Global ETD Search

421	Stratégies pour sécuriser les processeurs embarqués contre les attaques par canaux auxiliaires / Strategies for Securing Embedded Processors against Side-Channel Attacks Barthe, Lyonel 10 July 2012 (has links) Les attaques par canaux auxiliaires telles que l'analyse différentielle de la consommation de courant (DPA) et l'analyse différentielle des émissions électromagnétiques (DEMA) constituent une menace sérieuse pour la sécurité des systèmes embarqués. L'objet de cette thèse est d'étudier les vulnérabilités des implantations logicielles des algorithmes cryptographiques face à ces attaques pour concevoir un processeur d'un nouveau type. Pour cela, nous commençons par identifier les différents éléments des processeurs embarqués qui peuvent être exploités pour obtenir des informations secrètes. Puis, nous introduisons des stratégies qui privilégient un équilibre entre performance et sécurité pour protéger de telles architectures au niveau transfert de registres (RTL). Nous présentons également la conception et l'implantation d'un processeur sécurisé, le SecretBlaze-SCR. Enfin, nous évaluons l'efficacité des solutions proposées contre les analyses électromagnétiques globales et locales à partir de résultats expérimentaux issus d'un prototype du SecretBlaze-SCR réalisé sur FPGA. A travers cette étude de cas, nous montrons qu'une combinaison appropriée de contre-mesures permet d'accroître significativement la résistance aux analyses par canaux auxiliaires des processeurs tout en préservant des performances satisfaisantes pour les systèmes embarqués. / Side-channel attacks such as differential power analysis (DPA) and differential electromagnetic analysis (DEMA) pose a serious threat to the security of embedded systems. The aim of this thesis is to study the side-channel vulnerabilities of software cryptographic implementations in order to create a new class of processor. For that purpose, we start by identifying the different elements of embedded processors that can be exploited to reveal the secret information. Then, we introduce several strategies that seek a balance between performance and security to protect such architectures at the register transfer level (RTL). We also present the design and implementation details of a secure processor, the SecretBlaze-SCR. Finally, we evaluate the effectiveness of the proposed solutions against global and local electromagnetic analyses from experimental results obtained with a FPGA-based SecretBlaze-SCR. Through this case study, we show that a suitable combination of countermeasures significantly increases the side-channel resistance of processors while maintaining satisfactory performance for embedded systems. Attaques par Canaux Auxiliaires Dpa/dema Processeurs Embarqués Contre-mesures SecretBlaze Side-Channel Attacks Dpa/dema Embedded Processors Countermeasures SecretBlaze
422	Efficacité, généricité et praticabilité de l'attaque par information mutuelle utilisant la méthode d'estimation de densité par noyau / Efficiency, genericity and practicability of Kerned-based mutual information analysis Carbone, Mathieu 16 March 2015 (has links) De nos jours, les attaques par canaux auxiliaires sont facilement réalisables et très puissantes face aux implémentations cryptographiques. Cela pose une sérieuse menace en ce qui concerne la sécurité des crypto-systèmes. En effet, l'exécution d'un algorithme cryptographique produit inévitablement des fuites d'information liées aux données internes manipulées par le cryptosystèmes à travers des canaux auxiliaires (temps, température, consommation de courant, émissions électro-magnétiques, etc.). Certaines d'entre elles étant sensibles, un attaquant peut donc les exploiter afin de retrouver la clé secrète. Une des étapes les plus importantes d'une attaque par canaux auxiliaires est de quantifier la dépendance entre une quantité physique mesurée et un modèle de fuite supposé. Pour se faire, un outil statistique, aussi appelé distingueur, est utilisé dans le but de trouver une estimation de la clé secrète. Dans la littérature, une pléthore de distingueurs a été proposée. Cette thèse porte sur l'attaque utilisant l'information mutuelle comme distingueur, appelé l'attaque par information mutuelle. Dans un premier temps, nous proposons de combler le fossé d'un des problèmes majeurs concernant l'estimation du coefficient d'information mutuelle, lui-même demandant l'estimation de densité. Nos investigations ont été menées en utilisant une méthode non paramétrique pour l'estimation de densité: l'estimation par noyau. Une approche de sélection de la largeur de fenêtre basée sur l'adaptativité est proposée sous forme d'un critère (spécifique au cas des attaques par canaux auxiliaires). Par conséquent, une analyse est menée pour donner une ligne directrice afin de rendre l'attaque par information mutuelle optimale et générique selon la largeur de fenêtre mais aussi d'établir quel contexte (relié au moment statistique de la fuite) est plus favorable pour l'attaque par information mutuelle. Dans un second temps, nous abordons un autre problème lié au temps de calcul élevé (étroitement lié à la largeur de la fenêtre) de