References of "Coron, Jean-Sébastien 50001378"      in Complete repository Arts & humanities   Archaeology   Art & art history   Classical & oriental studies   History   Languages & linguistics   Literature   Performing arts   Philosophy & ethics   Religion & theology   Multidisciplinary, general & others Business & economic sciences   Accounting & auditing   Production, distribution & supply chain management   Finance   General management & organizational theory   Human resources management   Management information systems   Marketing   Strategy & innovation   Quantitative methods in economics & management   General economics & history of economic thought   International economics   Macroeconomics & monetary economics   Microeconomics   Economic systems & public economics   Social economics   Special economic topics (health, labor, transportation…)   Multidisciplinary, general & others Engineering, computing & technology   Aerospace & aeronautics engineering   Architecture   Chemical engineering   Civil engineering   Computer science   Electrical & electronics engineering   Energy   Geological, petroleum & mining engineering   Materials science & engineering   Mechanical engineering   Multidisciplinary, general & others Human health sciences   Alternative medicine   Anesthesia & intensive care   Cardiovascular & respiratory systems   Dentistry & oral medicine   Dermatology   Endocrinology, metabolism & nutrition   Forensic medicine   Gastroenterology & hepatology   General & internal medicine   Geriatrics   Hematology   Immunology & infectious disease   Laboratory medicine & medical technology   Neurology   Oncology   Ophthalmology   Orthopedics, rehabilitation & sports medicine   Otolaryngology   Pediatrics   Pharmacy, pharmacology & toxicology   Psychiatry   Public health, health care sciences & services   Radiology, nuclear medicine & imaging   Reproductive medicine (gynecology, andrology, obstetrics)   Rheumatology   Surgery   Urology & nephrology   Multidisciplinary, general & others Law, criminology & political science   Civil law   Criminal law & procedure   Criminology   Economic & commercial law   European & international law   Judicial law   Metalaw, Roman law, history of law & comparative law   Political science, public administration & international relations   Public law   Social law   Tax law   Multidisciplinary, general & others Life sciences   Agriculture & agronomy   Anatomy (cytology, histology, embryology...) & physiology   Animal production & animal husbandry   Aquatic sciences & oceanology   Biochemistry, biophysics & molecular biology   Biotechnology   Entomology & pest control   Environmental sciences & ecology   Food science   Genetics & genetic processes   Microbiology   Phytobiology (plant sciences, forestry, mycology...)   Veterinary medicine & animal health   Zoology   Multidisciplinary, general & others Physical, chemical, mathematical & earth Sciences   Chemistry   Earth sciences & physical geography   Mathematics   Physics   Space science, astronomy & astrophysics   Multidisciplinary, general & others Social & behavioral sciences, psychology   Animal psychology, ethology & psychobiology   Anthropology   Communication & mass media   Education & instruction   Human geography & demography   Library & information sciences   Neurosciences & behavior   Regional & inter-regional studies   Social work & social policy   Sociology & social sciences   Social, industrial & organizational psychology   Theoretical & cognitive psychology   Treatment & clinical psychology   Multidisciplinary, general & others     Showing results 21 to 40 of 40     1 2 3 Fast Evaluation of Polynomials over Binary Finite Fields and Application to Side-Channel CountermeasuresCoron, Jean-Sébastien ; Roy, Arnab; Venkatesh, Srinivas Vivek in Batina, Lejla; Robshaw, Matthew (Eds.) Cryptographic Hardware and Embedded Systems – CHES 2014 (2014)We describe a new technique for evaluating polynomials over binary finite fields. This is useful in the context of anti-DPA countermeasures when an S-box is expressed as a polynomial over a binary finite ... [more ▼]We describe a new technique for evaluating polynomials over binary finite fields. This is useful in the context of anti-DPA countermeasures when an S-box is expressed as a polynomial over a binary finite field. For n-bit S-boxes our new technique has heuristic