Le séminaire du LSV

Le séminaire du LSV a lieu le mardi à 11h00. Le lieu habituel est la salle de conférences au Pavillon des Jardins (plan d'accès). Pour être informé par email des prochains séminaires, contacter Stéphane Le Roux and Matthias Fuegger.

Le séminaire du LSV est public et ne nécessite aucune inscription préalable.

Séminaires passés

Towards provable security against side-channel attacks

Visiter le site web pour cet événement | Exporter cet événement au format iCalendar

 Boris Köpf
Date
Le mardi 15 décembre 2009 à 11:00
Lieu
Salle de Conférence (Pavillon des Jardins)
Orateur
Boris Köpf (University of Saarbrücken)

Side-channel attacks threaten the security of cryptographic algorithms by exploiting information that is revealed by the physical characteristics of the algorithm's execution, for example through variations in the running time or power consumption. In distributed environments such as the Internet, timing attacks are the most daunting kind of side-channel attack: Timing can be measured and exploited remotely, opening the door for a potentially large number of attackers. Unfortunately, there have been no countermeasures against timing attacks that are practical and provably secure at the same time. In this talk, I present work on novel methods for reasoning about the security of countermeasures against side-channel attacks. The basis for this work is a model that enables one to express bounds for the amount of information that can be extracted from a system in a side-channel attack. I present algorithms for computing such bounds, and I report on experimental results where we apply these algorithms to analyze concrete implementations of cryptographic algorithms. One finding is that the state-of-the-art countermeasure against timing attacks reduces the rate at which an implementation leaks information about the key, but that the entire key information is still eventually revealed. Finally, I present recent work where we propose a novel countermeasure against timing attacks that is provably secure in our model. A case study shows that this countermeasure is also practical in that it leads to implementations with minor performance overhead.


À propos du LSV

Agenda des séminaires

Exporter l'agenda au format iCalendar | Les séminaires précédents

mar. 19 février

Les séminaires précédents