Rozprawy doktorskie na temat „Cryptographie – Mesures de sûreté – Évaluation”
Utwórz poprawne odniesienie w stylach APA, MLA, Chicago, Harvard i wielu innych
Sprawdź 50 najlepszych rozpraw doktorskich naukowych na temat „Cryptographie – Mesures de sûreté – Évaluation”.
Przycisk „Dodaj do bibliografii” jest dostępny obok każdej pracy w bibliografii. Użyj go – a my automatycznie utworzymy odniesienie bibliograficzne do wybranej pracy w stylu cytowania, którego potrzebujesz: APA, MLA, Harvard, Chicago, Vancouver itp.
Możesz również pobrać pełny tekst publikacji naukowej w formacie „.pdf” i przeczytać adnotację do pracy online, jeśli odpowiednie parametry są dostępne w metadanych.
Przeglądaj rozprawy doktorskie z różnych dziedzin i twórz odpowiednie bibliografie.
Demay, Jonathan-Christofer. "Génération et évaluation de mécanismes de détection des intrusions au niveau applicatif". Phd thesis, Université Rennes 1, 2011. http://tel.archives-ouvertes.fr/tel-00659694.
Pełny tekst źródłaDemay, Jonathan-Christofer. "Génération et évaluation de mécanismes de détection des intrusions au niveau applicatif". Phd thesis, Rennes 1, 2011. http://www.theses.fr/2011REN1S050.
Pełny tekst źródłaLa plupart des mécanismes de détection des anomalies au niveau applicatif reposent sur la détection de la déviation du flot de contrôle d'un programme. Bien souvent, pour détecter cela, le mécanisme repose sur les séquences d'appels système des applications. Cependant, ces méthodes ne permettent pas de détecter les attaques par imitation ou bien les attaques qui modifient les paramètres des appels système. De telles attaques peuvent être réalisées en ciblant les données de calcul utilisées par les processus. Pour compléter ces mécanismes de détection, nous proposons une approche pour détecter la corruption de données de calcul qui influencent l'exécution des appels système. Cette approche repose sur la construction d'un modèle de comportement orienté autour des données et construit par analyse statique du code source. Nous avons implémenté notre approche pour les programmes écrits en langage C. Cette implémentation est utilisée pour illustrer la faisabilité de notre approche sur plusieurs exemples. Pour évaluer plus en détails notre mécanisme de détection, nous proposons aussi une approche pour la simulation d'attaques contre les données de calcul. Cette approche repose sur un modèle de faute qui reproduit l'état interne d'une application après ce type d'attaque. Nous avons implémenté une plateforme d'évaluation en combinant notre modèle de faute avec un mécanisme d'injection en mémoire. Cette plateforme est utilisée pour réaliser une campagne d'injections sur deux exemples afin d'évaluer les capacitées de détection de notre modèle orienté autour des données
Liu, Yi. "Security Assessment Against Side-Channel Attacks : Insights from an Information-Theoretic Perspective". Electronic Thesis or Diss., Institut polytechnique de Paris, 2023. http://www.theses.fr/2023IPPAT033.
Pełny tekst źródłaIn today's world, the widespread use of cryptographic devices highlights the need for their secure operation. Unintended leakages, like time, power, and electromagnetic emissions, can allow attackers to deduce secret keys via side-channel attacks (SCAs). Evaluating the security of cryptographic devices against SCAs is important for both the industrial and academic sectors, and information-theoretic metrics turn out to be effective tools. “Masking” stands out as a key countermeasure, with ongoing discussions on its optimization and the security of its implementations. In light of this context, the central aims of this thesis are to quantify side-channel leakage, appraise the security of cryptographic devices against SCAs (both unprotected and masked), and to explore methodologies for formulating more potent masking codes. For masking code construction, we establish linear programming bounds for the kissing number of q-ary linear codes, guided by recent findings on optimized code-based masking performance related to the dual code's kissing number. In addition, we demonstrate the connection between code-based masking efficacy and the whole weight enumeration of the dual of the masking code. The lexicographical order based on weight distribution prefixes is proposed for selecting ideal masking codes. Regarding side-channel leakage evaluation, we introduce a novel information metric, called conditional Sibson's alpha-information. This metric has an explicit expression and possesses several beneficial properties. Utilizing this metric, we delve into the sidechannel leakage of unprotected devices. Additionally, we use Fano's mutual information to evaluate the sidechannel leakage of code-based masked implementations under probing model. Lastly, when considering the security assessment of masked implementations, we utilize the alphainformation measure to appraise the security of both arithmetic and Boolean masking implementations. We derive universal bounds on the probability of success of any type of side-channel attack. These also provide lower bounds on the minimum number of queries required to achieve a given success rate
Piètre-Cambacédès, Ludovic. "Des relations entre sûreté et sécurité". Phd thesis, Télécom ParisTech, 2010. http://pastel.archives-ouvertes.fr/pastel-00570432.
Pełny tekst źródłaLandry, Simon. "Étude de la résistance des algorithmes cryptographiques symétriques face à la cryptanalyse moderne". Electronic Thesis or Diss., Sorbonne université, 2021. http://www.theses.fr/2021SORUS287.
Pełny tekst źródłaThe goal of this thesis is to contribute to the state-of-the-art by proposing new areas of research in order to secure cryptographic algorithms within an embedded device.Our main focal axis is organized around the countermeasure called threshold implementations which is known to be resistant against side-channel analysis attacks in the presence of glitches.These latter phenomenon occur randomly within an electronic circuit and lead to numerous attacks in cryptanalysis. We study the application of threshold implementations on symmetric-key cryptography.In a first phase, we participate to the cryptographic litterature by designing new threshold implementations easily applicable on a large variety of symmetric-key algorithms. Our countermeasures are provable mathematically secured against side-channel analysis attacks in the presence of glitches. In comparison with the recent publications of the state-of-the-art, we adress new issues and we assure similar or better performances. Therefore, our research has resulted in two patents within STMicroelectronics, thereby contributing to the industrial innovation process.In a second phase, we are interested in the study of the symmetric-key algorithm SM4 and its resistance against side-channel analysis attacks. The works obtained allow to centralize the proposed SM4 countermeasures against side-channel analysis attacks of the state-of-the-art and offer a visibility on the software performances of these constructions. We finally introduce the first threshold implementation of the SM4 algorithm. Our construction is provably mathematically resistant against side-channel analysis attacks in the presence of glitches
Noumon, Allini Elie. "Caractérisation, évaluation et utilisation du jitter d'horloge comme source d'aléa dans la sécurité des données". Thesis, Lyon, 2020. http://www.theses.fr/2020LYSES019.