complexity ${\cal O}(2^{n/2}/\sqrt{n})$ instead of ${\cal O}(2^{n/2})$ proven complexity for the Parity-Split method. We also prove a lower bound of ${\Omega}(2^{n/2}/\sqrt{n})$ on the complexity of any method to evaluate $n$-bit S-boxes; this shows that our method is asymptotically optimal. Here, complexity refers to the number of non-linear multiplications required to evaluate the polynomial corresponding to an S-box. In practice we can evaluate any 8-bit S-box in 10 non-linear multiplications instead of 16 in the Roy-Vivek paper from CHES 2013, and the DES S-boxes in 4 non-linear multiplications instead of 7. We also evaluate any 4-bit S-box in 2 non-linear multiplications instead of 3. Hence our method achieves optimal complexity for the PRESENT S-box. [less ▲]Detailed reference viewed: 184 (6 UL) A Note on the Bivariate Coppersmith TheoremCoron, Jean-Sébastien ; Kirichenko, Alexey; Tibouchi, Mehdi in Journal of Cryptology (2013), 26(2), 246-250Detailed reference viewed: 127 (2 UL) Practical Multilinear Maps over the IntegersCoron, Jean-Sébastien ; Lepoint, Tancrède ; Tibouchi, Mehdi in CRYPTO (1) (2013)Detailed reference viewed: 162 (3 UL) Batch Fully Homomorphic Encryption over the IntegersCheon, Jung Hee; Coron, Jean-Sébastien ; Kim, Jinsu et alin EUROCRYPT (2013)Detailed reference viewed: 183 (0 UL) Public Key Compression and Modulus Switching for Fully Homomorphic Encryption over the IntegersCoron, Jean-Sébastien ; Naccache, David; Tibouchi, Mehdi in EUROCRYPT (2012)Detailed reference viewed: 170 (0 UL) Conversion of Security Proofs from One Leakage Model to Another: A New IssueCoron, Jean-Sébastien ; Christophe, Giraud; Emmanuel, Prouff et alin Proceedings of COSADE 2012 (2012)To guarantee the security of a cryptographic implementation against Side Channel Attacks, a common approach is to formally prove the security of the corresponding scheme in a model as pertinent as ... [more ▼]To guarantee the security of a cryptographic implementation against Side Channel Attacks, a common approach is to formally prove the security of the corresponding scheme in a model as pertinent as possible. Nowadays, security proofs for masking schemes in the literature are usually conducted for models where only the manipulated data are assumed to leak. However in practice, the leakage is better modeled encompassing the memory transitions as e.g. the Hamming distance model. From this observation, a natural question is to decide at which extent a countermeasure proved to be secure in the first model stays secure in the second. In this paper, we look at this issue and we show that it must definitely be taken into account. Indeed, we show that a countermeasure proved to be secure against second-order side-channel attacks in the first model becomes vulnerable against a first-order side-channel attack in the second model. Our result emphasize the issue of porting an implementation from devices leaking only on the manipulated data to devices leaking on the memory transitions. [less ▲]Detailed reference viewed: 150 (8 UL) Fully Homomorphic Encryption over the Integers with Shorter Public KeysCoron, Jean-Sébastien ; Mandal, Avradip ; Naccache, David et alin CRYPTO (2011)Detailed reference viewed: 157 (0 UL) Improved Generic Algorithms for Hard KnapsacksBecker, Anja; Coron, Jean-Sébastien ; Joux, Antoinein EUROCRYPT (2011)Detailed reference viewed: 137 (1 UL) A Domain Extender for the Ideal CipherCoron, Jean-Sébastien ; Dodis, Yevgeniy; Mandal, Avradip et alin Proceedings of TCC 2010 (2010)We describe the first domain extender for ideal ciphers, i.e. we show a construction that is indifferentiable from a 2n-bit ideal cipher, given a n-bit ideal cipher. Our construction is based on a 3-round ... [more ▼]We describe the first domain extender for ideal ciphers, i.e. we show a construction that is indifferentiable from a 2n-bit ideal cipher, given a n-bit ideal cipher. Our construction is based on a 3-round Feistel, and is more efficient than first building a n-bit random oracle from a n-bit ideal cipher (as in [9]) and then a 2n-bit ideal cipher from a n-bit random oracle (as in [10], using a 6-round Feistel). We also show that 2 rounds are not enough for indifferentiability by exhibiting a simple attack. We also consider our construction in the standard model: we show that 2 rounds are enough to get a 2n-bit tweakable block-cipher