Archives


19/11/2024 - Shaken, not Stirred - Automated Discovery of Subtle Attacks on Protocols using Mix-Nets
Dhekra MAHMOUD • Doctorante
Mix-Nets are used to provide anonymity by passing a list of inputs through a collection of mix servers. Each server mixes the entries to create a new anonymized list, so that the correspondence between the output and the input is hidden. These Mix-Nets are used in numerous protocols in which the anonymity of participants is required, for example voting or electronic exam protocols. Some of these protocols have been proven secure using automated tools such as the cryptographic protocol verifier ProVerif, although they use the Mix-Net incorrectly. We propose a more detailed formal model of exponentiation and re-encryption Mix-Nets in the applied Π-Calculus, the language used by ProVerif, and show that using this model we can automatically discover attacks based on the incorrect use of the Mix-Net. In particular, we (re-)discover attacks on four cryptographic protocols using ProVerif: we show that an electronic exam protocol, two electronic voting protocols, and the “Crypto Santa” protocol do not satisfy the desired privacy properties. We then fix the vulnerable protocols by adding missing zero-knowledge proofs and analyze the resulting protocols using ProVerif. Again, in addition to the common abstract modeling of Zero Knowledge Proofs (ZKP), we also use a special model corresponding to weak (malleable) ZKPs. We show that in this case all attacks persist, and that we (re)discover these attacks automatically.

15/10/2024 - Anonymity Model and Design of Different Signature Types
Charles OLIVIER-ANCLIN • Doctorant
Security models provide a way of formalising security properties in a rigorous way, but it is sometimes difficult to ensure that the model really fits the concept that we are trying to formalise. In this paper, we illustrate this fact by showing the discrepancies between the security model of anonymity in linkable ring signatures and the security that is actually expected for this kind of signature. These signatures allow a user to sign anonymously within an ad hoc group generated from the public keys of the group members, but all their signatures can be linked together. Reading the related literature, it seems obvious that users' identities must remain hidden even when their signatures are linked, but we show that, surprisingly, almost none of the anonymity models guarantee this property. We illustrate this by presenting two counter-examples which are secure in most anonymity model of linkable ring signatures, but which trivially leak a signer's identity after only two signatures.

A natural fix to this model, already introduced in some previous work, is proposed in a corruption model where the attacker can generate the keys of certain users themselves, which seems much more coherent in a context where the group of users can be constructed in an ad hoc way at the time of signing. We believe that these two changes make the security model more realistic. Indeed, within the framework of this model, our counter-examples becomes insecure. Furthermore, we show that most of the schemes in the literature we surveyed appear to have been designed to achieve the security guaranteed by the latest model, which reinforces the idea that the model is closer to the informal intuition of what anonymity should be in linkable ring signatures.

18/06/2024 - Design of Secure Multi-Users Protocols: Applications to Bandits, Ticketing and File Transfer
Gaël MARCADET • Doctorant
Répétition de soutenance de thèse

Cryptographic protocols establish a series of interactions among numerous users to deliver specific functionality while ensuring various properties, a protocol being considered secure when it successfully ensures all intended properties. Accomplishing these properties requires the utilisation of cryptographic primitives, whose usage may entail computation overhead and hence limiting the scalability of the protocol. Throughout this manuscript, we focus on three problems dealing with multiple users.

The first contribution focuses on the design of federated multi-armed bandits framework where a federation server acting as a learning agent repeatedly pull a bandit arm, the environment responding with a reward coming from an unknown distribution associated with the chosen arm. In this contribution, we introduce ProtoBandit, a secure federated Mbandits protocol fixing and extending our initial attempt Proto shown to be insecure. ProtoBandit is proved to prevent the federation to learn the reward distribution, the obtained rewards and the pulled bandit arm, at the cost of a large computation overhead due to the usage of expensive cryptographic primitives. In this second part of this contribution, we introduce ProtoBP a secure federated Mbandits protocol moving away from the blueprint of Proto and ProtoBandit, still preventing the federation server to learn sensitive data while achieving high-performance and hence to be scalable.

