Secured Implementations for Cryptography

Objectifs pédagogiques

The goal of this course is to give students an idea of the complexity of implementing operational cryptographic services as well as give them good habits for implementation and methodology. Students will approach problems by starting from setting up a high level system (PKI, system architectures and product, secured API) then looking at implementation problems such as bugs and remote and local attacks. The course includes practical work on attacks on an API and its bugged implementation, verifying a PIN code and an AES DPA and DFA attack.

Description du cours

This course starts with the specification of systems and products (secret management, implementation, API security). It then explores implantations starting with classic vulnerabilities not related to cryptography but which present great risk in codes manipulating secrets (e.g. Heartbleed).

The vulnerabilities related to cryptography are studied :

first by vulnerabilities which can be exploited by a remote attacker (e.g. attacks on execution time) ;
then local non-invasive (e.g. DPA) ;
finally local (seminvasif (e.g. faults attacks).

Mots-clés

Cryptography, implementation, vulnerabilities, side-channels.

Prérequis

Basic concepts in cryptography (integrity, confidentiality, public keys…)
Reading C++ and coding in C/C++ or Python. C++ prerequisites are the basics for class use, not recent advanced concepts

Supports de cours

Voir le cours

Bibliographie

On the (in)security of IPsec in MAC-then-encrypt configurations, by Jean Paul Degabriele and Kenneth G. Paterson, 2010
Remote Timing Attacks Are Still Practical, by Billy Bob Brumley and Nicola Tuveri, 2011.
Hello from the Other Side: SSH over Robust Cache Covert Channels in the Cloud, by Michael Schwarz and Manuel Weber, 2017
Differential Power Analysis, Paul Kocher, Joshua Jaffe and Benjamin Jun, 1999.
Simple Key Enumeration (and Rank Estimation) Using Histograms: An Integrated Approach, by Romain Poussier, François-Xavier Standaert and Vincent Grosso, 2016.
Resistance against differential power analysis for elliptic curve cryptosystems, by Jean-Sébastien Coron, 1999

Biographie de l’enseignant

« I am currently assistant professor (Maitre de conference) at University of Rennes. I am member of the Capsule team, inside the IRISA laboratory. My research focus on side-channel analysis. I am involved in the ANR project IDROMEL: Improving the Design of secure systems by a Reduction Of Micro-architectural Effects on side-channeL Attacks (IRISA, LAAS-CNRS, LIP6, CEA-list, ARM, DGA). I am also involved in PQ-TLS.

I was previously:

postdoc in Emsec team on the ANR project AHMA: Automated Hardware Malware Analysis,
Postdoc in the MAIS team, inside TU-Darmstadt. I was supervised by Heiko Mantel, involved in the DFG collaborative research center CROSSING and created the side-channel lab. »

> Année d’étude :

M2 informatique parcours cybersécurité
M2 mathématiques et applications parcours mathématiques de l’information, cryptographie

> 3 ECTS

> Enseignants : Damien Marion

> Langue du cours : Anglais ou français

> Code administratif : SIMP

La formation qu’offre l’Université de Rennes 1 donne une introduction aux principaux sujets de la cybersécurité. Choisissez le sujet qui vous passionne le plus et trouvez un stage de fin d’études en cohérence avec vos envies. Le stage se passe en général assez bien, et permet d’être embauché dans l’entreprise directement après.

Sina Khoubi

Master informatique parcours cybersécurité, diplômé en 2019