Sylvain Guilley

Sylvain Guilley
Institut Mines-Télécom | telecom-sudparis.eu · Department of Communications and Electronics (Comelec)

PhD

About

379
Publications
46,929
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
4,384
Citations
Introduction
My research topics are: - Trusted computing for embedded devices - Cyber-security - Prototyping cryptographic designs in ASIC and in FPGA - Mathematics for side-channel and fault injection analyses - Formal proofs
Additional affiliations
May 2017 - present
Chinese Academy of Sciences
Position
  • Professor
September 2016 - present
Ecole Normale Supérieure de Paris
Position
  • Professor
Description
  • Professor in charge of the "Digital Systems" course
September 2012 - present
Institut Mines-Télécom
Position
  • Professor (Full)

Publications

Publications (379)
Conference Paper
Full-text available
Cryptographic chips are prone to side-channel analysis attacks aiming at extracting their secrets. Side-channel leakage is particularly hard to remove completely, unless using a bottom-up approach (compositional security). On the contrary, industrial secure-by-design methods are rather relying on a top-down approach: (would-be) protected circuits a...
Article
Full-text available
The hardware primitives known as Physically Unclonable Functions (PUFs) generate unique signatures based on uncontrollable variations which occur during the manufacturing process of silicon chips. These signatures are in turn used for securing Integrated Circuits either as a secret key for cryptographic modules, or as a medium for authenticating de...
Poster
Full-text available
Sensing environmental conditions are highly useful for embedded systems as such sensing not only can help in optimizing system performance but also can be essential for safety and security in order to prevent failures or detect attacks. It is necessary to equip mission-critical chips with sensors raising alarms when the chips are operated out-of-sp...
Conference Paper
Full-text available
Fault Injection Attacks (FIA) have received a lot of attention in recent years. An adversary launches such an attack to abusively take control over the system or to leak sensitive data. Laser illumination has been considered as an effective technique to launch FIA. The laser-based FIAs are mainly used when the adversary opts to target a specific lo...
Article
Code-based masking is a highly generalized type of masking schemes, which can be instantiated into specific cases by assigning different encoders. It captivates by its side-channel resistance against higher-order attacks and the potential to withstand fault injection attacks. However, similar to other algebraically-involved masking schemes, code-ba...
Article
Code-based masking is a recent line of research on masking schemes aiming at provably counteracting side-channel attacks. It generalizes and unifies many masking schemes within a coding-theoretic formalization. In code-based masking schemes, the tuning parameters are the underlying linear codes, whose choice significantly affects the side-channel r...
Conference Paper
Full-text available
Internet-of-Things (IoT) devices are natural targets for side-channel attacks. Still, side-channel leakage can be complex: its modeling can be assisted by statistical tools. Projection of the leakage into an orthonormal basis allows to understand its structure, typically linear (1st-order leakage) or non-linear (sometimes referred to as glitches)....
Article
Unintentional uncontrollable variations in the manufacturing process of integrated circuits are used to realize silicon primitives known as physical unclonable functions (PUFs). These primitives are used to create unique signatures for security purposes. Investigating the vulnerabilities of PUFs is of utmost importance to uphold their usefulness in...
Article
Full-text available
Hazards or intentional perturbations must be identified in safety-and security-critical applications. Digital sensors have been shown to be an appealing approach to detect such abnormalities. However, as any sensor technology, digital sensors are prone to mis-calibration. In particular, even if the digital sensor initial calibration is correct, the...
Chapter
Masking schemes are classical countermeasures against Side-Channel Attacks on cryptographic implementations. This paper investigates the effectiveness of masking when the code does not run in constant time. We prove that in this case, a first-order Correlation Power Analysis can break an otherwise perfect masking scheme. Furthermore, with an in-dep...
Chapter
In this paper, we propose a vertical side-channel leakage detection on the decryption function of the third round implementation of CPA-secure public-key encryption scheme underlying CRYSTALS-Kyber, a lattice-based key encapsulation mechanism, which is a candidate to the NIST Post-Quantum Cryptography standardization project. Using a leakage assess...
Chapter
Injection of faults has been studied in various research works since last decades. Several hardware targets have been studied with respect to the efficiency of fault injections. In this paper we address the security evaluation of embedded systems in constrained environments called black-box analyses. This is not considered by standards of evaluatio...
Chapter
Fault attacks have raised serious concern with the growing amount of connected devices. Even a small vulnerability might compromise a complete network. It is therefore important to secure all the devices in the connected architecture. A solution to this problem is presented in this paper where we provide a hardware framework, called Smart Monitor,...
Chapter
Embedded systems utilize Physically Unclonable Functions (PUFs) for authentication and identification purposes. However, modeling PUFs’ behavior via machine-learning methods has received utmost attention. Current research on modeling PUFs mainly targets a single PUF instance (PUF producing a single-bit response per query). It is admittedly more cha...
