17 research outputs found
Adaptation d'Outils Cryptographiques pour un Contexte Post-Quantique
National audienceCryptography is used to protect everyone's privacy on a daily basis whenbrowsing the Internet. In recent years, several changes have been taking place,partly due to the possible arrival of quantum computers capable of endangeringsome of our current cryptographic systems.We identify four issues associated with these changes:1) The adaptation of primitives, which must be replaced by new, post-quantum ones.2) The adaptation of protocols, which sometimes also rely on properties vulnerable to quantum computers.3) The evolution of the end-users habits, in their use of digital tools, as they tend to consum more live video streams but at the same demand stronger privacy protection.4) Computers capabilities are constantly evolving (e.g. through hardwareaccelerators), often due to other applications (AI, games), however theseevolutions can offer attack surfaces, in particular by auxiliary channels.This PhD thesis argues that these issues are interdependent and that a global consideration of these problems helps to ensure that cryptography can be adapted to the post-quantum era. For that purpose, three main contributions are proposed, that consist in:1) Proposing an anonymizing protocol for massive live-streaming (user constraints) which is also post-quantum (constraints on primitives).2) Studying commutative encryption protocols, in particular lawful interception ones, in order to make them post-quantum without creating weaknesses or being limited to super-encryption.3) Understanding how architectures featuring in-memory computing will affect the performance of post-quantum primitives, and how co-design is possible so as to also reduce auxiliary channel leakage.La cryptographie est utilisée pour protéger la vie privée de tous quotidiennement lors de la navigation sur Internet. On observe de multiples changements en cours ces dernières années, dûs en partie à la possible arrivée prochainement d'ordinateurs quantiques capables de mettre en danger certains de nos chiffrements actuels.On remarque quatre principaux enjeux associés à ces changements :1) L'adaptation des primitives, qui doivent être remplacées par de nouvelles, post-quantiques.2) L'adaptation des protocoles, qui parfois reposent aussi sur des propriétés vulnérables aux ordinateurs quantiques.3) L'évolution des habitudes des utilisateurs, pour lesquels sont conçus ces protocoles, impliquant notamment une consommation numérique plus importante (flux vidéos en direct) et une demande de protection accrue de la vie privée.4) Les capacités des ordinateurs, qui évoluent en permanence (par exemple grâce à des accélérateurs matériels) souvent pour d'autres applications (IA, jeux), peuvent offrir des surfaces d'attaques, notamment par canaux auxiliaires.La présente thèse soutient que ces enjeux sont interdépendants et qu'une vision groupée de ces problèmes aide à garantir l'adaptation de la cryptographie à l'ère post-quantique.Ce propos est appuyé par trois pistes de recherche :1) Proposer un protocole anonymisant de live-streaming massif (contraintes utilisateurs) qui soit aussi post-quantique (contraintes sur les primitives).2) Etudier les protocoles de chiffrements commutatifs, en particulier d'interception réglementée, ainsi que la manière de les rendre post-quantiques sans créer de faiblesses ou qu'ils soient limités à des sur-chiffrements.3) Comprendre la manière dont les architectures dotées de calcul en mémoire vont affecter les performances des primitives post-quantiques, et comment un co-design est possible pour aussi réduire les fuites par canaux auxiliaires
Adaptation d'Outils Cryptographiques pour un Contexte Post-Quantique
National audienceCryptography is used to protect everyone's privacy on a daily basis whenbrowsing the Internet. In recent years, several changes have been taking place,partly due to the possible arrival of quantum computers capable of endangeringsome of our current cryptographic systems.We identify four issues associated with these changes:1) The adaptation of primitives, which must be replaced by new, post-quantum ones.2) The adaptation of protocols, which sometimes also rely on properties vulnerable to quantum computers.3) The evolution of the end-users habits, in their use of digital tools, as they tend to consum more live video streams but at the same demand stronger privacy protection.4) Computers capabilities are constantly evolving (e.g. through hardwareaccelerators), often due to other applications (AI, games), however theseevolutions can offer attack surfaces, in particular by auxiliary channels.This PhD thesis argues that these issues are interdependent and that a global consideration of