Global ETD Search

31	Injection de fautes par impulsion laser dans des circuits sécurisés / Fault injections by laser impulsion in secured microcontrollers Sarafianos, Alexandre 17 September 2013 (has links) De tout temps, l’Homme s’est vu contraint de protéger les fruits de sa créativité et les domaines concernant sa sécurité. Ses informations sont souvent sensibles, dans les relations politiques et commerciales notamment. Aussi, la nécessité de les protéger en les rendant opaques au regard d’adversaires ou de concurrents est vite survenue. Depuis l’Antiquité, les procédés de masquages et enfin de cryptages furent nombreux. Les techniques de protection, depuis l’époque industrielle n’ont fait que croître pour voir apparaître, durant la seconde guerre mondiale, l’archétype des machines électromécaniques (telle l’Enigma), aux performances réputées inviolables. De nos jours, les nouveaux circuits de protection embarquent des procédés aux algorithmes hyper performants. Malgré toutes ces protections, les produits restent la cible privilégiée des « pirates » qui cherchent à casser par tous les moyens les structures de sécurisation, en vue d’utilisations frauduleuses. Ces « hackers » disposent d’une multitude de techniques d’attaques, l’une d’elles utilise un procédé par injections de fautes à l’aide d’un faisceau laser. Dès le début de ce manuscrit (Chapitre I), l’état de l’art de l’injection de fautes sera développé, en se focalisant sur celles faite à l’aide d’un faisceau laser. Ceci aidera à bien appréhender ces procédés intrusifs et ainsi protéger au mieux les microcontrôleurs sécurisés contre ces types d’attaques. Il est nécessaire de bien comprendre les phénomènes physiques mis en jeu lors de l’interaction entre une onde de lumière cohérente, tels les lasers et le matériau physico-chimique qu’est le silicium. De la compréhension de ces phénomènes, une modélisation électrique des portes CMOS sous illumination laser a été mise en oeuvre pour prévoir leurs comportements (chapitre II). De bonnes corrélations ont pu être obtenues entre mesures et simulations électrique. Ces résultats peuvent permettre de tester la sensibilité au laser de portes CMOS au travers de cartographies de simulation. De cette meilleure compréhension des phénomènes et de ce simulateur mis en place, de nombreuses contre-mesures ont été imaginées. Les nouvelles techniques développées, présentées dans ce manuscrit, donnent déjà des pistes pour accroître la robustesse des circuits CMOS contre des attaques laser. D’ores et déjà, ce travail a permis la mise en oeuvre de détecteurs lasers embarqués sur les puces récentes, renforçant ainsi sensiblement la sécurité des produits contre une attaque de type laser. / From time immemorial, human beings have been forced to protect the fruits of their creativity and ensure the security of their property. This information is very often strategic, in particular in political and commercial relationships. Also the need to protect this information by keeping it concealed in regards to enemies or competitors soon appeared. From ancient times, the methods used for masking and eventually encrypting information were numerous. Protection techniques have only advanced grown since the industrial era and have led to the precursor of electro-mechanic machines (such as the famous Enigma machine). Nowadays, new protection circuitry embeds very efficient algorithms. Despite these protections, they remain a prime target for « attackers » who try to break through all means of securing structures, for fraudulent uses. These « attackers » have a multitude of attack techniques. One of them uses a method of fault injections using a laser beam. From the beginning (Chapter I), this manuscript describes the state of the art of fault injections, focusing on those made using a laser beam. It explains these intrusive methods and provides information on how to protect even the most secure microcontrollers against these types of attacks. It is necessary to understand the physical phenomena involved in the interaction between a coherent light wave, such as lasers, and the physicochemical material that makes up a microcontroller. To better understanding these phenomena, an electrical modeling of CMOS gates under laser illumination was implemented to predict their behavior (Chapter II). Good correlations have been obtained between measurements and electrical simulation. These results can be used to test the laser sensitivity of CMOS gates through electrical cartographies. Due to the better understanding of the phenomena and the developed simulator, many countermeasures have been developed. The techniques presented in this manuscript offer new possibilities to increase the robustness of CMOS circuits against laser attacks. This work has already enabled the implementation of efficient counter-measures on embedded laser sensors and significantly enhanced product security against different laser attacks. Microcontroller sécurisé Injection de fautes Laser Modélisation électrique Contre-mesures Secured microcontrollers Laser injection Electrical modelling Countermeasures
