• Why Invia's Physical Unclonable Function (PUF) is the way to go?



  • Why should your next secure design be PUF based?



  • HADES - Embedded test infrastructure for on-line secure measurements

    ​​​​​​​​​​​​HADES (Hierarchy-Aware and secure embedded test infrastructure for Dependability and performance Enhancement of integrated Systems​) aims at developing a hierarchical test infrastructure for on-line secure measurements within integrated circuits and electronic systems. In turn, these on-line measurements will enable self-testing, enhancing dependability features and, in general, facilitating uninterrupted high performance operation, while guaranteeing security requirements.

    Objectiv​​es​

    The project goal is to dev​elop an infr​​astructure enabling on-line safe and secure measurements, putting in place hierarchical tests for integrated circuits and electronic systems and thereby, guarantee high performance and on-line self-testing in a secure environment. The project envisions creating benefit at system and user levels thanks to the test infrastructure reused for hierarchical on-line tests in the respective field of application.

    • WP1 defines the needs and specifies the Hierarchical System Test Accessibility & Reusability (backbone of the Test Infrastructure) to be used by others WPs
    • WP2 provides Advanced Embedded Test Instruments & associated tools to be used in WP3 (it corresponds to the core of the Test Infrastructure)
    • WP3 develops and exploits the new capabilities offered by ETIs ( it is creating the Added Value from Test Infrastructure)
    • WP4 defines and ensures the necessary Security in Test as a constraint to WP1
    • WP5 embeds Demonstrators, Dissemination, Marketing and Exploitation of the overall project results

    Societal impact / Results​

    ​HADES will answer societal needs for connected and secure objects; it is creating the missing link from the Electronic System to the Electronic Components, the security of this link will be guaranteed. The quality, reliability and robustness of the Electronic System will be improved thanks to the monitoring of the Electronics Components which will provide data on ageing, failure detection, diagnosis, etc... HADES will help ensuring trusted components and subsystems for smart and secure applications and will also facilitate the deployment of securely connected objects as IoT. 

    HADES will contribute in the safety of :
    Emerging automotive smart applications
    Medical applications (as by e.g. in a sensor, an equipment or a transmission system)
    Avionic sand space domains
    HADES will also be key to increase quality, performance and energy efficiency by means of continuous monitoring and adaptation.

    Looking ahead​

    Offering more robustness and dependability to systems’ makers, HADES project will provide a key differentiator to the European innovations actors. It appears as a crosscutting contribution to the main European market value chains. The project universality (on-line test and dependability) will make results directly applicable to the project use cases markets (automotive, home/building automation) and, with adoptions, to any other market. ​

    Partners

    CEA-Leti      
    CNRS-LIRMM
    D4T Systems
    IROC Technologies
    INVIA Secure Semiconductor Meyreuil
    JTAG Technologies BV
    NXP Semiconductors
    STMicroelectronics
    TEMENTO Systems
    Thales Communication and Security
    TIMA Laboratory / Grenoble Institute of Technology
    University of Twente
    Université Pierre & Marie Curie / Laboratoire  d’informatique de Paris 6​

    Involved countries

    France
    Netherlands


  • PANDORE - Protection Against New kinD Of Reverse Engineering

    ​​​​​​​​Disastrous societal, social and economical consequences could show up if confidential data stored in secure circuits (NFC circuits, smart meters, banking cards…) become easily accessible by badly intentioned people. Several techniques, based on the observation, the perturbation or the inspection of such devices have already been used for attacking those devices. These attacks are generally realized with a two step approach. The first one consists in identifying critical functions within a transaction (time domain) and the position of these functions in the circuit (spatial domain). During the second phase, the attacker gather its mean over these functions, for instance to extract secrets or deactivate protections. The first phase, also called reverse-engineering phase, is critical for the attacker as it determines the efficiency to extract the secret in the second phase.

    Currently, reverse-engineering techniques are mostly based on the circuit visual inspection. Recently, more affordable techniques that also give timing information have been proposed and validated on test circuits. In the near future, the combination of several techniques, giving various spatial and timing resolutions, would lead to a multi-scale reverse-engineering. This approach will decrease the cost and the time of the reverse engineering step, significantly reducing the component security. 

    This is absolutely urgent that secure circuits manufacturers propose and validate efficient hardware and software protection against the multi-scale reverse-engineering techniques with a cost compatible with the targeted products. PANDORE’s consortium will include a small company, a major company and two academic laboratories. Each partner has recognized expertise in secure circuit and product design and has access to state of the art equipments to validate the proposed solutions. 

    PANDORE project objective is dual. It has to: 

    • Quantify precisely the threat linked to multi-scale reverse engineering techniques
    • Analyze the efficiency according to this new threat of current protections against reverse engineering and if necessary to purpose new protections

    The chosen approach to reach the first goal will consist in setting up multi-scale reverse engineering techniques that seem for us the most promising. With this in mind, we will improve the existing techniques by choosing probes and sensors more successful but also by proposing signal and image processing algorithms perfectly adapted. Data fusion (images and signals) obtained at different resolutions will be necessary to set-up the reverse engineering that we propose. This is a technical challenge already identified that will have to be unlocked. Indeed the data fusion necessitates specific repositioning methods in order to make some correspondences of geometrical and/or radiometric pattern at different spatial and temporal scales. Finally, to estimate the threat of these new techniques, it will be necessary to set them up over prototype and commercial circuits and then to quantify the obtained gain in spatial and temporal resolution. 

