
Sylvain GuilleySecure-IC · R&D
Sylvain Guilley
PhD
Interested in cyber-security applied to automotive, including certification aspects
About
436
Publications
69,078
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
6,324
Citations
Introduction
My research topics are:
- Trusted computing for embedded devices
- Cyber-security
- Prototyping cryptographic designs in ASIC and in FPGA
- Mathematics for side-channel and fault injection analyses
- Formal proofs
I'm also co-founder and CTO at Secure-IC (http://www.secure-ic.com)
Publications
Publications (436)
Protecting sensitive logic functions in ASICs requires side-channel countermeasures. Many gate-level masking styles have been published, each with pros and cons. Some styles such as RSM, GLUT, and ISW are compact but can feature 1st-order leakage. Some other styles, such as TI, DOM, and HPC are secure at the 1st-order but incur significant overhead...
Information theory plays a fundamental role in quantifying the side-channel leakage by information-theoretic measures to be exploited by various distinguishers. Applications include the construction of new side-channel distinguishers, the generic information-theoretic bounds, and the formal security proofs. The main information measures include mut...
In the previous chapter, we studied various attacks with different side-channel distinguishers. The attacks are essential pertaining to the category of “first order,” in which the leakage of the secret-dependent sensitive variables is used to launch the attacks. However, this strategy generally does not work in the presence of side-channel counterm...
This chapter presents attacks targeting unprotected devices. Specifically, devices may in fact be protected, but attacks will not be optimized based on the knowledge of the instantiated protection (such as masking).
We detail both unprofiled and profiled attacks. While profiled attacks require a preliminary training before they can be carried out,...
A fundamental question in side-channel analysis is how to characterize the concrete security level of the target cryptographic implementation in the presence of side-channel leakage. This is firstly the concern of security evaluators since they usually cannot enumerate side-channel attacks exhaustively within a given time period and costs. Secondly...
In this chapter, we revisit basics of linear codes, vector spaces and pseudo-Boolean functions, as well as information-theoretic measures that are leveraged in this book.
Over the last few decades, coding theory has closely associated and interplayed with cryptography in many aspects. An interesting example is the secret-sharing scheme in which the underlying idea can be characterized from both coding-theoretic and cryptographic perspectives.
This chapter presents a new formalization and characterization of masking...
Masking is one of the most well-established methods to thwart side-channel attacks. Many masking schemes have been proposed in the literature, and code-based masking emerges and unifies several masking schemes in a coding-theoretic framework. In this work, we investigate the side-channel resistance of code-based masking from a non-profiling perspec...
Field Programmable Gate Arrays (FPGAs) allow to optimize computations at the speed of hardware whilst enjoying the flexibility of software. Sharing FPGAs between multiple users in clouds (so-called multi-tenant FPGAs) has reduced the implementation cost for each user; obviously, logical isolation ensures that each user can preserve his privacy. Non...
Profiling side-channel analysis (SCA) attacks have received a lot of attention in the recent years. To perpetrate these attacks, the adversary creates a profile of a sensitive device at her disposal, and uses it to model a target device with a similar implementation to extract its key. Template attacks are recognized to be the most powerful profili...
The implementation of cryptographic algorithms must be protected against physical attacks. Side-channel and fault injection analyses are two prominent such implementation-level attacks. Protections against either do exist. Against sidechannel attacks, they are characterized by SNI security orders: the higher the order, the more difficult the attack...
The True Random Number Generator (TRNG) is an inescapable primitive for security and cryptographic functions. A common TRNG architecture in digital devices exploits the noise jitter accumulation with ring oscillators. The Set-Reset latch (SR-latch) TRNG is another type which exploits the state of latches around metastability. In this TRNG the dynam...
Ishai-Sahai-Wagner (ISW) masking scheme has been proposed in literature to protect cryptographic circuitries against side-channel analysis attacks. Although provably secure from a theoretical standpoint, its hardware implementation may not be secure as such security proof holds true if the gates are only evaluated after all of their inputs are avai...
Masking is one of the most well-established methods to thwart side-channel attacks. Many masking schemes have been proposed in the literature, and code-based masking emerges and unifies several masking schemes in a coding-theoretic framework. In this work, we investigate the side-channel resistance of code-based masking from a non-profiling perspec...
In the attacker models of side-channel attacks (SCA) and fault injection attacks (FIA), the opponent has access to a noisy version of the internal behavior of the hardware. Since the end of the nineties, many works have shown that this type of attacks constitutes a serious threat to cryptosystems implemented in embedded devices. In the state-of-the...
