Global ETD Search

51	Multidimensionality of the models and the data in the side-channel domain / Multidimensionnalité des modèles et des données dans le domaine des canaux auxiliaires Marion, Damien 05 December 2018 (has links) Depuis la publication en 1999 du papier fondateur de Paul C. Kocher, Joshua Jaffe et Benjamin Jun, intitulé "Differential Power Analysis", les attaques par canaux auxiliaires se sont révélées être un moyen d’attaque performant contre les algorithmes cryptographiques. En effet, il s’est avéré que l’utilisation d’information extraite de canaux auxiliaires comme le temps d’exécution, la consommation de courant ou les émanations électromagnétiques, pouvait être utilisée pour retrouver des clés secrètes. C’est dans ce contexte que cette thèse propose, dans un premier temps, de traiter le problème de la réduction de dimension. En effet, en vingt ans, la complexité ainsi que la taille des données extraites des canaux auxiliaires n’a cessé de croître. C’est pourquoi la réduction de dimension de ces données permet de réduire le temps et d’augmenter l’efficacité des attaques. Les méthodes de réduction de dimension proposées le sont pour des modèles de fuites complexe et de dimension quelconques. Dans un second temps, une méthode d’évaluation d’algorithmes logiciels est proposée. Celle-ci repose sur l’analyse de l’ensemble des données manipulées lors de l’exécution du logiciel évalué. La méthode proposée est composée de plusieurs fonctionnalités permettant d’accélérer et d’augmenter l’efficacité de l’analyse, notamment dans le contexte d’évaluation d’implémentation de cryptographie en boîte blanche. / Since the publication in 1999 of the seminal paper of Paul C. Kocher, Joshua Jaffe and Benjamin Jun, entitled "Differential Power Analysis", the side-channel attacks have been proved to be efficient ways to attack cryptographic algorithms. Indeed, it has been revealed that the usage of information extracted from the side-channels such as the execution time, the power consumption or the electromagnetic emanations could be used to recover secret keys. In this context, we propose first, to treat the problem of dimensionality reduction. Indeed, since twenty years, the complexity and the size of the data extracted from the side-channels do not stop to grow. That is why the reduction of these data decreases the time and increases the efficiency of these attacks. The dimension reduction is proposed for complex leakage models and any dimension. Second, a software leakage assessment methodology is proposed ; it is based on the analysis of all the manipulated data during the execution of the software. The proposed methodology provides features that speed-up and increase the efficiency of the analysis, especially in the case of white box cryptography. Attaques par canaux auxiliaires Réduction de dimension Modèles de fuites Cryptographie en boîte blanche AES Side-channel attacks Dimensionality reduction Leakage models White box cryptography AES, Advanced Encryption Standard
52	Architectural Support For Improving Computer Security Kong, Jingfei 01 January 2010 (has links) Computer security and privacy are becoming extremely important nowadays. The task of protecting computer systems from malicious attacks and potential subsequent catastrophic losses is, however, challenged by the ever increasing complexity and size of modern hardware and software design. We propose several methods to improve computer security and privacy from architectural point of view. They provide strong protection as well as performance efficiency. In our first approach, we propose a new dynamic information flow method to protect systems from popular software attacks such as buffer overflow and format string attacks. In our second approach, we propose to deploy encryption schemes to protect the privacy of an emerging non-volatile main memory technology - phase change memory (PCM). The negative impact of the encryption schemes on PCM lifetime is evaluated and new methods including a new encryption counter scheme and an efficient error correct code (ECC) management are proposed to improve PCM lifetime. In our third approach, we deconstruct two previously proposed secure cache designs against software data-cache-based side channel attacks and demonstrate their weaknesses. We propose three hardware-software integrated approaches as secure protections against those data cache attacks. Also we propose to apply them to protect instruction caches from similar threats. Furthermore, we propose a simple change to the update policy of Branch Target Buffer (BTB) to defend against BTB attacks. Our experiments show that our proposed schemes are both security effective and performance efficient. dynamic information flow buffer overflow phase change memory counter-mode encryption wear leveling secure cache designs informing loads Computer Sciences Engineering