The second contribution of this manuscript deals with a problem involving a large number of users, since it concerns the design of a ticketing system. Indeed, despite the high-demand, these systems provides very restricted guarantees. For instance, one may easily resell a ticket twice. Worse, majority of tickets are nominatives, revealing the identity of the ticket's owner. Using standard cryptographic primitives, we propose two scalable anonymous and transferable ticketing systems called ProtoTicket and ProtoAudit, ensuring users anonymity while featuring ticket purchasing, ticket refunding, ticket validation and ticket transferability. The difference between ProtoTicket and ProtoAudit lies in the ability to recover the identity of an attendee: In ProtoTicket, the anonymity of every user is guaranteed at any time, a property that still holds with ProtoAudit except for an additional third-party able to recover the identity of an attendee, at the cost of a slightly longer ticket validation.

Our third and last contribution focuses on the broadcast file transfer problem consisting to share a file to a group of users. The trivial solution consisting to store files on a single publicly available server falls short for instance when the server is down or when the server handles a high number of requests, and is not suitable when the exchanged file contains sensitive data. In this contribution, we introduce an universally composable and efficient protocol allowing one to share a file only to a group of users while ensuring confidentiality and integrity of the file and sender authentication.

21/05/2024 - Convergence sûreté-sécurité des systèmes de contrôle industriels
Mike DA SILVA • Doctorant, CEA LETI
Les systèmes industriels sont à l'origine de la production de bien en transformant et en utilisant des matières premières. Ces systèmes répondent à nos besoins quotidiens comme en énergie électrique fournie par les centrales électriques, ou encore en nourriture fournie par l'industrie agroalimentaire. Un système industriel, quel qu'il soit, interagit toujours avec un procédé physique qu'il doit contrôler pour produire le bien attendu (nourriture, énergie, etc.). Ce contrôle se fait généralement par des systèmes de contrôle industriels (en anglais industrial control system, ICS) qui permettent une production plus uniforme, plus économique et plus sûr qu'un contrôle manuel. Aujourd'hui, les ICS évoluent en intégrant de plus en plus les technologies de l'information (IT), exposant ainsi leurs infrastructures aux cyberattaques. Cependant, contrairement aux technologies de l'information, les ICS présentent des risques et des contraintes en matière de sûreté et nécessitent des solutions de cybersécurité spécifiques. Mon travail de thèse, consiste à développer une méthode automatisée d’appréciation du risque de cybersécurité qui peut avoir un impact sur la sûreté des systèmes industriels.

19/03/2024 - Transferable, Auditable and Anonymous Ticketing Protocol
Dhekra MAHMOUD • Doctorante
Digital ticketing systems typically offer ticket purchase, refund, validation, and, optionally, anonymity of users. However, it would be interesting for users to transfer their tickets, as is currently done with physical tickets. In this work, we propose Applause, a ticketing system allowing the purchase, refund, validation, and transfer of tickets based on trusted authority, while guaranteeing the anonymity of users, as long as the used payment method provides anonymity. To study its security, we formalise the security of the transferable E-Ticket scheme in the game-based paradigm. We prove the security of Applause computationally in the standard model and symbolically using the protocol verifier ProVerif. Applause relies on standard cryptographic primitives, rendering our construction efficient and scalable, as shown by a proof-of-concept. In order to obtain Spotlight, an auditable version, proved to be secure, users will remain anonymous except for a trusted third party, which will be able to disclose their identity in the event of a disaster.

20/02/2024 - History of Path Establishment Technologies
Dorine CHAGNON • Doctorante
Early solutions take over path establishment to provide Quality of Service (QoS). A network that can support QoS is able to provide different levels of services depending on the application requirements. Some applications require real-time delivery of packets and need the assurance that packets will arrive on time. Other applications require packets to arrive correctly. The evolution of path establishment goes from technologies such as Frame Relay to more recent solutions such as Multiprotocol Label Switching (MPLS) and Internet-based Virtual Private Networks (VPNs). This presentation introduces path establishment technologies. Frame Relay and ATM use virtual circuits, and MPLS blends assets from virtual circuits and IP routing to determine paths. A VPN is used to restrict communication only between desired hosts, such as the sites of a company. Finally, IntServ and DiffServ allocate resources to maintain control over the flow of packets. Resource allocation is the process of assigning and distributing resources, such as hardware, software and bandwidth for effective use.