Pełny tekst źródłaThis thesis, funded by the DGA, is motivated by the problem of evaluation of TRNG for applications with a very high level of security. As current standards such as AIS-31 are not sufficient for these types of applications, the DGA proposes a complementary procedure, validated on TRNG using ring oscillators (RO), which aims to characterize the source of randomness of TRNG in order to identify electronic noises present in it. These noises are manifested in the digital circuits by the clock jitter generated in the RO. They can be characterized by their power spectral density related to the time Allan variance which allows, unlike the standard variance which is still widely used, to discriminate these different types of noise (mainly thermal, flicker). This study was used as a basis for estimating the proportion of jitter due to thermal noise used in stochastic models describing the output of TRNG. In order to illustrate and validate the DGA certification approach on other principles of TRNG apart from RO, we propose a characterization of PLL as a source of randomness. We have modeled the PLL in terms of transfer functions. This modeling has led to the identification of the source of noise at the output of the PLL, as well as its nature as a function of the physical parameters of the PLL. This allowed us to propose recommendations on the choice of parameters to ensure maximum entropy. In order to help in the design of this type of TRNG, we also propose a tool to search for the non-physical parameters of the generator ensuring the best compromise between security and throughput
Longevialle, Christophe. "Contribution à la sécurisation d'un réseau d'information élaborée, par cryptographie et "pare-feu" informatique : application à une base de gestion de rssources humaines". Marne-la-Vallée, 2004. http://www.theses.fr/2004MARN0187.
Pełny tekst źródłaChevallier-Mames, Benoit. "Cryptographie à clé publique : constructions et preuves de sécurité". Paris 7, 2006. http://www.theses.fr/2006PA077008.
Pełny tekst źródłaThe public key cryptography concept, proposed by Whitfield Diffie et Martin Hellman, changed the cryptology world. After the description of first heuristically secure schemes, thé formalization of models and security notions has allowed the emergency of provable security. After some reminds about cryptography and security reduction, we propose new signature and encryption schemes, with some advantages over the existing Systems. Indeed, we propose two new signature schemes with a security proof in the random oracle model, and expose a new signature scheme which features a provable security in the standard model. All of these schemes feature both tight security and the possible use of coupons. Next, we describe a new encryption scheme, based on a new cryptographical problem. We also give another look to the universel paddings, and show how to obtain tight security for identity-based encryption schemes. In the last part of this thesis, we deal with the physical security of cryptographical software. We propose notably new efficient countermeasures against simple side-channel attacks (SPA) and differentiel side-channel attacks (DPA)
Martinelli, Jean. "Protection d'algorithmes de chiffrement par blocs contre les attaques par canaux auxiliaires d'ordre supérieur". Versailles-St Quentin en Yvelines, 2011. http://www.theses.fr/2011VERS0043.
Pełny tekst źródłaTraditionally, a cryptographic algorithm is estimated through its resistance to "logical" attacks. When this algorithm is implanted within a material device, physical leakage can be observed during the computation and can be analyzed by an attacker in order to mount "side channel" attacks. The most studied side channel attack is the differential power analysis (DPA). First order DPA is now well known and can be prevented by securely proven countermeasures. In 2008, some results are known for second order, but none for third order. The goal of this thesis is to propose a frame for k-th order DPA where k>1. We developed several masking schemes as alternatives to the classical ones in order to propose a better complexity-security ratio. These schemes make use of various mathematical operations such as field multiplication or matrix product and cryptographic tools as secret sharing and multi-party computation. We estimated the security of the proposed schemes following a methodology using both theoretical analysis and practical results. At last we proposed an evaluation of the action of the word size of a cryptographic algorithm upon its resistance against side channel attacks, with respect to the masking scheme implemented
Masmoudi, Khaled. "Gestion de la confiance dans les réseaux personnels". Evry, Institut national des télécommunications, 2008. http://www.theses.fr/2008TELE0002.
Pełny tekst źródłaWith the advent of new networking paradigms and evolutions, spanning from distributed and self-organized systems such as ad hoc networks, P2P networks or grids, to pervasive computing, wireless mesh networks or embedded devices, many research effort have been conducted to bring the previous theoretic concepts into real life. Security protocols have to fulfill a new requirement : how is it possible to establish trust between parties without any a priori credential, central administration or shared context ? We go even farther in this dissertation : what if each single party was a heterogeneous distributed domain ? This thesis builds a layered architecture with a set of cryptographic protocols, meant to establish trust between devices and services belonging to different users through their Personal Networks. In the first part, the trust vector is an out-of-band channel, based on proximity. The resulting protocols combine identity-based cryptography to link identities to cryptographic material, and cryptographically-generated addresses to provide identity ownership. These new identifiers form a novel namespace that allows cross-layer trust establishment. The de facto security negotiation protocols, namely Internet Key Exchange protocol and Transport layer Security handshake sub-protocol, provide end-to-end secure tunnel establishment, but fail to fit scenarios when a domain controller has to define the security parameters for a device under its supervision. We define in the second part of this dissertation how extensions could be applied to fullfill the previous requirement and delegate tunnel negotiation to a third party. Security validation results and the details of a preliminary implementation are also provided. Last, we design a framework for establishing trust basing on the entity behavior within a group of Personal Networks that share a part of their devices and services. Focusing on service discovery, we show that reputation-based trust can be applied to mitigate selfishness and fake announcements in a federation of Personal Networks
Badrignans, Benoît. "Utilisation des FPGAs dans le contexte des applications sécurisées". Montpellier 2, 2009. http://www.theses.fr/2009MON20184.
Pełny tekst źródłaMotivations to employ FPGAs (Field-Programmable Gate Array) in secured applications are multiple : hardware configuration can be updated all along system life-cycle, FPGA can be finely configured to implement cryptographic functions efficiently, secured applications generally generate low sales volumes making FPGAs more attractive than ASICs (Application Specific Integrated Circuits). However secured ASICs often contains special features that are not available in all FPGAs, for instance most current FPGAs do not include non-volatile memories that are useful for secured applications, for instance to store cryptographic key. Moreover FPGA designers that have security concerns must use those devices carefully. Like secured applications implemented on ASICs, FPGA-based systems are subject to attacks. Those threats can be found at software, logical or physical level. In the particular case of FPGAs, attacks can also focus configuration process, and thereby modify functions implemented inside FPGA user logic. The main goal of this thesis is to study FPGAs devices in the general field of secured applications. Since the topic is vast, this works mainly focus on FPGAs bitstream management. First it offers a state of the art of FPGA security mechanisms and good practices, and also performances analysis achievable using hardware implementation of cryptographic algorithm in current FPGAs. Then it highlights security issues specific to FPGA, like bitstream replay attack, and proposes solutions to enhance bitstream management security, focusing on the security of remote update of FPGA bitstreams. Finally results of this work are applied to a real concrete case, a platform based on a FPGA device. This platform was developed during the thesis in collaboration with LIRMM laboratory and Netheos company. This last part offers a practical and an industrial point of view that allows readers to measure pertinence of proposed solutions
Rabah, Mourad. "Évaluation de la sûreté de fonctionnement de systèmes multiprocesseurs à usage multiple". Toulouse, INPT, 2000. http://www.theses.fr/2000INPT021H.
Pełny tekst źródłaFaurax, Olivier. "Méthodologie d'évaluation par simulation de la sécurité des circuits face aux attaques par faute". Aix-Marseille 2, 2008. http://theses.univ-amu.fr.lama.univ-amu.fr/2008AIX22106.pdf.