these problems helps to ensure that cryptography can be adapted to the post-quantum era. For that purpose, three main contributions are proposed, that consist in:1) Proposing an anonymizing protocol for massive live-streaming (user constraints) which is also post-quantum (constraints on primitives).2) Studying commutative encryption protocols, in particular lawful interception ones, in order to make them post-quantum without creating weaknesses or being limited to super-encryption.3) Understanding how architectures featuring in-memory computing will affect the performance of post-quantum primitives, and how co-design is possible so as to also reduce auxiliary channel leakage.La cryptographie est utilisée pour protéger la vie privée de tous quotidiennement lors de la navigation sur Internet. On observe de multiples changements en cours ces dernières années, dûs en partie à la possible arrivée prochainement d'ordinateurs quantiques capables de mettre en danger certains de nos chiffrements actuels.On remarque quatre principaux enjeux associés à ces changements :1) L'adaptation des primitives, qui doivent être remplacées par de nouvelles, post-quantiques.2) L'adaptation des protocoles, qui parfois reposent aussi sur des propriétés vulnérables aux ordinateurs quantiques.3) L'évolution des habitudes des utilisateurs, pour lesquels sont conçus ces protocoles, impliquant notamment une consommation numérique plus importante (flux vidéos en direct) et une demande de protection accrue de la vie privée.4) Les capacités des ordinateurs, qui évoluent en permanence (par exemple grâce à des accélérateurs matériels) souvent pour d'autres applications (IA, jeux), peuvent offrir des surfaces d'attaques, notamment par canaux auxiliaires.La présente thèse soutient que ces enjeux sont interdépendants et qu'une vision groupée de ces problèmes aide à garantir l'adaptation de la cryptographie à l'ère post-quantique.Ce propos est appuyé par trois pistes de recherche :1) Proposer un protocole anonymisant de live-streaming massif (contraintes utilisateurs) qui soit aussi post-quantique (contraintes sur les primitives).2) Etudier les protocoles de chiffrements commutatifs, en particulier d'interception réglementée, ainsi que la manière de les rendre post-quantiques sans créer de faiblesses ou qu'ils soient limités à des sur-chiffrements.3) Comprendre la manière dont les architectures dotées de calcul en mémoire vont affecter les performances des primitives post-quantiques, et comment un co-design est possible pour aussi réduire les fuites par canaux auxiliaires
Adapting Cryptographic Tools to a Post-Quantum Context
La cryptographie est utilisée pour protéger la vie privée de tous quotidiennement lors de la navigation sur Internet. On observe de multiples changements en cours ces dernières années, dûs en partie à la possible arrivée prochainement d'ordinateurs quantiques capables de mettre en danger certains de nos chiffrements actuels.On remarque quatre principaux enjeux associés à ces changements :1) L'adaptation des primitives, qui doivent être remplacées par de nouvelles, post-quantiques.2) L'adaptation des protocoles, qui parfois reposent aussi sur des propriétés vulnérables aux ordinateurs quantiques.3) L'évolution des habitudes des utilisateurs, pour lesquels sont conçus ces protocoles, impliquant notamment une consommation numérique plus importante (flux vidéos en direct) et une demande de protection accrue de la vie privée.4) Les capacités des ordinateurs, qui évoluent en permanence (par exemple grâce à des accélérateurs matériels) souvent pour d'autres applications (IA, jeux), peuvent offrir des surfaces d'attaques, notamment par canaux auxiliaires.La présente thèse soutient que ces enjeux sont interdépendants et qu'une vision groupée de ces problèmes aide à garantir l'adaptation de la cryptographie à l'ère post-quantique.Ce propos est appuyé par trois pistes de recherche :1) Proposer un protocole anonymisant de live-streaming massif (contraintes utilisateurs) qui soit aussi post-quantique (contraintes sur les primitives).2) Etudier les protocoles de chiffrements commutatifs, en particulier d'interception réglementée, ainsi que la manière de les rendre post-quantiques sans créer de faiblesses ou qu'ils soient limités à des sur-chiffrements.3) Comprendre la manière dont les architectures dotées de calcul en mémoire vont affecter les performances des primitives post-quantiques, et comment un co-design est possible pour aussi réduire les fuites par canaux auxiliaires.Cryptography is used to protect everyone's privacy on a daily basis whenbrowsing the Internet. In recent years, several changes have been taking place,partly due to the possible arrival of quantum computers capable of endangeringsome of our