16/01/2024 - Cybersecurity of Critical Devices: Network Security and Host Intrusion Detection
Maxime PUYS • Maître de conférences
With Industry 4.0, industrial systems and IoT are converging as industries become more distributed and connected. IoT has expanded beyond smart home devices, reaching critical sectors like healthcare and transportation, facing cyber attacks and malware threats in an era of connected complexity. In this presentation, we will discuss several vulnerabilities and countermeasures at different scales. We will first study host-based intrusion detection systems in the context of embedded IoT. We will then discuss automatic protocol verification in the context of IoT networks and present an approach allowing to generation of C code from proven models. Finally, we will propose a methodology allowing to produce attack scenarios aiming at violating the safety properties consequently to malicious actions of the attackers.

11/12/2023 - A Unified Symbolic Analysis of WireGuard
Dhekra MAHMOUD • Doctorante
In this talk, we present a unified formal model of the WireGuard protocol in the symbolic model. Using the automatic cryptographic protocol verifiers SAPIC+, PROVERIF and TAMARIN, we conduct a thorough security assessment of the protocol with regard to an adversary that can read or set static, ephemeral or pre-shared keys, read or set ecdh pre-computations and control key distribution. We consider a complete protocol execution, including cookie messages used for resistance against denial of service attacks. Our analysis determines the minimal security guarantees required for each security property to be held. We present our results in a unified and interpretable way that allows comparisons with previous analyses. We also confirm a flaw in the anonymity of the communications and highlight an implementation choice that considerably weakens the protocol’s security. Lastly, we propose remediation with provably secure fixes for the weaknesses we found.

14/11/2023 - Etude, spécification et implémentation d’un chiffrement homomorphe ad-hoc basé sur RLWE
Lola-Baie MALLORDY • Stagiaire
Cloud storage is used to store huge amounts of data, both for companies and private users. Multi-cloud emerged to prevent data from system failure by storing simultaneously several copies of the data among multiple clouds. Yet, this solution is costly in memory, and often does not guarantee confidentiality nor integrity of the data. Moreover, handling communication with each server can be a daunting task for private users. Using secret sharing, we propose an approach involving multiple cloud servers, each holding a data share of constant size (independent of the initial data size but also of the threshold). We delegate share computations, and communications with the providers, to an untrusted proxy (intermediate server), thus minimizing the client-side workload. We consider keyless clients meaning that data recovery does not rely on client’s long-term keys.

We propose two variants of a keyless space-efficient multicloud storage scheme. One is efficient with stronger security assumptions while the other allows more adversarial capabilities but incurs higher complexity. We formalize a security model, and prove the security of our protocols. Finally, we complement this formal analysis by a proof-of-concept to demonstrate our approach feasibility.

10/10/2023 - On Contention-related Failures
Anaïs DURAND • Maîtresse de conférences
Reaching consensus is fundamental for many coordination problems in distributed computing. Yet, this problem is impossible in an asynchronous system as soon as one process may crash. We show that an additional constraint on failure occurrences allows solving the consensus problem in crash-prone environments. We will consider so-called λ-constrained failures that can happen only while a predefined contention threshold λ has not yet been bypassed. Assuming these failures, we will present algorithms solving agreement problems and circumventing well-known impossibility results.

20/06/2023 - Performance Enhancement in Wi-Fi Networks using Machine Learning
Ibrahim SAMMOUR • Doctorant
Répétition de soutenance de thèse

Dans le cadre de cette présentation, nous analysons d'abord les algorithmes d'adaptation de débit existants et leur impact sur les performances d'un réseau Wi-Fi. Ensuite, nous étudions les meilleures pratiques pour le déploiement de ces réseaux au sein d'une exploitation agricole, notamment le nombre de points d'accès requis et leur emplacement pour maximiser la couverture et les performances dans le cadre d'une application de surveillance et de contrôle à distance de robots agricoles mobiles. La technique de déploiement tire parti des fonctionnalités du Wi-Fi tel que le beamforming. Dans une seconde partie, nous exploitons des mécanismes d'apprentissage par renforcement pour adapter dynamiquement les profils d'application en fonction des conditions du réseau et des exigences des utilisateurs. Nous exploitons également les mécanismes de RL afin d'améliorer le protocole CSMA/CA en adaptant la durée du backoff selon l'état du réseau.