from a n-bit tweakable block-cipher and we show that with 3 rounds we can get beyond the birthday security bound. [less ▲]Detailed reference viewed: 131 (0 UL) Analysis and Improvement of the Random Delay Countermeasure of CHES 2009Coron, Jean-Sébastien ; Kizhvatov, Ilya in Proceedings of CHES 2010 (2010)Random delays are often inserted in embedded software to protect against side-channel and fault attacks. At CHES 2009 a new method for generation of random delays was described that increases the attacker ... [more ▼]Random delays are often inserted in embedded software to protect against side-channel and fault attacks. At CHES 2009 a new method for generation of random delays was described that increases the attacker's uncertainty about the position of sensitive operations. In this paper we show that the CHES 2009 method is less secure than claimed. We describe an improved method for random delay generation which does not suffer from the same security weakness. We also show that the paper's criterion to measure the security of random delays can be misleading, so we introduce a new criterion for random delays which is directly connected to the number of acquisitions required to break an implementation. We mount a power analysis attack against an 8-bit implementation of the improved method verifying its higher security in practice. [less ▲]Detailed reference viewed: 132 (0 UL) Efficient Indifferentiable Hashing into Ordinary Elliptic CurvesBrier, Eric; Coron, Jean-Sébastien ; Icart, Thomas et alin CRYPTO (2010)Detailed reference viewed: 135 (0 UL) PSS Is Secure against Random Fault AttacksCoron, Jean-Sébastien ; Mandal, Avradip in Proceedings of Asiacrypt 2009 (2009)A fault attack consists in inducing hardware malfunctions in order to recover secrets from electronic devices. One of the most famous fault attack is Bellcore’s attack against RSA with CRT; it consists in ... [more ▼]A fault attack consists in inducing hardware malfunctions in order to recover secrets from electronic devices. One of the most famous fault attack is Bellcore’s attack against RSA with CRT; it consists in inducing a fault modulo p but not modulo q at signature generation step; then by taking a gcd the attacker can recover the factorization of N?=?pq. The Bellcore attack applies to any encoding function that is deterministic, for example FDH. Recently, the attack was extended to randomized encodings based on the iso/iec 9796-2 signature standard. Extending the attack to other randomized encodings remains an open problem. In this paper, we show that the Bellcore attack cannot be applied to the PSS encoding; namely we show that PSS is provably secure against random fault attacks in the random oracle model, assuming that inverting RSA is hard. [less ▲]Detailed reference viewed: 121 (0 UL) Fault Attacks on RSA Signatures with Partially Unknown MessagesCoron, Jean-Sébastien ; Joux, Antoine; Kizhvatov, Ilya et alin Proceedings of CHES 2009 (2009)Fault attacks exploit hardware malfunctions to recover secrets from embedded electronic devices. In the late 90’s, Boneh, DeMillo and Lipton introduced fault-based attacks on CRt-RSA. These attacks factor ... [more ▼]Fault attacks exploit hardware malfunctions to recover secrets from embedded electronic devices. In the late 90’s, Boneh, DeMillo and Lipton introduced fault-based attacks on CRt-RSA. These attacks factor the signer’s modulus when the message padding function is deterministic. However, the attack does not apply when the message is partially unknown, for example when messages contain some randomness which is recovered only when verifying a correct signature. In this paper we successfully extends rsa fault attacks to a large class of partially known message configurations. The new attacks rely on Coppersmith’s algorithm for finding small roots of multivariate polynomial equations. We illustrate the approach by successfully attacking several randomized versions of the ISO/IEC 9796-2 encoding standard. Practical experiments show that a 2048-bit modulus can be factored in less than a minute given one faulty signature containing 160 random bits and an unknown 160-bit message digest. [less ▲]Detailed reference viewed: 190 (1 UL) Practical Cryptanalysis of ISO/IEC 9796-2 and EMV SignaturesCoron, Jean-Sébastien ; Naccache, David; Tibouchi, Mehdi et alin Proceedings of CRYPTO 2009 (2009)In 