32	Security and Privacy in Mobile Devices: Novel Attacks and Countermeasures January 2018 (has links) abstract: Mobile devices have penetrated into every aspect of modern world. For one thing, they are becoming ubiquitous in daily life. For the other thing, they are storing more and more data, including sensitive data. Therefore, security and privacy of mobile devices are indispensable. This dissertation consists of five parts: two authentication schemes, two attacks, and one countermeasure related to security and privacy of mobile devices. Specifically, in Chapter 1, I give an overview the challenges and existing solutions in these areas. In Chapter 2, a novel authentication scheme is presented, which is based on a user’s tapping or sliding on the touchscreen of a mobile device. In Chapter 3, I focus on mobile app fingerprinting and propose a method based on analyzing the power profiles of targeted mobile devices. In Chapter 4, I mainly explore a novel liveness detection method for face authentication on mobile devices. In Chapter 5, I investigate a novel keystroke inference attack on mobile devices based on user eye movements. In Chapter 6, a novel authentication scheme is proposed, based on detecting a user’s finger gesture through acoustic sensing. In Chapter 7, I discuss the future work. / Dissertation/Thesis / Doctoral Dissertation Electrical Engineering 2018 Electrical engineering Computer science Computer engineering Attacks Countermeasures Mobile device Privacy Security
33	A responsabilidade internacional do Estado por violação a normas protetoras de direitos humanos / The international responsability of the state for violations of norms protecting human rights. Oliveira, Danielle Cândido de 10 May 2011 (has links) Trata-se de tese de doutorado que analisa a possibilidade da adoção de contramedidas por Estados não diretamente lesados por um ato ilícito internacional diante da violação de uma norma protetora de direitos humanos. Partindo do estudo sobre a responsabilidade internacional dos Estados, analisam-se as consequências jurídicas advindas desta responsabilidade, dentre elas, o direito de outros Estados de adotarem contramedidas contra o Estado violador do Direito Internacional. Com base em pesquisa documental, jurisprudencial e bibliográfica, averigua-se a legalidade da adoção de contramedidas por Estados não diretamente lesados, levando-se em conta o trabalho da Comissão de Direito Internacional da ONU, a jurisprudência, a doutrina e a prática dos Estados nesta matéria. Argumenta-se que a existência de uma norma consuetudinária garante o direito dos Estados recorrerem a contramedidas mesmo quando estes não tenham sido diretamente lesados pelo ato internacionalmente ilícito, nos casos em que a obrigação violada é devida à comunidade internacional como um todo. Estuda-se também a necessidade da adoção das contramedidas em resposta a violações graves a normas de proteção de direitos humanos fundamentais, tendo em vista o sistema global de proteção destes direitos. Conclui-se que, diante da eficácia limitada dos mecanismos de proteção global dos direitos humanos do Direito Internacional atual, as contramedidas adotadas por Estados não diretamente lesados são não somente legais, mas necessárias à garantia da mais ampla proteção aos direitos humanos fundamentais. / This work is a doctoral thesis that analyzes the possibility of the resort to countermeasures by non directly injured States in light of the violation of a norm protecting human rights. Starting from a study of the international responsibility, the legal consequences of this responsibility are analyzed, among them, the right of other States to adopt countermeasures against the State violating the International Law. Based on a documental, jurisprudential and bibliographic research, the legality of the adoption of countermeasures by non directly injured States is verified taking in account the work of the International Law Commission of the UN, the jurisprudence, and the State practice in the subject. It is argued that the existence of a customary norm guarantees the right of States to resort to countermeasures even when they are not directly injured by the internationally unlawful act, in the cases where the violated obligation is due to the international community as a whole. The necessity of the resort to countermeasures in light of serious violations of norms protecting fundamental human rights in view of the global system for protection of these rights. It is concluded that in view of the limited efficacy of the global mechanisms for the protection of human rights in the current International Law, the countermeasures adopted by non directly injured States are not only legal, but also necessary to the guarantee of the broadest protection of fundamental human rights. Countermeasures Direito internacional público Direitos humanos Human rights International responsability Responsabilidade do Estado
34	Key Randomization Countermeasures to Power Analysis Attacks on Elliptic Curve Cryptosystems Ebeid, Nevine Maurice 04 1900 (has links) It is essential to secure the implementation of cryptosystems in embedded devices agains side-channel attacks. Namely, in order to resist differential (DPA) attacks, randomization techniques should be employed to decorrelate the data processed by the device from secret key parts resulting in the value of this data. Among the countermeasures that appeared in the literature were those that resulted in a random representation of the key known as the binary signed digit representation (BSD). We have discovered some interesting properties related to the number of possible BSD representations for an integer and we have proposed a different randomization algorithm. We have also carried our study to the $\tau$-adic representation of integers which is employed in elliptic curve cryptosystems (ECCs) using Koblitz curves. We have then dealt with another randomization countermeasure which is based on randomly splitting the key. We have investigated the secure employment of this countermeasure in the context of ECCs. Binary signed-digit representations DPA countermeasures tau-adic representation Electrical and Computer Engineering