    To reach the second objective, it would be necessary to implement on prototype circuits current or in study protections against reverse engineering and to submit them to multi-scale techniques. According the obtained resistance, improvements of these protections will have to be purposed. This technological challenge is also very difficult to break as protections that are contemplated will have to be implemented on circuits produced in a large number (i.e. billions of units per year). We won’t tackle, in particular, costly protections contemplated to protect military systems (such as technologic library camouflaging, Sishell type encapsulation, Gore coating, reconfigurable logic, etc.) It is a matter of suggesting innovative ​and very low cost (few cents) protections against the full range of reverse-engineering techniques (that cost in the other hand, several tens of thousands euros).


  • 4TRAX - Advanced container traking and monitoring solution

    ​​Where is my container?

    Knowing all that has happened to a shipping container during its journey is now possible. The service is called 4TRAX, it's new and it's revolutionising the industry.

    Beginning in early 2014, the 4TRAX service will allow tracking your containers, wherever they may be across the globe, and monitoring all events arising between shipment and arrival at final destination. Status changes, location, movements, impacts or infractions... a tracking patch will keep you up to date almost instantaneously of the container's status. Stay informed, everywhere, at all times. 4TRAX​ ​relies on an efficient management system, flawless traceability and more robust security.

    4TRAX​, a solution currently being developed by Marseille-based company TRAXENS, is the result of a collaboration between leading French stakeholders in the freight ecosystem: MGI, GREENMODAL Transport, research laboratories and SMEs specialising in the design of secure microprocessors (Invia), energy recovery systems and M2M (Machine to Machine) connectivity.

    Stay informed, everywhere, all the time

    Transporting a containerised cargo involves scheduled or unscheduled events or incidents at any point between its stuffing centre through to its final destination. These may include administrative status changes, movements, location or any interference or impacts sustained by the goods and from now on can all be monitored by professionals almost in real-time.

    Shipping and forwarding agents, terminal and customs operatives will benefit from improved traceability, surveillance, safety, security and productivity thanks to knowledge of these events. Information on interference or impacts will result in lower insurance costs. Administrative and commercial information carried by the patch will offer protection against corruption and falsification of legal guarantees.

    The environment is not being overlooked

    From an environmental perspective, 4TRAX​ will measure the carbon footprint of each cargo, which will be passed on to the end customer who may then decide to opt for more ecological modes of transport at the pre/post routing stage.​

    Added value for MGI customers​

    When developing the AP+ Cargo Community System (CCS), MGI defined business processes for both private and public professionals. Today, the company is continuing to develop the CCS, by integrating the new needs of transport professionals at both industry and regulatory level.​

    MGI's role in the 4TRAX​ project is to improve the performance and security of goods transit through the port by integrating AP+ into 4TRAX​ . Information flows available within AP+ will be integrated into the 4TRAX patch, and then made accessible to everyone involved in the goods transport process.

    Performance and stronger security​

    MGI will also be abze to notify customers of events / incidents and the goods' location, neither of which is currently possible within AP+. This information will then be managed within the CCS, for example AP+ will issue an alert in the event of an impact or hazard and all those concerned with the shipment will be notified.

    The geographic range of AP+ will be extended to cover information about events occurring up and downstream of the port, as well as in the port area itself.

    Full-scale tests are being conducted in collaboration with GREENMODAL Transport on CMA-CGM containers. Marketing of these services is scheduled to begin in early 2014.

    4TRAX​ is accredited by the "Solutions Communicantes Sécurisées" (SCS - Secure Communication Solutions) and "Mer" competitiveness clusters. It is co-funded by the French Single Interministerial Fund and supported by the French Customs and Excise Authority, the PACA Logistique cluster and CRITT Transport et Logistique.


  • VEADISTA - Remote monitoring and smart alerts

    ​​​The VEADISTA project (Remote Monitoring and Smart Alerts) powered by Entr'ouvert is now launched.​

    The VEADISTA project aims at providing a technology related to the in-home care services and the care of dependent persons.

    The VEADISTA project relies on the conception of an ergonomic and low cost technology split in a bio sensors unit and a set of softwares to collect and analyse medical data, to elaborate pre-diagnosis, to enable the secure consultation of medical records and to enable the secure transmission of medical alerts.


  • Secret Key Leakage from PK Perturbation of DLP-based Cryptosystems

    ​​​​​Alexandre Berzati1, Cécile Canovas-Dumas1, Louis Goubin2
    1 CEA-LETI/MINATEC, 17 rue des Martyrs, 38054 Grenoble Cedex 9, France,
    {alexandre.berzati,cecile.dumas}@cea.fr
    2 Versailles Saint-Quentin-en-Yvelines University,
    45 avenue des Etats-Unis, 78035 Versailles Cedex, France
    louis.goubin@prism.uvsq.fr

    Abstract​

    ​Finding efficient countermeasures for cryptosystems against fault attacks is challenged by a constant discovery of flaws in designs. Even elements, such as public keys, that do not seem critical must be protected. From the attacks against RSA [5,4], we develop a new attack of DLP-based cryptosystems, built in addition on a lattice analysis [26] to recover DSA public keys from partially known nonces. Based on a realistic fault model, our attack only requires 16 faulty signatures to recover a 160-bit DSA secret key within a few minutes on a standard PC. These results significantly improves the previous public element fault attack in the context of DLP-based cryptosystems [22].​

    Keywords: DSA, exponentiation, fault injection, public modulus, lattice reduction.​​