09/05/2023 - Multi-Armed Bandit Framework for Resource Allocation in Uplink NOMA Networks
Amani BEN AMOR • Doctorante, XLIM, Université de Limoges
Attracted by the advantages of Non-Orthogonal Multiple Access (NOMA) in accommodating multiple users within the same resources, this paper jointly addresses the resource allocation and power control problem for Machine Type Devices (MTDs) in a Hybrid NOMA system. Particularly, we model the problem using a Mean Field Game (MFG) framework underlying a Multi-Armed Bandit (MAB) approach. Firstly, the devices invoke the MAB tool to arrange themselves into multiple NOMA coalitions. Then, within each coalition, the MTDs apply the MFG approach to autonomously adjust their transmit power based on limited feedback received from the Base Station (BS). Simulation results are given to illustrate the equilibrium behavior of the proposed resource allocation algorithm and to underline its robustness compared to existing works in the literature.

14/03/2023 - Cybersecurity of Critical Devices: Network Security and Host Intrusion Detection
Maxime PUYS • Ingénieur chercheur, CEA LETI
With the advent of Industry 4.0, there is a convergence between industrial systems and IoT. As industry becomes more distributed, connected and service-oriented, it tends to move closer to IoT. On the other hand, IoT, which was initially limited to smart home devices and gadgets, is expanding into much more critical areas. What you find today in factories, healthcare, transportation or smart cities, are complex connected devices, often connected to a local network or even the cloud; working with machine learning algorithms and potentially processing personal data. In the context of modern warfare, an increasing number of cyber attacks have taken place against industrial systems since Stuxnet in 2011 or the power outages in Ukraine in 2015 and 2016. IoT devices are also facing an increasing number of malware attacks such as Mirai or BASHLITE.

In the context of industrial system security, we will discuss several vulnerabilities and countermeasures at different scales. We will first address the security of MODBUS and OPC-UA communication protocols against network attacks. We will extend this analysis to safety properties by proposing a method to produce attack scenarios aiming at violating the safety properties consequently to malicious actions of the attackers. Finally, in the context of critical IoT security, we will see how to equip objects with embedded intrusion detection systems.

21/02/2023 - Generic Privacy Preserving Private Permissioned Blockchains
Frédéric HAYEK • Doctorant
Private permissioned blockchains are becoming gradually more sought-after. Such systems are reachable by authorized users, and tend to be completely transparent to whoever interacts with the blockchain. In this paper, we mitigate the latter. Authorized users can now stay unlinked to the transaction they propose in the blockchain while being authenticated before being allowed to interact. As a first contribution, we developed a consensus algorithm for private permissioned blockchains based on Hyperledger Fabric and the Practical Byzantine Fault Tolerance consensus. Building on this blockchain, five additional variations achieving various client-wise privacy preserving levels are proposed. These different protocols allow for different use cases and levels of privacy control and sometimes its revocation by an authority. All our protocols guarantee the unlinkability of transactions to their issuers achieving anonymity or pseudonymity. Miners can also inherit some of the above privacy preserving setting. Naturally, we maintain liveness and safety of the system and its data.

10/01/2023 - RMC-PVC: A Multi-Client Reusable Verifiable Computation Protocol
Gaël MARCADET • Doctorant
The verification of computations performed by an untrusted server is a cornerstone for delegated computations, especially in multi-clients setting where inputs are provided by different parties. Assuming a common secret between clients, a garbled circuit offers the attractive property to ensure the correctness of a result computed by the untrusted server while keeping the input and the function private. Yet, this verification can be guaranteed only once. Based on the notion of multi-key homomorphic encryption (MKHE), we propose RMC-PVC a multi-client verifiable computation protocol, able to verify the correctness of computations performed by an untrusted server for inputs (encoded for a garbled circuit) provided by multiple clients. Thanks to MKHE, the garbled circuit is reusable an arbitrary number of times. In addition, each client can verify the computation by its own. Compared to a single-key FHE scheme, the MKHE usage in RMC-PVC allows to reduce the workload of the server and thus the response delay for the client. It also enforce the privacy of inputs, which are provided by different clients.