35	Key Randomization Countermeasures to Power Analysis Attacks on Elliptic Curve Cryptosystems Ebeid, Nevine Maurice 04 1900 (has links) It is essential to secure the implementation of cryptosystems in embedded devices agains side-channel attacks. Namely, in order to resist differential (DPA) attacks, randomization techniques should be employed to decorrelate the data processed by the device from secret key parts resulting in the value of this data. Among the countermeasures that appeared in the literature were those that resulted in a random representation of the key known as the binary signed digit representation (BSD). We have discovered some interesting properties related to the number of possible BSD representations for an integer and we have proposed a different randomization algorithm. We have also carried our study to the $\tau$-adic representation of integers which is employed in elliptic curve cryptosystems (ECCs) using Koblitz curves. We have then dealt with another randomization countermeasure which is based on randomly splitting the key. We have investigated the secure employment of this countermeasure in the context of ECCs. Binary signed-digit representations DPA countermeasures tau-adic representation Electrical and Computer Engineering
36	Effects Of Collars On Scour Reduction At Bridge Abutments Dogan, Abdullah Ercument 01 December 2008 (has links) (PDF) Bridge failures are generally resulted from scour of the bed material around bridge piers and abutments during severe floods. In this study, scour phenomenon around bridge abutments and collars, located at abutments as scour countermeasures, were experimentally studied. The experimental study was carried out under clear-water scour conditions with uniform non-cohesive sediment (having a grain size diameter of d50=0.90 mm). The experimental flume is a rectangular channel of 30 m long and 1.5 m wide filled with this erodible bed material. Based on the results of 97 experiments conducted during the study, the efficiency of various sizes of collars, which were used to reduce the local scour depth, located at different elevations around the abutments was determined. The results obtained were compared with previous studies, and the effect of the sediment grain size on the performance of abutment collars was emphasized. It was noticed that when the collar width was increased and placed at or below the bed level, the reduction in scour depth increases considerably. It was also found out that the change of the sediment size did not affect the optimum location of the collar at the abutment, which yields the maximum scour reduction around the abutment.
37	Effects Of Collars On Local Scour Around Semi-circularend Bridge Abutments Daskin, Sueyla 01 June 2011 (has links) (PDF) During severe floods, bed material around bridge piers and abutments are scoured by the flow and as a result, bridges are subject to damages. These damages are mostly unrepairable and can result in loss of lives and property. In this thesis study, abutment scour under clear-water condition was investigated and collars were tested as scour countermeasures around the abutments. The experimental study was carried out in a rectangular channel with an almost uniform cohesionless bed material of d50=1.50 mm for a test period of 3-hours. The channel was 28.5 m long and 1.5 m wide. The erodible bed material was placed into the test section that was 5.8 m long and 0.48 m deep. For this thesis study, 60 experiments were carried out with and without various collars placed at different elevations around the abutments. The scour formation around the abutments with collars was observed and scour reduction efficiencies of the collars were studied. Experiment results were compared with the previous studies of Dogan (2008) and Kayat&uuml / rk (2005) in terms of sediment size, abutment shape and flow depth, and the effects of these factors on collar&#039 / s scour reduction efficiency were studied. Based on the results of the experimental studies, it was observed that scour depths decreased as the collar width increased and the collar placed deeper into the sediment bed for a given abutment length. When the present study and the previous studies were compared, it was observed that sediment size and flow depth had no significant effect on the scour reduction performances of the collars. QC General 27395
38	Local Scour Characteristics Around Semi-circular End Bridge Abutments With And Without Collars Tekin, Fatime 01 June 2012 (has links) (PDF) The major damage to bridges occurs due to scour of the bed materials around piers and abutments during severe floods. This study involves the experimental investigations of the various scour patterns forming around abutment models tested with and without collars as scour countermeasures. The experiments were conducted in a rectangular channel under clear-water scour conditions. In the first part of this study, 34 experiments were conducted with semi-circular end abutment models with and without a collar for a period of 3 hours. Collars of various sizes were placed at different elevations on the abutment models, and the scour reduction efficiencies of collars were investigated for the different flow depths. Based on the results of the experimental studies, the optimum locations of collars on the abutments, which result in minimum scour depth around the abutments, are obtained at the bed level and below the bed level depending on the flow intensity values. In the second part of this study, the effects of flow depth and abutment length on the temporal development of local scour at bridge abutments were studied. 20 experiments were performed without collars for a time period of 8 hours. It was observed that at the upstream of the abutment, the depth of the local scour increases rapidly within the first three hours of the experiment for the different flow depths. Q General 1-295
