Guillaume Duc's research while affiliated with Institut Mines-Télécom and other places

Publications (11)

Conference Paper
The FPGA world recently experienced significant changes with the introduction of new Systems-on-Chip (SoCs) embedding high-end microprocessors and programmable logic on the same integrated circuit. The architecture of these SoCs can be exploited to offer an unprecedented level of monitoring of the memory accesses of running software components, a k...
Conference Paper
As Keccak has been selected as the new SHA-3 standard, Message Authentication Code (MAC) (MAC-Keccak) using a secret key will be widely used for integrity checking and authenticity assurance. Recent works have shown the feasibility of side-channel attacks against software implementations of MAC-Keccak to retrieve the key, with the security assessme...
Conference Paper
Embedded systems are ubiquitous nowadays. In many cases, they manipulate sensitive applications or data and may be the target of logical or physical attacks. On systems that contain a System-on-Chip connected to an external memory, which is the case of numerous medium to large-size embedded systems, the content of this memory is relatively easy to...
Conference Paper
Cloud Computing is an inevitable trend. In the near future almost every consumer electronic device will be connected to an ecosystem of third-party service partners, providing applications like payment systems, streamed content, etc using or producing sensitive data. The challenge is, that current cloud operators and their end users do not always t...
Conference Paper
Full-text available
Security and fault-tolerance is a major issue for intensive parallel computing in pervasive environments with hardware errors or malicious acts that may alter the result. In [1,2] is presented a novel, robust and secure architecture able to offer intensive parallel computing in environments where resources may be corrupted. Some efficient result-ch...
Article
Full-text available
Durant cesdernì eres années, plusieurs architectures informatiques sécurisées ontété ontété proposées. Elles chiffrent et vérifient le contenu de la mémoire afin de fournir un envi-ronnement d'exécution résistant aux attaques. Quelques architectures, comme notamment Hide, ont aussí eté proposées pour résoudre leprobì eme de la fuite d'informations...
Article
Full-text available
Malicious software and other attacks are a major concern in the computing ecosystem and there is a need to go beyond the answers based on untrusted software. Trusted and secure computing can add a new hardware dimension to software protection. Several secure computing hardware architectures using memory encryption and memory integrity checkers have...
Conference Paper
Full-text available
Several secure computing hardware architectures using memory encryption and memory integrity checkers have been proposed during the past few years to provide applica- tions with a tamper resistant environment. Some solutions, such as HIDE, havealso been proposedto solvetheproblem of information leakage on the address bus. We propose the CRYPTOPAGE...
Article
Full-text available
Les ordinateurs actuels ne sont pas aussi sécurisés que leur développement ubiqui-taire et leur interconnexion le nécessiteraient. En particulier, on ne peut même pas garan-tir l'exécution sécurisée et confidentielle d'un programme face à un attaquant logiciel (l'administrateur système) ou matériel (analyseur logique sur les bus, contrôle des resso...
Article
Full-text available
Computers are widely used and interconnected but are not as secure as their vast deployment would imply. Often, the basic hypothesis about hardware security and integrity can-not be certified, a secure execution cannot even be achieved or guaranteed against a software attacker (the system ad-ministrator) or hardware attacker (a logic analyzer on th...
Article
Several secure computing hardware architectures using mem ory encryption and mem- ory integrity checkers have been proposed during the past fe w years to provide applications with a tamper resistant environment. Some solutions, such a s HIDE, have also been proposed to solve the problem of information leakage on the address bu s. We propose the CRY...

Citations

... Besides enhancing performance, the sharing of CPU resources together with an FPGA can also lead to security threats. Academia has demonstrated powerful attacks from the FPGA to the CPU in the FPGA-Cloud [8,18,23,29] and the FPGA-SoC [5,15,19] computation paradigms. For these kind of attacks, it is generally assumed that a third-party intellectual property (IP) contained inside the reconfigurable logic has a malicious hidden functionality or Hardware Trojan (HT). ...
... While these solutions can help mitigating misbehaving conditions generated by the hardware module, they are not intended for the implementation of dynamic access control systems. Brunel et al. [25] provided a software/hardware system for securing the off-chip memories with static policies during boot phase. It cannot handle dynamic access control policies. ...
... In this section we describe the key mechanisms of the CryptoPage architecture implemented to achieve the security objectives described above. The low-level details of these mechanisms can be found in [21,26,7,9,11,10,14,13,12,8]. ...
... Before the release of SEV, there already existed theoretical approaches for full memory encryption [63], as well as practical software-based implementations for swap space [186], and the encryption of user-mode processes based on the Linux kernel [179,87]. Beyond that, HyperCrypt provides a hypervisor-based encryption of a system's memory [86]. ...
... Forty-eight out of 143 studies were focusing on this stage. Ten out of those studies [74][75][76][77][78][79][80][81][82][83] were discussing architecture modeling. ...
... During the last few years, several hardware architectures (such as xom [17][18][19], Aegis [20,21] and CryptoPage [22][23][24]) have been proposed to provide computer applications with a secure computing environment. This kind of secure and trusted computing receives more and more attention in the research and industrial community for different reasons that range from digital right management to secure distributed computing we are interested in here. ...
... In this section we describe the key mechanisms of the CryptoPage architecture implemented to achieve the security objectives described above. The low-level details of these mechanisms can be found in[21,26,7,9,11,10,14,13,12,8]. Thefigure 1summarizes the CryptoPage architecture. ...