Security against physical attacks
- Confidentiality
– Use of information of a physical nature relating to the functioning of the processor during the calculation process: execution time, power consumption, electromagnetic radiation.
– Objective: to extend the target of these attacks to the code itself -> new methods of code retro-analysis based on physical attacks.
- Integrity
– Attacks by fault injection (DFA)
– Explore the possibilities of adapting “probabilistically checkable proofs” techniques (the famous PCP theorem) to the problem of verifying the consistency of program execution.
- Formal methods (ANR PRINCE project)
Code confidentiality – Obfuscation – White box cryptography
- Obfuscation modeling
– Informally, obfuscating a program must make it “difficult to understand” and therefore “difficult to reverse analyze”
– Depends on the type of application targeted: integrity protection, watermarking, diversification of the codes broadcast, intentional slowing down of the encryption phase, protection of smart cards against physical attacks, DRM, …
- Correspondence table between:
– scenarios requiring obfuscation
– possible theoretical models
- Security analysis of existing solutions (obfuscation / white-box cryptography)
- Construction of mixed black box / white box solutions (FUI MARSHAL + Project)