The EMSEC team is being restructured and will lead to two new teams: the SPICY (Security and PrIvaCY) team was officially created on May 28, 2021, and the CAPSULE (Applied Cryptography and Cryptographic implementation Security) team is currently being created.
The research team "Embedded Security and Cryptography" (EMSEC) addresses questions related to cryptography, formal methods, and security of hardware and software systems. EMSEC hosts 8 faculty members and researchers from CNRS, INSA Rennes, and University of Rennes 1, and more than 20 PhD students, postdocs, and adjunct members. EMSEC's activities target both the construction of security-preserving mechanisms and the design of new attacks.
Members of EMSEC work on different aspects of cryptology, in particular on lattice-based cryptography (studying the security of the assumptions, designing new constructions, implementation and their security), symmetric cryptanalysis, and security of protocols. EMSEC is also strongly involved in two important NIST competitions about the security of post-quantum schemes and lightweight ciphers.
Formal methods is a complementary approach to verify the security of a protocol or a system. Many examples illustrate that building blocks proven in a computational model can still suffer from weaknesses that are discovered using a symbolic approach. EMSEC consequently considers formal methods for the verification of cryptographic protocols, and development of techniques and tools, relying on attack trees, for quantitative analysis of security and risk assessments of real-life systems.
EMSEC also works on the security of hardware and software systems, analyzing the security of cryptographic implementations, especially from a side-channel perspective, and designing and improving attacks, mostly attacks based on microarchitectural covert and side channels, and attacks based on cryptanalytic time-memory trade-offs.
Finally, EMSEC considers various topics related to data security and machine learning, new statistical tools to detect shift in a timing series or anomaly, data desanonymization, and forensics applied to smartcards.