Jean-Luc Danger

Institut Mines-Télécom | telecom-sudparis.eu · Department of Communications and Electronics (Comelec)

True Random Number Generators (TRNGs) are sensitive Intellectual Property (IP) blocks involved in the creation of cryptographic keys, initialization vectors, nonces, etc. They must behave properly within a large environmental spectrum, including multiple corners, in case of aging-induced change of device characteristics over time, and also under in...

Enhancing the reliability of natively unstable Physically Unclonable Functions (PUFs) is a major requirement when the PUF is to generate secret identifiers like cryptographic keys. One traditional method is to rely on an addition of a public word: the Helper Data. However, it involves extra complexity and constitutes a vulnerability against attacks...

The test of security primitives is particularly strategic as any bias coming from the implementation or environment can wreak havoc on the security it is intended to provide. This paper presents how some security properties are tested on hardware security primitives including True Random Number Generation (TRNG), Physically Unclonable Function (PUF...

Aggressive scaling continues to push technology into smaller feature sizes and results in more complex systems in a single chip. With such scaling, various robustness concerns have come into account among which the change of circuits' properties during their lifetime, so-called device aging, has received a lot of attention. Due to aging, the electr...

A Temperature Resilient PUF Assuring Reliability. Presented as a Hardware demo at HOST 2023.

Secure chips implement cryptographic algorithms and protocols to ensure self-protection (e.g., firmware authenticity) as well as user data protection (e.g., encrypted data storage). In turn, cryptography needs to defer to incorruptible sources of entropy to implement their functions according to their mandatory usage guidance. Typically, keys, nonc...

Physical Unclonable Functions (PUFs) leverage manufacturing variations to generate device-specific keys during runtime only, overcoming the need for protection after power-off as for Non-Volatile Memory. The main challenges of PUF-based key storage are reliability of the response and sensitivity to Side-Channel Analysis (SCA). Oscillator-based PUFs...

Due to the rising number of sophisticated customer functionalities, electronic control units (ECUs) are increasingly integrated into modern automotive systems. However, the high connectivity between the in-vehicle and the external networks paves the way for hackers who could exploit in-vehicle network protocols' vulnerabilities. Among these protoco...

Cryptographic chips are prone to side-channel analysis attacks aiming at extracting their secrets. Side-channel leakage is particularly hard to remove completely, unless using a bottom-up approach (compositional security). On the contrary, industrial secure-by-design methods are rather relying on a top-down approach: (would-be) protected circuits a...

The hardware primitives known as Physically Unclonable Functions (PUFs) generate unique signatures based on uncontrollable variations which occur during the manufacturing process of silicon chips. These signatures are in turn used for securing Integrated Circuits either as a secret key for cryptographic modules, or as a medium for authenticating de...

Sensing environmental conditions are highly useful for embedded systems as such sensing not only can help in optimizing system performance but also can be essential for safety and security in order to prevent failures or detect attacks. It is necessary to equip mission-critical chips with sensors raising alarms when the chips are operated out-of-sp...

Fault Injection Attacks (FIA) have received a lot of attention in recent years. An adversary launches such an attack to abusively take control over the system or to leak sensitive data. Laser illumination has been considered as an effective technique to launch FIA. The laser-based FIAs are mainly used when the adversary opts to target a specific lo...

Network Intrusion Detection Systems (NIDSs) are widely regarded as efficient tools for securing in-vehicle networks against diverse cyberattacks. However, since cyberattacks are always evolving, signature-based intrusion detection systems are no longer adopted. An alternative solution can be the deployment of deep learning based intrusion detection...

Code-based masking is a recent line of research on masking schemes aiming at provably counteracting side-channel attacks. It generalizes and unifies many masking schemes within a coding-theoretic formalization. In code-based masking schemes, the tuning parameters are the underlying linear codes, whose choice significantly affects the side-channel r...

Internet-of-Things (IoT) devices are natural targets for side-channel attacks. Still, side-channel leakage can be complex: its modeling can be assisted by statistical tools. Projection of the leakage into an orthonormal basis allows to understand its structure, typically linear (1st-order leakage) or non-linear (sometimes referred to as glitches)....

Network Intrusion Detection Systems are well considered as efficient tools for securing in-vehicle networks against diverse cyberattacks. However, since cyberattack are always evolving, signature-based intrusion detection systems are no longer adopted. An alternative solution can be the deployment of deep learning based intrusion detection system (...

Neural Networks (NNs) are now the target of various side-channel attacks whose aim is to recover the model’s parameters and/or architecture. We focus our work on EM side-channel attacks for parameter extraction. We propose a novel approach to countering such side-channel attacks, based on the method introduced by Chabanne et al. in 2021, where para...

Unintentional uncontrollable variations in the manufacturing process of integrated circuits are used to realize silicon primitives known as physical unclonable functions (PUFs). These primitives are used to create unique signatures for security purposes. Investigating the vulnerabilities of PUFs is of utmost importance to uphold their usefulness in...

The demand for Internet of Things services is increasing exponentially, and consequently a big number of devices are being deployed. To efficiently authenticate these services, the use of Physical Unclonable Functions (PUF) has been introduced as a promising solution that is suitable for the resource-constraint nature of these devices. A growing nu...

