Search

Your search keyword '"Standaert, François-Xavier"' showing total 108 results
Start Over Author "Standaert, François-Xavier" Database Complementary Index

Refine your results

more »

more »

more »

108 results on '"Standaert, François-Xavier"'

1. Sensibilité des explications à l'aléa des grands modèles de langage : le cas de la classification de textes journalistiques.

Author

Bogaert, Jérémie, de Marneffe, Marie-Catherine, Descampe, Antonin, Escouflaire, Louis, Fairon, Cédrick, and Standaert, François-Xavier

Subjects
LANGUAGE models, NATURAL language processing, DISTRIBUTION (Probability theory), EXPLANATION
Abstract

Copyright of Traitement Automatique des Langues is the property of Association pour le Traitement Automatique des Langues (ATALA) and its content may not be copied or emailed to multiple sites or posted to a listserv without the copyright holder's express written permission. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)

Published
2023

2. Transparents mais corruptibles: les algorithmes au défi des comportements « adversariaux » dans le domaine journalistique.

Author

Descampe, Antonin and Standaert, François-Xavier

Abstract

Copyright of Cahiers du Journalisme is the property of University of Ottawa Press and its content may not be copied or emailed to multiple sites or posted to a listserv without the copyright holder's express written permission. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)

Published
2023
Full Text
View/download PDF

3. Automated news recommendation in front of adversarial examples and the technical limits of transparency in algorithmic accountability.

Author

Descampe, Antonin, Massart, Clément, Poelman, Simon, Standaert, François-Xavier, and Standaert, Olivier

Subjects
CLASSIFICATION algorithms, RECOMMENDER systems, DECISION making, TRANSPARENCY (Optics), MACHINE learning, ALGORITHMS
Abstract

Algorithmic decision making is used in an increasing number of fields. Letting automated processes take decisions raises the question of their accountability. In the field of computational journalism, the algorithmic accountability framework proposed by Diakopoulos formalizes this challenge by considering algorithms as objects of human creation, with the goal of revealing the intent embedded into their implementation. A consequence of this definition is that ensuring accountability essentially boils down to a transparency question: given the appropriate reverse-engineering tools, it should be feasible to extract design criteria and to identify intentional biases. General limitations of this transparency ideal have been discussed by Ananny and Crawford (New Media Soc 20(3):973–989, 2018). We further focus on its technical limitations. We show that even if reverse-engineering concludes that the criteria embedded into an algorithm correspond to its publicized intent, it may be that adversarial behaviors make the algorithm deviate from its expected operation. We illustrate this issue with an automated news recommendation system, and show how the classification algorithms used in such systems can be fooled with hard-to-notice modifications of the articles to classify. We therefore suggest that robustness against adversarial behaviors should be taken into account in the definition of algorithmic accountability, to better capture the risks inherent to algorithmic decision making. We finally discuss the various challenges that this new technical limitation raises for journalism practice. [ABSTRACT FROM AUTHOR]

Published
2022
Full Text
View/download PDF

4. A stealthy Hardware Trojan based on a Statistical Fault Attack.

Author

Momin, Charles, Bronchain, Olivier, and Standaert, François-Xavier

Abstract

Integrated Circuits (ICs) are sensible to a wide range of (passive, active, invasive, non-invasive) physical attacks. In this context, Hardware Trojans (HTs), that are malicious modifications of a circuit by an untrusted manufacturer, are one of the most challenging threats to mitigate. HTs aim to alter the functionality of the infected chip in a malicious way, e.g. under specific conditions known by the adversary. Fault attacks are a typical attack vector. However, for a HT to be exploitable by an adversary, it also has to be stealthy. For example, a HT that would directly inject exploitable faults in a block cipher may be spotted by analyzing its functional behavior (i.e. the positions and the distribution of the faulty values appearing). In this paper, we propose a stealthy HT instance leading to successful and hidden Statistical Fault Attacks (SFA). More precisely, the faults are injected when the chip is running under condition for which metastabilty occurs (i.e. with a increased clock frequency), leading to the apparition faults at random positions within the target implementation. In addition, an internal bit is set to a value known only by the adversary, allowing him to perform efficient SFA. Compared to classical SFA, the HT uses its control on the target to circumvent behavioral detection tests. Indeed, it also adds computation errors in the early rounds of the target cipher which are not exploitable via SFA. [ABSTRACT FROM AUTHOR]

Published
2021
Full Text
View/download PDF

5. How to fool a black box machine learning based side-channel security evaluation.

Author

Bertrand Van Ouytsel, Charles-Henry, Bronchain, Olivier, Cassiers, Gaëtan, and Standaert, François-Xavier