l'attaque par information mutuelle utilisant la méthode du noyau. Nous évaluons un algorithme appelé Arbre Dual permettant des évaluations rapides de fonctions noyau. Nous avons aussi montré expérimentalement que l'attaque par information mutuelle dans le domaine fréquentiel, est efficace et rapide quand celle-ci est combinée avec l'utilisation d'un modèle fréquentiel de fuite. En outre, nous avons aussi suggéré une extension d'une méthode déjà existante pour détecter une fuite basée sur un moment statistique d'ordre supérieur. / Nowadays, Side-Channel Analysis (SCA) are easy-to-implement whilst powerful attacks against cryptographic implementations posing a serious threat to the security of cryptosystems for the designers. Indeed, the execution of cryptographic algorithms unvoidably leaks information about internally manipulated data of the cryptosystem through side-channels (time, temperature, power consumption, electromagnetic emanations, etc), for which some of them are sensible(depending on the secret key). One of the most important SCA steps for an adversary is to quantify the dependency between the measured side-channel leakage and an assumed leakage model using a statistical tool, also called distinguisher, in order to find an estimation of the secret key. In the SCA literature, a plethora of distinguishers have been proposed. This thesis focuses on Mutual Information (MI) based attacks, the so-called Mutual Information Analysis (MIA) and proposes to fill the gap of the major practical issue consisting in estimating MI index which itself requires the estimation of underlying distributions. Investigations are conducted using the popular statistical technique for estimating the underlying density distribution with minimal assumptions: Kernel Density Estimation (KDE). First, a bandwidth selection scheme based on an adaptivity criterion is proposed. This criterion is specific to SCA.As a result, an in-depth analysis is conducted in order to provide a guideline to make MIA efficient and generic with respect to this tuning hyperparameter but also to establish which attack context (connected to the statistical moment of leakage) is favorable of MIA. Then, we address another issue of the kernel-based MIA lying in the computational burden through a so-called Dual-Tree algorithm allowing fast evaluations of 'pair-wise` kernel functions. We also showed that MIA running into the frequency domain is really effective and fast when combined with the use of an accurate frequency leakage model. Additionally, we suggested an extension of an existing method to detect leakage embedded on higher-order statistical moments. Attaques par canaux cachés Information mutuelle Estimation de densité par noyaux Side Channel Attacks Mutual Information Kernel Density Estimation
423	Cryptanalyse de chiffrements par blocs avec la méthode des variances / Secret-key cryptanalysis based on the variance method. Marriere, Nicolas 20 December 2017 (has links) La première partie de la thèse porte sur l'utilisation de la méthode des variances dans le cadre des attaques différentielles sur des schémas de Feistel généralisés. Cette méthode permet d'améliorer des attaques sur deux points : la complexité en données ou le nombre de tours couvert par l'attaque.Afin d'atteindre ce but, un outil a été développé permettant de calculer la valeur exacte de l'espérance et de la variance et nous nous servons alors de cette précision pour améliorer les attaques.La seconde partie porte sur une famille de schémas de chiffrement : les EGFN.Nous avons utilisé la méthode des variances et notre outil afin de construire des attaques différentielles. Des simulations ont été effectuées afin de confirmer les résultats.Dans la dernière partie, nous nous intéressons à LILLIPUT, un système de chiffrement concret issu des EGFN. Nous avons effectué une analyse différentielle et monté des attaques avec une structure spécifique.Ces attaques sont trouvées par un programme cherchant des attaques automatiquement. Nous avons notamment mis en avant la possibilité d'études sur les attaques différentielles improbables. / The first part of the thesis is the cryptanalysis of generalized Feistel networks with the use of the variance method.This method allows to improve existing attacks by two ways: data complexity or the number of rounds. In order to do that, we have developed a tool which computes the right values of expectations and variances.It provides a better analysis of the attacks.In the second part, we have studied the EGFN a new family of generalized Feistel networks. We have used the variance method and our tool in order to build some differential attacks. Simulations were made to confirm the theoritical study.In the last part, we have studied LILLIPUT, a concret cipher based on the EGFN.We have provided a differential analysis and build differential attacks which have unusual conditions. These attacks were found empirically by a tool that automatically look for differential attacks. In particular, we have highlighted some improbable differential attacks. Cryptologie symétrique Cryptanalyse différentielle Symmetric-Key cryptology Differential cryptanalysis Generic attacks on Feistel type schemes