53	Leakage Conversion For Training Machine Learning Side Channel Attack Models Faster Rohan Kumar Manna (8788244) 01 May 2020 (has links) Recent improvements in the area of Internet of Things (IoT) has led to extensive utilization of embedded devices and sensors. Hence, along with utilization the need for safety and security of these devices also increases proportionately. In the last two decades, the side-channel attack (SCA) has become a massive threat to the interrelated embedded devices. Moreover, extensive research has led to the development of many different forms of SCA for extracting the secret key by utilizing the various leakage information. Lately, machine learning (ML) based models have been more effective in breaking complex encryption systems than the other types of SCA models. However, these ML or DL models require a lot of data for training that cannot be collected while attacking a device in a real-world situation. Thus, in this thesis, we try to solve this issue by proposing the new technique of leakage conversion. In this technique, we try to convert the high signal to noise ratio (SNR) power traces to low SNR averaged electromagnetic traces. In addition to that, we also show how artificial neural networks (ANN) can learn various non-linear dependencies of features in leakage information, which cannot be done by adaptive digital signal processing (DSP) algorithms. Initially, we successfully convert traces in the time interval of 80 to 200 as the cryptographic operations occur in that time frame. Next, we show the successful conversion of traces lying in any time frame as well as having a random key and plain text values. Finally, to validate our leakage conversion technique and the generated traces we successfully implement correlation electromagnetic analysis (CEMA) with an approximate minimum traces to disclosure (MTD) of 480. Computer Engineering Engineering not elsewhere classified Internet of things(IoT) Side Channel Attacks machine learning-based Artificial Neural Network Prediction Digital signal processing Power side-channel attacks Embedded Devices
54	Power and Electro-Magnetic Side-Channel Attacks : threats and countermeasures / Attaques par Canaux Auxiliaires en Consommation et Electro-Magnétique : menaces et contremesures Lomne, Victor 07 July 2010 (has links) En cryptographie classique, un algorithme de chiffrement est considéré comme une boîte noire, et un attaquant n'a accès qu'aux textes clairs et chiffrés. Mais un circuit cryptographique émet aussi des informations sensibles lors d'une opération cryptographique, comme sa consommation de courant ou ses émissions électro-magnétiques. Par conséquent, différentes techniques, appelées attaques par canaux auxiliaires, permettent d'exploiter ces fuites d'informations physiques pour casser des algorithmes cryptographiques avec une complexité très faible en comparaison avec les méthodes de la cryptanalyse classique. Dans ce travail, les attaques par canaux auxiliaires basées sur la consommation de courant ou les émissions électro-magnétiques sont d'abord étudiées d'un point de vue algorithmique, et différentes améliorations sont proposées. Ensuite, une attention particulière est consacrée à l'exploitation du canal auxiliaire électro-magnétique, et un flot de simulation des radiations magnétiques des circuits intégrés est proposé et validé sur deux microcontrôleurs. Finalement, certaines contremesures permettant de protéger les algorithmes de chiffrement contre ces menaces, basées sur des styles de logique équilibrées, sont présentées et évaluées. / In cryptography, a cipher is considered as a black-box, and an attacker has only access to plaintexts and ciphertexts. But a real world cryptographic device leaks additionnal sensitive informations during a cryptographic operation, such as power consumption or electro-magnetic radiations. As a result, several techniques, called Side-Channel Attacks, allow exploiting these physical leakages to break ciphers with a very low complexity in comparison with methods of classical cryptanalysis. In this work, power and electro-magnetic Side-Channel Attacks are firstly studied from an algorithmic point-of-view, and some improvements are proposed. Then, a particular attention is given on the exploitation of the electro-magnetic side-channel, and a simulation flow predicting magnetic radiations of ICs is proposed and validated on two microcontrollers. Finally, some countermeasures allowing to protect ciphers against these threats, based on balanced logic styles, are presented and evaluated. Attaques par canaux auxiliaires Analyse differentielle de courant Logique triple rail sécurisée Sttl Side-Channel Attacks Differential Power Analysis Differential Electro-Magnetic Analysis Secure Triple Track Logic Sttl