Conference Paper
Full-text available
The test of security primitives is particularly strategic as any bias coming from the implementation or environment can wreck havoc on the security it is intended to provide. This paper presents how some security properties are tested on leading primitives: True Random Number Generation (TRNG), Physically Unclonable Function (PUF), cryptographic pr...
Article
The growing threat of Hardware Trojans (HT) in the System-on-Chips (SoC) industry has given way to the embedded systems researchers to propose a series of detection methodologies to identify and detect the presence of Trojan circuits or logics inside a host design in the various stages of the chip design and manufacturing process. Many state of the...
Chapter
A distinguisher is a statistical tool whose purpose is to determine the most probable key among a set of keys. Several distinguishers are introduced in the literature. Hereafter, we present the most used ones.
Chapter
We provide hereafter the definition of the Walsh-Hadamard transform.
Chapter
As shown previously in Sect. 3.2.3, the Correlation Power Analysis (CPA) is a method that allows to recover the secret information concealed in embedded devices [1]. It consists in leveraging the Pearson correlation coefficient as a way to relate an assumed model with the measured power consumed during the running of the operations that involve a s...
Chapter
Cryptographic devices manage secret keys, which must be protected against extraction. One stealthy attack consists in the analysis of side-channel leakage. As a countermeasure, cryptographic computations can be randomly masked.
Chapter
On the one hand, template attacks have been introduced to deal with multivariate leakages, with as few assumptions as possible on the leakage model. On the other hand, many works have underlined the need for dimensionality reduction. In this chapter, we clarify the relationship between template attacks in full space and in linear subspaces.
Chapter
Let us first adopt some useful notations that will hold for the remainder of the book.
Chapter
SCAs succeed because the leakage of cryptographic devices depends on the sensitive variables. Consequently, all the countermeasures aim at breaking this dependency, or at least to reduce it. Essentially they boil down to randomizing the leakage, or to making it equal in each device clock cycle.
Chapter
Today’s digital era connects everyone and everything in between through the Internet of Things (IoTs). That situation leads to an omnipresence of embedded systems in our daily life endowed with integrated capability to run cryptographic protocols (consumer electronics, telecommunication and industrial appliances, governmental and military systems,...
Article
This paper presents a unified approach to quantifying the information leakages in the most general code-based masking schemes. Specifically, by utilizing a uniform representation, we highlight first that all code-based masking schemes’ side-channel resistance can be quantified by an all-in-one framework consisting of two easy-tocompute parameters (...
Article
Low Entropy Masking Schemes (LEMS) had been proposed to mitigate the high-performance overhead results from the Full Entropy Masking Schemes (FEMS) while offering good protection against side-channel attacks. The masking schemes usually rely on Boolean masking, however, splitting sensitive variables in a multiplicative way is more amenable to non-l...
Article
Full-text available
Inner Product Masking (IPM) is a generalization of several masking schemes including the Boolean one to protect cryptographic implementation against side-channel analysis. The core competitiveness of IPM is that it provides higher side-channel resistance than Boolean masking with the same number of shares. In this paper, we follow a coding theoreti...
Chapter
Since the seminal paper on side-channel attacks (SCA) by Kocher et al. [1], several improvements have been published. As showed in Sect. 3.4 the most efficient SCA to date is the Template Attack (TA) [2]. This method is split into two phases, that is a profiling and a matching stage. An important weakness of this attack is the large number of measu...
Chapter
Notations Throughout this chapter we use the same notations as above (see Sect. 2.1). Recall that, during an attack, we consider that the adversary targets the manipulation of a single sensitive variable Z, such that Z=F(X,k). Typically Z=sbox(X⊕k), such that s-box denotes a substitution box and ⊕ denotes the bitwise addition. The attack is carried...
Article
Profiling side-channel attacks in which an adversary creates a “profile” of a sensitive device and uses such profile to model a target device with similar implementation has received the lion’s share of attention in the recent years. In particular, template attacks are known to be the most powerful profiling side-channel attacks from an information...
Book
It has been more than 20 years since the seminal publications on side-channel attacks. They aim at extracting secrets from embedded systems while they execute cryptographic algorithms, and they consist of two steps, measurement and analysis. This useful textbook/guide tackles the analysis part, especially under situations where the targeted device...
Article
Full-text available
Side-channel analysis and fault injection attacks are two typical threats to cryptographic implementations, especially in modern embedded devices. Thus, there is an insistent demand for dual side-channel and fault injection protections. As we know, masking is a kind of provable countermeasure against side-channel attacks. Recently, inner product ma...
Article
Full-text available
Cache-timing attacks are serious security threats that exploit cache memories to steal secret information. We believe that the identification of a sequence of function calls from cache-timing data measurements is not a trivial step when building an attack. We present a recurrent neural network model able to automatically retrieve a sequence of oper...