424	UMA ONTOLOGIA DE APLICAÇÃO PARA APOIO À TOMADA DE DECISÕES EM SITUAÇÕES DE AMEAÇA À SEGURANÇA DA INFORMAÇÃO. / AN ONTOLOGY OF INFORMATION FOR DECISION SUPPORT IN SITUATIONS OF THREAT TO INFORMATION SECURITY. SILVA, Rayane Meneses da 24 June 2015 (has links) Submitted by Maria Aparecida (cidazen@gmail.com) on 2017-08-31T14:44:32Z No. of bitstreams: 1 Rayane.pdf: 4026589 bytes, checksum: 7e6066416420555456030ab6db3a1231 (MD5) / Made available in DSpace on 2017-08-31T14:44:32Z (GMT). No. of bitstreams: 1 Rayane.pdf: 4026589 bytes, checksum: 7e6066416420555456030ab6db3a1231 (MD5) Previous issue date: 2015-06-24 / Many security mechanisms, such as Intrusion Detection Systems (IDSs) have been developed to approach the problem of information security attacks but most of them are traditional information systems in which their threats repositories are not represented semantically. Ontologies are knowledge representation structures that enable semantic processing of information and the construction of knowledge-based systems, which provide greater effectiveness compared to traditional systems. This paper proposes an application ontology called “Application Ontology for the Development of Case-based Intrusion Detection Systems” that formally represents the concepts related to information security domain of intrusion detection systems and “Case Based Reasoning”. The “Case Based Reasoning” is an approach for problem solving in which you can reuse the knowledge of past experiences to solve new problems. The evaluation of the ontology was performed by the development of an Intrusion Detection System that can detect attacks on computer networks and recommend solutions to these attacks. The ontology was specified using the “Ontology Web Language” and the Protégé ontology editor and. It was also mapped to a cases base in Prolog using the “Thea” tool. The results have shown that the developed Intrusion Detection System presented a good effectiveness in detecting attacks that the proposed ontology conceptualizes adequately the domain concepts and tasks. / Muitos mecanismos de segurança, como os Sistemas de Detecção de Intrusão têm sido desenvolvidos para abordar o problema de ataques à Segurança da Informação. Porém, a maioria deles são sistemas de informação tradicionais nos quais seus repositórios de ameaças não são representados semanticamente. As ontologias são estruturas de representação do conhecimento que permitem o processamento semântico das informações bem como a construção dos sistemas baseados em conhecimento, os quais fornecem uma maior efetividade em relação aos sistemas tradicionais. Neste trabalho propõe-se uma ontologia de aplicação denominada “Application Ontology for the Development of Case-based Intrusion Detection Systems” que representa formalmente os conceitos relacionados ao domínio de Segurança da Informação, dos sistemas de detecção de intrusão e do “Case-Based Reasoning”. O “Case-Based Reasoning” é uma abordagem para resolução de problemas nos quais é possível reutilizar conhecimentos de experiências passadas para resolver novos problemas. A avaliação da ontologia foi realizada por meio do desenvolvimento de um Sistema de Detecção de Intrusão que permite detectar ataques a redes de computadores e recomendar soluções a esses ataques. A ontologia foi especificada na linguagem “Ontology Web Language” utilizando o editor de ontologias Protegé e, logo após, mapeada a uma base de casos em Prolog utilizando o ferramenta “Thea”. Os resultados mostraram que o Sistema de Detecção de Intrusão desenvolvido apresentou boa efetividade na detecção de ataques e portanto, conclui-se que a ontologia proposta conceitualiza de forma adequada os conceitos de domínio e tarefa abordados. Sistemas de Informação
425	Att hantera det okontrollerbara : Terrorattentat, rädsla och coping Salokanto, Frida, Sand, Sebastian January 2019 (has links) Terrorattentat orsakar ofta massförstörelse med civila offer, det sprider rädsla och leder till allvarliga konsekvenser för de som drabbas. För att hantera rädslan använder människor olika strategier. Syftet med studien var således att bidra till en nyanserad bild av människors rädsla för terrorattentat och hur de hanterar rädslan. Detta undersöktes genom semi-strukturerade intervjuer där frågorna baserades utifrån tre frågeställningar, “Hur beskriver människor sin rädsla för terrorattentat och vilka känslor beskrivs i relation till rädslan?”, “Varför upplever människor rädsla för terrorattentat?” och “Hur använder människor copingstrategier för att hantera rädslan för terrorattentat?” För att besvara dessa intervjuades tre kvinnor och tre män mellan åldrarna 21 och 29. Resultaten visade att rädslan dels innefattade indirekt och direkt utsatthet samt känslor som sårbarhet och ångest. Rädslan var också kopplad till särskilda platser och situationer. Vidare identifierades också att deltagarna använde sig av känslo- och problemfokuserad coping samt undvikande beteende för att hantera rädslan. Dessa resultat bekräftas i stort av tidigare forskning. / Terrorist attacks often causes mass destruction with civilian casualties, it spreads fear and leads to severe