14/11/2022 - Time Optimal Gathering of Myopic Robots on an Infinite Triangular Grid
Pritam GOSWAMI • Doctorant, Jadavpur University
This work deals with the problem of gathering n oblivious mobile entities, called robots, at a point (not known beforehand) placed on an infinite triangular grid. The robots are considered to be myopic, i.e., robots have limited visibility. Earlier works of gathering mostly considered the robots either on a plane or on a circle or on a rectangular grid under both full and limited visibility. In the triangular grid, there are two works to the best of our knowledge. The first one is by Cicerone et al. [ICDCN'2021] on arbitrary pattern formation where full visibility is considered. The other one by Shibata et al. [IPDPS(W)'2021] which considers seven robots with 2- hop visibility that form a hexagon with one robot in the center of the hexagon in a collision-less environment under a fully synchronous scheduler.

In this work, we first show that gathering on a triangular grid with 1-hop vision of robots is not possible even under a fully synchronous scheduler if the robots do not agree on any axis. So one axis agreement has been considered in this work (i.e., the robots agree on a direction and its orientation). We have also shown that the lower bound for time is Ω(n) epochs when n number of robots are gathering on an infinite triangular grid. An algorithm is then presented where a swarm of n number of robots with 1-hop visibility can gather within O(n) epochs under a semi-synchronous scheduler. So the algorithm presented here is time optimal.

11/10/2022 - Validation formelle des requêtes PKI C-ITS
Dhekra MAHMOUD • Doctorante
Les Systèmes de Transport Intelligent (ITS) est un domaine de recherche qui gagne de plus en plus d'attention dans le contexte des Routes Intelligentes. Des messages sont échangés en permanence entre les acteurs des Systèmes de Transport Intelligent-Connectés (C-ITS) et devraient être sécurisés puisqu'ils peuvent contenir des informations sensibles relatives à la vie privée des utilisateurs. Aussi, accéder aux services spécifiques des ITS nécessite l' "authentification". L'Infrastructure à Clé Publique (PKI) représente une solution pour garantir la sécurité souhaitée. La communication au sein de cette PKI est gérée par des protocoles cryptographiques spécifiques. Plusieurs outils de vérification formelle existent dans la littérature pour analyser la sécurité des protocoles de sécurité notamment ProVerif. La première partie de la présentation portera sur la modélisation formelle des protocoles C-ITS PKI ainsi que leurs propriétés de sécurité au moyen du Pi-Calculus. La seconde partie présente les résultats obtenu avec ProVerif en testant notre modèle par l'analyse des trois protocoles PKI C-ITS décrits par l'ETSI.

10/05/2022 - Présentation d'une nouvelle modulation LoRa pour les communications satellites
Alexandre GUITTON • Professeur
En novembre 2020, l'entreprise Semtech a développé une nouvelle modulation appelée LR-FHSS (Long Range - Frequency Hopping Spread Spectrum), inspirée de la modulation LoRa (Long Range) très utilisée dans l'Internet des Objets, pour les communications entre des équipements terrestres et des satellites en basse orbite. Cette modulation permet à des nœuds capteurs très isolés, se trouvant par exemple sur un bateau au milieu de l'océan, d'obtenir une connectivité réseau à bas débit. Dans cette présentation orale, je décris cette nouvelle modulation appelée LR-FHSS et ses avantages. Je décris les résultats principaux des quelques papiers de la littérature qui évaluent cette modulation, et propose quelques défis à relever pour ce type de réseaux.


08/03/2022 - DURATS: Distributed User-centric Radio Access Technology Selection framework
Ali MAMADOU MAMADOU • Doctorant
Répétition de soutenance de thèse

Radio Access Technology (RAT) selection is an essential component in designing heterogeneous networks' coexistence to enable the diversity of current and future applications. Thus, in the 5G paradigm, many wireless technologies are available to ensure ubiquitous radio access. However, there are still open issues related to the decision-making process and Quality of Service (QoS) constraints consideration when it comes to selecting the most suitable wireless technology for a specific data transmission e.g., in Device-To-Device (D2D) communications.

We present DURATS: Distributed User-centric Radio Access Technology Selection framework formulated as a Multiple Criteria Decision Making (MCDM) problem with a decision data analysis mechanism that allows accurate network performance estimation in the decision-making process. Full-stack network simulation results show the benefits of DURATS compared to baseline decision mechanisms. Our findings show the benefits of DURATS, under multiple network load conditions, in enhancing network performance perceived by end-users (in terms of End-2-End packet delay, effective throughput, and data delivery rate), while considering simultaneously multiple QoS constraints.

