Cryptographie post-quantique by DGA

Description

Présentations de l'édition 2024

• AMBLARD Zoe (Thales) - De la théorie à la pratique - Intégration de solutions post-quantiques dans des systèmes réels (pdf, 3.3 Mo)
• BASHIRI Kaveh (BSI) - Politique Post-Quantique et activités du BSI (pdf, 2.25 Mo)
• GUILLEY Sylvain (Secure-IC) - Gestion de la transition de systèmes embraqués vers la cryptographie post-quantique (pdf, 3.28 Mo)
• GUREL Nicolas (ANSSI) - Politique de l'ANSSI pour la certification de produits utilisant la PQC (pdf, 1.38 Mo)
• Hermann Geoffroy (ANSSI) - Les enjeux industriels et marché de la transition post-quantique (pdf, 1.31 Mo)
• MURDICA Cédric & METAIRIE Jérémy (DGA MI) - L'implémentation de contre-mesures SCA pour Frodo-KEM n'est pas trivial (pdf, 2.06 Mo)
• PERRET Ludovic (EPITA, LRE) - Stratégie industrielle pour la cryptographie post-quantique (pdf, 7.14 Mo)
• PONTIE Simon (CEA) - Panorama des attaques aps canaux auxiliaires et injections de fautes sur des implémentations de ML-KEm et CRYSTALS-KYBER (pdf, 3.7 Mo)
• SAUVAYRE Frédéric (Infineon) - Implémentation matérielle d'algorithmes PQC (pdf, 1.17 Mo)
• STEHLE Damien (Cryptolab) - Performance en pratique du schéma de chiffrement totalement homomorphe CKKS (pdf, 1.28 Mo)
• ZEITOUN Rina (IDEMIA) - Prise en compte des défis de la cryptographie post-quantique dans les systèmes embarqués (pdf, 3.71 Mo)
• ZIJLSTRA Timo (PQShield) - Intégration continue de tests pour des canaux auxiliaires sur ML-KEM (pdf, 1.28 Mo)

Infos pratiques

• Date

  Du 19 novembre 2024 au 20 novembre 2024 (09:00 - 12:00)
• Emplacement

  Centre des congrès de Rennes Métropole Rue de Saint-Malo, Rennes, France
  Localiser sur Google Maps
• Ajouter l'exposé à mon agenda

  Ajouter à mon calendrier

Programme du Mardi 19 novembre

• 09:00 - 09:10

  Introduction

• 09:10 - 10:00

  Politique Post-Quantique et activités du BSI

  Orateur: Kaveh BASHIRI (BSI)

  Abstract : In the point of view of the Federal Office for Information Security in Germany (BSI), the question of “if” or “when” there will be quantum computers is no longer paramount. First post-quantum algorithms have been standardised by NIST and post-quantum cryptography will be used by default. Therefore, the migration to post-quantum cryptography should be pushed forward.

  In this presentation, the BSI will expound upon its post-quantum cryptography policy. Moreover, it will elucidate the BSI’s approach and highlight some of its activities. In particular, first steps of the PQC-migration project for Germany's public administration Public Key Infrastructure are discussed. Moreover, an ongoing study is presented, which is aimed to assess the state of development of current technologies for the realisation of a cryptographically relevant quantum computer and cryptographically relevant quantum algorithms.

• 10:00 - 10:30

  Politique de l'ANSSI pour la certification de produits utilisant la PQC

  Orateur : Nicolas GUREL (ANSSI)

• 10:30 - 11:00

  PAUSE

• 11:00 - 11:20

  Les enjeux industriels et marché de la transition post-quantique

  Orateur : Geoffroy HERMANN (ANSSI)
   

• 11:20 - 12:00

  Stratégie industrielle pour la cryptographie post-quantique

  Orateur : Ludovic Perret (EPITA, LRE)
   

• 12:00 - 13:30

  DEJEUNER

• 13:30 - 14:00

  Extension post-quantique d'IPSEC/IKEv2 et de TLS

  Orateur: Cédric TAVERNIER (Hensoldt France)

  Abstract : IPSec VPN is recognized as a secure technology to protect the transmission of the information. However, the level of security depends of the quality of the architecture and the quality of the implementation. In the same time the post quantum resilience is emerging and almost standardized making the quasi obligation to implement it. Taking in account the advises coming from different authorities (ANSSI, BSI…) concerning the hybrid cryptography, we propose to show how the project X7-PQC contributes to elaborate a post quantum resilient IPSec VPN in the most standardized environment as possible. In particular we describe different strategy of hardening starting from full software solution and ending with hardware red/black architecture.