consequences for those who are victimized. To handle the fear, people use different strategies. The aim of this study was therefore to contribute to a nuanced depiction of people’s fear of terrorist attacks and how they handle the fear. This was examined through semi-structured interviews based on three issues; “How do people describe their fear of terrorist attacks and what emotions are described in relation to the fear?”, “Why do people experience fear of terrorist attacks?” and “Which coping strategies are being used to handle the fear of terrorist attacks?” To answer these, three women and three men between the ages 21 and 29 were interviewed. The results showed that fear partially included indirect and direct victimization as well as vulnerability and anxiety. Fear was also linked to specific places and situations. Furthermore, was also identified that the participants used emotion- and problem focused coping as well as avoidance behaviour to handle the fear. These results are mostly confirmed by previous research. Fear terrorist attacks emotion-focused problem-focused avoidance coping Rädsla terrorattentat känslofokuserad problemfokuserad undvikande coping Other Social Sciences Annan samhällsvetenskap
426	Um salve por São Paulo: narrativas da cidade e da violência em três obras recentes / Around Sao Paulo: narratives of the city and of violence through three recent movies. Goulart, Marília Bilemjian 18 November 2014 (has links) Esta dissertação discute o modo como a cidade de São Paulo, marcada pelos ataques do Primeiro Comando da Capital de maio de 2006, é construída em Salve Geral (Sérgio Rezende, 2009), Inversão (Edu Felistoque, 2010) e Os Inquilinos (Sergio Bianchi, 2009). Distantes dos paradigmáticos títulos cariocas que têm abordado violência e crime nas últimas décadas e em consonância com a polifórmica São Paulo do cinema, Salve Geral, Inversão e Inquilinos constroem diferentes cidades na tela. Em suas distintas opções formais e narrativas, encontramos entre os três títulos possiblidades que escapam de um apelo sensacional do evento. De modo instigante, os três filmes inserem a cobertura dos meios de comunicação em suas diegeses, colocando em pauta as interlocuções midiáticas em torno da violência, reforçando a importância das diferentes narrativas na construção do fenômeno e sugerindo uma postura reflexiva sobre a implicação dos filmes nesse conjunto de narrativas. / This dissertation inquiries the ways in which the city of Sao Paulo, marked by the attacks carried out by the criminal organization PCC (First Command of the Capital) in May 2006, is shown on three recent movies: Time of Fear (Salve Geral, Sérgio Resende, 2009),The Tenants - Don\'t Like It, Leave (Os Inquilinos, Sérgio Bianchi, 2009) and Inversão (Edu Felistoque, 2010). All three movies strengthen the multiple filmic representations of Sao Paulo, and not only differ from each other, but also when compared to recent movies that deal with urban violence, specially box-office hits shot in Rio de Janeiro like City of God (Cidade de Deus, Fernando Meirelles, 2002) and Elite Squad (Tropa de Elite, José Padilha, 2007). Through its multiple narrative and formal choices, we see among the three movies possibilities that escape a sensationalistic appeal of the event. In an interesting way the three movies not only include the attacks but also the mediatic reverberations, pointing the implication of the many narratives in the building of the phenomenon of violence and encouraging a reflective thought about is own construction ataques do PCC attacks of PCC cidade cinema city crime crime PCC (First Command of the Capital) Sao Paulo São Paulo violence violência
427	Medidas de centralidade em redes complexas: correlações, efetividade e caracterização de sistemas / Centrality measures in complex networks: correlations, effectiveness and characterization of systems Ronqui, José Ricardo Furlan 19 February 2014 (has links) Centralidades são medidas desenvolvidas para determinar a importância dos nós e ligações, utilizando as características estruturais das redes para esta finalidade. As medidas de centralidade são, portanto, essenciais no estudo de redes complexas pois os sistemas representados por elas geralmente são formados por muitos elementos, e com isso, torna-se inviável estudar individualmente cada um deles; dessa forma é necessário identificar os nós e ligações que são mais relevantes em cada situação. Todavia, com o surgimento de ideias diferentes de como esses elementos podem ser importantes, diversas medidas foram propostas com o intuito de evidenciar elementos que passam despercebidos pelas demais. Neste trabalho utilizamos a correlação de Pearson para avaliar o quão semelhantes são as classificações fornecidas pelas centralidades para redes representando sistemas reais e modelos teóricos. Para avaliar a efetividade das medidas e como elas afetam cada sistema, atacamos as redes usando as centralidades como indicadores para a ordem de remoção dos nós e ligações. Procurando caracterizar as redes usando suas diferenças estruturais, realizamos uma análise de componentes principais empregando as correlações entre os pares de centralidade