08/02/2022 - How fast do you heal? A taxonomy for post-compromise security in secure-channel establishment
Léo ROBERT • Doctorant
Post-Compromise Security (PCS) is a property of secure-channel establishment schemes, which limits the security breach of an adversary that has compromised one of the endpoint to a certain number of messages, after which the channel heals. An attractive property, especially in view of Snowden's revelation of mass-surveillance, PCS features in prominent messaging protocols such as Signal. In this talk, we introduce a framework for quantifying and comparing PCS security, with respect to a broad taxonomy of adversaries. We model the healing speed of a broad class of protocols, including Signal, but also an identity-based messaging protocol named SAID, and even a composition of 5G handover protocols. We also apply the results obtained for this latter example in order to provide a quick fix, which massively improves its post-compromise security.

11/01/2022 - Sécurité des templates biométriques dans F2n en tant qu'espace métrique
Axel DURBET • Doctorant
Nous présentons une méthode de partitionnement de l'espace des templates afin d'accélérer les attaques qui visent à créer un masterkey ou un master feature et comment en déduire une formule pour déterminer le nombre maximal de personnes à mettre dans une base de données.

14/12/2021 - SAMBA: A Generic Framework for Secure Federated Multi-Armed Bandits
Gaël MARCADET • Doctorant
Les bandits à plusieurs bras (Multi-Armed Bandits) est un modèle d'apprentissage par renforcement où un agent choisit itérativement un bras à tirer parmi ceux disponible. Une fois tiré, un bras va produire une récompense issue d'une distribution indépendante, inconnue de l'agent. Nous nous sommes focalisés sur le problème de maximisation des récompenses dans un contexte d'apprentissage fédéré, où l'agent souhaite maximiser ses récompenses, tout en déléguant la tâche de maximisation à une autorité centrale qui va fédérer chaque bras considéré comme indépendant.

Notre attention s'est portée sur l'élaboration de SAMBA, une plateforme sécurisée pour la maximisation des récompenses dans un contexte d'apprentissage fédéré. Cette plateforme est capable d'exécuter une multitude d'algorithmes de bandits, conçus pour ce problème de maximisation, sans contraintes supplémentaires. Grâce à l'utilisation de primitives cryptographiques, SAMBA garantit plusieurs propriétés de sécurité (par exemple, seul l'agent doit connaître la somme des récompenses obtenues). Enfin, à la différence d'autres approches comme la confidentialité différentielle, SAMBA ne perturbe pas le fonctionnement de l'algorithme de bandits exécuté.

09/11/2021 - TMean Field Game-Theoretic Framework for distributed Power Control in Hybrid NOMA
Oussama HABACHI • Professeur
The steady expansion of the nombre of wireless devices and the ubiquity of the networks give rise to various interesting challenges for the future generation of wireless communication systems. Particularly, the operators have handle massive connectivity among Machine Type Devices (MTDs) and increasing demand for eMMB through limited spectrum resources. Non-Orthogonal Multiple Access (NOMA) has been spotlighted as an emerging technology to address the above-mentioned challenges. In this paper, we consider a NOMA scenario in which the users are divided into orthogonal coalitions, where each coalition users are served through the same time-code-frequency resource and separated using power levels. Specifically, we address the very dense scenario, where the complexity of centralized solutions become intractable. Firstly, we model the power allocation problem as a differential game. Then, we extend the formulated game to a Mean Field Game (MFG) theoretic framework taking the effect of the collective behavior of devices into consideration. Furthermore, we derive a distributed power control algorithm that enables the users to appropriately regulate their transmit power according to a brief information received from the Base station (BS).

12/10/2021 - Évaluation de schémas blind signature et constructions génériques
Charles OLIVIER-ANCLIN • Doctorant
La signature en blanc ("blind signature" en anglais) est une primitive cryptographique s'utilisant dans la réalisation de protocole de votes électroniques ou de systèmes bancaires anonymes. Dans ce cadre, nous avons réalisé une étude des propriétés et de la complexité des signatures en blanc basées sur l'identité. Notre procédé consiste en une réduction du temps d'exécution de toutes les opérations arithmétiques utilisées en une même unité basée sur la multiplication d'entiers de 3 072 bits. Cette réduction permet une comparaison réaliste et rapide de tous type de schéma. Nous démontrons l'efficacité de notre évaluation en proposant un état de l'art exhaustif de ces primitives. Plus de 80 protocoles sont répertoriés et évalués. De plus, il existe des constructions génériques pour les signatures en blanc que nous avons comparé à tous ces schémas.

