Presented recently, Meltdown and Spectre represent two critical vulnerabilities in modern processors. The adversaries can exploit these vulnerabilities in order to recover sensitive information stored in memory. The rationale is that these vulnerabilities allow adversaries to bypass the isolation between different applications. In this work, the student will present, execute and analyse these vulnerabilities (on several CPUs) in order to report their impact on real products.
A group key agreement (GKA) protocol ensures establishment of a common session key among the group members which remains unknown to outsiders. Practically, a GKA enables multiple remote users to communicate securely in an open environment. In this thesis, the student will present a comparative study of GKA protocols and implement them for the sake of performance analysis.
The goal of this project was to demonstrate a side-channel attack against a simple
cryptographic protocol implemented on an embedded system. Side-channel attacks target
the implementation rather than the cryptographic algorithm and attempt to recover secret
values, such as keys, using different kinds of measurements.
This project was accomplished by Meunier Laurent, Orinx Cédric, Rigas Theofanis and Vanspouwen Tristan. Their report explains all details about this project, they also make available all the source code, so you can repeat their experiments. They have also made a short video [high quality] demonstration of their work, it quickly demonstrates what can be done using their setup. At the end their result show how easy it is to recover a secret key using simple power analysis on an unprotected device.
This project was done in 2016-17 for the course of Embedded Systems Design given by professor Gilles Geeraerts, the project was supervised by Nikita Veshchikov.
Side-Channel Attacks are attacks against implementations of cryptographic algorithms. These attacks exploit physical properties of a device under attack. For example an attacker can measure the execution time or power consumption of a device while it executes a cryptographic algorithm.
Based on neural network, deep learning represents an active research in machine learning that allows producing automatic attacks requiring no a priori information on the underlying phenomenon. The purpose of this work is to shed new light on the capabilities of deep learning in side-channel attacks.
This work is in collaboration with RISCURE (www.riscure.com), a company working on security evaluation of embedded devices.
Here is yet another Tux image in bmp format encrypted using a block cipher in ECB mode. Once again, it shows us that it is not secure. The top left picture is the original, while the 3 other images are generated by encrypting image data using PRESENT-80 block cipher with 3 different keys.
This small exercise was suggested by Nikita Veshchikov during the exercise sessions of the course “Introduction to Cryptography” given by Professor Olivier Markowitch.
The C++ code by Jérôme Hellinckx is available and you can try it for yourself.
Limites, implantation sous-jacente, efficacité.
Évolution du concept et analyse des arguments pro et contra pour C++17.
Contacts: Yves Roggeman
Choix des structures, des primitives.
Efficacité, limites, aisance d’usage.
Contacts: Yves Roggeman