|
SMART CARDS, RFID TAGS AND PUFS
IS YOUR SMART HARDWARE REALLY SECURE? (2 days)
Module designed and coordinated by Jean-Jacques Quisquater, Head of the UCL Crypto Group, University of Louvain-la-Neuve (Belgium) |
|
|
|
|
Security is important for smart card, RFID (contactless) and PUF (Physical Unclonable Function) devices mainly from the hardware and cryptographic views.
Hardware security is related to the problems of passive and active attacks and cryptographic security is related to the low resource requirements.
This module is mainly devoted to the hardware (physical) and cryptographic security with a smooth side for software security. We assume that trainees know a little bit about smart cards (if no, contact us before the course, we will send you an introduction to the field). The remaining parts are self-containing.
Physical devices are leaking information, including secret keys, passwords, aso, and it is important to know why, when and how to avoid it. It is the task of this course. Active attacks (faults) are also very important and we will address it.
An effective methodology to handle the main problems will be described.
A large part of the module will be devoted to RFID security and their applications including epassports, tags for commerce and identification.
We will finally give the new flavors from the main conferences related to the security of secure devices, including CHES, CARDIS, E-SMART, CRYPTO, EUROCRYPT, PKC, FSE,... with direct applications for the industry and the design of secure devices including attacks and solutions against recent applications.
SEPT. 16
9.00 am - 12.30 am
Introduction to Security of Smart Cards François Koeune, UCL, Louvain-la-Neuve, Belgium
This introductory session aims at providing the audience with a good understanding and intuition on the basic principles governing side-channel and physical attacks of cryptographic functions in an embedded device, as well as the main classes of countermeasures that can be deployed. The context of the smart card is used throughout the course as a working example, although most principles are directly applicable to other contexts (hardware devices...) as well.
2.00 pm - 5.30 pm
Advanced Security for Smart Cards: from Theory to Practise
François-Xavier Standaert, UCL, Louvain-la-Neuve, Belgium
This session aims at providing insights on advanced side-channel attacks and discuss their proper modeling and fair evaluation. It includes both a presentation of different side-channel countermeasures with their implementation cost and security improvements and a discussion of optimal attacks with data dimensionality reductions techniques.
By presenting a variety of tools that can be exploited in the side-channel context, the talk also aims to highlight the different goals and hence techniques of interest pursued by actual adversaries and product designers.
SEPT. 17
9.00 am - 12.30 am
RFID and Contactless Cards Security
Gildas Avoine, UCL, Louvain-la-Neuve, Belgium
A large part of the module will be devoted to RFID security and privacy. After a comprehensive introduction to the RFID technology, the security and privacy threats will be presented, including impersonation, information leakage, malicious traceability, denial of service, competitive intelligence, etc. illustrated by many real life examples (ePassport, pet identification, etc.). Countermeasures will also be addressed. The lecture devoted to RFID will consider security aspects of both the tag and the communication channel, with a strong focus on the security protocols.
2.00 pm - 3.15 pm
Introduction to the use of PUFs for Secure Key Storage and Anti-Counterfeiting Pim Tuyls, Philips, Belgium
3.15 pm - 4.15 pm
Smart Cards, RFID, PUF and Cryptography: Recent News Jean-Jacques Quisquater, Director of UCL Crypto Group, UCL, Louvain-la-Neuve, Belgium
We will give the new flavors from the main conferences related to the security of secure devices, including CHES, CARDIS, E-SMART, CRYPTO, EUROCRYPT, PKC, FSE,... with direct applications for the industry and the design of secure devices.
4.30 pm - 5.30 pm
Secure hardware, secure software, secure together? Pierre Paradinas, INRIA-CBAM
Traian Muntean, Université de la Méditerranée, Marseille, France
To register, click here
|