Scientific direction Development of key enabling technologies
Transfer of knowledge to industry

PhD : selection by topics

Technological challenges >> Cyber security : hardware and sofware
11 proposition(s).

Design of neural networks adapted to FHE and MPC

Département Architectures Conception et Logiciels Embarqués (LIST-LETI)

Laboratoire composants logiciels pour la Sûreté et la Sécurité des Systèmes

01-10-2019

SL-DRT-20-0388

aymen.boudguiga@cea.fr

Cyber security : hardware and sofware (.pdf)

In this thesis, the student will investigate the variety of scenarios in which homomorphic encryption provides a meaningful countermeasure to confidentiality threats applying to neural net systems. To do this, she/he will leverage on the many degrees of freedom in neural network design as well as homomorphic encryption scheme design to propose specialized networks and FHE-schemes efficiently working together. The candidate will attempt to push this application/FHE co-design strategy to its limits in order to notably: evaluate deep neural networks over encrypted data (input/output privacy), evaluate encrypted deep networks over clear or encrypted inputs (model/output privacy with optional input privacy). This will require to define an efficient FHE-neuron as well as to bring privacy-by-design at all stages of its lifecycle: from the unitary encrypted-domain execution of the neuron itself, to input-private and/or model-private evaluation of networks of that neuron, and then up to the training of networks of such neurons (over clear data). In addition, she/he will investigate the use of MPC for the same evaluations. Ideally, she/he will identify situations where using either FHE or MPC are more suitable for ensuring data confidentiality. In addition, synergies between FHE and MPC usage will be studied. Furthermore, implementing proof of concepts will provide clear experimental evidences of either the practicality of marrying a neural network technique with a specific homomorphic encryption or MPC scheme or measuring/estimating the remaining gap to achieve the evaluation of networks of practically relevant size and complexity.

Download the offer (.zip)

Proved simplification engine for software deductive verification

Département Ingénierie Logiciels et Systèmes (LIST)

Laboratoire pour la Sûreté du Logiciel

01-09-2020

SL-DRT-20-0396

loic.correnson@cea.fr

Cyber security : hardware and sofware (.pdf)

The Frama-C platform developped at CEA is dedicated to formally establish the absence of bugs in critical sofwares. It is used at an industrial scale in various domains, such as avionics and energy production plants. No asses such waranties on critical sofwares, it is necessary to automate the verfication process with proof assistants (Coq, PVS, HOL) and SMT solvers (Z3, CVC4, Alt-Ergo). However, for these techniques to be applicable on industrial codes, it is necessary to first simplify our proof objectives. Inside Frama-C, we have developped the Qed engine which is precisely in charge of building and simplifying logical formula. This engine was typically responsible for dramatic gains in performance for proving critical codes at Airbus, leading to the adoption of the approach in their production process. Since Qed early developments in 2015 the engine has been extended with many improvements with an increasing complexity. It now becomes difficult to certify that the engine remains sound and only produce valid simplifications. To this end, the subject of the thesis is to completely redesign the Qed engine with the Why-3 proof environment by specifying its simplification algorithms and formally verifying their correctness. Eventually, the extracted code from this Why-3 development will replace the existing engine inside Frama-C.

Download the offer (.zip)

Hardware countermeasure techniques of cryptographic algorithms exploiting in-memory computing

Département Architectures Conception et Logiciels Embarqués (LIST-LETI)

Laboratoire Intégration Silicium des Architectures Numériques

01-10-2020

SL-DRT-20-0401

simone.bacles-min@cea.fr

Cyber security : hardware and sofware (.pdf)

The LISAN Laboratory (Digital Design & Architecture Laboratory) develops and designs innovative chip systems based on multicore architectures and low-power architectures dedicated to the Internet of Things (IoT). The field of IoT overcomes many prerequisites, especially in the area of security of autonomous connected objects in energy. New architectures are supposed to be the most energy efficient as possible. The implementation of IoT security must also be guided by the available energy without causing any security breach. An intelligent memory, called C-SRAM, able to perform in memory computing has been designed within the laboratory. The aim of the thesis is to study the possibilities of this memory from the point of view of security. The intrinsic properties of this intelligent memory make it possible to envisage the implementation of several algorithms and in particular new countermeasures against combined physical attacks (side-channels and faults).