Laser Fault Injection Attacks (LFIA) are a major concern in physical security of electronic circuits as they allow an attacker to inject a fault with a very high spatial accuracy. They are also often considered by Information Technology Security Evaluation Facilities (ITSEFs) to deliver security certification, as Common Criteria, of embedded system...
True Random Number Generators (TRNGs) are sensitive Intellectual Property (IP) blocks involved in the creation of cryptographic keys, initialization vectors, nonces, etc. They must behave properly within a large environmental spectrum, including multiple corners, in case of aging-induced change of device characteristics over time, and also under in...
Enhancing the reliability of natively unstable Physically Unclonable Functions (PUFs) is a major requirement when the PUF is to generate secret identifiers like cryptographic keys. One traditional method is to rely on an addition of a public word: the Helper Data. However, it involves extra complexity and constitutes a vulnerability against attacks...
Identity Based Encryption is an approach to link the public key to an identity. It is an extremely useful asymmetric cryptography type in which public and private keys are computed from a known identifier such as an email address instead of being generated randomly. This allows more flexibility in managing ad-hoc public key encryption and ensuring...
The test of security primitives is particularly strategic as any bias coming from the implementation or environment can wreak havoc on the security it is intended to provide. This paper presents how some security properties are tested on hardware security primitives including True Random Number Generation (TRNG), Physically Unclonable Function (PUF...
Aggressive scaling continues to push technology into smaller feature sizes and results in more complex systems in a single chip. With such scaling, various robustness concerns have come into account among which the change of circuits' properties during their lifetime, so-called device aging, has received a lot of attention. Due to aging, the electr...
A common countermeasure against side-channel attacks on secret key cryptographic implementations is $d$th-order masking, which splits each sensitive variable into $d+1$ random shares. In this paper, maximal leakage bounds on the probability of success of any side-channel attack are derived for any masking order. Maximal leakage (Sibson's informatio...
A Temperature Resilient PUF Assuring Reliability. Presented as a Hardware demo at HOST 2023.
Masking schemes have been introduced to thwart side-channel attacks. In software applications, attackers can measure leakage at several points in time and combine them to defeat the masking. In hardware gate-level masking, all shares of a masked variable are manipulated at the same time in a nanoscale circuit. In this article, we focus on setups wh...
Secure chips implement cryptographic algorithms
and protocols to ensure self-protection (e.g., firmware authenticity)
as well as user data protection (e.g., encrypted data
storage). In turn, cryptography needs to defer to incorruptible
sources of entropy to implement their functions according to their
mandatory usage guidance. Typically, keys, nonc...
At Eurocrypt 2015, Duc et al. conjectured that the success rate of a side-channel attack targeting an intermediate computation encoded in a linear secret-sharing, a.k.a. masking with \(d+1\) shares, could be inferred by measuring the mutual information between the leakage and each share separately. This way, security bounds can be derived without h...
This article proposes a general purpose IoT framework usually applicable to all Edge-to-Cloud applications and provides an evaluation study on a use-case involving automotive V2X architecture, tested and verified on a toy smart-car in an emulated smart-car environment. The architecture in study is finely tuned to mimic actual scenarios and therefor...
Side-channel attacks aim at extracting secret keys from cryptographic devices. Randomly masking the implementation is a provable way to protect the secrets against this threat. Recently, various masking schemes have converged to the “code-based masking” philosophy. In code-based masking, different codes allow for different levels of side-channel se...
Faults occur naturally and are responsible for reliability concerns. Faults are also an interesting tool for attackers to extract sensitive information from secure chips. In particular, non-invasive fault attacks have received a fair amount of attention. One easy way to perturb a chip without altering it is the so-called Electromagnetic Fault Injec...
Block ciphers are protected against side-channel attacks by masking. On one hand, when the leakage model is unknown, second-order correlation attacks are typically used. On the other hand, when the leakage model can be profiled, template attacks are prescribed. But what if the profiled model does not exactly match that of the attacked device?
One s...
Cryptographic chips are prone to side-channel analysis attacks aiming at extracting their secrets. Side-channel leakage is particularly hard to remove completely, unless using a bottom-up approach (compositional security). On the contrary, industrial secure-by-design methods are rather relying on a top-down approach: (would-be) protected circuits a...
The hardware primitives known as Physically Unclonable Functions (PUFs) generate unique signatures based on uncontrollable variations which occur during the manufacturing process of silicon chips. These signatures are in turn used for securing Integrated Circuits either as a secret key for cryptographic modules, or as a medium for authenticating de...