Abstract

Machine learning and deep learning algorithms are increasingly considered as potential candidates to perform black box side-channel security evaluations. Inspired by the literature on machine learning security, we put forward that it is easy to conceive implementations for which such black box security evaluations will incorrectly conclude that recovering the key is difficult, while an informed evaluator / adversary will reach the opposite conclusion (i.e., that the device is insecure given the amount of measurements available). [ABSTRACT FROM AUTHOR]

Published
2021
Full Text
View/download PDF

6. Side-channel analysis of a learning parity with physical noise processor.

Author

Kamel, Dina, Bellizia, Davide, Bronchain, Olivier, and Standaert, François-Xavier

Abstract

Learning parity with physical noise (LPPN) has been proposed as an assumption on which to build authentication protocols based on the learning parity with noise (LPN) problem. Its first advantage is to reduce the randomness requirements of standard LPN-based protocols, by directly performing erroneous computations so that no (e.g. Bernoulli-distributed) errors have to be generated on chip. At ASHES 2018, an LPPN processor was presented and confirmed the possibility to efficiently generate erroneous computations with the appropriate error rate. Since LPPN computations are key-homomorphic, they are good candidates for improved side-channel security thanks to masking, since they could theoretically lead to masked implementations with overheads that are linear in the number of shares, the analysis of which was left as an open problem. In this paper, we confirm this good potential by analyzing the side-channel security of an LPPN processor. We (1) evaluate the leakage of different parts of the erroneous computations, (2) conclude that intermediate computations that can be targeted with a divide-and-conquer Gaussian template attack are a sweet spot for side-channel attacks, and (3) show that LPPN computations naturally reach a level of noise that makes masking effective, despite further noise addition could be beneficial to reach higher security at lower implementation cost. [ABSTRACT FROM AUTHOR]

Published
2021
Full Text
View/download PDF

7. Reducing risks through simplicity: high side-channel security for lazy engineers.

Author

Bronchain, Olivier, Schneider, Tobias, and Standaert, François-Xavier

Abstract

Countermeasures against side-channel attacks are in general expensive, and a lot of research has been devoted to the optimization of their security versus performance trade-off. Besides, a wide literature has also shown that implementing such countermeasures is an error-prone task and requires to deal with various engineering challenges (e.g., physical defaults, compositional errors,...). This work aims to contribute to this second item, by evaluating the extent to which (almost) key-homomorphic primitives, and in particular a recent PRF instance based on the learning with rounding problem, can lead to easy-to-implement and easier-to-evaluate side-channel-secure designs. We confirm these properties by describing an FPGA implementation that does not require complex (compositional) reasoning in its analysis and can be masked securely under simple design conditions, and for which the evaluation directly scales to arbitrary number of shares. We provide a comprehensive performance and (worst-case) security analysis of our design and compare the obtained results with those of an AES implementation protected with the domain-oriented masking scheme. Results show that simplicity has a cost, which becomes less prohibitive as security requirements increase. [ABSTRACT FROM AUTHOR]

Published
2021
Full Text
View/download PDF

8. Beyond algorithmic noise or how to shuffle parallel implementations?

Author

Levi, Itamar, Bellizia, Davide, and Standaert, François‐Xavier

Subjects
ADVANCED Encryption Standard, NOISE
Abstract

Summary: Noise is an important ingredient for side‐channel‐analysis countermeasures security. However, physical noise is in most cases not sufficient to achieve high‐security levels. As an outcome, designers traditionally aim to emulate noise by harnessing shuffling in the time domain and algorithmic noise in the amplitude domain. On one hand, harnessing algorithmic noise is limited in architectures/devices which have a limited data‐path width. On the other hand, the performance degradation due to shuffling is considerable. A natural complement to operation shuffling is the hardware‐based intra‐cycle shuffling (ICS), which typically shuffles the sample time of bits within a clock cycle (instead of micro‐processor operations). Such architecture eliminates the performance overhead due to shuffling within a single cycle, it is algorithm‐independent, i.e., no need in partitioning of operations, and as it is hardware‐based, the data‐path width can be tailored to better exploit algorithmic‐noise. In this manuscript, we first analyze the noise components in physical designs to better model the algorithmic noise. We then perform an information‐theoretic (IT) analysis of both shuffling countermeasures. The last part of the manuscript deals with real‐world architectures analysis: IT analysis of an Advanced Encryption Standard (AES) core implemented over a 32‐ and 128‐bit wide data‐path embedded with intra‐cycle shuffling and two flavors of shuffling generation (memory‐based and on‐line permutation generation). The manuscript is concluded by underling the benefits which can be achieved with the ICS architecture. [ABSTRACT FROM AUTHOR]

Published
2020
Full Text
View/download PDF

9. Deep learning mitigates but does not annihilate the need of aligned traces and a generalized ResNet model for side-channel attacks.