55	Nouvelles Contre-Mesures pour la Protection de Circuits Intégrés / New Protection Strategies for Integrated Circuits Cioranesco, Jean-Michel 18 December 2014 (has links) Les domaines d'application de la cryptographie embarquée sont très divers et se retrouvent au croisement de toutes les applications personnelles, avec un besoin évident de confidentialité des données et également de sécurité d'accès des moyens de paiement. Les attaques matérielles invasives ont fait de tous temps partie de l'environnement industriel. L'objectif de cette thèse est de proposer de nouvelles solutions pour protéger les circuits intégrés contre ces attaques physiques. La première partie décrit les notions d'attaques par canaux cachés, d'attaques invasives et de retro-conception. Plusieurs exemples de ces types d'attaques ont pu être mis en œuvre pendant le travail de recherche de cette thèse, ils sont présentés en détail dans cette partie. La deuxième partie est consacrée à des propositions de différentes contre-mesures pour contrer des attaques par canaux cachés ayant pour vecteur la consommation de courant. La troisième partie est dédiée à la protection contre les attaques invasives en utilisant divers types de boucliers et capteurs. Nous conclurons ce manuscrit de thèse par la proposition d'un bouclier actif cryptographique inviolable ayant pour but premier de contrer Je sondage, mais aussi celui de détecter l'injection de fautes et d'être immunisé contre les analyses par consommation de courant. / Embedded security applications are diverse and at the center of all personal embedded applications. They introduced an obvious need for data confidentiality and security in general. Invasive attacks on hardware have always been part of the industrial scene. The aim of this thesis is to propose new solutions in order to protect embedded circuits against some physical attacks described above. ln a first part of the manuscript, we detail the techniques used to achieve side-channel, invasive attacks and reverse engineering. I could implement several of these attacks during my thesis research, they will be detailed extensively. ln the second part we propose different hardware countermeasures against side-channel attacks. The third part is dedicated to protection strategies against invasive attacks using active shielding and we conclude this work by proposing an innovative cryptographic shield which is faulty and dpa resistant. Attaques par canaux cachés Attaques invasives Analyse par consommation de courant Circuit intégré Bouclier actif Émanations électromagnétiques Chiffrement sécurisé Sécurité embarquée Side-channel attacks Invasive attacks Differential power analysis Integrated circuit Active shield Embedded security Cryptography Fault attack 652.8
56	Cryptographic hash functions : cryptanalysis, design and applications Gauravaram, Praveen Srinivasa January 2007 (has links) Cryptographic hash functions are an important tool in cryptography to achieve certain security goals such as authenticity, digital signatures, digital time stamping, and entity authentication. They are also strongly related to other important cryptographic tools such as block ciphers and pseudorandom functions. The standard and widely used hash functions such as MD5 and SHA-1 follow the design principle of Merkle-Damgard iterated hash function construction which was presented independently by Ivan Damgard and Ralph Merkle at Crypto'89. It has been established that neither these hash functions nor the Merkle-Damgard construction itself meet certain security requirements. This thesis aims to study the attacks on this popular construction and propose schemes that offer more resistance against these attacks as well as investigating alternative approaches to the Merkle-Damgard style of designing hash functions. This thesis aims at analysing the security of the standard hash function Cellular Authentication and Voice Encryption Algorithm (CAVE) used for authentication and key-derivation in the second generation (2G) North American IS-41 mobile phone system. In addition, this thesis studies the analysis issues of message authentication codes (MACs) designed using hash functions. With the aim to propose some efficient and secure MAC schemes based on hash functions. This thesis works on three aspects of hash functions: design, cryptanalysis and applications with the following significant contributions: * Proposes a family of