Sensing environmental conditions are highly useful for embedded systems as such sensing not only can help in optimizing system performance but also can be essential for safety and security in order to prevent failures or detect attacks. It is necessary to equip mission-critical chips with sensors raising alarms when the chips are operated out-of-sp...
Fault Injection Attacks (FIA) have received a lot of attention in recent years. An adversary launches such an attack to abusively take control over the system or to leak sensitive data. Laser illumination has been considered as an effective technique to launch FIA. The laser-based FIAs are mainly used when the adversary opts to target a specific lo...
Code-based masking is a highly generalized type of masking schemes, which can be instantiated into specific cases by assigning different encoders. It captivates by its side-channel resistance against higher-order attacks and the potential to withstand fault injection attacks. However, similar to other algebraically-involved masking schemes, code-ba...
Code-based masking is a recent line of research on masking schemes aiming at provably counteracting side-channel attacks. It generalizes and unifies many masking schemes within a coding-theoretic formalization. In code-based masking schemes, the tuning parameters are the underlying linear codes, whose choice significantly affects the side-channel r...
Internet-of-Things (IoT) devices are natural targets for side-channel attacks. Still, side-channel leakage can be complex: its modeling can be assisted by statistical tools. Projection of the leakage into an orthonormal basis allows to understand its structure, typically linear (1st-order leakage) or non-linear (sometimes referred to as glitches)....
Unintentional uncontrollable variations in the manufacturing process of integrated circuits are used to realize silicon primitives known as physical unclonable functions (PUFs). These primitives are used to create unique signatures for security purposes. Investigating the vulnerabilities of PUFs is of utmost importance to uphold their usefulness in...
Profiled side-channel attacks represent the most powerful category of side-channel attacks. There, the attacker has access to a clone device to profile its leaking behavior. Additionally, it is common to consider the attacker unbounded in power to allow the worst-case security analysis. This paper starts with a different premise where we are intere...
The frontend of modern Intel processors will decode instructions into μops and stream them to the backend by the frontend bus, which is shared between two logical cores to maximize utilization without sharing mechanism fully disclosed. Taking Haswell as an example, we reverse the bus from Decoded ICache to Instruction Decode Queue and the bus from...
Hazards or intentional perturbations must be identified in safety-and security-critical applications. Digital sensors have been shown to be an appealing approach to detect such abnormalities. However, as any sensor technology, digital sensors are prone to mis-calibration. In particular, even if the digital sensor initial calibration is correct, the...
Masking schemes are classical countermeasures against Side-Channel Attacks on cryptographic implementations. This paper investigates the effectiveness of masking when the code does not run in constant time. We prove that in this case, a first-order Correlation Power Analysis can break an otherwise perfect masking scheme. Furthermore, with an in-dep...
In this paper, we propose a vertical side-channel leakage detection on the decryption function of the third round implementation of CPA-secure public-key encryption scheme underlying CRYSTALS-Kyber, a lattice-based key encapsulation mechanism, which is a candidate to the NIST Post-Quantum Cryptography standardization project. Using a leakage assess...
Injection of faults has been studied in various research works since last decades. Several hardware targets have been studied with respect to the efficiency of fault injections. In this paper we address the security evaluation of embedded systems in constrained environments called black-box analyses. This is not considered by standards of evaluatio...
Fault attacks have raised serious concern with the growing amount of connected devices. Even a small vulnerability might compromise a complete network. It is therefore important to secure all the devices in the connected architecture. A solution to this problem is presented in this paper where we provide a hardware framework, called Smart Monitor,...
Embedded systems utilize Physically Unclonable Functions (PUFs) for authentication and identification purposes. However, modeling PUFs’ behavior via machine-learning methods has received utmost attention. Current research on modeling PUFs mainly targets a single PUF instance (PUF producing a single-bit response per query). It is admittedly more cha...
The test of security primitives is particularly strategic as any bias coming from the implementation or environment can wreck havoc on the security it is intended to provide. This paper presents how some security properties are tested on leading primitives: True Random Number Generation (TRNG), Physically Unclonable Function (PUF), cryptographic pr...
The growing threat of Hardware Trojans (HT) in the System-on-Chips (SoC) industry has given way to the embedded systems researchers to propose a series of detection methodologies to identify and detect the presence of Trojan circuits or logics inside a host design in the various stages of the chip design and manufacturing process. Many state of the...
Side-channel attacks aim at extracting secret keys from cryptographic devices. Ran- domly masking the implementation is a provable way to protect the secrets against this threat. Recently, various masking schemes have converged to the “code-based masking” philosophy. In code-based masking, different codes allow for different levels of side-channel...