Pełny tekst źródłaMicroelectronic security devices are more and more present in our lives (smartcards, SIM cards) and they contains sensitive informations that must be protected (account number, cryptographic key, personal data). Recently, attacks on cryptographic algorithms appeared, based on the use of faults. Adding a fault during a device computation enables one to obtain a faulty result. Using a certain amount of correct results and the corresponding faulty ones, it is possible to extract secret data and, in some cases, complete cryptographic keys. However, physical perturbations used in practice (laser, radiations, power glitch) rarely match with faults needed to successfully perform theoretical attacks. In this work, we propose a methodology to test circuits under fault attacks, using simulation. The use of simulation enables to test the circuit before its physical realization, but needs a lot of time. That is why our methodology helps the user to choose the most important faults in order to significantly reduce the simulation time. The tool and the corresponding methodology have been tested on a cryptographic circuit (AES) using a delay fault model. We showed that use of delays to make faults can generate faults suitable for performing known attacks
Chevalier, Céline. "Etude de protocoles cryptographiques à base de mots de passe". Paris 7, 2009. http://www.theses.fr/2009PA077183.
Pełny tekst źródłaA fundamental property fulfilled by cryptography is the creation of secure communication channels, which guarantee authentication, integrity and confidentiality of the data transfered. Authentication, which allows several users to be convinced of the identities of their interlocutors, is generally nothing but a preliminary step to the proper communication, and is often coupled with the generation of a secret session key, which then enables the encryption of the following messages. We focus here on a particular type of authentication, based on passwords. We first recall the different security frameworks, as well as the existing protocols, particularly insisting on the new framework of universal composability. We show next that two variants of existing protocols remain secure in this context, under strong security hypothesis, and in the random oracle and ideal cipher models. In a third step, we extend the smooth hash functions to obtain a protocol with an equivalent level of security, but this time in the standard model. This protocol does not output a bitstring anymore, but a random group element. We then present a randomness ex-tractor from such a group element, to obtain a random bitstring. Finally, we show how to extend the use of passwords to public key primitives, by defining the new notion of distributed cryptography from passwords
Vache, Géraldine. "Evaluation quantitative de la sécurité informatique : approche par les vulnérabilités". Toulouse, INSA, 2009. http://eprint.insa-toulouse.fr/archive/00000356/.
Pełny tekst źródłaThis thesis presents a new approach for quantitative security evaluation for computer systems. The main objective of this work is to define and evaluate several quantitative measures. These measures are probabilistic and aim at quantifying the environment influence on the computer system security considering vulnerabilities. Initially, we identified the three factors that have a high influence on system state: 1) the vulnerability life cycle, 2) the attacker behaviour and 3) the administrator behaviour. We studied these three factors and their interdependencies and distinguished two main scenarios based on nature of vulnerability discovery, i. E. Malicious or non malicious. This step allowed us to identify the different states of the system considering the vulnerability exploitation process and to define four measures relating to the states of the system: vulnerable, exposed, compromised, patched and secure. To evaluate these measures, we modelled the process of system compromising by vulnerability exploitation. Afterwards, we characterized the vulnerability life cycle events quantitatively, using real data from a vulnerability database, in order to assign realistic values to the parameters of the models. The simulation of these models enabled to obtain the values of the four measures we had defined. Finally, we studied how to extend the modelling to consider several vulnerabilities. So, this approach allows the evaluation of measures quantifying the influences of several factors on the system security
Seurin, Yannick. "Primitives et protocoles cryptographiques à sécurité prouvée". Versailles-St Quentin en Yvelines, 2009. http://www.theses.fr/2009VERS0009.
Pełny tekst źródłaWe study the relation between the random oracle model and the ideal block cipher model. We prove that these two models are equivalent: the existence of a cryptosystem secure in one of the models implies the existence of a cryptosystem secure in the other model. We prove that if a cryptosystem using an ideal block cipher is secure, then this cryptosystem remains secure when the block cipher is replaced by the Luby-Rackoff construction with 6 rounds where the inner functions are publicly accessible. Then, we study cryptographic protocols based on the LPN problem. The authentication protocol HB+ aroused much interest and several variants seeking to reinforce the security of this protocol were subsequently proposed. We present a cryptanalysis of three of these variants, and then we propose the protocol HB#. We also propose a probabilistic symmetric encryption scheme whose security against chosen plaintext attacks can be reduced to the difficulty of the LPN problem
Rasoamiaramanana, Sandra. "Conception de schémas de chiffrement boîte blanche pour la sécurité des applications mobiles". Electronic Thesis or Diss., Université de Lorraine, 2020. http://www.theses.fr/2020LORR0060.
Pełny tekst źródłaToday mobile devices are an integral part of our lives with the development of applications. In addition to smart phones, which are increasingly powerful, other devices such as connected objects may have to handle data that must remain secret. For example, the authentication of a connected object in a network requires the existence of a ``secret" held by the object. In the case of mobile applications, the emergence of payment applications allowing contactless payment from the telephone or banking applications poses serious security challenges. The need to secure applications is therefore essential both for users wishing to access a service without risking their goods and for service providers who have a financial interest in it. Thus, cryptography is used to protect these various mobile applications. In this context, we wish to meet this need with both a software and hardware approach to secure cryptography on open and exposed platforms. The aim of this thesis is to verify the security of software implementations of cryptographic algorithms in the white-box model and to propose techniques to reinforce this security in a mobile environment. The white-box model or white-box attacks context is opposed to the traditional black-box model and refers to a context in which an attacker controls an execution environment and has access to software implementations of cryptographic algorithms. Once a secret key is revealed, the security of the encryption scheme is no longer valid. In this context, the last line of defense is the implementation itself: the secret key is hidden in the code so that it cannot be distinguished or extracted. Many studies have been conducted on White-Box Cryptography and have led to proposals for white-box implementations of standardized algorithms such as the DES (Data Encryption Standard) or the AES (Advanced Encryption Standard). These algorithms are of particular interest due to their wide deployment. Unfortunately these proposals have revealed vulnerabilities and do not guarantee the confidentiality of the secret key. In this thesis, we are first interested in the reasons why not all proposed implementations allow to ``hide'' the secret key sufficiently. We will make a detailed study of the techniques used as well as the possible attacks. Secondly, we propose new techniques to counter these attacks and study the cost of these techniques in terms of code size and performance. Another approach in White-Box Cryptography is to design algorithms that can be proved to be resistant to key extraction. This new approach involves proposing security notions adapted to the white-box model. In particular, the main problem is to ensure that the implementation of the cryptographic algorithm cannot be copied and executed in another environment. This attack called "code lifting" (code copying) is equivalent to extracting the secret key. One solution proposed in the literature is to increase the size of the code in order to increase the space complexity of the attack. We propose a solution to this problem by defining an encryption scheme that can be implemented in a white-box and that uses a physical device called Physically Unclonable Function (PUF). A PUF refers to a physical device with unique and unclonable characteristics that can be used to identify it. Thus, a PUF can be seen as the fingerprint (in the biometric sense) of a device. The PUF will be used in our scheme as a means of identifying the execution environment of a cryptographic algorithm and will generate a key specific to a given device
Martinello, Magnos. "Modélisation et évaluation de la disponibilité de services mis en oeuvre sur le web : une approche pragmatique". Toulouse, INPT, 2005. https://hal.science/tel-04595476.