Author

Zhou, Yuanyuan and Standaert, François-Xavier

Abstract

We consider the question whether synchronization/alignment methods are still useful/necessary in the context of side-channel attacks exploiting deep learning algorithms. While earlier works have shown that such methods/algorithms have a remarkable tolerance to misaligned measurements, we answer positively and describe experimental case studies of side-channel attacks against a key transportation layer and an AES S-box where such a preprocessing remains beneficial (and sometimes necessary) to perform efficient key recoveries. Our results also introduce generalized residual networks as a powerful alternative to other deep learning tools (e.g., convolutional neural networks and multilayer perceptrons) that have been considered so far in the field of side-channel analysis. In our experimental case studies, it outperforms the other three published state-of-the-art neural network models for the data sets with and without alignment, and it even outperforms the published optimized CNN model with the public ASCAD data set. Conclusions are naturally implementation-specific and could differ with other data sets, other values for the hyper-parameters, other machine learning models and other alignment techniques. [ABSTRACT FROM AUTHOR]

Published
2020
Full Text
View/download PDF

10. Improved parallel mask refreshing algorithms: generic solutions with parametrized non-interference and automated optimizations.

Author

Barthe, Gilles, Belaïd, Sonia, Dupressoir, François, Fouque, Pierre-Alain, Grégoire, Benjamin, Standaert, François-Xavier, and Strub, Pierre-Yves

Abstract

Refreshing algorithms are a critical ingredient for secure masking. They are instrumental in enabling sound composability properties for complex circuits, and their randomness requirements dominate the performance overheads in (very) high-order masking. In this paper, we improve a proposal of mask refreshing algorithms from EUROCRYPT 2017 that has excellent implementation properties in software and hardware, in two main directions. First, we provide a generic proof that this algorithm is secure at arbitrary orders—a problem that was left open so far. We introduce parametrized non-interference as a new technical ingredient for this purpose that may be of independent interest. Second, we use automated tools to further explore the design space of such algorithms and provide the best known parallel mask refreshing gadgets for concretely relevant security orders. Incidentally, we also prove the security of a recent proposal of mask refreshing with improved resistance against horizontal attacks from CHES 2017. [ABSTRACT FROM AUTHOR]

Published
2020
Full Text
View/download PDF

11. Making Masking Security Proofs Concrete (Or How to Evaluate the Security of Any Leaking Device), Extended Version.

Author

Duc, Alexandre, Faust, Sebastian, and Standaert, François-Xavier

Subjects
CRYPTOGRAPHY, EVIDENCE, CONCRETE, COST control
Abstract

We investigate the relationship between theoretical studies of leaking cryptographic devices and concrete security evaluations with standard side-channel attacks. Our contributions are in four parts. First, we connect the formal analysis of the masking countermeasure proposed by Duc et al. (Eurocrypt 2014) with the Eurocrypt 2009 evaluation framework for side-channel key recovery attacks. In particular, we re-state their main proof for the masking countermeasure based on a mutual information metric, which is frequently used in concrete physical security evaluations. Second, we discuss the tightness of the Eurocrypt 2014 bounds based on experimental case studies. This allows us to conjecture a simplified link between the mutual information metric and the success rate of a side-channel adversary, ignoring technical parameters and proof artifacts. Third, we introduce heuristic (yet well-motivated) tools for the evaluation of the masking countermeasure when its independent leakage assumption is not perfectly fulfilled, as it is frequently encountered in practice. Thanks to these tools, we argue that masking with non-independent leakages may provide improved security levels in certain scenarios. Eventually, we consider the tradeoff between the measurement complexity and the key enumeration time complexity in divide-and-conquer side-channel attacks and show that these complexities can be lower bounded based on the mutual information metric, using simple and efficient algorithms. The combination of these observations enables significant reductions of the evaluation costs for certification bodies. [ABSTRACT FROM AUTHOR]

Published
2019
Full Text
View/download PDF

12. Template attacks versus machine learning revisited and the curse of dimensionality in side-channel analysis: extended version.