08/06/2021 - Présentation de trois attaques sur des systèmes biométriques basés sur les projections
Axel DURBET • Stagiaire M2
Les schémas biométriques révocables visent à générer des gabarits biométriques sécurisés en combinant des objets spécifiques à l'utilisateur, comme un mot de passe ou un secret stocké, avec ses données biométriques. Ce type de transformation est construit comme une composition d'une transformation biométrique avec un algorithme d'extraction de caractéristiques. Les propriétés de sécurité attendues pour des systèmes biométriques révocables sont l'irréversibilité, l'indistinguabilité et la révocabilité des modèles sans perte de précision pour la comparaison. Bien que plusieurs schémas aient été récemment attaqués sur ces propriétés, la réversibilité complète d'une telle composition afin de produire des collisions sur les caractéristiques biométriques, et plus particulièrement les attaques que nous présentons, n'ont jamais été démontrées à notre connaissance. Dans cet article, nous formalisons ces attaques pour un schéma révocable traditionnel à l'aide de la programmation linéaire en nombres entiers (ILP) et de la programmation quadratique sous contraintes (QCQP). La résolution de ces problèmes d'optimisation permet à un adversaire de modifier légèrement son image d'empreinte digitale afin de se faire passer pour un ou plusieurs individus.

18/05/2021 - Applications physiques de preuves à divulgation nulle de connaissance
Léo ROBERT • Doctorant
Suguru est un jeu qui ressemble au Sudoku, vous devez remplir une grille avec des chiffres selon certaines règles. Le problème qui se pose est le suivant : comment pouvez-vous me convaincre que vous avez la solution sans révéler la moindre information sur cette solution ?

C'est ce que nous allons voir dans ce séminaire en décrivant des protocoles qui utilisent des objets du quotidien (cartes, enveloppes). Nous prendrons plusieurs jeux (Suguru, Nurikabe, Hitori) comme supports.

Le but est de comprendre le concept de preuves à divulgation nulle de connaissance; concept largement utilisé en cryptographie pour prouver que l'on détient un secret sans révéler d'information à son sujet.

13/04/2021 - Study on Wi-Fi Access Points Deployment
Ibrahim SAMMOUR • Doctorant

09/03/2021 - Congestion mitigation and network selection management in a heterogeneous C-ITS communication architecture
Mouna KAROUI • Doctorante
Depuis des années, les statistiques montrent que la plupart des accidents de la route sont dus à une erreur humaine et que 60 % de ces accidents peuvent être évités si le conducteur est averti du danger au moins 0,5 seconde avant l'accident. L'industrie automobile et la communauté scientifique travaillent constamment à la mise au point de solutions innovantes telles que les systèmes de transport intelligents coopératifs (C-ITS) pour améliorer la sécurité routière. Des techniques de communication fiables sont nécessaires pour répondre aux exigences des différents services (C-ITS). Dans le cadre de cette thèse qui s'inscrit dans le projet Européen C-ROADS France, nous nous sommes focalisés sur l'étude des technologies de communication à savoir IEEE 802.11p/ITS-G5 et LTE-V2X.

Afin de tirer profit de la coexistence de plusieurs technologies d'accès radio, des architectures hybrides sont adoptées pour répondre aux exigences de faible latence et de haute fiabilité. Ces dernières années, les architectures hybrides ont fait l'objet de nombreuses études montrant leurs avantages. Cependant, les défis de mise en œuvre et les questions liées à l'efficacité des algorithmes de décision restent parmi les problèmes qui n'ont pas été entièrement résolus.

Dans cette thèse, nous traitons les problèmes liés à l'efficacité des techniques de communication dédiées aux systèmes de transport intelligents. Nous abordons d'abord le problème de la congestion du standard IEEE 802.11p/ITS-G5, et ensuite la gestion de la sélection d'une technologie d'accès radio dans une architecture hybride principalement composée de nœuds supportant les deux interfaces réseau : LTE-V2X et IEEE 802.11p/ITS-G5.

