Proceedings of the 14th International Joint Conference on e-Business and Telecommunications
The field of Pairing Based Cryptography (PBC) has seen recent advances in the simplification of t... more The field of Pairing Based Cryptography (PBC) has seen recent advances in the simplification of their calculations and in the implementation of original protocols for security and privacy. Like most cryptographic algorithms, PBC implementations on embedded devices are exposed to physical attacks such as side channel attacks, which have been shown to recover the secret points used in some PBC-based schemes. Various countermeasures have consequently been proposed. The present paper provides an updated review of the state of the art countermeasures against side channel attacks that target PBC implementations. We especially focus on a technique based on point blinding/randomization. We propose a collision based side-channel attack against an implementation embedding the point randomization countermeasure. It is, to the best of our knowledge, the first proposed attack against this countermeasure used in the PBC context and this raises questions about the validation of countermeasures for complex cryptographic schemes such as PBC. We also discuss about ways of thwarting our attack.
2017 Euromicro Conference on Digital System Design (DSD)
Over the last 30 years, a number of secure processor architectures have been proposed to protect ... more Over the last 30 years, a number of secure processor architectures have been proposed to protect software integrity and confidentiality during its distribution and execution. In such architectures, encryption (together with integrity checking) is used extensively, on any data leaving a defined secure boundary. In this paper, we show how encryption can be achieved at the instruction level using a stream cipher. Thus encryption is more lightweight and efficient, and is maintained deeper in the memory hierarchy than the natural off-chip boundary considered in most research works. It requires the control flow graph to be used and modified as part of the off-line encryption process, but thanks to the LLVM framework, it can be integrated easily in a compiler pipeline, and be completely transparent to the programmer. We also describe hardware modifications needed to support this encryption method, the latter were added to a 32 bit MIPS soft core. The synthesis performed on a Altera Cyclone V FPGA shows that encryption requires 26% of extra logic, while slowingdown execution time by an average of 48% in the best setting.
2018 21st Euromicro Conference on Digital System Design (DSD), 2018
Gentry's breakthrough of Fully Homomorphic Encryption (FHE) in 2009 revolutionized the field ... more Gentry's breakthrough of Fully Homomorphic Encryption (FHE) in 2009 revolutionized the field of secure computation. Since then, most applications of homomorphic encryption have been oriented towards offloading computations to the cloud in a secure fashion. Indeed, the user usually does not have full confidence in the cloud provider and wants to keep its data secrecy. A similar situation appears in most embedded systems, where information leakages through hardware or software side-channel attacks might compromise data confidentiality. In this work, we attempt to leverage Homomorphic Encryption in a different threat model, adapted to CPS (Cyber-Physical Systems) use cases. The main challenge is that, even today's most promising FHE schemes remain orders of magnitude too big to fit in a constrained system. To address this issue, we show how a trade-off can be achieved by securing a noise reduction module against side-channel leakages. This approach is described and evaluated on FPGA using the BGV scheme, a very efficient homomorphic scheme based on Ring-LWE encryption. We conclude that such homomorphic encryption can fit in an embedded system, while offering reasonable performances with respect to the security provided.
Cryptosystems are highly sensitive to physical attacks, which leads security developers to design... more Cryptosystems are highly sensitive to physical attacks, which leads security developers to design more and more complex countermeasures. Nonetheless, no proof of flaw absence has been given for any implementation of these countermeasures. This paper aims to formally verify an implementation of one published countermeasure against fault injection attacks. More precisely, the formal verification concerns Vigilant’s CRTRSA countermeasure which is designed to sufficiently protect CRT-RSA implementations against fault attacks. The goal is to formally verify whether any possible fault injection threatening the pseudo-code is detected according to a predefined attack model.
The invention concerns a method for making secure one or several computer installations using a c... more The invention concerns a method for making secure one or several computer installations using a common cryptographic secret key algorithm (Ks), characterised in that the way to perform said computation depends, for each computer installation and for each secret key, one secret data (Ds) stored in a secret zone of the computer installation(s).
Decim is a hardware oriented stream cipher with 80-bit key and 64-bit IV which was submitted to t... more Decim is a hardware oriented stream cipher with 80-bit key and 64-bit IV which was submitted to the ECRYPT stream cipher project. The design of Decim is based on both a nonlinear filter LFSR and an irregular decimation mechanism called the ABSG. As a consequence, Decim is of low hardware complexity. Recently, Hongjun Wu and Bart Preneel pointed out two flaws in the stream cipher Decim. The first flaw concerns the initialization stage and the second one, which is the more serious flaw, concerns the filter used in the keystream generation algorithm; the ABSG mechanism is not affected by these two flaws. In this paper, we propose a new version of Decim, called Decim, which does not only appear to be more secure, but also has a lower hardware complexity than Decim.
