EMSEC : EMbedded SEcurity and Cryptography
The EMSEC team was restructured and gave birth to two new teams: the SPICY (Security and PrIvaCY) team and the CAPSULE (Applied Cryptography and Cryptographic implementation Security) team.
The research team "Embedded Security and Cryptography" (EMSEC) addresses questions related to cryptography, formal methods, and security of hardware and software systems. EMSEC hosts 8 faculty members and researchers from CNRS, INSA Rennes, and University of Rennes 1, and more than 20 PhD students, postdocs, and adjunct members. EMSEC's activities target both the construction of security-preserving mechanisms and the design of new attacks.
The cryptography-related topics addressed by EMSEC include symmetric and asymmetric primitives - including lattice-based cryptography - as well as cryptographic protocols. In particular, EMSEC is strongly involved in two important NIST competitions about the security of post-quantum schemes and lightweight ciphers.
Formal methods are a complementary approach to verify the security of a protocol or a system. Many examples illustrate that building blocks proven in a computational model can still suffer from weaknesses that are discovered using a symbolic approach. EMSEC consequently considers formal methods for the verification of cryptographic protocols, and for the development of techniques and tools based on attack trees for quantitative analysis of security and risk assessments of real-life systems.
EMSEC also works on the security of hardware and software systems, analyzing the security of cryptographic implementations, especially from a side-channel perspective, and designing and improving attacks, mostly attacks based on microarchitectural covert and side channels, and attacks based on cryptanalytic time-memory trade-offs.
Finally, EMSEC considers various topics related to data security and machine learning, new statistical tools to detect shift in a timing series or anomaly, data desanonymization, and forensics applied to smartcards.