• 14:00 - 14:30

  Navigation PQC souple sur les hauts-fonds d'Internet

  Orateur : Philipp MEYER (Genua)

  Abstract : After navigating the waters of secure communication on the sea (Internet), a new storm in the form of the quantum computer is brewing. We present the preparations for our ship (VPN) for this coming hurricane, starting with showing the first steps already done regarding PQ-secure software updates and secure key exchange. After that we take a look at our current and future activities. We conclude with presenting the impact of the adjustments to the performance of the ship in transferring data over the sea.

• 14:30 - 15:00

  De la théorie à la pratique - Intégration de solutions post-quantiques dans des systèmes réels

  Orateur: Zoé Amblard, Thales SIX

  Abstract : Secure and efficient integration of post-quantum cryptography into products is a challenging topic for THALES that must be anticipated in order to preserve security in a quantum world. In this talk, we illustrate the THALES cryptography team contribution to tackle this necessary evolution through several completed and ongoing projects. We consider not only how to integrate post-quantum primitives into more complex protocols such as AKE or anonymous credentials, but also how to protect these primitives against side-channels attacks and how hardware acceleration can be used to improve performances.

• 15:00 - 15:30

  Pause

• 15:30 - 16:00

  Implémentation matérielle d'algorithmes PQC

  Orateur :  Frédéric SAUVAYRE (Infineon)

  Abstract : The speech address the HW implementation possibilities and the HW design methods, included HW-/SW co-design and show possible influences of the PQC migration on the performance and on the real-time requirements. The speech highlights public funding projects in a wide range of applications, in which Infineon is involved. 

• 16:00 - 16:30

  Mise en œuvre de logique asynchrone pour améliorer la sécurité cryptographique standard et post-quantique

  Orateur :  Yannick MONNET (Tiempo Secure)

  Abstract : After the first post-quantum cryptography algorithms have been standardized, the development of hardware accelerators has become imperative to support their future use in secure embedded chips.
  However, similar to traditional cryptographic systems, the hardware implementations of these algorithms can be vulnerable to side-channel attacks (SCA), which exploit unintentional information leakage during computation. In the context of post-quantum algorithms, the importance of protecting sensitive polynomial coefficients becomes crucial.
  This presentation explores the potential of asynchronous logic as a robust solution to improve the security of post-quantum algorithms hardware accelerators against such attacks. Asynchronous logic provides a panel of countermeasures against side-channel attacks, such as design robust masking, random delay insertion, which efficiency has been proven on standard algorithms. We show how they can be efficiently adapted and used in the implementation of post quantum algorithms such as - but not limited to- CRYTALS-Kyber.

• 16:30 - 17:00

  Gestion de la transition de systèmes embraqués vers la cryptographie post-quantique

  Orateur :  Sylvain GUILLEY (Secure-IC)

  Abstract : stay tuned!

• 17:00 - 17:30

  Performance en pratique du schéma de chiffrement totalement homomorphe CKKS

  Orateur :  Damien STEHLE (Cryptolab)

  Abstract : Fully Homomorphic Encryption (FHE) enables arbitrary computations on data provided in encrypted format. Among many others, it notably enables delegating computations without compromising confidentiality, such as privacy-preserving machine learning. Compared to other privacy enhancing technologies, FHE provides high accuracy and strong mathematical security, including against quantum adversaries. However, it is sometimes discarded for being computationally too heavy for practical deployment.

  In this presentation, I will focus on the concrete performance of the
  CKKS fully homomorphic encryption scheme (Cheon, Kim, Kim and Song, Asiacrypt ‘17). CKKS natively enables approximate computations on complex and real numbers, although it may also be used for exact computations. I will provide numerous performance data, for CPU and GPU implementations. I will illustrate the performance by giving examples in privacy-preserving machine learning, including large language model inference.