IACR Transactions on Cryptographic Hardware and Embedded Systems, 2020
The goal of white-box cryptography is to protect secret keys embedded in a cryptographic software... more The goal of white-box cryptography is to protect secret keys embedded in a cryptographic software deployed in an untrusted environment. In this article, we revisit state-of-the-art countermeasures employed in white-box cryptography, and we discuss possible ways to combine them. Then we analyze the different gray-box attack paths and study their performances in terms of required traces and computation time. Afterward, we propose a new paradigm for the gray-box attack against white-box cryptography, which exploits the data-dependency of the target implementation. We demonstrate that our approach provides substantial complexity improvements over the existing attacks. Finally, we showcase this new technique by breaking the three winning AES-128 white-box implementations from WhibOx 2019 white-box cryptography competition.
Over the last 30 years, a number of secure processor architectures have been proposed to protect ... more Over the last 30 years, a number of secure processor architectures have been proposed to protect software integrity and confidentiality during its distribution and execution. In such architectures, encryption (together with integrity checking) is used extensively, on any data leaving a defined secure boundary. In this paper, we show how encryption can be achieved at the instruction level using a stream cipher. Thus encryption is more lightweight and efficient, and is maintained deeper in the memory hierarchy than the natural off-chip boundaries considered in most research works. It requires the control flow graph to be used and modified as part of the off-line encryption process, but thanks to the LLVM framework, it can be integrated easily in a compiler pipeline, and be completely transparent to the programmer. We also describe hardware modifications needed to support this encryption method, the latter were added to a 32-bit MIPS soft core. The synthesis performed on a Altera Cyclone V FPGA shows that encryption requires 26% of extra logic, while slowing-down execution time by an average of 48% in the best setting.
Side-channel attacks are a serious threat against secret data involved in cryptographic calculati... more Side-channel attacks are a serious threat against secret data involved in cryptographic calculations, as for instance pairing-based cryptography which is a promising tool for the IoT. We focus our work on Correlation Power Analysis (CPA) attack against a pairing implementation. We improve a vertical sidechannel analysis attack and propose the first horizontal attack against a pairing implementation. First, we present a characterization of the multiplication that allows us to reduce by a factor of ten the number of side-channel traces required in order to perform a CPA attack against an implementation of Ate pairing. Secondly, we successfully attack the same implementation with only one trace by using the first horizontal attack path against pairing-based cryptography.
Proceedings of the 2016 ACM Workshop on Software PROtection, 2016
Mixed Boolean-Arithmetic expressions are presented as a strong protection in the context of data ... more Mixed Boolean-Arithmetic expressions are presented as a strong protection in the context of data flow obfuscation. As there is very little literature on the analysis of such obfuscated expressions, two important subjects of interest are: to define what simplifying those expressions means, and how to design a simplification solution. We focus on evaluating the resilience of this technique, by giving theoretical elements to justify its efficiency and proposing a simplification algorithm using a pattern matching approach. The implementation of this solution is capable of simplifying the public examples of MBA-obfuscated expressions, demonstrating that at least a subset of MBA obfuscation lacks resilience against pattern matching analysis.
Can Bob give Alice his decryption secret and be convinced that she will not give it to someone el... more Can Bob give Alice his decryption secret and be convinced that she will not give it to someone else? This is achieved by a proxy re-encryption scheme where Alice does not have Bob's secret but instead she can transform ciphertexts in order to decrypt them with her own key. In this article, we answer this question in a different perspective, relying on a property that can be found in the well-known modified NTRU encryption scheme. We show how parties can collaborate to one-way-glue their secret-keys together, giving Alice's secret-key the additional ability to decrypt Bob's ciphertexts. The main advantage is that the protocols we propose can be plugged directly to the modified NTRU scheme with no post-key-generation space or time costs, nor any modification of ciphertexts. In addition, this property translates to the NTRU-based multikey homomorphic scheme, allowing to equip a hierarchic chain of users with automatic re-encryption of messages and supporting homomorphic operations of ciphertexts. To achieve this, we propose two-party computation protocols in cyclotomic polynomial rings. We base the security in presence of various types of adversaries on the RLWE and DSPR assumptions, and on two new problems in the modified NTRU ring.