current cryptographic systems.We identify four issues associated with these changes:1) The adaptation of primitives, which must be replaced by new, post-quantum ones.2) The adaptation of protocols, which sometimes also rely on properties vulnerable to quantum computers.3) The evolution of the end-users habits, in their use of digital tools, as they tend to consum more live video streams but at the same demand stronger privacy protection.4) Computers capabilities are constantly evolving (e.g. through hardwareaccelerators), often due to other applications (AI, games), however theseevolutions can offer attack surfaces, in particular by auxiliary channels.This PhD thesis argues that these issues are interdependent and that a global consideration of these problems helps to ensure that cryptography can be adapted to the post-quantum era. For that purpose, three main contributions are proposed, that consist in:1) Proposing an anonymizing protocol for massive live-streaming (user constraints) which is also post-quantum (constraints on primitives).2) Studying commutative encryption protocols, in particular lawful interception ones, in order to make them post-quantum without creating weaknesses or being limited to super-encryption.3) Understanding how architectures featuring in-memory computing will affect the performance of post-quantum primitives, and how co-design is possible so as to also reduce auxiliary channel leakage
Adaptation d'Outils Cryptographiques pour un Contexte Post-Quantique
National audienceCryptography is used to protect everyone's privacy on a daily basis whenbrowsing the Internet. In recent years, several changes have been taking place,partly due to the possible arrival of quantum computers capable of endangeringsome of our current cryptographic systems.We identify four issues associated with these changes:1) The adaptation of primitives, which must be replaced by new, post-quantum ones.2) The adaptation of protocols, which sometimes also rely on properties vulnerable to quantum computers.3) The evolution of the end-users habits, in their use of digital tools, as they tend to consum more live video streams but at the same demand stronger privacy protection.4) Computers capabilities are constantly evolving (e.g. through hardwareaccelerators), often due to other applications (AI, games), however theseevolutions can offer attack surfaces, in particular by auxiliary channels.This PhD thesis argues that these issues are interdependent and that a global consideration of these problems helps to ensure that cryptography can be adapted to the post-quantum era. For that purpose, three main contributions are proposed, that consist in:1) Proposing an anonymizing protocol for massive live-streaming (user constraints) which is also post-quantum (constraints on primitives).2) Studying commutative encryption protocols, in particular lawful interception ones, in order to make them post-quantum without creating weaknesses or being limited to super-encryption.3) Understanding how architectures featuring in-memory computing will affect the performance of post-quantum primitives, and how co-design is possible so as to also reduce auxiliary channel leakage.La cryptographie est utilisée pour protéger la vie privée de tous quotidiennement lors de la navigation sur Internet. On observe de multiples changements en cours ces dernières années, dûs en partie à la possible arrivée prochainement d'ordinateurs quantiques capables de mettre en danger certains de nos chiffrements actuels.On remarque quatre principaux enjeux associés à ces changements :1) L'adaptation des primitives, qui doivent être remplacées par de nouvelles, post-quantiques.2) L'adaptation des protocoles, qui parfois reposent aussi sur des propriétés vulnérables aux ordinateurs quantiques.3) L'évolution des habitudes des utilisateurs, pour lesquels sont conçus ces protocoles, impliquant notamment une consommation numérique plus importante (flux vidéos en direct) et une demande de protection accrue de la vie privée.4) Les capacités des ordinateurs, qui évoluent en permanence (par exemple grâce à des accélérateurs matériels) souvent pour d'autres applications (IA, jeux), peuvent offrir des surfaces d'attaques, notamment par canaux auxiliaires.La présente thèse soutient que ces enjeux sont interdépendants et qu'une vision groupée de ces problèmes aide à garantir l'adaptation de la cryptographie à l'ère post-quantique.Ce propos est appuyé par trois pistes de recherche :1) Proposer un protocole anonymisant de live-streaming massif (contraintes utilisateurs) qui soit aussi post-quantique (contraintes sur les primitives).2) Etudier les protocoles de chiffrements commutatifs, en particulier d'interception réglementée, ainsi que la manière de les rendre post-quantiques sans créer de faiblesses ou qu'ils soient limités à des sur-chiffrements.3) Comprendre la manière dont les architectures dotées de calcul en mémoire vont affecter les performances des primitives post-quantiques, et comment un co-design est possible pour aussi réduire les fuites par canaux auxiliaires
