Sécurité des implémentations pour la cryptographie
Homepage Research Teaching francais
Class introduction

Cryptography is the cornerstone of digital security. Its use allows us to build complex systems which security relies on well-known difficult problems.

However those proofs, obtained in theoretic models, can be undermined by actual implementations. Bad configurations, coding errors or side-channel information can threaten the security of systems even if they are cryptographically proven secure.

This class aims at underlining the complexity of correctly using cryptography in real life. Different cryptographic implementation vulnerabilities are presented together with good practices that can limit them. To this goal, all aspects of a secure system design are addressed. It starts from the system level and goes down to the tricky details of cryptographic primitive implementations.

Some introductive slides.

Printable version of the class slides.

Evaluation

The final grade will mix the results of

\Following are some details about the writen exam.

Lab

In order to be able to enjoy the lab please ensure that you have access to a desktop/laptop that fulfills the following requirements.

CM 1 (17.11.2020)
System requirements and architecture (slides).
CM 2 (24.11.2020)
Product interface and architecture (slides).
TP 1 (25.11.2019)
Black-box analysis (statement correction).
CM 3 (30.11.2020)
Non-cryptographic security (slides).
CM 4 (01.12.2020)
Remote security (slides).
TP 2 (02.12.2020)
White-box analysis (statement correction).
CM 5 (05.01.2021)
Local (noninvasive) security (slides).
TP 3 (06.01.2021)
Exploiting processing time (statement).
CM 6 (12.01.2021)
Local (invasive) security (slides).
TP 4 (13.01.2021)
Exploiting power consumption (statement).
TP 5 (20.01.2021)
Exploiting fault injection (same statement as for TP 4)