Links:
|
|
FR
Links: |
The PANTACOUR (INS2I) and EPOQAP (IRGA) projects focus on evaluating post-quantum cryptography algorithms against physical attacks.
In the framework of the PILAS (FUI) project, I developed advanced laser attacks that make use of multi-spot laser injection setups.
The capabilities of the ALPhANOV four-spot laser fault injection setup that we used are shown in the following video :
The target code we attacked is a VerifyPIN with 3 trials. We performed the following attacks :
In the framework of the ANR-PROSECCO, I was working on evaluating countermeasures inserted at compilation time against physical attacks. The PROSECCO project includes three partners:
In CEA-Tech SAS team in Gardanne, we performed the security evaluation. To this end, we do:
In this work, we showed that by shooting with a laser allows to perform a single-bit set on data read from Flash memory of a 32-bit ARM Cortex-M3 microcontroller. At the correct timing, we could set any bit of the instruction being read. The laser spot had a diameter of 5µm. We shot with a power of 0.5W for 200ns.
This allowed us to attack an implementation of a VerifyPIN algorithm, effectively having as many trials as needed to find the correct PIN. We also attacked the last AddRoundKey transformation of an AES implementation to recover the secret key with only two faulty ciphertexts.
The aim of the ANR-SALWARE project was to fight against counterfeiting of integrated circuits and illegal copying of IP cores.
My PhD thesis is available here and the defense slides here.
The final outcome of the SALWARE project was a demonstrator meant at illustrating the remote activation procedure of an IP core. It integrates all the contributions of the SALWARE project, namely the logic locking/masking method to make the IP activable, the lightweight block cipher, the PUF to identify each instance of the IP core and the CASCADE key reconciliation protocol to correct the errors found in PUF responses.
An overview of the design is shown below, as well as a video demonstrating how the whole system works with an example design.
PUFs are very interesting security primitives to uniquely identify instances of an IP core, but suffer from errors found in their responses. In order to correct these errors, traditional error-correcting codes can be used but they are quite costly in logic resources. Conversely, we propose as a lightweight alternative to use the CASCADE key reconciliation protocol to correct the errors in PUF responses.
The CASCADE protocol is very efficient at correcting the errors, allowing to reach failure rates as low as one in a million, while being an order of magnitude more lightweight than traditional error-correcting codes implementations. Moreover, it is very flexible and can accomodate various error rates.
One way to make a combinational circuit unusable is to apply logic masking. By inserting XOR/XNOR logic gates at specific locations in the netlist, it strongly disturbs the circuit operation if the wrong un-masking key is applied. The objective is to have the lowest possible correlation between normal and masked output.
We developped a node-selection heuristic based on centrality indicators to determine the netlist nodes to modify.
Compared to state-of-the-art heuristics, it is more computationnally-efficient while achieving low output correlation.
Another option to make a circuit unusable is to apply logic locking. By inserting non-linear (AND, OR) logic gates at specific locations in the netlist, it forces the outputs of the netlist to a fixed logic value.
In order to select the netlist nodes to modify, we used graph analysis to find out the gate sequences that can propagate a fixed logic value.
I serve as an associate editor for the Journal of Cryptographic Engineering.
I have been a program commitee member of the VLSI-SoC conference in 2018 and 2019.
I reviewed submissions to the following conferences:
I reviewed submissions to the following journals:
Built with Pandoc, hosted on Netlify, last modified: 03/2023