Adaptation d'Outils Cryptographiques pour un Contexte Post-Quantique
National audienceCryptography is used to protect everyone's privacy on a daily basis whenbrowsing the Internet. In recent years, several changes have been taking place,partly due to the possible arrival of quantum computers capable of endangeringsome of our current cryptographic systems.We identify four issues associated with these changes:1) The adaptation of primitives, which must be replaced by new, post-quantum ones.2) The adaptation of protocols, which sometimes also rely on properties vulnerable to quantum computers.3) The evolution of the end-users habits, in their use of digital tools, as they tend to consum more live video streams but at the same demand stronger privacy protection.4) Computers capabilities are constantly evolving (e.g. through hardwareaccelerators), often due to other applications (AI, games), however theseevolutions can offer attack surfaces, in particular by auxiliary channels.This PhD thesis argues that these issues are interdependent and that a global consideration of these problems helps to ensure that cryptography can be adapted to the post-quantum era. For that purpose, three main contributions are proposed, that consist in:1) Proposing an anonymizing protocol for massive live-streaming (user constraints) which is also post-quantum (constraints on primitives).2) Studying commutative encryption protocols, in particular lawful interception ones, in order to make them post-quantum without creating weaknesses or being limited to super-encryption.3) Understanding how architectures featuring in-memory computing will affect the performance of post-quantum primitives, and how co-design is possible so as to also reduce auxiliary channel leakage.La cryptographie est utilisée pour protéger la vie privée de tous quotidiennement lors de la navigation sur Internet. On observe de multiples changements en cours ces dernières années, dûs en partie à la possible arrivée prochainement d'ordinateurs quantiques capables de mettre en danger certains de nos chiffrements actuels.On remarque quatre principaux enjeux associés à ces changements :1) L'adaptation des primitives, qui doivent être remplacées par de nouvelles, post-quantiques.2) L'adaptation des protocoles, qui parfois reposent aussi sur des propriétés vulnérables aux ordinateurs quantiques.3) L'évolution des habitudes des utilisateurs, pour lesquels sont conçus ces protocoles, impliquant notamment une consommation numérique plus importante (flux vidéos en direct) et une demande de protection accrue de la vie privée.4) Les capacités des ordinateurs, qui évoluent en permanence (par exemple grâce à des accélérateurs matériels) souvent pour d'autres applications (IA, jeux), peuvent offrir des surfaces d'attaques, notamment par canaux auxiliaires.La présente thèse soutient que ces enjeux sont interdépendants et qu'une vision groupée de ces problèmes aide à garantir l'adaptation de la cryptographie à l'ère post-quantique.Ce propos est appuyé par trois pistes de recherche :1) Proposer un protocole anonymisant de live-streaming massif (contraintes utilisateurs) qui soit aussi post-quantique (contraintes sur les primitives).2) Etudier les protocoles de chiffrements commutatifs, en particulier d'interception réglementée, ainsi que la manière de les rendre post-quantiques sans créer de faiblesses ou qu'ils soient limités à des sur-chiffrements.3) Comprendre la manière dont les architectures dotées de calcul en mémoire vont affecter les performances des primitives post-quantiques, et comment un co-design est possible pour aussi réduire les fuites par canaux auxiliaires
Acceleration of Classic McEliece Post-Quantum Cryptosystem with Cache Processing
International audienceThe NIST Post-Quantum Cryptography standardization process is in its fourth round, with a first KEM standard based on LWE and three candidates based on ECCs. These primitives implementation are designed to be optimal on classical hardware architecture targets. However, emerging architectures with Processing In Memory, made to be multipurpose contrary to cryptographic co-processors, have proven their efficiency in multiple use-cases and show better overall computational speed. In this paper, we show that the Classic McEliece performance can be improved on PIM architectures. Notably, the public key generation benefits of a 12.6x speed-up on architectures with bit-line operations. We also describe the open-source RISC-V simulator specifically developed for our experiments, including both in-cache and vectored operations. We discuss how these architecture changes may open the possibility of redesigning primitives or parameter sets for better efficiency
