BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//wp-events-plugin.com//7.2.3.1//EN
BEGIN:VEVENT
UID:862@lincs.fr
DTSTART;TZID=Europe/Paris:20250212T140000
DTEND;TZID=Europe/Paris:20250212T150000
DTSTAMP:20250220T174115Z
URL:https://www.lincs.fr/events/how-can-alpha-information-theory-formally-
 prove-that-your-sensitive-circuits-are-protected-against-side-channel-atta
 cks/
SUMMARY:How can alpha-information theory formally prove that your sensitive
 circuits are protected against side-channel attacks?
DESCRIPTION:Cryptographic algorithms are ubiquitous in our digital society.
 Principles (such as Kerckhoffs’) and mathematical techniques for securing
 data against cryptanalysis are well established\, even with future quantum
 computers: the best attacks of this type are essentially brute force\,
 which takes several times the age of the universe.\n\nHowever\, one real
 threat is that algorithm implementations are vulnerable to side-channel
 attacks\, that exploit sensitive information leaks to recover the secret in
 a “divide and conquer” approach. Some attacks only require a few
 queries (leakage measurements). Thus\, the question is not whether you are
 secure or not\, since it is only a matter of time. The question is how much
 you can be secure\, e.g. with a protected implementation that use data
 masking. For that\, we need a formal evaluation.\n\nIn this talk\, I
 present such a formal evaluation using alpha-information theory\, based on
 Rényi alpha-divergence and alpha-entropy\, and Sibson’s
 alpha-information. The parameter alpha can be positive or negative\, and
 the limiting case alpha = minus infinity is related to the important notion
 of Doeblin coefficient\, which can be used to reduce the noisy leakage
 model to a random probing model. Fano and data processing inequalities\, as
 well as Mrs. Gerber’s lemma in the case of additive masking\, are used to
 establish lower bounds on the number of queries that any attacker has to
 make to achieve a given level of success. In this way\, it is possible to
 be proactive\, for example with ephemeral keys\, to maintain the security
 of an implementation.\n\n\n\n\n\n\nBio: Olivier Rioul
 (https://perso.telecom-paristech.fr/rioul/) is full Professor at the
 Department of Communication and Electronics at Télécom Paris\, Institut
 Polytechnique de Paris\, France. He graduated from École Polytechnique and
 from École Nationale Supérieure des Télécommunications\, Paris\,
 France\, where he obtained his PhD degree. His research interests are in
 applied mathematics and include various\, sometimes unconventional\,
 applications of information theory such as inequalities in statistics\,
 hardware security\, and experimental psychology. He has been teaching
 information theory and statistics at various universities for twenty years
 and has published a textbook which has become a classical French reference
 in the field.
CATEGORIES:Seminars,Youtube
LOCATION:Amphi 3\, 19 Place Marguerite Perey\, Palaiseau\, France
X-APPLE-STRUCTURED-LOCATION;VALUE=URI;X-ADDRESS=19 Place Marguerite Perey\,
 Palaiseau\, France;X-APPLE-RADIUS=100;X-TITLE=Amphi 3:geo:0,0
END:VEVENT
BEGIN:VTIMEZONE
TZID:Europe/Paris
X-LIC-LOCATION:Europe/Paris
BEGIN:STANDARD
DTSTART:20241027T020000
TZOFFSETFROM:+0200
TZOFFSETTO:+0100
TZNAME:CET
END:STANDARD
END:VTIMEZONE
END:VCALENDAR