Cryptographic methods for embedded code security

Security against physical attacks

  • Confidentiality

– Use of information of a physical nature relating to the functioning of the processor during the calculation process: execution time, power consumption, electromagnetic radiation.

– Objective: to extend the target of these attacks to the code itself -> new methods of code retro-analysis based on physical attacks.


  • Integrity

– Attacks by fault injection (DFA)

– Explore the possibilities of adapting “probabilistically checkable proofs” techniques (the famous PCP theorem) to the problem of verifying the consistency of program execution.


  • Formal methods (ANR PRINCE project)


Code confidentiality – Obfuscation – White box cryptography

  • Obfuscation modeling

– Informally, obfuscating a program must make it “difficult to understand” and therefore “difficult to reverse analyze”

– Depends on the type of application targeted: integrity protection, watermarking, diversification of the codes broadcast, intentional slowing down of the encryption phase, protection of smart cards against physical attacks, DRM, …


  • Correspondence table between:

– scenarios requiring obfuscation

– possible theoretical models


  • Security analysis of existing solutions (obfuscation / white-box cryptography)


  • Construction of mixed black box / white box solutions (FUI MARSHAL + Project)