variants to the Damgard-Merkle construction called 3CG for better protection against specific and generic attacks. Analysis of the linear variant of 3CG called 3C is presented including its resistance to some of the known attacks on hash functions. * Improves the known cryptanalytical techniques to attack 3C and some other similar designs including a linear variant of GOST, a Russian standard hash function. * Proposes a completely novel approach called Iterated Halving, alternative to the standard block iterated hash function construction. * Analyses provably secure HMAC and NMAC message authentication codes (MACs) based on weaker assumptions than stated in their proofs of security. Proposes an efficient variant for NMAC called NMAC-1 to authenticate short messages. Proposes a variant for NMAC called M-NMAC which offers better protection against the complete key-recovery attacks than NMAC. As well it is shown that M-NMAC with hash functions also resists side-channel attacks against which HMAC and NMAC are vulnerable. Proposes a new MAC scheme called O-NMAC based on hash functions using just one secret key. * Improves the open cryptanalysis of the CAVE algorithm. * Analyses the security and legal implications of the latest collision attacks on the widely used MD5 and SHA-1 hash functions. cryptography hash functions cryptanalysis design applications Merkle-Damgard construction CAVE 3CG 3C GOST-L F-Hash NMAC HMAC O-NMAC M-NMAC NMAC-1 iterated halving digital signatures side-channel attacks practical and legal implications
57	ARQUITETURAS DE CRIPTOGRAFIA DE CHAVE PÚBLICA: ANÁLISE DE DESEMPENHO E ROBUSTEZ / PUBLIC-KEY CRYPTOGRAPHY ARCHITECTURES: PERFORMANCE AND ROBUSTNESS EVALUATION Perin, Guilherme 15 April 2011 (has links) Coordenação de Aperfeiçoamento de Pessoal de Nível Superior / Given the evolution of the data communication field, and the resulting increase of the information flow in data, networks security became a major concern. Modern cryptographic methods are mathematically reliable. However their implementation in hardware leaks confidential information through side-channels like power consumption and electromagnetic emissions. Although performance issues are crucial for a hardware design, aspects of robustness against attacks based on side-channel informations have gained much attention in recent years. This work focuses on hardware architectures based on the RSA public-key algorithm, originally proposed in 1977 by Rivest, Shamir and Adleman. This algorithm has the modular exponentiation as its main operation and it is performed through successive modular multiplications. Because the RSA involves integers of 1024 bits or more, the inherent division of modular multiplications became the main concern. The Montgomery algorithm, proposed in 1985, is a largely used method for hardware designs of modular multiplications, because it avoids divisions and all operations are performed in a multiple-precision context with all terms represented in a numerical base, generally, a power of two. This dissertation proposes a systolic architecture able to perform the Montgomery modular multiplication with multiple-precision arithmetic. Following, an improvement to the systolic architecture is presented, through an architecture that computes the Montgomery multiplication by multiplexing the multi-precision arithmetic processes. The multiplexed architecture is employed in the left-to-right square-and-multiply and square-and-multiply always modular exponentiation methods and is subjected to SPA (Simple Power Analysis) and SEMA (Simple Electromagnetic Analysis) side-channel attacks and robustness aspects are analysed. Different word sizes (numerical bases) are applied as well as different input operands. As an improvement to SPA and SEMA attacks, the power consumption and electromagnetic traces are demodulated in amplitude to eliminate the clock harmonics influence in the acquired traces. Finally, interpretations, conclusions and countermeasure propositions to the multiplexed architecture against the implemented side-channel attacks are presented. / Com a expansão da área de comunicação de dados e o consequente aumento do fluxo de informações, a segurança tem se tornado uma grande preocupação. Apesar dos métodos criptográficos modernos serem matematicamente seguros, sua implementação em hardware tende a apresentar fugas de informações confidenciais por canais laterais, tais como consumo de potência e emissões eletromagnéticas. Embora questões de desempenho sejam cruciais para um projeto de hardware, aspectos de robustez contra ataques baseados em fugas de informações por canais laterais tem ganhado maior atenção nos últimos anos. Neste trabalho, explora-se