como características de cada sistema. Nossos resultados mostraram que na maioria dos casos medidas distintas estão correlacionadas, o que indica que em geral os mesmos elementos são evidenciados pelas diferentes centralidades; também observamos que as correlações são mais fortes nos modelos do que nos sistemas reais. Os ataques mostraram que medidas fortemente correlacionadas podem influenciar as redes de maneiras distintas, evidenciando a importância do conjunto de elementos selecionados por cada medida. Nosso último resultado demonstra que as correlações entre os pares de centralidades podem ser utilizados tanto para a diferenciação e caracterização de redes quanto na avaliação de modelos que representem melhor a estrutura de um sistema específico. / Centrality measures were developed to evaluate the importance of nodes and links based on the structure of networks. Centralities are essential in the study of networks because these systems are usually large, which make manual analysis of all nodes and links impossible; therefore recognizing such elements is a vital task. As nodes and links can be considered essential by different reasons, a large number of measures were proposed to identify important elements that were not highlighted by the other ones. In our study, we use Pearson\'s correlation coefficient to measure the similarity between rankings of nodes and links provided by different centralities for real and model based networks. We also perform attacks to networks, using these rankings to determine the order of removal of nodes and links, intending to evaluate and compare the efficiency and how the systems react to attacks guided by different centralities. Finally, we use the correlation coefficients between the pairs of centralities as properties of networks, and perform a principal component analysis with them, to evaluate if differences among network structures can be detected from correlations. Our results showed that centrality measures are frequently correlated, which means that the same elements can be highlighted by different centralities. We also noticed that the correlation coefficients are larger in models than in real world networks. The results of the attacks experiment showed that even when two measures are highly correlated, they can affect networks in distinct ways, meaning that the group of the nodes and links provided by each measure are relevant for the study of networks systems. Our last result evidenced that correlations among centrality measures can be used for characterization of networks and to evaluate how well models represent them. Análise de componentes principais Ataques Attacks Centrality measures Complex networks Correlações Correlations Medidas de centralidade Principal component analysis Redes complexas
428	Data Poisoning Attacks on Linked Data with Graph Regularization January 2019 (has links) abstract: Social media has become the norm of everyone for communication. The usage of social media has increased exponentially in the last decade. The myriads of Social media services such as Facebook, Twitter, Snapchat, and Instagram etc allow people to connect with their friends, and followers freely. The attackers who try to take advantage of this situation has also increased at an exponential rate. Every social media service has its own recommender systems and user profiling algorithms. These algorithms use users current information to make different recommendations. Often the data that is formed from social media services is Linked data as each item/user is usually linked with other users/items. Recommender systems due to their ubiquitous and prominent nature are prone to several forms of attacks. One of the major form of attacks is poisoning the training set data. As recommender systems use current user/item information as the training set to make recommendations, the attacker tries to modify the training set in such a way that the recommender system would benefit the attacker or give incorrect recommendations and hence failing in its basic functionality. Most existing training set attack algorithms work with ``flat" attribute-value data which is typically assumed to be independent and identically distributed (i.i.d.). However, the i.i.d. assumption does not hold for social media data since it is inherently linked as described above. Usage of user-similarity with Graph Regularizer in morphing the training data produces best results to attacker. This thesis proves the same by demonstrating with experiments on Collaborative Filtering with multiple datasets. / Dissertation/Thesis / Masters Thesis Computer Science 2019 Computer science Information science Collaborative filtering Data poisoning attacks Graph laplacian Graph regularization Linked data Matrix factorization