Pełny tekst źródłaThis thesis presents a pragmatic modeling approach allowing designers of web-based applications and systems to evaluate the service availability provided to the users. Multiple sources of service unavailability are taken into account, in particular i) hardware and software failures affecting the servers, and ii) performance degradation (overload of servers, very long response time, etc. ). An hierarchical multi-level approach is proposed based on performability modeling, combining Markov chains and queueing models. The main concepts and the feasibility of this approach are illustrated using a web-based travel agency. Various analytical models and sensitivity studies are presented considering different assumptions with respect to the architectures, recovery strategies, faults, users profile and traffic characteristics
Shikfa, Abdullatif. "Sécurité des communications opportunistes". Paris, Télécom ParisTech, 2010. http://www.theses.fr/2010ENST0045.
Pełny tekst źródłaIn this thesis, we investigate security in opportunistic communications. This new communication paradigm involves storing and carrying messages in addition to forwarding and impacts all security aspects of communication. Indeed, nodes’ high mobility implies that security solutions should be dynamic and local. Furthermore, delay tolerance, which is one of the main characteristics of opportunistic networks, has a strong impact from a security perspective as it amounts to the infeasibility of interactive protocols. Moreover, radically new forwarding strategies have been proposed to enable communication in opportunistic networks: parting from traditional network addresses, these enriched forwarding strategies use information such as context of a node or content of a message to take forwarding decisions. Context or content are sensitive information that users might not want to reveal to others in order to preserve their privacy, hence these information should be carefully handled to ensure their secrecy. The conflicting requirements between security and forwarding motivate the need for new security mechanisms that enable computation on encrypted data. After analyzing the security challenges in opportunistic communications, we propose a complete security framework for context-based communication. This framework features not only data confidentiality and user privacy, but also computation assurance, which provides resilience against malicious entities aiming at disrupting or subverting the communication. We also propose a privacy-preserving content-based protocol which relies on multiple encryption layers, and an associated local and topology-dependent key management solution
Demange, Loïc. "Mise en œuvre de BIKE, vulnérabilités et contre-mesures". Electronic Thesis or Diss., Sorbonne université, 2024. http://www.theses.fr/2024SORUS035.
Pełny tekst źródłaBIKE is a post-quantum key encapsulation scheme (KEM) selected for the fourth round of the NIST standardization campaign. Its security is based on the robustness of the syndrome decoding problem for quasi-cyclic codes, and provides competitive performance with the other candidates in the 4th round, making it relevant for use in real-life cases. The scientific community has strongly encouraged analysis of its resistance to auxiliary channel attacks, and several works have already highlighted various weaknesses. To correct them, the latter have proposed ad hoc countermeasures. However, in contrast to the well-documented line of research on masking latice-based algorithms, the possibility of generically protecting code-based algorithms through masking has only been marginally investigated in a 2016 paper by Cong Chen et al. At this stage of the standardization campaign, it is important to evaluate the possibility of fully masking the BIKE scheme and the resulting cost in terms of performance. The aim of this thesis is therefore to propose a BIKE algorithm whose security has been proven, by carrying out the entire process in a masked way, without ever directly manipulating sensitive data. To achieve this, we use "gadgets", which are masked functions identified by levels of non-interference: NI (non-interference) and SNI (strong non-interference). In simple terms, SNI allows gadgets to be composable: they can be called one after the other, with the same variables. NI, on the other hand, requires greater care in terms of the variables manipulated. Gadgets are the subject of proofs, based on the ISW model, giving a real argument of safety and robustness to the algorithmic. If the scheme is proven to be end-to-end safe, it is a priori robust.It should be noted that masking was initially developed for symmetrical schemes and was based on Boolean masking. It's only recently that we've begun to take an interest in asymmetrical schemes, and in particular lattice-based schemes. For this purpose, arithmetic masking has been the main one used, although Boolean conversions could be performed to achieve certain things (value comparison among others).Today, we're able to offer a masked implementation of BIKE, based on a proven safe algorithm. As BIKE manipulates binary data, we focused on Boolean masking. We therefore had to :- reuse existing gadgets,- adapt and optimize existing arithmetic masking gadgets,- create new gadgets. Each time, we had to carry out proofs, and also prove their composition within each BIKE function, to arrive at the full scheme proof.As a reminder, BIKE is based on QC-MDPCs, and its arithmetic is based on dense, sparse polynomials, so choices had to be made regarding representation and the way calculations are performed. We therefore decided to explore two paths (fully dense and hybrid sparse-dense) and see what was most relevant between the two. In addition to the full C implementation, benchmarks were carried out, enabling us to see where performance was limited and where the bottlenecks were.In the end, we propose a fully masked and proven-safe BIKE algorithm, with its C implementation and various benchmarks to judge its performance
Kaim, Guillaume. "Cryptographie post-quantique pour la protection de la vie privée". Thesis, Rennes 1, 2020. http://www.theses.fr/2020REN1S077.
Pełny tekst źródłaThe past few years have seen the rising of the quantum computers, that are a serious threat to nearly all the actual cryptographic schemes used in practice. In this thesis we propose some new constructions to prevent this obsolescence by building our schemes on the mathematical tool of lattices that is assumed post-quantum resistant. We firstly develop a group signature scheme, allowing each member composing the group to anonymously sign on the behalf of the group. We add a supplementary property, which is the froward secrecy. This property cut the time in periods, such that each secret key is updated when entering a new period. We also propose a blind signature scheme, which is an interactive protocol between an user, who wants to sign a message, with a signer who possesses the signing secret key. We improve the state-of-the art by proposing a constructions without any restart and with a more efficient security. Finally as a use case of the blind signature, we develop an evoting protocol that take as a basis the construction described above
Ahmad, Ahmad. "Sécurité orientée utilisateur pour les réseaux personnels sans fil". Electronic Thesis or Diss., Evry, Institut national des télécommunications, 2010. http://www.theses.fr/2010TELE0009.