Download the offer (.zip)

Side-Channel Analysis against the confidentiality of embedded neural networks: attack, protection, evaluation

Département Systèmes (LETI)

Laboratoire Sécurité des Objets et des Systèmes Physiques

01-09-2020

SL-DRT-20-0584

pierre-alain.moellic@cea.fr

Cyber security : hardware and sofware (.pdf)

One of the major trends of Artificial Intelligence is the large-scale deployment of Machine Learning systems to a large variety of embedded platforms. A lot of semi-conductor practioners propose "A.I. suitable" products, majoritarely with neural networks for inference purpose. The security of the embedded models is a major issue for the deployment of these systems. Several works raised threats such as the adversarial examples or the membership inference attacks with disastrous impact. These works consider the ML aglorithms through a pure algorithmic point of view without aking into consideration the specificities of their physical implementation. Moreover, advanced works are compulsory for physical attacks (i.e., side-channel and fault injection analysis). By considering a overall attack surface gathering the theoretical (i.e. algorithmic) and physical facets, this subject propose to analyze side-channel analysis threats (SCA) targeting the confidentiality of the data as well as the model (reverse engineering) of embedded machine learning systems and the development of appropriate protections. Several works have studied physical attacks for embedded neural networks but with usually naive model architecture on 'simple' 8-bit microcontrolers, or FPGA or at a pure simulation level. These works do not try to link the fault models or the leakages with well-known algorithmic threats. Being based on the experience on other critical systems (e.g., cryptographic primitive), the main idea of this PhD subject will be to jointly analysis the algorithmic and physical world in order to better understand the complexity of the threats and develop efficient defense schemes. The works will answer the following scientific challenges: (1) Caracterization and exploitation of side-channel leakages: how to exploit side-channel leakages (power or EM) to guess sensible information focused on the training data or information on the model architecture. (2) Evaluation of the relevance of classical countermeasures such as hiding or masking techniques for this kind of systems and threats. (3) Develop new protections suitable to embedded neural networks.

Download the offer (.zip)

Protecting elliptic curve cryptography against Template atttacks and Horizontal attacks

Département Systèmes (LETI)

Laboratoire Sécurité des Objets et des Systèmes Physiques

01-09-2020

SL-DRT-20-0600

antoine.loiseau@cea.fr

Cyber security : hardware and sofware (.pdf)

This study is focused on the security of embedded systems and in particular asymmetric cryptography against horizontal attacks and Template attacks. Recent studies, applied to symmetric cryptography, have made it possible to build new techniques for side channel attacks. By improving the effectiveness of Template attacks, these new attacks make it easier to bypass masking countermeasures. It seems appropriate to study these new tools in depth in the context of Template and horizontal attacks against asymmetric cryptography, especially for elliptic curves. The use of machine learning in the context of side channel attacks. The main purpose of the thesis is to evaluate the security properties of ECCs against the most advanced Template and Horizontal attacks that use machine learning. Depending on the results obtained, new countermeasures will have to be constructed in order to address any new weaknesses.

Download the offer (.zip)

RTN entropy source extraction from RRAM for TRNG application

Département Systèmes (LETI)

Laboratoire Sécurité des Objets et des Systèmes Physiques

01-06-2020

SL-DRT-20-0693

florian.pebay@cea.fr

Cyber security : hardware and sofware (.pdf)

As a consequence of the rapid development of the Internet of Things (IoT), where devices are massively interconnected, security breaches are discovered daily. The growing threat of physical attacks, on which connected objects are widely exposed, forces chipmakers to increase the security of their products. True Random Number Generators are the cornerstone of device security; they are required for running cryptographic algorithms and fully integrated into encryption engines. The security level of the system directly depends on the randomness of the bits generated. Furthermore, IoT chips are facing harsh constraints in terms of price and power consumption. In order to be integrated into these chips, TRNG must offer an efficient tradeoff between cost and security. In this perspective, TRNGs based on already integrated components, such as RRAM memories, is a promising lead.