Chapter
Physically Unclonable Functions (PUFs) are well-known to be solutions for silicon-level anti-copy applications. However, as they are sensitive components, they are the obvious target of physical attacks. Thus, they shall be well protected. In this work we discuss the use case of key generation with a Loop PUF. We discuss the Loop PUF’s efficiency a...
Chapter
Probing attack is considered to be one of the most powerful attack used to break the security and extract confidential information from an embedded system. This attack requires different bespoke equipment’s and expertise. However, for the moment, there is no methodology to evaluate theoretically the security level of a design or circuit against thi...
Preprint
Full-text available
Measuring the information leakage is critical for evaluating practical security of cryptographic devices against side-channel analysis. More straightforwardly, it is interesting to have an upper bound on success rate of any attack given a (fixed) number of side-channel measurements. Or conversely, we wish to derive a lower bound on the number of qu...
Preprint
A conditional version of Sibson's $\alpha$-information is defined using a simple closed-form "log-expectation" expression, which satisfies important properties such as consistency, uniform expansion, and data processing inequalities. This definition is compared to previous ones, which in contrast do not satisfy all of these properties. Based on our...
Article
Full-text available
Extra-reductions occurring in Montgomery multiplications disclose side-channel information which can be exploited even in stringent contexts. In this article, we derive stochastic attacks to defeat Rivest-Shamir-Adleman (RSA) with Montgomery ladder regular exponentiation coupled with base blinding. Namely, we leverage on precharacterized multivaria...
Chapter
Full-text available
Persistent fault analysis (PFA) consists in guessing block cipher secret keys by biasing their substitution box. This paper improves the original attack of Zhang et al. on AES-128 presented at CHES 2018. By a thorough analysis, the exact probability distribution of the ciphertext (under a uniformly distributed plaintext) is derived, and the maximum...
Chapter
One major advance in software security would be to use robust processors which could assist the code developer to thwart both cyber and physical attacks. This paper presents a hardware-based solution which increases the security by checking the integrity of executed code on any microcontroller. Unlike other Control Flow Integrity (CFI) protections,...
Chapter
Cryptographic protocol implementations in both software and hardware leak sensitive information during their execution. Side-channel attacks (SCA) consist in analyzing this information in order to reveal the secret parameters of the protocols. Among the different SCA introduced in the literature, the Linear Regression Analysis (LRA) has been argued...
Chapter
This work presents the BRAINE Project approaches and solutions to enable AI-empowered industrial applications to efficiently and securely operate at the network edge. First, two use cases are presented to highlight the motivations for secure edge computing in industrial plants, including low-latency applications and the need to locally handle produ...
Preprint
Full-text available
The information leakage of a cryptographic implementation with a given degree of protection is evaluated in a typical situation when the signal-to-noise ratio is small. This is solved by expanding Kullback-Leibler divergence, entropy, and mutual information in terms of moments/cumulants.
Article
Full-text available
Cryptographic software is particularly vulnerable to side-channel attacks when programmed in embedded devices. Indeed, the leakage is particularly intense compared to the noise level, making it mandatory for the developer to implement side-channel attack protections. Random masking is a customary option, but in this case, the countermeasure must be...
Chapter
The complexity and outsourcing trend of modern System-on-Chips (SoC) has made Hardware Trojan (HT) a real threat for the SoC security. In the state-of-the-art, many techniques have been proposed in order to detect the HT insertion. Side-channel based methods emerge as a good approach used for the HT detection. They can extract any difference in the...
Article
Full-text available
When implemented in software (or hardware), a cryptographic protocol can leak sensitive information during its execution. Side-channel attacks can use those leakages in order to reveal some information about the secret used by the algorithm. The leaking side-channel information can take place in many time samples. Measurement appliances can cope wi...
Patent
A secret key estimation device is provided for determining an estimate of at least one secret key used during a number of executions of a cryptographic function used by at least one cryptographic algorithm. The number of executions of the cryptographic function is at least equal to two. The secret key estimation device comprises an analysis unit fo...
Article
Full-text available
Cryptographic implementations need to be robust amidst the widespread use of crypto-libraries and attacks targeting their implementation, such as side-channel attacks (SCA). Many certification schemes, such as Common Criteria and FIPS 140, continue without addressing side-channel flaws. Research works mostly tackle sophisticated attacks with simple...
Article
Detection of abnormal behaviors is essential in complex and/or strategic systems requiring a high level of safety and security. Sensing environmental conditions to ensure that the device is not operating out-of-specifications is highly useful in detecting anomalies caused by failures or malevolent actions. In this regard, digital sensors are partic...