Saturday, December 4, 2010
Friday, November 26, 2010
Do still have any doubt about the fact that Microsoft Windows is a wonderful world indeed? But for who?
Wednesday, November 24, 2010
- A new detection program for single encrypted file. Relatively often encryption is performed by using a short cyclic sequence (from a few bytes to a few kilobytes) and to combine it to the plaintext (file, binaries...). It is for instance the case with encrypted malware. The program detect_singlefile.c program enables to detect the length of that cyclic sequence. You have just then to split your encrypted file into chunks of that length and perform the cryptanalysis as explained in the library
- New and very detailed slides explaining how to use the open source library and especially giving interesting examples (drawn from real cases) on how trapdoors can be hidden in encryption systems. The case of dynamic cryptographic trapdoors is also presented.
Just a quick summary of the lab research activities: we work on computer, network and information security with the attackers' mind and point of view to provide better protection and defense. Our research topics covers
- Symmetric encryption: design and evaluation of symmetric cryptosystems, design of cryptosystems with trapdoors (introduction of undetectable mathematical weaknesses allowing a less complex cryptanalysis for anyone who has knowledge of the trapdoor), cryptanalysis of symmetric cryptosystem based on the combinatorial properties (weaknesses) of those systems, reconstruction techniques of unknown algorithms (coding or encryption) using the intercepted stuff only (encoded streams, encrypted messages).
- Analysis and design of steganographic systems. Encrypted data (COMSEC aspect only) exhibit a (too) typical statistical profile. Consequently any attacker can therefore easily identify an exchange of encrypted data. It is therefore crucial in some contexts to hide the very existence (storage, exchange) of data. It is the role of steganography (hiding the channel by considering the TRANSEC aspect). From a dual point of view, I am also interested in techniques for detecting steganographic contents (steganalysis).
Computer virology: formal characterization of viral techniques (known and unknown techniques), study and design of new malware technologies, formalization and design of new antiviral techniques, malicious cryptography and steganography (potential use of encryption and/or steganographic techniques by Malware and use of malicious codes for applied cryptanalysis purposes), analysis and Evaluation (passive and active) of antivirus software.
- Analysis and technical studies of the concept of computer warfare