Proceedings of the 14th International Joint Conference on e-Business and Telecommunications
The field of Pairing Based Cryptography (PBC) has seen recent advances in the simplification of t... more The field of Pairing Based Cryptography (PBC) has seen recent advances in the simplification of their calculations and in the implementation of original protocols for security and privacy. Like most cryptographic algorithms, PBC implementations on embedded devices are exposed to physical attacks such as side channel attacks, which have been shown to recover the secret points used in some PBC-based schemes. Various countermeasures have consequently been proposed. The present paper provides an updated review of the state of the art countermeasures against side channel attacks that target PBC implementations. We especially focus on a technique based on point blinding/randomization. We propose a collision based side-channel attack against an implementation embedding the point randomization countermeasure. It is, to the best of our knowledge, the first proposed attack against this countermeasure used in the PBC context and this raises questions about the validation of countermeasures for complex cryptographic schemes such as PBC. We also discuss about ways of thwarting our attack.
2017 Euromicro Conference on Digital System Design (DSD)
Over the last 30 years, a number of secure processor architectures have been proposed to protect ... more Over the last 30 years, a number of secure processor architectures have been proposed to protect software integrity and confidentiality during its distribution and execution. In such architectures, encryption (together with integrity checking) is used extensively, on any data leaving a defined secure boundary. In this paper, we show how encryption can be achieved at the instruction level using a stream cipher. Thus encryption is more lightweight and efficient, and is maintained deeper in the memory hierarchy than the natural off-chip boundary considered in most research works. It requires the control flow graph to be used and modified as part of the off-line encryption process, but thanks to the LLVM framework, it can be integrated easily in a compiler pipeline, and be completely transparent to the programmer. We also describe hardware modifications needed to support this encryption method, the latter were added to a 32 bit MIPS soft core. The synthesis performed on a Altera Cyclone V FPGA shows that encryption requires 26% of extra logic, while slowingdown execution time by an average of 48% in the best setting.
2018 21st Euromicro Conference on Digital System Design (DSD), 2018
Gentry's breakthrough of Fully Homomorphic Encryption (FHE) in 2009 revolutionized the field ... more Gentry's breakthrough of Fully Homomorphic Encryption (FHE) in 2009 revolutionized the field of secure computation. Since then, most applications of homomorphic encryption have been oriented towards offloading computations to the cloud in a secure fashion. Indeed, the user usually does not have full confidence in the cloud provider and wants to keep its data secrecy. A similar situation appears in most embedded systems, where information leakages through hardware or software side-channel attacks might compromise data confidentiality. In this work, we attempt to leverage Homomorphic Encryption in a different threat model, adapted to CPS (Cyber-Physical Systems) use cases. The main challenge is that, even today's most promising FHE schemes remain orders of magnitude too big to fit in a constrained system. To address this issue, we show how a trade-off can be achieved by securing a noise reduction module against side-channel leakages. This approach is described and evaluated on FPGA using the BGV scheme, a very efficient homomorphic scheme based on Ring-LWE encryption. We conclude that such homomorphic encryption can fit in an embedded system, while offering reasonable performances with respect to the security provided.
Cryptosystems are highly sensitive to physical attacks, which leads security developers to design... more Cryptosystems are highly sensitive to physical attacks, which leads security developers to design more and more complex countermeasures. Nonetheless, no proof of flaw absence has been given for any implementation of these countermeasures. This paper aims to formally verify an implementation of one published countermeasure against fault injection attacks. More precisely, the formal verification concerns Vigilant’s CRTRSA countermeasure which is designed to sufficiently protect CRT-RSA implementations against fault attacks. The goal is to formally verify whether any possible fault injection threatening the pseudo-code is detected according to a predefined attack model.
The invention concerns a method for making secure one or several computer installations using a c... more The invention concerns a method for making secure one or several computer installations using a common cryptographic secret key algorithm (Ks), characterised in that the way to perform said computation depends, for each computer installation and for each secret key, one secret data (Ds) stored in a secret zone of the computer installation(s).
Decim is a hardware oriented stream cipher with 80-bit key and 64-bit IV which was submitted to t... more Decim is a hardware oriented stream cipher with 80-bit key and 64-bit IV which was submitted to the ECRYPT stream cipher project. The design of Decim is based on both a nonlinear filter LFSR and an irregular decimation mechanism called the ABSG. As a consequence, Decim is of low hardware complexity. Recently, Hongjun Wu and Bart Preneel pointed out two flaws in the stream cipher Decim. The first flaw concerns the initialization stage and the second one, which is the more serious flaw, concerns the filter used in the keystream generation algorithm; the ABSG mechanism is not affected by these two flaws. In this paper, we propose a new version of Decim, called Decim, which does not only appear to be more secure, but also has a lower hardware complexity than Decim.