39	Opportunities and Challenges for Small Condiment Company in Implementing Corporate Social Responsibility in China Liu, Zhouhong January 2015 (has links) Abstract Background and purpose: Many people think that the corporate social responsibility is inseparable from large companies. However, small condiment companies have come to realize the importance of corporate social responsibility in recent decades as well and begun to implement it gradually. But there are still some challenges and opportunities that are faced by small condiment companies. This study will contribute to increases in literature of corporate social responsibility of SME by examining the SME in Chinese state policy context. And the purpose of this study is to find out the opportunities and challenges confronted by small condiment companies in implementing corporate social responsibility through the case study of the small condiment company, Meihua Condiment Co. Ltd. Shandong Branch. Method: The main method used in this study is single case study, which helps the authors get in-depth investigation, rich description and better understanding of how a small condiment company implements corporate social responsibility and the opportunities and challenges it faces therein. In this thesis, semi-structured face-to-face interviews that are aimed to get detailed information about the small condiment company---Meihua Condiment Co. Ltd. Shandong Branch are held. Since the face-to-face interview allows more communication between the authors and interviewees, and through the interviews, the authors get more familiar with the main condition of the company and know how they implement the CSR, as questions raised to the interviewees mainly concern how the company runs and how it implements corporate social responsibility. Around the topic of implementing CSR in small companies, the authors had looked up and analyzed the internet information like in China Development Observations, professional journals, and different digest like Special Focus, thus come up with an conclusion that small companies are faced with both challenges and opportunities. Furthermore, through the practical investigation of a small typical company--Meihua Condiment Co. Ltd. Shandong Branch, the authors make a step future to prove this argument. Conclusion: During the process of implementing CSR, small condiment companies may face plenty of opportunities such as low production cost, high group cohesiveness and less social responsibilities, but also lots of challenges such as enterprise development resistance and low social recognition. The investigation on a condiment SME in China shows that it’s important to combine both business opportunity and government effort for small condiment company to implement CSR. The small condiment company can take the advantage of its little social responsibility to save much effort to promote productions, utilize its strong staff coherence to improve production enthusiasm, make effort to do charity work well to establish good reputation, transfer the capital saved from taxes reduction to development, actively carry out moral construction for responding the nation’s summons, enhance enterprise’s sense of social responsibility. Meanwhile, the company shall also face challenges and take full advantages of them. What is more, due to the financial constrain and lack of external attention, the government shall transform its functions, deepen the reform, create good external environments and broaden the financing channel for small condiment company, enhance the company’s sense of safe production and solve the environment and products problems well. Key words: Corporate Social Responsibility (CSR), Small Condiment Company, Opportunities, Challenges, Corresponding Countermeasures Corporate Social Responsibility (CSR) Small Condiment Company Opportunities Challenges Corresponding Countermeasures
40	Protection des Accélérateurs Matériels de Cryptographie Symétrique Guilley, Sylvain 14 December 2012 (has links) (PDF) Les contremesures de masquage et de dissimulation permettent de rendre plus compliquées les attaques sur les implémentations de chiffrement symétrique. Elles sont aussi toutes deux aisément implémentables (et ce de façon automatisable) dans des flots EDA (Electronic Design Automation) pour ASIC (Application Specific Integrated Circuit) ou FPGA (Field Programmable Gates Array), avec certes différents niveaux d'expertise requis selon la contremesure concernée. Le masquage assure une protection "dynamique" s'appuyant sur un mélange d'aléa en cours de calcul. Nous montrons comment optimiser l'usage de cet aléa grâce à un codage qui permet de compresser les fuites d'information (leakage squeezing). Les limites du masquage s'étudient grâce à des outils de statistique, en analysant des distributions de probabilités. L'outil maître pour évaluer les imperfections des logiques DPL (Dual-rail with Precharge Logic style) est l'analyse stochastique, qui tente de modéliser des fuites "statiques" combinant plusieurs bits. L'inconvénient du masquage est que les attaques sont structurelles à l'utilisation d'aléa : si une attaque réussit sur une partie de la clé (e.g. un octet), alors a priori tous les autres octets sont de façon consistante vulnérables à la même attaque. La situation est différente avec les DPL : en cas de problème d'implémentation, seuls les octets de clés impliqués dans les parties déséquilibrées sont compromis, et non toute la clé. Une façon encore moins coûteuse de protéger les implémentations cryptographiques contre les attaques physiques est la résilience. C'est un usage astucieux de primitives a priori non protégées qui permet d'assurer la protection des secrets. L'avantage des approches résilientes est leur simplicité de mise en oeuvre et (idéalement), leur prouvabilité. Le principal inconvénient est que les contraintes d'usage ne sont souvent pas compatibles avec les standards actuels. Ainsi, nous pensons que davantage de recherche dans ce domaine pourrait globalement être profitable à l'industrie de la sécurité de systèmes embarqués. Trusted computing secured electronics countermeasures provable security

Search results