Author

Lerman, Liran, Poussier, Romain, Markowitch, Olivier, and Standaert, François-Xavier

Abstract

Template attacks and machine learning are two popular approaches to profiled side-channel analysis. In this paper, we aim to contribute to the understanding of their respective strengths and weaknesses, with a particular focus on their curse of dimensionality. For this purpose, we take advantage of a well-controlled simulated experimental setting in order to put forward two important aspects. First and from a theoretic point of view, the data complexity of template attacks is not sensitive to the dimension increase in side-channel traces given that their profiling is perfect. Second and from a practical point of view, concrete attacks are always affected by (estimation and assumption) errors during profiling. As these errors increase, machine learning gains interest compared to template attacks, especially when based on random forests. We then clarify these results thanks to the bias-variance decomposition of the error rate recently introduced in the context side-channel analysis. [ABSTRACT FROM AUTHOR]

Published
2018
Full Text
View/download PDF

13. Towards easy leakage certification: extended version.

Author

Durvaux, François, Standaert, François-Xavier, and Pozo, Santos

Abstract

Side-channel attacks generally rely on the availability of good leakage models to extract sensitive information from cryptographic implementations. The recently introduced leakage certification tests aim to guarantee that this condition is fulfilled based on sound statistical arguments. They are important ingredients in the evaluation of leaking devices since they allow a good separation between engineering challenges (how to produce clean measurements) and cryptographic ones (how to exploit these measurements). In this paper, we propose an alternative leakage certification test that is significantly simpler to implement than the previous proposal from Eurocrypt 2014. This gain admittedly comes at the cost of a couple of heuristic (yet reasonable) assumptions on the leakage distribution. To confirm its relevance, we first show that it allows confirming previous results of leakage certification. We then put forward that it leads to additional and useful intuitions regarding the information losses caused by incorrect assumptions in leakage modelling. [ABSTRACT FROM AUTHOR]

Published
2017
Full Text
View/download PDF

26. Improving the security and efficiency of block ciphers based on LS-designs.

Author

Journault, Anthony, Standaert, François-Xavier, and Varici, Kerem

Subjects
BLOCK ciphers, MATHEMATICAL bounds, PROBABILITY theory, CRYPTOGRAPHY, CODING theory
Abstract

LS-designs are a family of bitslice ciphers aiming at efficient masked implementations against side-channel analysis. This paper discusses their security against invariant subspace attacks, and describes an alternative family of eXtended LS-designs (XLS-designs), that enables additional options to prevent such attacks. LS- and XLS-designs provide a large family of ciphers from which efficient implementations can be obtained, possibly enhanced with countermeasures against physical attacks. We argue that they are interesting primitives in order to discuss the general question of 'how simple can block ciphers be?'. [ABSTRACT FROM AUTHOR]

Published
2017
Full Text
View/download PDF

39. Masking and leakage-resilient primitives: One, the other(s) or both?

Author

Belaïd, Sonia, Grosso, Vincent, and Standaert, François-Xavier

Abstract

Securing cryptographic implementations against side-channel attacks is one of the most important challenges in modern cryptography. Many countermeasures have been introduced for this purpose, and analyzed in specialized security models. Formal solutions have also been proposed to extend the guarantees of provable security to physically observable devices. Masking and leakage-resilient cryptography are probably the most investigated and best understood representatives of these two approaches. Unfortunately, claims whether one, the other or their combination provides better security at lower cost remained vague so far. In this paper, we provide the first comprehensive treatment of this important problem. For this purpose, we analyze whether cryptographic implementations can be security-bounded, in the sense that the time complexity of the best side-channel attack is lower-bounded, independent of the number of measurements performed. Doing so, we first put forward a significant difference between stateful primitives such as leakage-resilient PRGs (that easily ensure bounded security), and stateless ones such as leakage-resilient PRFs (that hardly do). We then show that in practice, leakage-resilience alone provides the best security vs. performance tradeoff when bounded security is achievable, while masking alone is the solution of choice otherwise. That is, we highlight that one (x)or the other approach should be privileged, which contradicts the usual intuition that physical security is best obtained by combining countermeasures. Besides, our experimental results underline that despite defined in exactly the same way, the bounded leakage requirement in leakage-resilient PRGs and PRFs imply significantly different challenges for hardware designers. Namely, such a bounded leakage is much harder to guarantee for stateless primitives (like PRFs) than for statefull ones (like PRGs). As a result, constructions of leakage-resilient PRGs and PRFs proven under the same bounded leakage assumption, and instantiated with the same AES implementation, may lead to different practical security levels. [ABSTRACT FROM AUTHOR]

Published
2015
Full Text
View/download PDF

Catalog

Books, media, physical & digital resources
See catalog results