1999, Coron, Naccache and Stern discovered an existential signature forgery for two popular RSA signature standards, ISO/IEC 9796-1 and 2. Following this attack ISO/IEC 9796-1 was withdrawn. ISO/IEC ... [more ▼]In 1999, Coron, Naccache and Stern discovered an existential signature forgery for two popular RSA signature standards, ISO/IEC 9796-1 and 2. Following this attack ISO/IEC 9796-1 was withdrawn. ISO/IEC 9796-2 was amended by increasing the message digest to at least 160 bits. Attacking this amended version required at least 2^{61} operations. In this paper, we exhibit algorithmic refinements allowing to attack the amended (currently valid) version of ISO/IEC 9796-2 for all modulus sizes. A practical forgery was computed in only two days using 19 servers on the Amazon EC2 grid for a total cost of $\simeq$ US$800. The forgery was implemented for e?= 2 but attacking odd exponents will not take longer. The forgery was computed for the RSA-2048 challenge modulus, whose factorization is still unknown. The new attack blends several theoretical tools. These do not change the asymptotic complexity of Coron et al.’s technique but significantly accelerate it for parameter values previously considered beyond reach. While less efficient (US$45,000), the acceleration also extends to EMV signatures. EMV is an ISO/IEC 9796-2-compliant format with extra redundancy. Luckily, this attack does not threaten any of the 730 million EMV payment cards in circulation for operational reasons. Costs are per modulus: after a first forgery for a given modulus, obtaining more forgeries is virtually immediate. [less ▲]Detailed reference viewed: 153 (9 UL) Analysis of the split mask countermeasure for embedded systemsCoron, Jean-Sébastien ; Kizhvatov, Ilya in 4th Workshop on Embedded Systems Security (2009)We analyze a countermeasure against differential power and electromagnetic attacks that was recently introduced under the name of split mask. We show a general weakness of the split mask countermeasure ... [more ▼]We analyze a countermeasure against differential power and electromagnetic attacks that was recently introduced under the name of split mask. We show a general weakness of the split mask countermeasure that makes standard DPA attacks with a full key recovery applicable to masked AES and DES implementations. Complexity of the attacks is the same as for unmasked implementations. We implement the most efficient attack on an 8-bit AVR microcontroller. We also show that the strengthened variant of the countermeasure is susceptible to a second order DPA attack independently of the number of used mask tables. [less ▲]Detailed reference viewed: 124 (0 UL) An Efficient Method for Random Delay Generation in Embedded SoftwareCoron, Jean-Sébastien ; Kizhvatov, Ilya in Proceedings of CHES 2009 (2009)Random delays are a countermeasure against a range of side channel and fault attacks that is often implemented in embedded software. We propose a new method for generation of random delays and a criterion ... [more ▼]Random delays are a countermeasure against a range of side channel and fault attacks that is often implemented in embedded software. We propose a new method for generation of random delays and a criterion for measuring the efficiency of a random delay countermeasure. We implement this new method along with the existing ones on an 8-bit platform and mount practical side-channel attacks against the implementations. We show that the new method is significantly more secure in practice than the previously published solutions and also more lightweight. [less ▲]Detailed reference viewed: 143 (0 UL) The Random Oracle Model and the Ideal Cipher Model Are EquivalentCoron, Jean-Sébastien ; Patarin, Jacques; Seurin, Yannickin Advances in Cryptography (2008)Detailed reference viewed: 138 (3 UL) A New DPA Countermeasure Based on Permutation TablesCoron, Jean-Sébastien in Advances in Cryptography (2008)Detailed reference viewed: 130 (1 UL) Attack and Improvement of a Secure S-Box Calculation Based on the Fourier TransformCoron, Jean-Sébastien ; Giraud, Christophe; Prouff, Emmanuel et alin Advances in Cryptography (2008)Detailed reference viewed: 114 (0 UL) Cryptanalysis of ISO/IEC 9796-1Coppersmith, Don; Coron, Jean-Sébastien ; Grieu, François et alin Journal of Cryptology (2008), 21(1), 2751Detailed reference viewed: 75 (0 UL)     1 2 3