Pełny tekst źródłaWireless Personal Area Network (WPAN) communications concept is generally restricted to couples of devices (a phone, a headset, a camera) and strongly related to a user and communicating very periodically (exchanges of differentBtypes). Nonetheless, we believe that the concept will evolve in the near future to create a distributed communication network all around users with more devices. Such a distributed network is called a Personal Network (PN). The next step after the distributed network creation is to interconnect them with certain restrictions. Since the WPAN is generally a private area, we do not like to expose all the resources to external users but still we would like to let them have restricted access to certain facilities. Similarly, we would like to peer friends to let us use their own resources with equivalent conditions. As devices involved in the Personal Networks, in some cases, have a LowData Rate nature, implementing legacy security protocols seems to be inefficient.In fact, such devices require a minimal implementation of security solutions withlow cost which can not be provided by known protocols. Moreover, a verticaloverview of the communication stack gives insight on the difficulties of applyingthese protocols. We propose an efficient physical layer encryption to be implementedafter the error coding process. The proposed architecture relies on the use of the well proven secure Output Feedback Mode OFB using AES algorithm as a Cipher. The next contribution is targeting the development of a hierarchical key agreement between multi-parties to secure communication between many clusters related to only one owner. One step after securing the Intra-Personal Network is to secure resource sharing between many PNs. Resources are not necessarily in the same authentication domain and the group that uses them is called a federation. Our contribution is based on two components: A signaling protocol and a group key management system. We close our work by providing a security solution that targets the integration of the PN within the future internet, more precisely, the network of information. In the future internet, everything is mobile and virtually connected to everything where the object takes the cornerstone. In the other hand, Personal net works are evolving to create Smart personal networks around the user. In the object-centric and user-centric concepts, information access becomes easier but establishing good security becomes harder. The difficulty is not finding new secure algorithms but rather that of adapting and enhancing existing solutions to meet the security requirements desirable for the interaction between these networks. In this contribution, we propose a new solution that merges Identity-Based cryptography and the Certificateless Cryptography cryptographic systems into only one in order to keep their advantages and to resolve their problems
Berbain, Côme. "Analyse et conception d'algorithmes de chiffrement à flot". Paris 7, 2007. http://www.theses.fr/2007PA077124.
Pełny tekst źródłaThe primary goal of cryptography is to protect the confidentiality of data and communications. Stream ciphers is one of the two most popular families of symmetric encryption algorithms that allow to guaranty confidentiality and to achieve high performances. In the first part of this thesis, we present different cryptanalysis techniques against stream ciphers: correlation attack against the stream cipher GRAIN, guess and determine attack against the BSG mechanism, algebraic attack against special kinds of non-linear feedback shift registers, and chosen IV attack against a reduced version of the stream cipher SALSA. In a second part, we focus on proofs of security for stream ciphers: we introduce the new algorithm QUAD and give some provable security arguments in order to link its security to the conjectured intractability of Multivariate Quadratic problem. We also try to extend the security requirements of stream ciphers to the case where initialisation values (IV) are used: we present a construction which allows us to build a secure IV dependent stream cipher from a number generator and apply it to QUAD, which becomes the first IV dependent stream cipher with provable security arguments. We also present the algorithms DECIM and SOSEMANUK, to which we made design contributions. Finally in a third part, we present efficient software and hardware implementations of the QUAD algorithm
Gadelrab, Mohammed El-Sayed Gadelrab. "Évaluation des systèmes de détection d'intrusion". Toulouse 3, 2008. http://thesesups.ups-tlse.fr/435/.
Pełny tekst źródłaThis thesis contributes to the improvement of intrusion detection system (IDS) evaluation. The work is motivated by two problems. First, the observed increase in the number and the complexity of attacks requires that IDSes evolve to stay capable of detecting new attack variations efficiently. Second, the large number of false alarms that are generated by current IDSes renders them ineffective or even useless. Test and evaluation mechanisms are necessary to determine the quality of detection of IDSes or of their detection algorithms. Unfortunately, there is currently no IDS evaluation method that would be unbiased and scientifically rigorous. During our study, we have noticed that current IDS evaluations suffer from three major weaknesses: 1) the lack of a rigorous methodology; 2) the use of non-representative test datasets; and 3) the use of incorrect metrics. From this perspective, we have introduced a rigorous approach covering most aspects of IDS evaluation. In the first place, we propose an evaluation methodology that allows carrying out the evaluation process in a systematic way. Secondly, in order to create representative test datasets, we have characterized attacks by classifying attack activities with respect to IDS-relevant manifestations or features. This allows not only to select attacks that will be included in the evaluation dataset but also to analyze the evaluation result with respect to attack classes rather than individual attack instances. Third, we have analyzed a large number of attack incidents and malware samples, such as viruses and worms. Thanks to this analysis, we built a model for the attack process that exhibits the dynamics of attack activities. This model allows us to generate a large number of realistic and diverse attack scenarios. The proposed methods have been experimented on two very different IDSes to show how general is our approach. The results show that the proposed approach allows overcoming the two main weaknesses of existing evaluations, i. E. , the lack of a rigorous methodology and the use of non-representative datasets. .
Dubeuf, Jérémy. "Etude et implémentation de contre-mesures matérielles pour la protection de dispositifs de cryptographie ECDSA". Thesis, Université Grenoble Alpes (ComUE), 2018. http://www.theses.fr/2018GREAT048.
Pełny tekst źródłaInformation security heavily relies on integrated circuits (ICs). Unfortunately, ICs face a lot of threats such as side channel or fault attacks. This work focuses on small vulnerabilities and countermeasures for the Elliptic Curve Digital Signature Algorithm (ECDSA). The motivation is that leakage sources may be used in different attack scenarios. By fixing the leakage, existing attacks are prevented but also undiscovered or non-disclosed attacks based on the leakage. Moreover, while the elliptic curve scalar algorithm is at the heart of the security of all elliptic curve related cryptographic schemes, all the ECDSA system needs security. A small leakage of few secret bits may conduct to fully disclose the private key and thus should be avoided.The ECDSA can be implemented in different flavors such as in a software that runs on a microcontroller or as a hardware self-contained block or also as a mix between software and hardware accelerator. Thus, a wide range of architectures is possible to implement an ECDSA system. For this reason, this work mainly focuses on algorithmic countermeasures as they allow being compliant with different kinds of implementations
Amblard, Zoé. "Cryptographie quantique et applications spatiales". Thesis, Limoges, 2016. http://www.theses.fr/2016LIMO0113.
Pełny tekst źródłaThis thesis in collaboration with Thales Alenia Space studies quantum cryptographic protocols for n parties in dimension d. We first analyze the family of Bell inequalities called homogeneous Bell inequalities introduces by François Arnault in [1] and we construct several theoretical tools for a better understanding of these inequalities. With these tools, we show how to implement the measurements required to test these inequalities by using optical devices calleds multiport beamsplitters and described by Zukowski et al. in [2]. We use these devices to construct new cryptographic protocols in dimension d called hdDEB which we describe in [3]. Then, we study advantages and drawbacks of the use of quantum cryptography to protect satellite links in a noisy environment. We consider several scenarios with LEO satellites and, for each of them, we conclude about the interest of using Quantum Key Distribution protocols
Reinhard, Jean-René. "Etude de primitives cryptographiques symétriques : chiffrements par flot et fonction de hachage". Versailles-St Quentin en Yvelines, 2011. http://www.theses.fr/2011VERS0033.