429	The Rise of China's Hacking Culture: Defining Chinese Hackers Howlett, William, IV 01 June 2016 (has links) China has been home to some of the most prominent hackers and hacker groups of the global community throughout the last decade. In the last ten years, countless attacks globally have been linked to the People’s Republic of China (PRC) or those operating within the PRC. This exploration attempts to investigate the story, ideology, institutions, actions, and motivations of the Chinese hackers collectively, as sub-groups, and as individuals. I will do this using sources ranging from basic news coverage, interviews with experts and industry veterans, secondary reportage, leaked documents from government and private sources, government white papers, legal codes, blogs and microblogs, a wide array of materials from the darker corners of the online world, and many other materials. The work will begin to sketch for the reader some of the general and specific aspects of the shadowy world of cybercrime and hacker culture in China in recent years. One of the most prevalent beliefs is that the Chinese government is in fact the one responsible, whether directly or by sponsor, for cyber-attacks on foreign systems. My careful analysis has revealed is not always the case, or at least more complex than simply labeling the group as a state actor. At the root of these attacks is a social movement of "hacktivists," a patriotic sub-culture of Chinese hackers. It is incorrect to allege that all attacks are performed by state-sponsored individuals or groups, because there are many individuals and groups that are motivated by other factors. China Cyber-attacks Cyber-warfare Hackers Internet Asian Studies Criminology and Criminal Justice International Relations Politics and Social Change Science and Technology Studies
430	Protection des algorithmes cryptographiques embarqués / Cryptographic Protection in Embedded Systems Renner, Soline 23 June 2014 (has links) Depuis la fin des années 90, les cryptosystèmes implantés sur carte à puce doivent faire face à deux grandes catégories d'attaques : les attaques par canaux cachés et les attaques par injection de fautes. Pour s'en prémunir, des contre-mesures sont élaborées, puis validées en considérant un modèle d'attaquant bien défini. Les travaux réalisés dans cette thèse se concentrent sur la protection des cryptosystèmes symétriques contre les attaques par canaux cachés. Plus précisément, on s'intéresse aux contre-mesures de masquage permettant de se prémunir des attaques statistiques d'ordre supérieur pour lesquelles un attaquant est capable de cibler t valeurs intermédiaires. Après avoir rappelé l'analogie entre les contre-mesures de masquage et les schémas de partage de secret, on présente la construction des schémas de partage de secret à partir de codes linéaires, introduite par James L. Massey en 1993. En adaptant cette construction et des outils issus du calcul multi-parties, on propose une méthode générique de contre-mesure de masquage résistante aux attaques statistiques d'ordre supérieur. De plus, en fonction des cryptosystèmes à protéger et donc des opérations à effectuer, cette solution permet d'optimiserle coût induit par les contre-mesures en sélectionnant les codes les plus adéquats. Dans cette optique, on propose deux contre-mesures de masquage pour implanter le cryptosystème AES. La première est basée sur une famille de code d'évaluation proche de celle utilisée pour le schéma de partage de secret de Shamir, tandis que la seconde considéré la famille des codes auto-duaux et faiblement auto-duaux ayant leur matrice génératrice à coefficient sur F2 ou F4. Ces deux alternatives se révèlent plus efficaces que les contremesures de masquage publiées en 2011 et basées sur le schéma de partage de secret de Shamir. De plus la seconde s'avère compétitive pour t=1 comparée aux solutions usuelles. / Since the late 90s, the implementation of cryptosystems on smart card faces two kinds of attacks : side-channel attacks and fault injection attacks. Countermeasures are then developed and validated by considering a well-defined attacker model. This thesis focuses on the protection of symmetric cryptosystems against side-channel attacks. Specifically, we are interested in masking countermeasures in order to tackle high-order attacks for which an attacker is capable of targeting t intermediate values. After recalling the analogy between masking countermeasures and secret sharing schemes, the construction of secret sharing schemes from linear codes introduced by James L. Massey in 1993 is presented.By adapting this construction together with tools from the field of Multi-Party Computation, we propose a generic masking countermeasure resistant to high-order attacks. Furthermore, depending on the cryptosystem to protect, this solution optimizes the cost of the countermeasure by selecting the most appropriate code. In this context, we propose two countermeasures to implement the AES cryptosystem. The first is based on a family of evaluation codes similar to the Reed Solomon code used in the secret sharing scheme of Shamir. The second considers the family of self-dual and self-orthogonal codes generated by a matrix defined over GF(2) or GF(4). These two alternatives are more effective than masking countermeasures from 2011 based on Shamir's secret sharing scheme. Moreover, for t=1, the second solution is competitive with usual solutions. Attaques par canaux cachés Schémas de partage de secret Codes linéaires Side-channel attacks Secret sharing schemes Linear codes

Search results