Programme du Mercredi 20 novembre

• 09:00 - 09:30

  Capacités résistantes au quantique pour les environnements critiques et de défense

  Orateur :  Johanna SEPULVEDA (Airbus)

  Abstract : As quantum computing grows in power and practicality, traditional cryptographic methods are becoming vulnerable to attacks. To address this issue, post-quantum cryptography (PQC) and quantum key distribution (QKD) have emerged as potential solutions to provide quantum-resistant security. These security technologies have different security properties that fulfill the requirements of different applications and are currently in different maturity states. PQC is considered in TRL (Technology Readiness Level) 4 to 5 and it is the target of discussion of this talk. While PQC provides a mathematical foundation for encryption that is resistant to quantum attacks and NIST has already selected PQC algorithms for standardization, the integration of PQC for defense-relevant environments is still a challenge. Defence environments are characterized by the heterogeneous computation, storage and communication resources, different levels of criticality and constraints as well as the demand of long term security.

  Airbus is pioneer of the secure implementation of PQC in ultra-constrained environments, co-design and hardware, being designer of the first European chip with PQC capabilities. In addition, Airbus is pioneer in the integration of PQC in defence environments.  In this talk the different experiences, demonstrators and developments of OQC of Airbus will be presented and lessons learnt as well as the future capabilities will be discussed. 

• 09:30 - 10:00

  Panorama des attaques aps canaux auxiliaires et injections de fautes sur des implémentations de ML-KEm et CRYSTALS-KYBER

  Orateur :  Simon PONTIE (CEA)

  Abstract : The key establishment standard Module-Lattice-Based Key-Encapsulation Mechanism (ML-KEM) is derivated from CRYSTALS-KYBER. It was designed to resist future attacks by quantum computers. While this scheme is today “mathematically” secure, their implementations can be vulnerable to physical attacks.
  After a brief introduction to this algorithm, we will provide an overview of existing side-channel and fault injection attacks in the state of the art. We will also cover some protections that were proposed in the literature to secure implementations of the ML-KEM.
   

• 10:00 - 10:30

  Intégration continue de tests pour des canaux auxiliaires sur ML-KEM

  Orateur : Timo ZIJLSTRA (PQShield)

  Abstract : Development of secure PQC accelerators requires continuous testing to ensure that new code modifications do not introduce leakage of information through side channels such as power consumption. Fully automated tests using TVLA can detect such leakage, but fail to accurately estimate the security against attack paths specific to PQC, such as the Plaintext Checking or Decryption Failure Oracle attacks. We developed a semi-automated machine learning based approach to overcome this shortcoming.

• 10:30 - 11:00

  Pause

• 11:00 - 11:30

  L'implémentation de contre-mesures SCA pour Frodo-KEM n'est pas trivial

  Orateur :  Cedric MURDICA & Jérémy METAIRIE (DGA MI)

  Abstract : In this talk, we are interested in a post-quantum cryptographic mechanism, FrodoKEM, and in side-channel attacks. We present an implementation that is secure against a known powerful horizontal attack against implementations of FrodoKEM and other lattice-based cryptography mechanisms.
  Several countermeasures have been studied. One in particular seems efficient: the shuffling method during matrix operations.

  One must be careful when implementing side-channel countermeasures, particularly in the details. We present how naive implementation choices or optimizations could reduce security or even make a countermeasure ineffective.
  Some original attacks are presented, such as a horizontal attack on an AES implementation to recover the message (not the key). AES is used in FrodoKEM during the generation of a matrix.

• 11:30 - 12:00

  Prise en compte des défis de la cryptographie post-quantique dans les systèmes embarqués

  Orateur :  Rina ZEITOUN (IDEMIA)

  Abstract : As the quantum era approaches, the security of embedded systems faces unprecedented challenges. These systems are typically constrained by limited memory, restricted computational performance, and increased vulnerability to side-channel attacks. Traditional security countermeasures often fall short in this transition requiring new approaches tailored for the post-quantum era. 
  This talk will explore masking techniques specifically designed to protect post-quantum algorithms like ML-KEM and ML-DSA. Furthermore, we will showcase proof-of-concept (PoC) projects developed by IDEMIA, demonstrating the successful integration of post-quantum algorithms into real-world embedded systems, balancing security, performance, and practicality.