« Retour

Duc Alexandre

Professeur HES associé

Compétences principales

Professeur HES associé

Téléphone: +41 24 557 64 30

Bureau: B35

Haute école d'Ingénierie et de Gestion du Canton de Vaud
Route de Cheseaux 1, 1400 Yverdon-les-Bains, CH

MSc HES-SO en Engineering - HES-SO Master

Cryptographie
Cryptographie appliquée

BSc HES-SO en Télécommunications - Haute école d'Ingénierie et de Gestion du Canton de Vaud

Cryptographie
Sécurité logicielle
Cryptographie appliquée

2021

An Area-Efficient SPHINCS+ Post-Quantum Signature Coprocessor

Article scientifique

Berthet Quentin, Upegui Posada Andres, Gantel Laurent, Duc Alexandre, Giulia Traverso

2021 IEEE International Parallel and Distributed Processing Symposium Workshops (IPDPSW), 2021

Lien vers la publication

2020

Learning with physical noise or errors

Article scientifique ArODES

Dina Kamel, François-Xavier Standaert, Alexandre Duc, Denis Flandre, Francesco Berti

IEEE Transactions on Dependable and Secure Computing, 2020, vol. 17, no. 5, pp. 957-971

Lien vers la publication

Résumé:

Hard learning problems have recently attracted significant attention within the cryptographic community, both as a versatile assumption on which to build various protocols, and as a potentially sound basis for lightweight (possibly side-channel and fault resistant) implementations. Yet, in this second case, a recurrent drawback of primitives based on the Learning Parity with Noise and Learning With Errors problems is their additional randomness requirements to generate noise or errors. In parallel, the move towards nanoscale devices renders modern implementations increasingly prone to various types of errors. As a result, inexact computing has emerged as a new paradigm to efficiently deal with the challenges raised by such erroneous computations, and mitigate the cost and power consumption overheads they cause. In this paper, we show that these cryptographic and electronic challenges can actually be turned into new opportunities, and provide an elegant solution one to the other. That is, we show that inexact implementations of inner product computations lead to a natural way to define new Learning with Physical Noise or Error assumptions, paving the way to more efficient and physically secure implementations, with potential interest for securing emerging Internet of Things applications.

A FPGA-Based Post-Processing and Validation Platform for Random Number Generators

Article scientifique

Upegui Posada Andres, Gantel Laurent, Duc Alexandre, Steiner Lucie, Vannel Fabien, Glück Florent

2020 IEEE International Parallel and Distributed Processing Symposium Workshops (IPDPSW), 2020

2019

Making masking security proofs concrete (or how to evaluate the security of any leaking device), extended version

Article scientifique ArODES

Alexandre Duc, Sebastian Faust, François-Xavier Standaert

Journal of Cryptology, 2019, vol. 32, pp. 1263-1297

Lien vers la publication

Résumé:

We investigate the relationship between theoretical studies of leaking cryptographic devices and concrete security evaluations with standard side-channel attacks. Our contributions are in four parts. First, we connect the formal analysis of the masking countermeasure proposed by Duc et al. (Eurocrypt 2014) with the Eurocrypt 2009 evaluation framework for side-channel key recovery attacks. In particular, we re-state their main proof for the masking countermeasure based on a mutual information metric, which is frequently used in concrete physical security evaluations. Second, we discuss the tightness of the Eurocrypt 2014 bounds based on experimental case studies. This allows us to conjecture a simplified link between the mutual information metric and the success rate of a side-channel adversary, ignoring technical parameters and proof artifacts. Third, we introduce heuristic (yet well-motivated) tools for the evaluation of the masking countermeasure when its independent leakage assumption is not perfectly fulfilled, as it is frequently encountered in practice. Thanks to these tools, we argue that masking with non-independent leakages may provide improved security levels in certain scenarios. Eventually, we consider the tradeoff between the measurement complexity and the key enumeration time complexity in divide-and-conquer side-channel attacks and show that these complexities can be lower bounded based on the mutual information metric, using simple and efficient algorithms. The combination of these observations enables significant reductions of the evaluation costs for certification bodies.

2021

An area-efficient SPHINCS+ post-quantum signature coprocessor

Conférence ArODES

Quentin Berthet, Andres Upegui, Laurent Gantel, Alexandre Duc

Proceedings of 2021 IEEE International Parallel and Distributed Processing Symposium Workshops (IPDPSW), 17-21 June 2021, Portland, OR, USA

Lien vers la conférence

Résumé:

The significant advances in the area of quantum computing of the past decade leave no doubt about the fact that quantum computers are an actual threat to cryptography. For this reason, a lot of efforts have been made lately in designing so-called post-quantum cryptographic primitives. The adoption of these schemes depends on the future capability of post-quantum cryptographic schemes to offer performances and functionalities similar to their classical counterparts. In particular, a milestone towards standardization is the implementation on FPGA of cryptographic primitives which leads to an efficient execution. We contribute in this respect by providing an area-efficient FPGA implementation of SPHINCS + , a post-quantum signature scheme which guarantees very high security, allowing its deployment into embedded systems such as hardware security modules, IoT devices or nanosatellites.

2020

A FPGA-based post-processing and validation platform for random number generators

Conférence ArODES

Laurent Gentel, Alexandre Duc, Lucie Steiner, Fabien Vannel, Andres Upegui, Florent Gluck

Proceedings of 2020 IEEE International Parallel and Distributed Processing Symposium Workshops (IPDPSW), 18-22 May 2020, New Orleans, USA

Lien vers la conférence

Résumé:

Cryptography and computer security rely heavily on random numbers for key exchange of authentication algorithms. However, current Internet-of-Things (IoT) device security is often based on poor quality pseudo-random number generators (PRNGs). This issue can be overcome using true random number generators (TRNGs) that may offer better quality and higher security. Nonetheless, TRNG often provide slow throughput and require post-processing to correct hardware biases and ensure the desired statistical behavior. In this paper, we present a FPGA-based hardware platform able to validate and post-process multiple TRNG sources. Moreover, we propose a hardware implementation of a provably secure post-processing algorithm called SPRG. Based on the sponge construction and the Keccak-f standard, it improves random number quality while maintaining high data throughput. A full platform providing hardware acceleration has been implemented on a Xilinx Kintex- 7 FPGA board to test the validity of the generated numbers through χ 2 and SP800-90B online statistical tests, and to improve the randomness using AIS-31 or SPRG post-processing hardware cores. The proposed platform is modular and targets both IoT edge devices and back-end servers.

Réalisations

PEOPLE@HES-SO
Annuaire et Répertoire des compétences

Duc Alexandre

Professeur HES associé

Compétences principales

Cryptographie

Sécurité informatique

Cybersecurity

Cybersécurité

Sécurité de l'information

Sécurité logicielle

Applied Cryptography

Professeur HES associé

PEOPLE@HES-SO Annuaire et Répertoire des compétences

Duc Alexandre

Professeur HES associé

Compétences principales

Cryptographie

Sécurité informatique

Cybersecurity

Cybersécurité

Sécurité de l'information

Sécurité logicielle

Applied Cryptography

Professeur HES associé

PEOPLE@HES-SO
Annuaire et Répertoire des compétences