Security is important for smart card, RFID (contactless) and PUF (Physical Unclonable Function) devices mainly from the hardware and cryptographic views.
|| SMART CARDS, RFID TAGS AND PUFS
IS YOUR SMART HARDWARE REALLY SECURE? (2 days)
Module designed and coordinated
Quisquater, Head of the UCL Crypto Group, University of Louvain-la-Neuve (Belgium)
Hardware security is related to the problems of passive and active attacks and cryptographic security is related to the low resource requirements.
This module is mainly devoted to the hardware (physical) and cryptographic security with a smooth side for software security. We assume that trainees know a little bit about smart cards (if no, contact us before the course, we will send you an introduction to the field). The remaining parts are self-containing.
Physical devices are leaking information, including secret keys, passwords, aso, and it is important to know why, when and how to avoid it. It is the task of this course. Active attacks (faults) are also very important and we will address it.
An effective methodology to handle the main problems will be described.
A large part of the module will be devoted to RFID security and their applications including epassports, tags for commerce and identification.
We will finally give the new flavors from the main conferences related to the security of secure devices, including CHES, CARDIS, E-SMART, CRYPTO, EUROCRYPT, PKC, FSE,... with direct applications for the industry and the design of secure devices including attacks
and solutions against recent applications.
9.00 am - 12.30 am
Introduction to Security of Smart Cards
François Koeune, UCL, Louvain-la-Neuve, Belgium
This introductory session aims at providing the audience with a good
understanding and intuition on the basic principles governing
side-channel and physical attacks of cryptographic functions in an
embedded device, as well as the main classes of
countermeasures that can be deployed. The context of the smart card is
used throughout the course as a working example, although most
principles are directly applicable to other contexts
(hardware devices...) as well.
2.00 pm - 5.30 pm
Advanced Security for Smart Cards: from Theory to Practise
François-Xavier Standaert, UCL, Louvain-la-Neuve, Belgium
This session aims at providing insights on advanced side-channel attacks
and discuss their proper modeling and fair evaluation. It includes both
a presentation of different side-channel countermeasures with their
implementation cost and security improvements and a discussion of
optimal attacks with data dimensionality reductions techniques.
By presenting a variety of tools that can be exploited in the
side-channel context, the talk also aims to highlight the different
goals and hence techniques of interest pursued by actual
adversaries and product designers.
9.00 am - 12.30 am
RFID and Contactless Cards Security
Gildas Avoine, UCL, Louvain-la-Neuve, Belgium
A large part of the module will be devoted to RFID security and privacy.
After a comprehensive introduction to the RFID technology, the security
and privacy threats will be presented, including impersonation,
information leakage, malicious traceability, denial of service,
competitive intelligence, etc. illustrated by many real life examples
(ePassport, pet identification, etc.). Countermeasures will also be
addressed. The lecture devoted to RFID will consider security aspects of
both the tag and the communication channel, with a strong focus on the
2.00 pm - 3.15 pm
Introduction to the use of PUFs for Secure Key Storage and Anti-Counterfeiting
Pim Tuyls, Philips, Belgium
3.15 pm - 4.15 pm
Smart Cards, RFID, PUF and Cryptography: Recent News
Jean-Jacques Quisquater, Director of UCL Crypto Group, UCL, Louvain-la-Neuve, Belgium
We will give the new flavors from the main conferences related to
the security of secure devices, including CHES, CARDIS, E-SMART,
CRYPTO, EUROCRYPT, PKC, FSE,... with direct applications for
the industry and the design of secure devices.
4.30 pm - 5.30 pm
Secure hardware, secure software, secure together?
, Université de la Méditerranée, Marseille, France
register, click here