emsec: embedded security and...
TRANSCRIPT
EMSEC: Embedded Security and CryptographyResponsables: Gildas Avoine, Pierre-Alain Fouque
Présentation: Stéphanie Delaune (CNRS)
EMSEC team
Embedded Security & Cryptography−→ 7 permanent researchers, 12 PhD students, and 2 post-docs
P. Derbez, G. Avoine, A. Roux-Langlois, B. Kordy, & P.-A. Fouque.−→ Clémentine Maurice and myself !
EMSEC, Embedded Security and Cryptography 2
Stéphanie Delaune
� Since 2007: CNRS Research Scientist hosted at� ENS Cachan (2007-2016)� IRISA (Rennes) from September 2016
� 2006-2007: Post-doctoral stays at Birmingham University (UK)and University of Lorraine (FR)
� 2003-2006: PhD at ENS Cachan and France Télécom R&D
Formal analysis of security protocols.
More information about me:
� http://people.irisa.fr/Stephanie.Delaune/
EMSEC, Embedded Security and Cryptography 3
Thèmes de recherche
EMSEC, Embedded Security and Cryptography 4
Security protocols are everywhere !
� testing their resilience against well-knownattacks is not sufficient;
� manual security analysis is error-prone.
−→ Caution: Do not underestimate your opponents!
privacyissue
authentication issue
The register - Jan. 2010
Independent - Feb. 2016
EMSEC, Embedded Security and Cryptography 5
Security protocols are everywhere !
� testing their resilience against well-knownattacks is not sufficient;
� manual security analysis is error-prone.
−→ Caution: Do not underestimate your opponents!
privacyissue
authentication issue
The register - Jan. 2010
Independent - Feb. 2016
EMSEC, Embedded Security and Cryptography 5
Security protocols are everywhere !
� testing their resilience against well-knownattacks is not sufficient;
� manual security analysis is error-prone.
−→ Caution: Do not underestimate your opponents!
privacyissue
authentication issue
The register - Jan. 2010
Independent - Feb. 2016
EMSEC, Embedded Security and Cryptography 5
How cryptographic protocols can be attacked?
Proposal #1: Mise en place d’outils automatiques pour la luttecontre les attaques physiques −→V. Migliore
Proposal #2: Cryptanalysis using constraint programming solvers:the case of cube attacks −→ S. Delaune & P. Derbez
EMSEC, Embedded Security and Cryptography 6
How cryptographic protocols can be attacked?
Logical attacks� can be mounted even assuming perfectcryptography,↪→ replay attack, man-in-the middle attack, . . .
� subtle and hard to detect by “eyeballing” theprotocol
A sucessful approach: formal symbolic verification−→ provides a rigorous framework and automatic tools to analysesecurity protocols and find their flaws.
EMSEC, Embedded Security and Cryptography 7
Some proposals on formal verification
Proposal #3: Verification of security protocols: are the usualencodings safe when considering equivalence-based properties?
−→ S. Delaune
Proposal #4: Analysing security protocols based on low-entropysecrets in the symbolic model −→ S. Delaune & S. Kremer
Proposal #5: Security analysis of the LoRaWAN protocol usingformal symbolic verification tools −→ S. Delaune
� more information: https://popstar.irisa.fr
� contact me: [email protected]
EMSEC, Embedded Security and Cryptography 8
Some other internship proposals
−→ contact: G. Avoine
Proposal #6: Analysis of the Proximity Check Protocol ofContactless Smartcardshttp://www.avoine.net/smartcards_avoine.pdf
Proposal #7: Analyse du contenu de la base de données HAL.
EMSEC, Embedded Security and Cryptography 9