Rémi Géraud

Fully Homomorphic Encryption: Computations with a Blindfold

To leverage the power of cloud computing, you can no longer encrypt data the traditional way. However, anyone (including the cloud service itself) can easily read unencrypted data. Fully homomorphic encryption reconciles this dilemma.

When organized crime applies academic results: a forensic analysis of an in-card listening device

This paper describes the forensic analysis of what the authors believe to be the most sophisticated smart card fraud encountered to date. In 2010, Murdoch et al. (IEEE Symposium on Security and Privacy, pp 433–446, 2010) described a man-in-the-middle attack against EMV cards. Murdoch et al. (IEEE Symposium on Security and Privacy, pp 433–446, 2010) demonstrated the attack using a general purpose FPGA board, noting that “miniaturization is mostly a mechanical challenge, and well within the expertise of criminal gangs”. This indeed happened in 2011, when about 40 sophisticated card forgeries surfaced in the field. These forgeries are remarkable in that they embed two chips wired top-to-tail. The first chip is clipped from a genuine stolen card. The second chip plays the role of the man-in-the-middle and communicates directly with the point of sale terminal. The entire assembly is embedded in the plastic body of yet another stolen card. The forensic analysis relied on X-ray chip imaging, side-channel analysis, protocol analysis, and microscopic optical inspections.

Cdoe Obofsucaitn: Securing Software from Within

A major cryptographic breakthrough in 2013 led to a candidate for a cryptographic construction: indistinguishability obfuscation.1 For the first time, a potential formal basis for code obfuscation was within reach. This sparked a spate of publications on the topic. However, despite the excitement, researchers encountered many technical challenges; for example, practical implementation of the proposed obfuscation was excruciatingly slow and not nearly as secure as hoped. But these papers generated a good starting point, community-wide excitement, and new determination motivated as much by overcoming scientific challenges as by the need for program obfuscation.

White-Box Cryptography: Security in an Insecure Environment

Public cryptographic implementations work when the secret key is stored in a tightly secured environment. But what happens if adversaries penetrate that environment? Although many hardware countermeasures aim to keep adversaries at bay, white-box cryptography can provide yet another layer of protection at the software level.

Legally Fair Contract Signing Without Keystones

In two-party computation, achieving both fairness and guaranteed output delivery is well known to be impossible. Despite this limitation, many approaches provide solutions of practical interest by weakening somewhat the fairness requirement. Such approaches fall roughly in three categories: “gradual release” schemes assume that the aggrieved party can eventually reconstruct the missing information; “optimistic schemes” assume a trusted third party arbitrator that can restore fairness in case of litigation; and “concurrent” or “legally fair” schemes in which a breach of fairness is compensated by the aggrieved party having a digitally signed cheque from the other party (called the keystone).

Regulating the pace of von Neumann correctors

In a famous paper published in 1951 (Natl Bur Stand Appl Math Ser 12:36–38, 1951), von Neumann presented a simple procedure allowing to correct the bias of random sources. This procedure introduces latencies between the random outputs. On the other hand, algorithms such as stream ciphers, block ciphers, or even modular multipliers usually run in a number of clock cycles which are independent of the operands’ values: feeding such hardware blocks with the inherently irregular output of such de-biased sources frequently proves tricky and is challenging to model at the HDL level. We propose an algorithm to compensate these irregularities, by storing or releasing numbers at given intervals of time. This algorithm is modeled as a special queue that achieves zero blocking probability and a near-deterministic service distribution (i.e., of minimal variance). While particularly suited to cryptographic applications, for which it was designed, this algorithm also applies to a variety of contexts and constitutes an example of queue for which the buffer allocation problem can be solved.

Generating Functionally Equivalent Programs Having Non-isomorphic Control-Flow Graphs

One of the big challenges in program obfuscation consists in modifying not only the program’s straight-line code (SLC) but also the program’s control flow graph (CFG). Indeed, if only SLC is modified, the program’s CFG can be extracted and analyzed. Usually, the CFG leaks a considerable amount of information on the program’s structure.

Exploring Naccache-Stern Knapsack Encryption

The Naccache-Stern public-key cryptosystem (NS) relies on the conjectured hardness of the modular multiplicative knapsack problem: Given \(p,\{v_i\},\prod v_i^{m_i} \bmod p\), find the \(\{m_i\}\).

Non-interactive Provably Secure Attestations for Arbitrary RSA Prime Generation Algorithms

RSA public keys are central to many cryptographic applications; hence their validity is of primary concern to the scrupulous cryptographer. The most relevant properties of an RSA public key \((n, e)\) depend on the factors of \(n\): are they properly generated primes? are they large enough? is \(e\) co-prime with \(\phi (n)\)? etc. And of course, it is out of question to reveal \(n\)’s factors.

Universal Witness Signatures

A lot of research has been devoted to the problem of defining and constructing signature schemes with various delegation properties. They mostly fit into two families. On the one hand, there are signature schemes that allow the delegation of signing rights, such as (hierarchical) identity-based signatures, attribute-based signatures, functional signatures, etc. On the other hand, there are malleable signature schemes, which make it possible to derive, from a signature on some message, new signatures on related messages without owning the secret key. This includes redactable signatures, set-homomorphic signatures, signatures on formulas of propositional logic, etc.