arquiteturas em hardware voltadas para o algoritmo de chave pública RSA, originalmente proposto em 1977 por Rivest, Shamir e Adleman. Este algoritmo possui como principal operação a exponenciação modular, e esta é calculada através de sucessivas multiplicações modulares. Sendo que o RSA envolve números inteiros da ordem de 1024 bits ou mais, a operação de divisão inerente em multiplicações modulares torna-se o principal problema. O algoritmo de Montgomery, proposto em 1985, é um método bastante utilizado na implementação da multiplicação modular em hardware, pois além de evitar divisões, trabalha em um contexto de precisão múltipla com termos representados por bases numéricas, geralmente, potências de dois. Dentro deste contexto, propõe-se inicialmente uma arquitetura sistólica, baseada nas propriedades de aritmética de precisão múltipla do Algoritmo de Montgomery. Em seguida, apresenta-se uma melhoria para a arquitetura sistólica, através de uma arquitetura que realiza a multiplicação modular de Montgomery voltada à multiplexação dos processos aritméticos. A arquitetura multiplexada é empregada nos métodos de exponenciação modular left-to-right square-and-multiply e square-and-multiply always e é submetida a ataques por canais laterais SPA (Simple Power Analysis) e SEMA (Simple Electromagnetic Analysis) e aspectos de robustez da arquitetura multiplexada são analisados para diversos tamanhos de palavras (base numérica do algoritmo de Montgomery). Como proposta de melhoria aos ataques por canais laterais simples, os traços de consumo de potência e emissão eletromagnética são demodulados em amplitude de modo a eliminar a influência das harmônicas do sinal de clock sobre os traços coletados. Por fim, interpretações e conclusões dos resultados são apresentados, assim como propostas de contra-medidas para a arquitetura multiplexada com relação aos ataques por canais laterais realizados. Criptografia de chave pública RSA Exponenciação modular Multiplicação modular de montgomery Ataques por canais laterais Public-key cryptography RSA Side-channel attacks
58	CONTRA-MEDIDA POR RANDOMIZAÇÃO DE ACESSO À MEMÓRIA EM ARQUITETURA DE CRIPTOGRAFIA DE CHAVE PÚBLICA / MEMORY RANDOM ACCESS COUNTERMEASURE ON A PUBLIC KEY CRYPTOGRAPHY ARCHITECTURE Henes, Felipe Moraes 18 November 2013 (has links) Coordenação de Aperfeiçoamento de Pessoal de Nível Superior / The expansion of the data communication, due to the large ow of information that pass through these systems has meant that the security becomes an item of constant concern. Even when considering the efficient encryption systems that exists today, which present relevant mathematical protection, some implementations in hardware of these systems will favor the leak of confidential information through side channels attacks, such as power consumption and electromagnetic radiation. Performance issues have fundamental importance in the design of a physical system, however aspects which make the system robust against side channel attacks has gotten more attention nowadays.This work focuses on hardware architectures based on the RSA public key algorithm, proposed by Rivest, Shamir and Adleman in 1977, which presents the modular exponentiation operation, calculated from several modular multiplications, as main operation. The RSA algorithm involves integers in order of 1024 or 2048 bits, so the division inherent in modular multiplications can become a major problem. In order to avoid these divisions, the Montgomery algorithm, proposed in 1985, appears as an efficient alternative. On this context, this dissertation presents a multiplexed architecture based on the properties of the Montgomery's algorithm. Forwarding, an improvement to this architecture is presented, implemented with the randomization of internal memories accesses, in order to increase system robustness against specialized side-channel attacks. Thus, the implemented architecture is exposed to side channels SPA (Simple Power Analysis) and SEMA (Simple Electromagnetig Analysis) and the aspects of security and robustness of the implemented system are evaluated and presented. / A constante expansão dos sistemas de comunicação de dados devido ao grande fluxo de informações que trafegam por estes sistemas tem feito com que a segurança se torne um item de constante preocupação. Mesmo ao considerar-se os eficientes sistemas de criptografia atuais, os quais apresentam relevante proteção matemática, a implementação em hardware destes sistemas tende a propiciar a fuga de informações confidenciais através de ataques por canais laterais, como consumo de potência e emissão eletromagnética. Mesmo sabendo-se que questões de desempenho tem fundamental