09/02/2021 - La Biométrie au service de la sécurité des réseaux sans fils
Denis MIGDAL • Maître de conférences
Il est fréquent que des éléments nomades (ordinateur portables, téléphones portables, etc.) se connectent à des réseaux sans fils. De part leur nature nomade, ces éléments peuvent être volés par un attaquant capable dès lors d'accéder aux services auxquels l'objet était connecté et d'accéder aux informations qui y sont stockées.

La biométrie et les techniques utilisées par la biométrie permettent de vérifier la légitimité de l'utilisateur présent, tout en respectant sa vie privée. La dynamique de frappe au clavier sera utilisée comme exemple de modalité biométrique pouvant être utilisée à cette fin.

08/12/2020 - Communications dans les réseaux sans fils corporels
Gewu BU • Maître de conférences
WBAN est un réseau dédié aux communications entre les capteurs situés sur le corps humain. WBAN peut collecter et traiter des données physiologiques humaine pour diverses applications médicales. Les défis dans WBAN vont de la conception de protocoles de communication fiables à la protection de la sécurité et de la vie privée pendant la transmission des données.

Commençons par la mise en œuvre de différentes stratégies de communication et d'une mobilité humaine réaliste, nous fournissons des résultats de simulation massifs. Selon l'analyse de ces résultats, nous proposons la stratégie de convergecast basé sur l’arbres et le mécanisme d'authentification basé sur ZKP, afin d'améliorer le WBAN en termes de fiabilité, de sécurité et de confidentialité.

Un modèle Markovien pour la communication audiovisuelle est également proposé pour évaluer les performances du réseau WBAN. Notre modèle théorique est validé par les résultats massifs de la simulation. Un autre mécanisme de fiabilité abstraite est également introduit et mis en œuvre pour améliorer la fiabilité et l'efficacité du réseau WBAN.

10/11/2020 - Anytime tree search for combinatorial optimization
Luc LIBRALESSO • Post-doctorant
In this talk, I will describe some anytime tree search algorithms introduced in my phd thesis. These branch-and-bound methods obtain near-optimal solutions in a reasonable time, and, in some sense, are similar to classical meta-heuristics. They obtained state-of-the-art performance on some combinatorial optimization problems (EURO/ROADEF challenge, sequential ordering problem, permutation flowshop, longest common subsequence problem).

13/10/2020 - Rate Adaptation Algorithms of IEEE 802.11 Networks
Ibrahim SAMMOUR • Doctorant
Wireless technologies are being used in various applications for their ease of deployment and inherent capabilities to support mobility. Most wireless standards support multiple data rates that may vary between a few Mbps to a few Gbps. Reaching the maximum supported data rate is what most applications seek. Nevertheless, the choice of data rates is very closely related to the quality of communication links and their stability. IEEE 802.11 standard introduced multi-rate support, since then, a lot of research has been done on rate adaptation, dealing with the different parameters that lead to an estimation of the channel conditions and the metrics that affect the network performance.In this seminar, I will talk about the importance of this topic and will present a performance evaluation study we have made using the ns-3 simulator where we evaluated popular rate adaptation algorithms from different categories in different scenarios.

08/09/2020 - A Cryptographic View of Deep-Attestation, or how to do Provably-Secure Layer-Linking
Léo ROBERT • Doctorant
In this paper we propose a novel approach to the problem of deep attestation. Deep attestation is a particular case of remote attestation, a.k.a. verifying the integrity of a platform with a remote verification server. Currently, two solutions have been proposed by the ETSI for remote attestation of the hypervisors and hosted VMs. The first is called single-channel and requires the attestation of the hypervisors for each VM, while the other requires only one attestation of the hypervisor. However, in the latter case, we have no assurance that the two attestations come from components hosted on the same physical platform.

We look at the property of linkage, which is part of the reason why deep attestation is performed: verifying both a virtual machines and its host, and checking that both run on the same physical hardware by linking their attestation. Our contribution is two-fold: first, we provide a formal model in which the security and linkability of system-wide attestation can be analyzed, no matter the underlying mechanism for attestation being considered such as Trusted Platform Machines (TPM). Furthermore, we have implemented and analyzed its performance. When compared to multiple channel attestation, our computational overhead is minor. Additionally, compared to single channel attestation, our performance is drastically better while having comparable linking guarantees.