Pełny tekst źródłaIn this thesis, we study the security of symmetric cryptographic functions. In a first part, we study stream ciphers from a cryptanalysis point of view. We present the main attack principles and focus on algebraic cryptanalysis. We also present a practical time differential cryptanalysis of the VEST stream ciphers family, one of the candidate of the eSTREAM project. In a second part, we study the conception of cryptographic hash functions. We present two security proofs of indifferentiability from a random oracle of the domain extension of Shabal, a candidate to the SHA-3 competition. The first proof assumes that the internal primitive Shabal relies on behaves ideally. The second proof enables to take into account non ideal behaviour of the primitive. New techniques of independant interest are developed to achieve this goal
Munoz, Martine. "La protection des échanges de données informatisées". Nice, 1997. http://www.theses.fr/1997NICE0045.
Pełny tekst źródłaAkkar, Mehdi-laurent. "Attaques et méthodes de protections de systèmes cryptographiques embarqués". Versailles-St Quentin en Yvelines, 2004. http://www.theses.fr/2004VERS0014.
Pełny tekst źródłaEn 1998, les attaques par consommation de courant et par injection de fautes commençaient à peine à apparaître. C'est ainsi que j'ai eu la chance de suivre,et de participer parfois, aux innovations qui ont conduit tant à mettre en oeuvre de nouvelles attaques, qu'à élaborer de nouvelles contre-mesures. Ce mémoire de thèse présente mon travail tant d'un point de vue assez théorique (modèle de consommation de la carte, protections théoriques, principes généraux de scénarios d'attaques) que pratique (vérification de la théorie, implémentations sécurisées, attaques réelles) sur les algorithmes usuels tels que le DES, l'AES ou le RSA. La plupart de ces résultats ont été publiés dans plusieurs conférences (Asiacrypt, CHES, FSE, PKC) et brevetés
Delaunay, Pascal. "Attaques physiques sur des algorithmes de chiffrement par flot". Versailles-St Quentin en Yvelines, 2011. http://www.theses.fr/2011VERS0006.
Pełny tekst źródłaSince 1999 and Paul Kocher's initial publication, several side-channel attacks have been published. Most of these attacks target public-key cryptosystems and bloc ciphers but only a few of them target stream ciphers, despite being widely used on daily applications. After some remids on side-channel attacks, linear and non-linear feedback shift registers and fast correlation attacks, we propose at first three fast correlation attacks targetting linear feedback shift registers and using side-channel information to improve their accuracy. Next, we present two flaws in non-linear feedback shift registers which allow full recovery of the internal state using well-chosen side-channel attacks. We finally use these vulnerabilities to mount two side-channel attacks against VEST, an eSTREAM candidate, to recover partial information from the internal state
Galissant, Pierre. "Contributions to white-box cryptography : models and algebraic constructions". Electronic Thesis or Diss., université Paris-Saclay, 2023. http://www.theses.fr/2023UPASG099.
Pełny tekst źródłaDue to the democratization of technologiessuch as mobile payment or the soaring of blockchaintechnologies, there is a growing need for secureimplementations of standardized algorithms in thewhite-box model. In spite of this, there are too fewsecure designs published in the literature. To avoidrelying on hidden design implementations to provideany security in the white-box model, moreimplementations designs and techniques have to beexplored.This thesis begins with a guide to white-boxcryptography. Its goal is to revise, precise or correctwhite-box models, security notions andconstructions that have emerged in the state of theart since the introduction of the concept. We notablyclarify the Remote-Access White-Box model and theHardware Module White-Box and contextualize themin the general cryptographic literature.We then explore white-box implementations of theAES by first synthesizing the knownimplementations techniques and their flaws, andthen proposing a new solution based on polynomialrepresentations, for which we propose a securityanalysis and a challenge implementation. The lastpart of this thesis focuses on the implementation ofmultivariate cryptographic primitives in thewhite-box model. After introducing succinctlymultivariate cryptography, we motivate the studyof this branch of public key cryptography in thewhite-box context. We propose the firstimplementation technique of the HFE family ofsignature algorithms, for which we propose anextensive security analysis and a challengeimplementation. Finally, to propose otherperspectives on multivariate white-boxcryptography, we also propose an incompressiblestream cipher adapted from QUAD
Duval, Sébastien. "Constructions pour la cryptographie à bas coût". Electronic Thesis or Diss., Sorbonne université, 2018. http://www.theses.fr/2018SORUS078.
Pełny tekst źródłaThis thesis explores the construction of symmetric cryptography primitives. We reach better constructions than that of the literature, we a focus on the reduction of implementation costs. We study three types of primitives: block ciphers, which are the most commonly used in symmetric cryptography, a stream cipher designed for a specific application and a message authentication algorithm. We reduce the costs of the two main components of block ciphers: S-boxes and diffusion matrices. Feistel and MISTY-like structures appear to be a good choice to design secure S-boxes at a low cost, and lead us to new S-boxes with the best known trade-off between security and implementation cost. We also study the Butterfly structure which yields S-boxes with an excellent security. As for diffusion matrices, we develop an algorithm to look for formal matrices in a polynomial ring, then we instantiate its outputs to obtain matrices which are optimal in terms of diffusion at a lower cost than those of the literature. We also identify a weakness in the stream cipher FLIP, designed to fit some very specific cost constraints. We show that FLIP requires a different analysis than other stream ciphers and deduce from it an attack, which led to an update in FLIP to get a more resilient cipher. Finally, we study MAC algorithms, which are used to authenticate messages. Combining works from the literature, we build a MAC which is less costly than those used in practice with an equivalent security, aiming at an implementation on 32-bit micro-controllers
Deneuville, Jean-Christophe. "Contributions à la cryptographie post-quantique". Thesis, Limoges, 2016. http://www.theses.fr/2016LIMO0112/document.
Pełny tekst źródłaIn the likely event where a quantum computer sees the light, number theoretic based cryptographic primitives being actually in use might become deciduous. This results in an important need to design schemes that could face off this new threat. Lattices and Error Correcting Codes are mathematical tools allowing to build algebraic problems, for which – up to-date – no quantum algorithm significantly speeding up their resolution is known. In this thesis, we propose four such kind cryptographic primitives: two signatures schemes (among those a traceable one) based on lattices, a signature delegation protocol using fully homomorphic encryption, and a new framework for building very efficient and practical code-based cryptosystems. These contributions are fed with concrete parameters allowing to gauge the concrete costs of security in a post-quantum world
Ahmad, Ahmad. "Sécurité orientée utilisateur pour les réseaux personnels sans fil". Thesis, Evry, Institut national des télécommunications, 2010. http://www.theses.fr/2010TELE0009.
