Wednesday, June 29, 2011

Publication ESIEA Espoir Recherche

Bonjour à tous

Baptiste David, étudiant ESIEA et espoir recherche de deuxième année au laboratoire a présenté ses travaux menés sur l'identification en PERL des équations différentielles, lors des "Journées PERL 2011", à Paris les 24 et 25 juin 2011.

Les slides sont disponibles ici.

Bonne journée à tous


Tuesday, June 28, 2011

CVO recrute sur Laval

Bonjour à tous,

Le laboratoire de cryptologie et de virologie opérationnelles recrute et propose deux postes (CDI) sur Laval.

  • Un jeune docteur en informatique/mathématiques discrètes ayant un bonne connaissance de la programmation sécurisée, du reverse engineering et de l'analyse de malware et de programmes. Le poste comporte une mission d'enseignement, de recherche et d'animation scientifique. La préparation d'une HDR sera un des objectif à moyen terme pour ce poste. Sans renier l'approche académique, le recrutement privilégiera une pré-disposition pour l'approche technique de type Hacker. Une bonne connaissance de l'anglais (écrit/parlé) est obligatoire.
  • Un ingénieur ou titulaire d'un master 2 en informatique/sécurité/cryptologie souhaitant en parallèle préparer une thèse. Bonne maitrise de la programmation (C, C++, python), des outils de calcul formel (Magma, Mathematica...). Le poste comporte une mission d'enseignement, de recherche et de développement. Une bonne connaissance de l'anglais (écrit/parlé) est obligatoire.
Du fait de l'environnement de travail du laboratoire, les candidats devront se soumettre à une enquête de sécurité.

Les candidats intéressés enverront un CV et une lettre de motivation à

Bonne journée à tous.


Cyberwarfare book

Hi to all of you

We have the pleasure to announce the availibility of the book entitled "Cyberwar and Information Warfare" published by Wiley.

Our laboratory has written the chapter entitled "Operational Aspects of a Cyberattack: Intelligence, Planning and Conduct". This chapter is used as the basis of our course in Cyberwarfare techniques given at ESIEA Laval.

Have a nice reading.


Thursday, June 23, 2011

LibPerseus Challenge Results

Hi to all

We have the pleasure to announce that Guillaume Delugré and Gabriel Campana from Sogeti/ESEC France (a really nice R&D company in Security) has won the challenge. They have sent the plaintext text corresponding to the chall3.coded file. Congratulations to them. They did a really nice work which will be very useful for the Perseus project. They will be recently awarded with the prize.

Their attack (more details here) is a clever and nice implementation attack which does not hence put the Perseus (mathematical) concept into question. Their attack shows that going from the theory to implementation is always complex and prone to security weakness.

The attack exploits the fact that
  • the plaintext is split into blocks of constant size (for performance purposes, it is more practical to consider this approach since forthcoming parallel decoding of blocks will overcome the complexity of the Viterbi decoding) each block being encoded with the same encoder.
  • due to a bad (and stupid) bug in our implementation the noise pattern was always the same (by mistake we forgot to declare a few variables as static and then each call to the noise generator resets its state). Ironically, this dramatic weakness could have been detected by our cryptanalysis library Mediggo (tool detectsinglefile.c) which precisely has been designed to detect this kind of flaw. But development speed and security are seldom compatible (shoemakers are often the worst shod -:))
  • It seems that implementation of the puncturing is a little faulty as well.
What is clear is that without the help of Guillaume and Gabriel, we would probably never detect this (infamous) bugs. Thousands thanks to them and to their contribution.

The bugs will be of course corrected in the new implementations of the Perseus lib which is under currentl development with the help of DFT-Technologies (which has performed the industrial specifications of LibPerseus and will perform the final code auditing). This implementation is about to be made public and officially presented during the RMLL 2011 in July in Strasbourg. Here are the new features that takes Guillaume and Gabriel's attack into account:
  • This implementation considers blocks of variable sizes (ranging from 512 to 4096).
  • Each block is encoded with a different encoder.
  • The noise pattern of course will be variable itself.
As originally implemented in the Perseus library itself, normally the message should be a single block. We are presently developping a polynomial-memory decoder that will make decoding very quick and will enable to consider message as a single block. More to come...

Of course, we hope that contributors will volunteer to evaluate this implementation. Once again congratulations to Guillaume and Gabriel. We would like also thank all people who support, sponsor the Perseus project and all those who contribute with comments and feedbacks.


Friday, June 17, 2011

LibPerseus Challenge Reset

Hi to all

Following a number of requests (especially from our sponsors and our supporting partners regarding the Perseus project), feedbacks and critics about the (obvious) lack of precision and data with respect to the LibPerseus challenge, we were strongly advised to reset this challenge today in order to offer more precise and thorough conditions:
  • files and binaries have been reset (the previous version was inappropriate since it made encoder collision possible thus providing different possible solutions while only one should exist within the parameter space considered).
  • More info given on plaintext files to recover
  • binary program that produced the new challenge files is provided (beta version at the present time). The source code will be made public as soon as possible.
  • Legal aspects of the challenge checked and clarified (thanks to Mr Auger, esquirre, bailiff in Laval, France who has pointed to us a few legal imprecision).
  • Time limit of the challenge and award have been consequently extended for fairness.
The link to the challenge page is here
We apologize for the inconvenience. Thanks to all who make us aware of the necessity to reset this challenge and help us to improve it. Thanks to our sponsors and partners (mainly DFT-Technologies).


Sunday, June 5, 2011

PERSEUS Principles


A few recent comments seem to prove that people speak a lot about Perseus without a clear knowledge of what it is and claim that the mathematical principles are not neither known nor published. Well. This is not the case (otherwise the challenge would not be fair and would not comply to Kerckhoffs' laws).
Here are the main technical data (published for more than one year):
Moreover the industrial support and development (secure implementations for example) is provided by DFT Technologies.

Due to some misunderstanding about the challenge conditions and the fact that no binaries are provided (we wish to make the concept to be tested/evaluated and not a particular implementation), we have just issued a new version of the PERSEUS Lib which uses random generation by means of the /dev/random primitives (in your application just remind that /dev/random is a blocking device and the kernel will have to be helped eventually during the encoder generation).

Of course, that does not affect the conditions and validity of the challenge but we just want to calm down and take into account some wise comments and feedbacks (and we need constructive feedbacks all the time). Once again the use of rand() was far from being optimal (we plead guilty since we were aware of this weakness and even exploit it in the past) but by laziness or lack of care we concentrated on the concept rather on the security of the implementation. Now it is fixed as well as the x00 bug (that was relevant for the python version only). We hope that now people will concentrate on the concept security itself. The PERSEUS concept can be very useful to many people as confirmed by many feedbacks.

For people who use personal attacks against my work, I will not make any comment. They do not deserve it. They have just to keep in mind that it is far easier to criticize than taking risks by fighting in the arena, trying to make security progress. and proposing new trends in data security. For those who pointed out our lack of care with the rand() primitive, well they were right so thanks to them. They did their job.

Now let us go ahead.