McEliece Parameter Sets Optimized for Processing in Memory Architectures
International audienceParameter sets for post-quantum primitives have to be designed with their whole lifecycle in mind. Computers will likely evolve to include larger computing spaces, for instance, with processing in memory. This architecture change is already known to improve cryptographic performance. In this paper, we propose new parameter sets for Classic McEliece to benefit further from this change
Multi-Locking and Perfect Argument Order: Two Major Improvements of Attribute-Based Encryption~(Long Paper)
Attribute Based Encryption, proposed by Sahai and Waters in 2007, is a set of promising cryptographic schemes that enable various fine grained access control on encrypted data. With a unique encryption key, a user is able to encrypt data for a very specific group of recipient that matches a set of attributes contained inside their decryption key.
In current scenario where personal devices share an increasing volume of private data on the web, such encryption algorithms are more than ever a strong alternative to standard encryption algorithms.
In this paper, we propose two major improvements of ABE namely the Perfect Argument Order Optimization and the Multi-Locking. Multi-Locking ABE is an extension of ABE that enables to share access control policy on an arbitrary number of entities. We also make a step further for the speed-up of ABE by providing the ``Perfect Argument Order Optimization\u27\u27, which is a generalization of the ``Fixed Argument Optimization\u27\u27 of Scott et al. to a much wider range of ABE constructions (and in particular to our Multi-Locking ABE).
Based on those two improvements we propose a construction of the first privacy-preserving Cloud service based on ABE, allowing ephemeral accesses to the data.
The Multi-Locking ABE and the Perfect Argument Order Optimization have been successfully integrated to the OpenABE library, providing a speed-up for a variety of ABE constructions
Key Recovery from Side-Channel Power Analysis Attacks on Non-SIMD HQC Decryption
HQC is a code-based cryptosystem that has recently been announced for standardization after the fourth round of the NIST post-quantum cryptography standardization process. During this process, the NIST specifically required submitters to provide two kinds of implementation: a reference one, meant to serve lisibility and compliance with the specifications; and an optimized one, aimed at showing the performance of the scheme alongside other desirable properties such as resilience against implementation misuse or side-channel analysis.
While most side-channel attacks regarding PQC candidates running in this process were mounted over reference implementations, very few consider the optimized, allegedly side-channel resistant (at least, constant-time), implementations. Unfortunately, HQC optimized version only targets x86-64 with Single Instruction Multiple Data (SIMD) support, which reduces the code portability, especially for non-generalist computers.
In this work, we present two power side-channel attacks on the optimized HQC implementation with just the SIMD support deactivated. We show that the power leaks enough information to recover the private key, assuming the adversary can ask the target to replay a legitimate decryption with the same inputs.
Under this assumption, we first present a key-recovery attack targeting standard Instruction Set Architectures (ARM T32, RISC-V, x86-64) and compiler optimization levels. It is based on the well known Hamming Distance model of power consumption leakage, and exposes the key from a single oracle call.
During execution on a real target, we show that a different leakage, stemming from to the micro-architecture, simplifies the recovery of the private key. This more direct second attack, succeeds with a 99% chance from 83 executions of the same legitimate decryption. While the weakness leveraged in this work seems quite devastating, we discuss simple yet effective and efficient countermeasures to prevent such a key-recovery
Classic McEliece on new parameter sets
Classic McEliece new parameter sets validation : evaluates the cycle counts of the execution of Classic McEliece subroutines on a RISC-V simulator for various parameter sets and with cache operations. This allows to re-create the results of "McEliece Parameter Sets Optimized for Processing in Memory Architectures" published in CBCrypto 2024