importância no projeto de um sistema físico, aspectos que tornem o sistema robusto frente a ataques por canais laterais tem obtido maior atenção nos últimos anos. Neste trabalho apresentam-se arquiteturas implementadas em hardware para o cálculo do algoritmo de chave pública RSA, proposto por Rivest, Shamir e Adleman em 1977, o qual tem como principal operarção a exponenciação modular, calculada a partir de várias multiplicações modulares. Sabendo-se que o algoritmo RSA envolve números inteiros da ordem de 1024 ou 2048 bits, a divisão inerente em multiplicações modulares pode tornar-se o grande problema. A fim de que se evite estas divisões, o algoritmo de Montgomery, proposto em 1985, aparece como uma boa alternativa por também trabalhar em um contexto de precisão múltipla e com números na base numérica de potência de dois. Neste contexto apresenta-se inicialmente uma arquitetura multiplexada, baseada nas propriedades de execução do algoritmo de Montgomery. A seguir apresenta-se uma melhoria a esta arquitetura com a implementação da randomização dos acessos as memórias internas, com o objetivo de aumentar a robustez do sistema frente a ataques por canais laterais especializados. Sendo assim, a arquitetura implementada é submetida a ataques por canais laterais SPA (Simple Power Analysis) e SEMA (Simple Electromagnetig Analysis) e os aspectos de segurança e robustez do sistema implementado são analisados e apresentados. Criptográfia de Chave Pública RSA Exponenciação Modular Ataques por Canais Laterais Análise Eletromagnética SPA SEMA Public key Cryptography RSA Modular Exponentation Side Channel Attacks Electromagnetic Analysis SPA SEMA
59	Security of cryptosystems against power-analysis attacks / Sécurité des schémas cryptographiques contre les attaques par canaux auxiliaires Belaïd, Sonia 22 October 2015 (has links) Les attaques par canaux auxiliaires sont les attaques les plus efficaces contre les systèmes cryptographiques. Alors que les attaques classiques n’exploitent que les entrées et sorties des algorithmes cryptographiques, les attaques par canaux auxiliaires utilisent également les fuites physiques du composant sous-jacent. Dans cette thèse, nous nous intéressons aux attaques par canaux auxiliaires qui exploitent la consommation de courant des composants pour retrouver les clefs secrètes. Ces attaques sont désignées par le terme attaques par analyse de courant. La majorité des attaques par analyse de courant existantes repose sur l’observation de variables dépendant uniquement de quelques bits de secret avec la stratégie diviser-pour-régner. Dans cette thèse, nous exhibons de nouvelles attaques qui exploitent l’observation de variables intermédiaires largement dépendantes de grands secrets. Notamment, nous montrons qu’en observant uniquement la fuite physique du résultat d’une multiplication de Galois entre une clef secrète de 128 bits et plusieurs messages connus, nous pouvons en déduire un système d’équations avec erreurs puis retrouver cette clef secrète. En parallèle, nous nous intéressons aux deux contre-mesures algorithmiques les plus répandues contre ces attaques par analyse de courant : les fonctions intrinsèquement résistantes aux fuites physiques et les schémas de masquage. Dans un premier temps, nous définissons un schéma de chiffrement résistant aux fuites physiques qui repose sur un rafraîchissement régulier de la clef secrète. Nous prouvons la sécurité de ce schéma dans le modèle de cryptographie résistante aux fuites (en anglais, leakage-resilient cryptography). Dans un second temps, nous construisons, à l’aide des méthodes formelles, un outil permettant de vérifier automatiquement la sécurité d’implémentations masquées. Nous exhibons également de nouvelles propriétés de sécurité, ainsi que des propriétés de composition qui nous permettent de générer une implémentation masquée à n’importe quel ordre à partir d’une implémentation non protégée. Finalement, nous présentons une étude de comparaison entre ces deux contre-mesures algorithmiques dans le but d’aider les experts industriels à déterminer la meilleure protection à intégrer dans leurs produits en fonction de leurs contraintes en termes de sécurité et de performances. / Side-channel attacks are the most efficient attacks against cryptosystems. While the classical blackbox attacks only exploit the inputs and outputs of cryptographic algorithms, side-channel attacks also get use of the physical leakage released by the underlying device during algorithms executions. In this thesis, we focus on one kind of side-channel attacks which exploits the power consumption of the underlying device to recover the algorithms secret keys. They are gathered under the term