Download the offer (.zip)

Vulnerability study of electronic system against electromagnetic perturbation

Département Systèmes (LETI)

Centre d'Evaluation de la Sécurité des Technologies de l'Information

01-09-2020

SL-DRT-20-0830

Cyber security : hardware and sofware (.pdf)

In the field of electronic system evaluation, the Leti ITSEF evaluates the component resistance against perturbation attacks using classical methods (voltage/clock glitch, glitch, photoelectric perturbation). Usual methods allow the evaluator to inject faults on the target with a high level of precision but require a physical access to the product in order to be very close to the area of the perturbation, which is sometimes unrealistic. Indeed, state of the art equipment used by the leti ITSEF for electromagnetic perturbations usually require to put a wire loop at less than 1mm of the component. The Leti ITSEF wants to develop a novel distant perturbation method based on electromagnetic perturbation. On the other hand, the CEA-DAM of Gramat has a serious experience in electromagnetic susceptibility of electronic system against electromagnetic aggressions. They want to use their technology in order to evaluate the vulnerability of a communicating system against an electromagnetic aggression. Objectives The research will be based on previous studies performed by the CEA-DAM of Gramat on the vulnerability of electronic systems against electromagnetic radiations, which is very effective for permanent or temporarily denial of service. First, it will be necessary to make the link between the Gramat technology that is very effective in term of service denial and the Leti technology, which allows a more precise effect. Then, a laboratory demonstrator will be developed to perform perturbation attacks on a representative target. Execution of the Thesis The first part of the thesis will be dedicated to the bibliography review on the effects of electromagnetic perturbations on electronic systems and the study of different ways to produce such electromagnetic perturbations. In the second part, the technical choice from the previous part will be tested against different representative targets of IoT devices. It will be necessary to measure the perturbation impact on different targets and to compare the results regarding a theoretical model. The last part will be dedicated to the prototype development.

Download the offer (.zip)

Optimization of countermeasure insertion for the safety of Integrated Circuits.

Département Architectures Conception et Logiciels Embarqués (LIST-LETI)

Laboratoire Calcul Embarqué

01-10-2019

SL-DRT-20-0836

lilia.zaourar@cea.fr

Cyber security : hardware and sofware (.pdf)

Hardware Trojans (HTs) are malicious blocks inserted into Systems on Chip (SoC) by untrusted parties in the IC design/manufacturing flow. They have been identified as a realistic threat, among others to the car safety and military. HTs aim to change SoCs' behavior, ranging from denial of service, decreased reliability, to confidential information leakage. Such attacks lead to multi-billions dollars loss per year for the semiconductor industry. Countermeasures against HTs exist, divided into two categories: detection and prevention. Ten years of research have shown that detection is a very challenging task, knowing the stealthy nature of the threat and the multiple possible forms of HTs. Prevention consists in modifying the design flow to take into account security issues. Despite its potential cost, it represents a more effective way to overcome HT insertion. So-called Design-for-Hardware-Trust (DfHT) methods exist, with various goals and impacts on performance. The MOOSIC project proposes a framework dedicated to security that can be integrated into the conventional IC design flow. The goal is to take into account, as early in the design phase, both countermeasures against HTs and performance, to ensure that the SoC behavior is guaranteed despite untrusted IPs vendors or foundry. Towards this objective, the project envisions to establish and evaluate security properties and then integrate them during synthesis with multi-objective optimization techniques, which will be built on a mathematical modeling of the problem that takes into account both the performance and the HTs?effects. It is indeed necessary to find a good compromise between the level of security sought after and performance. The candidate will have to propose a complete mathematical model of the problem that supports all the constraints and objectives (security, area, frequency, consumption). He will then have to develop optimization algorithms to effectively solve the problem of insertion of countermeasures on conventional criteria (time, area, consumption). Finally, a validation of the methodology on simple first examples is envisaged as well as some test on industrial use cases improvement with some improvement if necessary. The thesis will take place at the CEA LIST LCE and will be led by the LIP6 / Sorbonne University in Paris.

