Thomas Chabrier thomas.chabrier@irisa.fr University Rennes 1-IRISA, Campus ENSSAT, 6 rue Kerampont, BP80518, 22305 Lannion cedex, France (+33) (0)2 96 46 92 10

Research Topics

• Computer arithmetic.
• Circuit design (FPGA, ASIC).
• Cryptography.
• Security.

Current Situation

From January 2013, I am member of the ANR ARDyT (Reliable and Reconfigurable Dynamic Architecture) project.

Subject: Arithmetic operators with fault detection/tolerance capabilities.

I am member of the IRISA laboratory and the CAIRN research group.

In collaboration with researchers of the CAIRN team, I work on computation algorithms, representations of numbers and hardware implementations of arithmetic operators with integrated fault detection (and/or fault tolerance) capabilities. The target arithmetic operators are: adders, subtracters, multipliers (and variants of multiplications by constants, square, FMA, MAC), division, square-root, approximations of the elementary functions. We study (and possibly mix) two approaches: residue codes and specific bit-level coding in some redundant number systems for fault detection/tolerance integration at the arithmetic operator/unit level. A complete FPGA prototype will be implemented and strongly tested.

Ph.D. Information

Ph.D. Student in computer science defended on June, 2013.

Title: Arithmetic Recodings for ECC Cryptoprocessors with Protections against Side-Channel Attacks [TeL PDF].

Supervisors: Arnaud Tisserand and Emmanuel Casseau.

Grant: Brittany region and CG22 (Conseil Général 22).

I was member of the IRISA laboratory and the CAIRN research group.

Ph.D. Thesis Abstract

This Ph.D. thesis focused on the study, the hardware design, the theoretical and practical validation, and eventually the comparison of different arithmetic operators for cryptosystems based on elliptic curves (ECC). Provided solutions had to be robust against some side-channel attacks, and efficient at a hardware level (execution speed and area). In the case of ECC, we wanted to protect the secret key, a large integer, used in the scalar multiplication. Our protection methods used representations of numbers, and behaviour of algorithms to make more difficult some attacks. For instance, we randomly changed some representations of manipulated numbers while ensuring that computed values are correct. Redundant representations like signed-digit representation, the double- (DBNS) and multi-base number system (MBNS) have been studied. A proposed method provided an on-the-fly MBNS recoding which operates in parallel to curve-level operations and at very high speed. All recoding techniques have been theoretically validated, simulated extensively in software, and finally implemented in hardware (FPGA and ASIC). A side-channel attack called template attack was also carried out to evaluate the robustness of a cryptosystem using a redundant number representation. Eventually, a study was conducted at the hardware level to provide an ECC cryptosystem with a regular behaviour of computed operations during the scalar multiplication so as to protect against some side-channel attacks.

News and Events

Collaborations

• 2012-2016: PAVOIS (Arithmetic Protections Against Physical Attacks for Elliptic Curve based Cryptography) project with IRISA, LIRMM (funded by ANR Programme "Blanc" 2012).
• 2011-2015: ARDYT (Reliable and Reconfigurable Dynamic Architecture) project with IRISA, Lab-STICC, LCIM and Atmel (funded by ANR Programme "Ingénerie Numérique et Sécurité" 2011).
• July-September 2011 (3 months): doctoral student exchange with the Coding and Cryptography Research Group in UCC (University of College Cork, Ireland) from July 2011 to September 2011. I am provided training in the use of the Side-Channel attack equipment they have in their laboratory. The research team collaborated with me in achieving the goal of applying template attacks to hardware implementations of Elliptic Curve cryptographic algorithms and investigating the strength of my proposed countermeasures.

Conferences 2013

• November: RAIM (Paris, France).
• April: ARITH (Austin, TX, USA).
• January: SYMPA (Grenoble, France).

Conferences 2012

• June: RAIM (Dijon, France).

Conferences 2011

• May: Crypto'Puces (Porquerolles, France), SYMPA (St-Malo, France).
• April: C2 (St Pierre d'Oléron, France).

Conferences 2010

• November: Conference on Signals, Systems, and Computers (Asilomar, Pacific Grove, CA, US).
• June: CryptArchi (Paris, France).
• May: Coding and Cryptography Workshop (Cork, Ireland).
• March: ECOFAC (Plestin les Grèves, France).

Teaching in computer science and industrial data processing

• DUT Mesures Physiques (Université Rennes 1), Lannion, 1ère et 2nd année, informatique d'instrumentation (21h TD + 24h TP).
• IUT Lannion (Université Rennes 1), 1ère année, C2i (Certificat Informatique et Internet) (19h TD).

Co-advisor

• Thomas Dupré (student IUT Rennes GEII, University Rennes 1, France), Implementation and optimization of a template attack on circuits, April-June 2013 (3 months), IRISA, advisor: A. Tisserand.
• Claudiu Chirap (Technical University of Cluj-Napoca, Romania), Tools for a Cryptoprocessor on Elliptic Curves, June-Septembre 2010 (4 months), IRISA, ERAMUS Grant, advisor: A. Tisserand.

Publications

Conference articles

• T. Chabrier and A. Tisserand. On-the-Fly Multi-Base Recoding for ECC Scalar Multiplication without Pre-Computations. In A. Nannarelli, P.-M. Seidel, and P. T. P. Tang, editors, Proc. 21th Symposium on Computer Arithmetic (ARITH), Austin, TX, U.S.A., pages 219-228, April 2013. IEEE Computer Society. [HAL PDF] [doi: 10.1109/ARITH.2013.17].
• K. Bigou, T. Chabrier and A. Tisserand. Opérateur matériel de tests de divisibilité par des petites constantes sur de très grands entiers. In 15ème Conférence en Parallélisme, Architecture et Système (ComPAS), track architecture, Grenoble, France, January 2013. [HAL PDF].
• T. Chabrier, D. Pamula and A. Tisserand. Hardware Implementation of DBNS Recoding for ECC Processor. In Proc. 44rd Asilomar Conference on Signals, Systems and Computers, Pacific Grove, California, U.S.A., pages 1129-1133, November 2010. IEEE. [PDF] [doi: 10.1109/ACSSC.2010.5757580].

Miscellaneous

• T. Chabrier. Template Attacks on Hardware Implementation of Signed Digit Recoding for ECC Processor. Note: Rencontres Arithmétique de l'Informatique Mathématique (RAIM), GDR IM, June 2012.
• T. Chabrier, D. Pamula and A. Tisserand. Recodage aléatoire en matériel pour ECC. Note: 3ème rencontre Crypto'Puces sur le thème du composant au système communicant embarqué, Porquerolles, France, May 2011.
• T. Chabrier, D. Pamula, and A. Tisserand. Hardware Random Recoding: Redundant Representations of Numbers, Side Channel Analysis, Elliptic Curve Cryptography. Note: Journées Codage et Cryptographie (C2), GDR IM, Paris, France, April 2011.
• A. Tisserand, T. Chabrier , D. Pamula. Arithmetic Level Countermeasures for ECC Coprocessor. Note: Claude Shannon Institue Workshop on Coding and Cryptography, Cork, Ireland, May 2010.