power-analysis attacks. Most of the existing power-analysis attacks rely on the observations of variables which only depend on a few secret bits using a divide-and-conquer strategy. In this thesis, we exhibit new kinds of attacks which exploit the observation of intermediate variables highly dependent on huge secrets. In particular, we show how to recover a 128-bit key by only recording the leakage of the Galois multiplication’s results between several known messages and this secret key. We also study two commonly used algorithmic countermeasures against side-channel attacks: leakage resilience and masking. On the one hand, we define a leakage-resilient encryption scheme based on a regular update of the secret key and we prove its security. On the other hand, we build, using formal methods, a tool to automatically verify the security of masked algorithms. We also exhibit new security and compositional properties which can be used to generate masked algorithms at any security order from their unprotected versions. Finally, we propose a comparison between these two countermeasures in order to help industrial experts to determine the best protection to integrate in their products, according to their constraints in terms of security and performances. Attaques par canaux auxiliaires Attaques par analyse de courant Masquage aux ordres supérieurs Side-channel attacks Differential power analysis Leakage-resilient cryptography Higherorder masking 004
60	Side-channel and fault analysis in the presence of countermeasures : tools, theory, and practice / Canaux cachés et attaques par injection de fautes en présence de contre-mesures : outils, théorie et pratique Korkikian, Roman 27 October 2016 (has links) Dans cette thèse nous développons et améliorons des attaques de systèmes cryptographiques. Un nouvel algorithme de décomposition de signal appelé transformation de Hilbert-Huang a été adapté pour améliorer l’efficacité des attaques parcanaux auxiliaires. Cette technique permet de contrecarrer certaines contre-mesures telles que la permutation d’opérations ou l’ajout de bruit à la consommation de courant. La seconde contribution de ce travail est l’application de certaines distributions statistiques de poids de Hamming à l’attaque d’algorithmes de chiffrement par bloc tels que AES, DES ou LED. Ces distributions sont distinctes pour chaque valeur de sous-clef permettent donc de les utiliser comme modèles intrinsèques. Les poids de Hamming peuvent être découverts par des analyses de canaux auxiliaires sans que les clairs ni les chiffrés ne soient accessibles. Cette thèse montre que certaines contremesures peuvent parfois faciliter des attaques. Les contre-mesures contagieuses proposées pour RSA protègent contre les attaques par faute mais ce faisant et moyennant des calculs additionnels facilitent la découverte de la clef. Finalement, des contre-mesures à faible complexité calculatoire sont proposées. Elles sont basées sur le masquage antagoniste, c’est-à-dire, l’exécution d’une opération d’équilibrage sur des données sensibles pour masquer la consommation de courant. / The goal of the thesis is to develop and improve methods for defeating protected cryptosystems. A new signal decompositionalgorithm, called Hilbert Huang Transform, was adapted to increase the efficiency of side-channel attacks. This technique attempts to overcome hiding countermeasures, such as operation shuffling or the adding of noise to the power consumption. The second contribution of this work is the application of specific Hamming weight distributions of block cipher algorithms, including AES, DES, and LED. These distributions are distinct for each subkey value, thus they serve as intrinsic templates. Hamming weight data can be revealed by side-channel and fault attacks without plaintext and ciphertext. Therefore these distributions can be applied against implementations where plaintext and ciphertext are inaccessible. This thesis shows that some countermeasures serve for attacks. Certain infective RSA countermeasures should protect against single fault injection. However, additional computations facilitate key discovery. Finally, several lightweight countermeasures are proposed. The proposed countermeasures are based on the antagonist masking, which is an operation occurring when targeting data processing, to intelligently mask the overall power consumption. Attaques par canaux auxiliaires Attaques par fautes Cryptographie Systèmes embarqués Contremesures Transformation de Hilbert-Huang Statistiques Side-Channel attacks Fault attacks Cryptography Embedded systems Countermeasures Hilbert-Huang transform Hamming weight probability distribution Statistics 004

Search results