Pełny tekst źródłaWireless Personal Area Network (WPAN) communications concept is generally restricted to couples of devices (a phone, a headset, a camera) and strongly related to a user and communicating very periodically (exchanges of differentBtypes). Nonetheless, we believe that the concept will evolve in the near future to create a distributed communication network all around users with more devices. Such a distributed network is called a Personal Network (PN). The next step after the distributed network creation is to interconnect them with certain restrictions. Since the WPAN is generally a private area, we do not like to expose all the resources to external users but still we would like to let them have restricted access to certain facilities. Similarly, we would like to peer friends to let us use their own resources with equivalent conditions. As devices involved in the Personal Networks, in some cases, have a LowData Rate nature, implementing legacy security protocols seems to be inefficient.In fact, such devices require a minimal implementation of security solutions withlow cost which can not be provided by known protocols. Moreover, a verticaloverview of the communication stack gives insight on the difficulties of applyingthese protocols. We propose an efficient physical layer encryption to be implementedafter the error coding process. The proposed architecture relies on the use of the well proven secure Output Feedback Mode OFB using AES algorithm as a Cipher. The next contribution is targeting the development of a hierarchical key agreement between multi-parties to secure communication between many clusters related to only one owner. One step after securing the Intra-Personal Network is to secure resource sharing between many PNs. Resources are not necessarily in the same authentication domain and the group that uses them is called a federation. Our contribution is based on two components: A signaling protocol and a group key management system. We close our work by providing a security solution that targets the integration of the PN within the future internet, more precisely, the network of information. In the future internet, everything is mobile and virtually connected to everything where the object takes the cornerstone. In the other hand, Personal net works are evolving to create Smart personal networks around the user. In the object-centric and user-centric concepts, information access becomes easier but establishing good security becomes harder. The difficulty is not finding new secure algorithms but rather that of adapting and enhancing existing solutions to meet the security requirements desirable for the interaction between these networks. In this contribution, we propose a new solution that merges Identity-Based cryptography and the Certificateless Cryptography cryptographic systems into only one in order to keep their advantages and to resolve their problems
David, Nicolas. "Improved Techniques in Differential Cryptanalysis". Electronic Thesis or Diss., Sorbonne université, 2023. http://www.theses.fr/2023SORUS323.
Pełny tekst źródłaThis thesis in computer science focuses on the field of cryptography, in particular on differential cryptanalysis. In this thesis, I present different cryptanalysis methods and applications of them. A chapter will be devoted to optimizations of differential-linear cryptanalysis of ARX constructs, as well as its application to Chaskey. In the next chapter, I will present a complete attack against the main version of the Speedy block cipher, showing then how to use powerful techniques during differential cryptanalysis. Next, I will present a new cryptanalysis technique in symmetric cryptography: differential meet-in-the-middle cryptanalysis, which consists of combining differential elements with meet-in-the-middle elements. Finally I will present quantum version of impossible differential cryptanalysis: quantum differential cryptanalysis
Lashermes, Ronan. "Etude de la sécurité des implémentations de couplage". Thesis, Versailles-St Quentin en Yvelines, 2014. http://www.theses.fr/2014VERS0021/document.
Pełny tekst źródłaPairings are cryptographic algorithms allowing new protocols for public-key cryptography. After a decade of research which led to a dramatic improvement of the computation speed of pairings, we focused on the security of pairing implementations.For that purpose, we evaluated the resistance to fault attacks. We have sent electromagnetic pulses in the chip computing a pairing at a precise instant. It allowed us to recover the cryptographic secret which should be protected in the computation. Our study was both theoretical and practical; we did implement actual fault attacks. Finally, we proposed countermeasures in order to protect the algorithm in the future
Sorniotti, Alessandro. "Protocoles pour Poignées de Main Secrètes". Phd thesis, Télécom ParisTech, 2010. http://pastel.archives-ouvertes.fr/pastel-00006276.
Pełny tekst źródłaEtrog, Jonathan. "Cryptanalyse linéaire et conception de protocoles d'authentification à sécurité prouvée". Versailles-St Quentin en Yvelines, 2010. http://www.theses.fr/2010VERS0025.
Pełny tekst źródłaThis Ph. D, devoted to symmetric cryptography, addresses two separate aspects of cryptology. First, the protection of messages using encryption algorithms and, second, the protection of privacy through authentication protocols. The first part concerns the study of linear cryptanalysis while the second is devoted to the design of authentication protocols with proven security. Although introduced in the early 90s, linear cryptanalysis has recently experienced a revival due to the development of new variants. We are both interested in its practical and theoretical aspects. First, we present a cryptanalysis of a reduced version of SMS4, the encryption algorithm used in WiFi in China then, second, we introduce multilinear cryptanalysis and describe a new form of multilinear cryptanalysis. The second part of the thesis concerns the study of RFID authentication protocols respecting privacy. We define a model to formalize the notions of security for these protocols. Then we propose two protocols, each one performing a compromise between strong unlinkability and resistance to denial of service attacks, which allow low-cost implementations. We establish security proofs in the standard model for these two protocols
Monnet, Yannick. "Étude et modélisation de circuits résistants aux attaques non intrusives par injection de fautes". Grenoble INPG, 2007. https://tel.archives-ouvertes.fr/tel-00163817.
Pełny tekst źródłaNew hardware cryptanalysis methods such as fault-based attacks have shown their efficiency to break cryptosystems. This work is focused on the development of new techniques and tools that enable the design of robust circuits against fault injection attacks (Differential Fault Analysis: DFA). The study and the design of resistant asynchronous circuits against these attacks are particularly addressed. We first specify a faults sensitivity evaluation of asynchronous circuits. Then, hardening techniques are proposed in order to improve circuits resistance and tolerance. Practical results are evaluated on asynchronous cryptographic circuits using a laser beam fault injection system. These results validate both the theoretical analysis and the hardening techniques, and confirm that asynchronous technology is an efficient solution to design secure systems
Guo, Yanli. "Confidentialité et intégrité de bases de données embarquées". Versailles-St Quentin en Yvelines, 2011. http://www.theses.fr/2011VERS0038.
Pełny tekst źródłaAs a decentralized way for managing personal data, the Personal Data Server approach (PDS) resorts to Secure Portable Token, combining the tamper resistance of a smart card microcontroller with the mass storage capacity of NAND Flash. The data is stored, accessed and its access rights controlled using such devices. To support powerful PDS application requirements, a full-fledged DBMS engine is embedded in the SPT. This thesis addresses two problems with the confidentiality and integrity of personal data: (i) the database stored on the NAND Flash remains outside the security perimeter of the microcontroller, thus potentially suffering from attacks; (ii) the PDS approach relies on supporting servers to provide durability, availability, and global processing functionalities. Appropriate protocols must ensure that these servers cannot breach the confidentiality of the manipulated data. The proposed solutions rely on cryptography techniques, without incurring large overhead
Benaïssa, Nazim. "La composition des protocoles de sécurité avec la méthode B événementielle". Thesis, Nancy 1, 2010. http://www.theses.fr/2010NAN10034/document.
Pełny tekst źródłaThe presence of big scale networks in our modern society is affecting our usual practice, which as a result is generating the need to introduce a more and more important level of remote security services. We address in this thesis the problem of security protocols composition, we focus in particular on cryptographic protocols as well as access control policies. The first part of the thesis is dedicated to the composition of cryptographic protocols and to their integration other classes of protocols. We introduce the notion of cryptographic mechanisms. Mechanisms are simple cryptographic protocols that can be composed to obtain more complex protocols if the necessary proof obligations are discharged. We also introduce a technique for a proof based attack reconstruction. The second part of the thesis is dedicated to the deployment of access control policies using refinement, the idea consists in refining abstract policies to obtain a more concrete access control policies. We also propose to combine the refinement technique with the composition technique to obtain a more efficient access control policies deployment techniques
Meynard, Olivier. "Caractérisation et utilisation du rayonnement électromagnétique pour l'attaque de composants cryptographiques". Electronic Thesis or Diss., Paris, ENST, 2012. http://www.theses.fr/2012ENST0002.