IACR Transactions on Cryptographic Hardware and Embedded Systems, 2020
The goal of white-box cryptography is to protect secret keys embedded in a cryptographic software... more The goal of white-box cryptography is to protect secret keys embedded in a cryptographic software deployed in an untrusted environment. In this article, we revisit state-of-the-art countermeasures employed in white-box cryptography, and we discuss possible ways to combine them. Then we analyze the different gray-box attack paths and study their performances in terms of required traces and computation time. Afterward, we propose a new paradigm for the gray-box attack against white-box cryptography, which exploits the data-dependency of the target implementation. We demonstrate that our approach provides substantial complexity improvements over the existing attacks. Finally, we showcase this new technique by breaking the three winning AES-128 white-box implementations from WhibOx 2019 white-box cryptography competition.
Over the last 30 years, a number of secure processor architectures have been proposed to protect ... more Over the last 30 years, a number of secure processor architectures have been proposed to protect software integrity and confidentiality during its distribution and execution. In such architectures, encryption (together with integrity checking) is used extensively, on any data leaving a defined secure boundary. In this paper, we show how encryption can be achieved at the instruction level using a stream cipher. Thus encryption is more lightweight and efficient, and is maintained deeper in the memory hierarchy than the natural off-chip boundaries considered in most research works. It requires the control flow graph to be used and modified as part of the off-line encryption process, but thanks to the LLVM framework, it can be integrated easily in a compiler pipeline, and be completely transparent to the programmer. We also describe hardware modifications needed to support this encryption method, the latter were added to a 32-bit MIPS soft core. The synthesis performed on a Altera Cyclone V FPGA shows that encryption requires 26% of extra logic, while slowing-down execution time by an average of 48% in the best setting.
Side-channel attacks are a serious threat against secret data involved in cryptographic calculati... more Side-channel attacks are a serious threat against secret data involved in cryptographic calculations, as for instance pairing-based cryptography which is a promising tool for the IoT. We focus our work on Correlation Power Analysis (CPA) attack against a pairing implementation. We improve a vertical sidechannel analysis attack and propose the first horizontal attack against a pairing implementation. First, we present a characterization of the multiplication that allows us to reduce by a factor of ten the number of side-channel traces required in order to perform a CPA attack against an implementation of Ate pairing. Secondly, we successfully attack the same implementation with only one trace by using the first horizontal attack path against pairing-based cryptography.
Proceedings of the 2016 ACM Workshop on Software PROtection, 2016
Mixed Boolean-Arithmetic expressions are presented as a strong protection in the context of data ... more Mixed Boolean-Arithmetic expressions are presented as a strong protection in the context of data flow obfuscation. As there is very little literature on the analysis of such obfuscated expressions, two important subjects of interest are: to define what simplifying those expressions means, and how to design a simplification solution. We focus on evaluating the resilience of this technique, by giving theoretical elements to justify its efficiency and proposing a simplification algorithm using a pattern matching approach. The implementation of this solution is capable of simplifying the public examples of MBA-obfuscated expressions, demonstrating that at least a subset of MBA obfuscation lacks resilience against pattern matching analysis.
Can Bob give Alice his decryption secret and be convinced that she will not give it to someone el... more Can Bob give Alice his decryption secret and be convinced that she will not give it to someone else? This is achieved by a proxy re-encryption scheme where Alice does not have Bob's secret but instead she can transform ciphertexts in order to decrypt them with her own key. In this article, we answer this question in a different perspective, relying on a property that can be found in the well-known modified NTRU encryption scheme. We show how parties can collaborate to one-way-glue their secret-keys together, giving Alice's secret-key the additional ability to decrypt Bob's ciphertexts. The main advantage is that the protocols we propose can be plugged directly to the modified NTRU scheme with no post-key-generation space or time costs, nor any modification of ciphertexts. In addition, this property translates to the NTRU-based multikey homomorphic scheme, allowing to equip a hierarchic chain of users with automatic re-encryption of messages and supporting homomorphic operations of ciphertexts. To achieve this, we propose two-party computation protocols in cyclotomic polynomial rings. We base the security in presence of various types of adversaries on the RLWE and DSPR assumptions, and on two new problems in the modified NTRU ring.
Uploads
Papers by Louis Goubin