowledge together with facing its practical consequences motivated our joint (with Dr. Vlastimil Klíma) effort on writing an easy to read, easy to understand, and easy to get serial on Cryptology for Practice.

2001 – 2003 Chief Cryptologist with ICZ Co.

As the chief cryptologist, I managed and also participated on projects in the area of applied cryptographic research. This mainly included joint work with the Czech National Security Authority (CNSA) on cryptographic devices designated to protect sensitive information at various security levels, including the TOP SECRET level (according to the law 148/1998 Coll., Czech Republic). In 2001 and 2003, on behalf of my results achieved, I received a special award of the board of directors and CEO of ICZ Co.

1997 – 2001 Development Specialist, Development Manager with Decros Ltd.

Here, as an information security specialist, I started working on an implementation and a design of cryptographic countermeasures into various protection devices. Since 1999, I managed the security department which was focused on the joint work with CNSA on the development of the special purpose cryptographic devices.

1993 – 1999 Independent Security Consultant & Publicist

Besides various consultations, studies and expert’s findings, I worked on a security devices evaluation in testing laboratories of the computer magazine CHIP (in Czech Republic).

Research area:

Cryptology, Side Channel Cryptanalysis, Cryptographic Algorithms and Protocols, Quantum Cryptography, Quantum Cryptanalysis, Risk Analysis, Mathematical Foundations of Information Security, Security Management, and Information Management

Lecture notes and publications:

• Cryptology for Practice. A serial aimed to serve as a basic handbook of modern applied cryptology. It should mainly be useful for security architects and cryptology students (undergraduate level). Also, several notes on RFID security are presented there. (CZ)
• Selected lecture notes on RFID security: Smartcard Forum 2009, Teleinformatika 2009. (CZ)
• Problems arising around non-repudiation of digital signatures as an inspiration for quantum cryptologists, University of Palacky, October 7, Olomouc, 2004. (CZ)
• Lectures on Applied Cryptography at the Faculty of Mathematics and Physics, Charles University, 2003, 2004, 2005. (CZ)
• Security Policy – a Document of Various Looks and Purposes, lecture for security managers and directors at IT Security 2004, staged by the Institute for International Research, Wien. (CZ)
• Lecture on special cryptanalysis held for colleagues at the Department of Computer Science, June 2003 (zipped ppt, syllabus). (CZ)

Research projects and publications (selected ones):

• Hlaváč, M. and Rosa, T.: A Note on the Realay-Attacks on e-passports – The Case of Czech e-passports, IACE ePrint archive 2007/244, Jun 2007.
• Hlaváč, M. and Rosa, T.: Extended Hidden Number Problem and Its Cryptanalytic Applications, in Proc. of SAC 2006, LNCS 4356, pp. 114-133, Springer-Verlag, 2007.
• Rosa, T.: Cryptographic Insecurity of the Test&Repeat Paradigm, NATO Advanced Research Workshop - Security and Embedded Systems, University of Patras, Greece, 2005. (slides in ppt)
• Rosa, T.: Lattice-based Fault Attacks on DSA - Another Possible Strategy, in Proc. of Security and Protection of Information 2005, pp. 91-96, Brno, 2005.
• Rosa, T.: Non-repudiation of digital signatures, in Proc. of 2^nd Scientific and Pedagogical Conference at ZMVS: Juridical Regulation of Networked Society, Trebic, September 2004. Slides used for the presentation are here. The paper identifies an insufficiency of a strictly logical approach to the subject of non-repudiation. It warns about problems arising on the edge between mathematical and juridical reasoning and sketches possible solutions. (CZ)
• Dissertation thesis, mainly on Side Channel Cryptanalysis.
• Klíma, V., Pokorný, O., and Rosa, T.:  Attacking RSA-based Sessions in SSL/TLS, in Proc. of CHES 2003, Cologne, Germany, September 2003, pp. 426-440, Springer-Verlag, 2003. For an extended version, see IACR ePrint archive 2003/052, March 2003. For the press release of ICZ, see here. Slides used for the presentation are here.
• Klíma, V., Rosa, T.: Side Channel Attacks on CBC Encrypted Messages in the PKCS#7 Format, in Proc. of Security and Protection of Information 2002, NATO PfP/PWP - 2nd International Scientific Conference Security and Protection of Information, Brno, Czech Republic, 28^th – 30^th of April 2003.
• Klíma, V. and Rosa, T.: Further Results and Considerations on Side Channel Attacks on RSA, in Proc. of CHES 2002, San Francisco Bay, USA, August 2002, pp. 245-260 , Springer-Verlag, 2002. Slides used for the presentation are here.
• Klíma, V. and Rosa, T.: Strengthened Encryption in the CBC Mode, IACR ePrint archive 2002/061, May 2002.
• Rosa, T.: On the Key-collisions in the Signature Schemes, in Proc. of workshop VKB 2002, pp. 14-26, 2002, Brno, CZ. These slides belong to the Czech version of the paper. The paper won the best presentation award on the workshop VKB 2002. The paper differs from the one presented at CRYPTO 2002 Rump Session in that it also discuses k-collisions in RSA schemes. On the other hand the paper listed bellow is more general and it also elaborates possible countermeasures more deeply and precisely.
• Rosa, T.: Key-collisions in (EC)DSA: Attacking Non-repudiation, CRYPTO 2002 Rump Session, IACR ePrint archive 2002/129, Santa Barbara, USA, August 2002. Slides used for the Rump Session presentation are available here.
• Rosa, T.: Future Cryptography: Standards are not Enough, in Proc. of Security and Protection of Information 2001, NATO PfP/PWP – 1st International Scientific Conference Security and Protection of Information, Brno, Czech Republic, 9^th – 11^th of May 2001.
• Klíma, V. and Rosa, T.: Attack on Private Signature Keys of the OpenPGP format, PGP (TM) Programs and Other Applications Compatible with OpenPGP, IACR ePrint archive 2002/076, version 1, March 2001, minor update on June 2002. A short presentation viewing the whole attack from a side channels point of view is here: ppt slides, pdf version of slides.
• Kupča, V. and Rosa, T.: Theory and Perspectives of Quantum Computers, in Proc. of Workshop 2001 - Part A, pp. 192-193, CTU Prague, 2001. This short article summarizes the results of diploma thesis presented by Vojtěch Kupča at the Department of Computer Science at FEE, CTU in Prague, and led by Tomáš Rosa.

Other Activities:

• Time to time, you can see my contributions at the Czech cryptologic news server. The aim of the server is to bring reader’s attention at fresh, but also certainly matured topics related to cryptology and-or information security. (CZ)
• Here you can find an interview with me done for a weekend supplement of the newspaper Hospodářské noviny in May 2003. Partly, it is based on our attack on SSL/TLS (c.f. above). (CZ)

Last update: November 28^th, 2009.

tomas_dot_rosa (at) rb_dot_cz