Download the offer (.zip)

Systematic construction and interpretation of electromagnetic leakages models for embedded processors

Département Systèmes (LETI)

Laboratoire Sécurité des Objets et des Systèmes Physiques

01-10-2020

SL-DRT-20-0838

maxime.lecomte@cea.fr

Cyber security : hardware and sofware (.pdf)

Side-channel attacks consist in measuring the physical activity emitted by a circuit (processor, microcontroller or cryptographic accelerator) to extract secrets. The consumption of the circuit or the electromagnetic emanation are the most commonly exploited signals. Due to the development of the Internet of Things (IoT), more and more systems are exposed to these attacks. Unfortunately, integrating countermeasures (software or hardware) against such attacks is extremely expensive. Therefore, it is essential to have an accurate idea of side-channel leakages as early as possible in the design phases. On the one hand to target countermeasures on critical areas and on the other hand to have a realistic view of leakages in order to automate the application of countermeasures. The thesis topic is the exploration of electromagnetic leakage models and different ways of interpreting them. The general objective of this work is to model the leakages of a processor based on its state at different abstraction level: Register Transfer Level (RTL), micro-architecture or even instruction set simulator (ISS). The LSOSP laboratory of CEA-LETI where the thesis will take place has a strong experience on physical measurements and has already performed preliminary research on the subject. Therefore, the candidate will start from these results and will perform physical measurements and manipulate different logic models to create a precise leakage model of the targeted processor.

Download the offer (.zip)

Towards efficient post-quantum algorithms. Exploring embedded cyber-security

Département Architectures Conception et Logiciels Embarqués (LIST-LETI)

Laboratoire composants logiciels pour la Sûreté et la Sécurité des Systèmes

01-09-2020

SL-DRT-20-0870

malika.izabachene@cea.fr

Cyber security : hardware and sofware (.pdf)

Progress in Cryptanalysis leads to new attacks on cryptographic algorithms and enforce to augment the key sizes of currently used systems. In addition, the threats of quantum attacks lead to relevant attacks optimizations on some popular asymmetric cryptosystems as RSA. These facts leads to consider a new generation of algorithms called post-quantum algorithms which are resistant against quantum attacks. In 2016, the NIST (National Institute of Standards and Technology) makes a call for new post-quantum cryptographic algorithms . We are currently at the second phase of the analysis process of the candidates for standardization. In this PhD thesis, we will address the possibility to implement post-quantum algorithms in constraint environments i.e. the constraints resources such as memory or computation capabilities. This study will lead us to  consider constant-time implementations in order to resist to timing attacks. Our study will be based on NIST submissions but not only; we will also review variants or other algorithms proposed outside the call. Our focus will be to construct dedicated cryptographic building blocks  for target constraints. And one of our goals will be to build secure quantum algorithms in real world models which captures extended timing and physical attacks.

Download the offer (.zip)

Impact of micro-architecture on side-channel attack countermeasures

Département Architectures Conception et Logiciels Embarqués (LIST-LETI)

Laboratoire Infrastructure et Ateliers Logiciels pour Puces

01-09-2020

SL-DRT-20-0921

nicolas.belleville@cea.fr

Cyber security : hardware and sofware (.pdf)

The context of this thesis is the context of cyber-security for embedded systems and IoT. The thesis addresses the application of countermeasures by compilation against side-channel attacks exploiting power consumption or electromagnetic emissions, which represent a major threat against these systems. A leakage model can be used when applying countermeasures: it models how side-channel leakages are related to the program and the data being manipulated by the processor. An unfaithful model does not allow the countermeasure to be applied effectively. The models currently employed are insufficient since they do not take into account the micro-architecture of the components. Indeed, micro-architecture and in particular elements that are invisible at the assembly level (hidden registers or buffers) can cause leakages. The objective of this thesis is to study the impact of micro-architecture on the automated application of countermeasures against auxiliary channel attacks during compilation. A first axis is to study how to modify the way countermeasures are applied within the compiler to take into account precise leakage models that are micro-architecture aware, for example how to adapt the instruction selection or register allocation in the compiler depending on the leakage model. A second axis is to adapt the countermeasures themselves in order to better take into account the nature of the leakages, with the objective of improving the reduction of information leakage and thus improving the security/performance trade-off.

Download the offer (.zip)

Voir toutes nos offres