I am a security analyst at eshard targeting mobile platforms and the IoT. I graduated from Télécom ParisTech with a PhD in embedded systems security. My research interests are in software security, cryptography and their applications to smartcard and microcontrollers environments especially in the context of active physical attacks. In particular, I focus on fault injection attacks & fault injection simulation.
November 2015 is the beginning of a new adventure as I integrated the eshard startup ! Follow eshardNews on twitter.
I am pleased to invite you to the defense of my PhD on "Securing software implementations against fault injection attacks on embedded systems". It will be held at 2:30pm on Wednesday, September 23 in the Saphir auditorium at Télécom ParisTech (see below). The presentation will be given in French.
The question transcript will be available here soon.
My PhD thesis started in July 2012 under an Industrial Contract for Training through REsearch convention (CIFRE in French) between SAFRAN Morpho and the Network and Computer Science Department (INFRES) of Télécom ParisTech in the Paris area, France. Since november 2011, I am a member of the Research and Technology team headed by Julien Bringer, cryptography and security expert at SAFRAN Morpho. In september 2011, I graduated with a Cryptology and Cybersecurity Master's Degree (Master CSI in French) from the Science and Technology University of Bordeaux, France. Prior to this, I visited the Stevens Institute of Technology, NJ, USA for the summer of 2011 as a Master’s student and worked on experiments with P2P botnet detection. I am currently a third year PhD candidate focusing on the robustness of secure embedded systems against physical fault injection attacks.
Physical fault injections break security functionalities of algorithms by targeting their physical implementations. In that sense, smartcards and microcontrollers are prone to such attacks that consist in changing their normal behavior in order to create exploitable errors. Software techniques strengthen such implementations to enhance their robustness against fault attacks.
Simulation is an important research area in the field of secure embedded systems because achieving exhaustive practical injections is often expensive, complex and time consuming. They are especially needed as an early-stage evaluation method allowing security developers to make informed decisions about the usefulness and the relevance of adding specific security features. The quality of the simulation is therefore of crucial importance because it dramatically influences the results in terms of security strategy and reliability.
In this work we developed a novel approach called the Embedded Fault Simulator (EFS). It is a piece of software that is integrated to the target chip. The EFS brings the fault simulation mechanism right into real smartcard products and modern microcontrollers.
On January 8, 2015, I presented the Embedded Fault Simulator (EFS) concept at the Digital Confidence Seminar, held in Clermont-Ferrand, France.