Hazards or intentional perturbations must be identified in safety-and security-critical applications. Digital sensors have been shown to be an appealing approach to detect such abnormalities. However, as any sensor technology, digital sensors are prone to mis-calibration. In particular, even if the digital sensor initial calibration is correct, the...

Fault attacks have raised serious concern with the growing amount of connected devices. Even a small vulnerability might compromise a complete network. It is therefore important to secure all the devices in the connected architecture. A solution to this problem is presented in this paper where we provide a hardware framework, called Smart Monitor,...

To compensate for the poor reliability of Physical Unclonable Function (PUF) primitives, some low complexity solutions not requiring error-correcting codes (ECC) have been proposed. One simple method is to discard less reliable bits, which are indicated in the helper data stored inside the PUF. To avoid discarding bits, the Two-metric Helper Data (...

Embedded systems utilize Physically Unclonable Functions (PUFs) for authentication and identification purposes. However, modeling PUFs’ behavior via machine-learning methods has received utmost attention. Current research on modeling PUFs mainly targets a single PUF instance (PUF producing a single-bit response per query). It is admittedly more cha...

The test of security primitives is particularly strategic as any bias coming from the implementation or environment can wreck havoc on the security it is intended to provide. This paper presents how some security properties are tested on leading primitives: True Random Number Generation (TRNG), Physically Unclonable Function (PUF), cryptographic pr...

This paper presents a unified approach to quantifying the information leakages in the most general code-based masking schemes. Specifically, by utilizing a uniform representation, we highlight first that all code-based masking schemes’ side-channel resistance can be quantified by an all-in-one framework consisting of two easy-tocompute parameters (...

Inner Product Masking (IPM) is a generalization of several masking schemes including the Boolean one to protect cryptographic implementation against side-channel analysis. The core competitiveness of IPM is that it provides higher side-channel resistance than Boolean masking with the same number of shares. In this paper, we follow a coding theoreti...

Profiling side-channel attacks in which an adversary creates a “profile” of a sensitive device and uses such profile to model a target device with similar implementation has received the lion’s share of attention in the recent years. In particular, template attacks are known to be the most powerful profiling side-channel attacks from an information...

Side-channel analysis and fault injection attacks are two typical threats to cryptographic implementations, especially in modern embedded devices. Thus, there is an insistent demand for dual side-channel and fault injection protections. As we know, masking is a kind of provable countermeasure against side-channel attacks. Recently, inner product ma...

Microcontrollers storing valuable data or using security functions are vulnerable to fault injection attacks. Among the various types of faults, instruction skips induced at runtime proved to be effective against identification routines or encryption algorithms. Until recently, most research works assessed a fault model that consists in a single in...

Convolutional Neural Networks (CNNs) are the target of several side-channel attacks aiming at recovering their parameters and hyper-parameters. Attack vectors include monitoring of the cache, power consumption analysis and execution time measurements. These attacks often rely on the knowledge of a certain – large – set of hyper-parameters among whi...

Physically Unclonable Functions (PUFs) are well-known to be solutions for silicon-level anti-copy applications. However, as they are sensitive components, they are the obvious target of physical attacks. Thus, they shall be well protected. In this work we discuss the use case of key generation with a Loop PUF. We discuss the Loop PUF’s efficiency a...

Inner Product Masking (IPM) is a generalization of several masking schemes including the Boolean one to protect cryptographic implementation against side-channel analysis. The core competitiveness of IPM is that it provides higher side-channel resistance than Boolean masking with the same number of shares. In this paper, we follow a coding theoreti...

Abstract Side channel attacks (SCAs) on neural networks (NNs) are particularly efficient for retrieving secret information from NNs. We differentiate multiple types of threat scenarios regarding what kind of information is available before the attack and its purpose: recovering hyperparameters (the architecture) of the targeted NN, its weights (par...

One major advance in software security would be to use robust processors which could assist the code developer to thwart both cyber and physical attacks. This paper presents a hardware-based solution which increases the security by checking the integrity of executed code on any microcontroller. Unlike other Control Flow Integrity (CFI) protections,...

This study investigates a new side-channel leakage observed in the inner rounds of an unrolled hardware implementation of block ciphers in a chosen-input attack scenario. The side-channel leakage occurs in the first round and it can be observed in the later inner rounds because it arises from path activation bias caused by the difference between tw...

Detection of abnormal behaviors is essential in complex and/or strategic systems requiring a high level of safety and security. Sensing environmental conditions to ensure that the device is not operating out-of-specifications is highly useful in detecting anomalies caused by failures or malevolent actions. In this regard, digital sensors are partic...

Masking is one of the most popular countermeasures to protect cryptographic implementations against side-channel analysis since it is provably secure and can be deployed at the algorithm level. To strengthen the original Boolean masking scheme, several works have suggested using schemes with high algebraic complexity. The Inner Product Masking (I...

Masking countermeasure is implemented to thwart side-channel attacks. The maturity of high-order masking schemes has reached the level where the concepts are sound and proven. For instance, Rivain and Prouff proposed a full-fledged AES at CHES 2010. Some non-trivial fixes regarding refresh functions were needed though. Now, industry is adopting suc...

Side-channel analysis and fault injection attacks are two typical threats to cryptographic implementations, especially in modern embedded devices. Thus there is an insistent demand for dual side-channel and fault injection protections. As it is known, masking scheme is a kind of provable countermeasures against side-channel attacks. Recently, inner...