Pełny tekst źródłaNowadays the mathematical algorithms for cryptography are becoming safer and deemed unbreakable from a mathematical point of view. So the confidence in cryptographic algorithms is increasing and the design of mathematical cryptographic algorithms remains definitively robust. However, the hardware implementation of cryptographic components are still vulnerable to physical attacks. Side Channel Analysis (SCA) is a threat for crypto systems as they can be used to recover secret key. These unintentional physical emanations can be analysed in a view to derive some sensitive information from them. In this thesis we conduct a more precise study of electromagnetic radiation and their characterization in the frequency domain to improve the EMA attacks at distance. We propose a method by combining time samples to improve these attacks, in order to limit the degradation of the leakage model due to low signal to noise ratio. Next we show the limits of the attack before proposing methods of frequency analysis, to focus the analysis on a wide band of frequencies and improve the quality of the signal carrying information. Finally we see that some methods used in electromagnetic compatibility and more precisely to evaluate susceptibility of electronic device. These techniques can be employed to perform fault attack and disrupt cryptographic component
Le, Duy Tu Duong. "Traitement des incertitudes dans les applications des études probabilistes de sûreté nucléaire". Troyes, 2011. http://www.theses.fr/2011TROY0022.
Pełny tekst źródłaThe aim of this thesis is to propose an approach to model parameter and model uncertain-ties affecting the results of risk indicators used in the applications of nuclear Probabilistic Risk assessment (PRA). After studying the limitations of the traditional probabilistic approach to represent uncertainty in PRA model, a new approach based on the Dempster-Shafer theory has been proposed. The uncertainty analysis process of the pro-posed approach consists in five main steps. The first step aims to model input parameter uncertainties by belief and plausibility functions ac-cording to the data PRA model. The second step involves the propagation of parameter uncertainties through the risk model to lay out the uncertainties associated with output risk indicators. The model uncertainty is then taken into account in the third step by considering possible alternative risk models. The fourth step is intended firstly to provide decision makers with information needed for decision making under uncertainty (parametric and model) and secondly to identify the input parameters that have significant uncertainty contributions on the result. The final step allows the process to be continued in loop by studying the updating of beliefs functions given new data. The pro-posed methodology was implemented on a real but simplified application of PRA model
Duflot, Nicolas. "Les mesures d'importance fiabilistes issues des études probabilistes de sûreté nucléaire : contrôle des incertitudes et nouvelles applications pour l'aide à la décision". Troyes, 2007. http://www.theses.fr/2007TROY0010.
Pełny tekst źródłaThis PhD thesis deals with the importance measures based on nuclear probabilistic safety analyses (PSA). With these indicators, the importance towards risk of the events considered in the PSA models can be measured. The first part of this thesis sets out the framework in which they are currently used. The information extracted from importance measures evaluation is used in industrial decision-making processes that may impact the safety of nuclear plants. In the second part of the thesis, we thus try to meet the requirements of reliability and simplicity with an approach minimising the uncertainties due to modelling. We also lay out a new truncation process of the set of the minimal cut set (MCS) corresponding to the baseline case which allows a quick, automatic and precise calculation of the importance measures. As PSA are increasingly used in risk-informed decision-making approaches, we have examined the extension of importance measures to groups of basic events. The third part of the thesis therefore presents the definition of the importance of events such as the failure of a system or the loss of a function, as well as their potential applications. PSA being considered to be a useful tool to design new nuclear power plants, the fourth part of the thesis sketches out a design process based both on classical importance measures and on new ones
Varet, Antoine. "Conception, mise en oeuvre et évaluation d'un routeur embarqué pour l'avionique de nouvelle génération". Phd thesis, INSA de Toulouse, 2013. http://tel.archives-ouvertes.fr/tel-00932283.
Pełny tekst źródłaRifi, Mouna. "Modélisation et Analyse des Réseaux Complexes : application à la sûreté nucléaire". Thesis, Sorbonne Paris Cité, 2019. http://www.theses.fr/2019USPCD049.
Pełny tekst źródłaThis work aims to propose an adequate graph modeling approach for nuclear safety accident systems and sequences.These systems and sequences come from "Probabilistic Safety Analysis" (PSA) which is an exhaustive analysis of all possible accident scenarios, to estimate their probabilities of occurrence (by grouping them by families) and the associated consequences.Then, an analysis of the resulting networks is performed by network centrality measures. A first application consists on predicting the nuclear Risk Increase Factor, which is a PSA importance factor, using supervised learning algorithms : classification tree methods, logistic regression and ensemble learning methods, on un balanced data. Furthermore, a new synthetic centrality coefficient and a similarity measure are developed to compare the networks structures and their topological characteristics, based on their centrality vectors interdependencies. This new approach uses statistical techniques (sampling,correlation and homogeneity).The relevance and appreciation of this new measure of similarity are validated on the clustering of most popular theoretical graphs and on the prediction of the type of these graphs. Finally, an application of this approach has been conducted for the clustering of nuclear safety systems networks
Teglia, Yannick. "Ingénierie et robustesse des systèmes embarqués sécuritaires". Paris 6, 2011. http://www.theses.fr/2011PA066183.
Pełny tekst źródłaOtsa'a, Nguema Daenis. "Sécurité et sûreté maritimes dans le golfe de Guinée : Diagnostic et évaluation des politiques pour un apport conceptuel et pratique de la sécurisation maritime régionale". Nantes, 2015. http://www.theses.fr/2015NANT3004.
Pełny tekst źródłaOne limited to the simple role of communication channel used to search for new unknown lands with the use of resources, maritime spaces and their related activities have gradually evolved into a controversial topic today. The issues have also presented threats and risks of vulnerability, associated with binomial “safety-security”, in a field where economies and populations have a strong maritime emphasis. This paradoxical maritime trend has not been overlooked by the coastal State of the Gulf of Guinea (the Ivory Coast to Angola), which were already involved at the beginning of the negotiations which led to what was called, the “Yalta sea” (in reference to the Montego Bay Convention of December 10, 1982). Today, they are trying to find solutions to the phenomenon of maritime insecurity through more community responses rather than individual ones. As part of global geography of strategic regions, they cannot and must not remain on the sidelines of the acceleration of security and logistics, which require different levels of communal sharing of control and prevention methods. But, while it is no longer time for the prevarication of communal sharing efforts, it is time for the assessment of policies used up to now, which have, to some degree, shown to be limited. In fact, regional maritime insecurity is not potentially or spatially manifested in the same way, according to the States or regions considered. Yet, despite a disparate consideration of the regional maritime issues, maritime security challenges to be addressed are virtually the same and should guide an in depth study of conceptualization and practical security. This disparity of ideological, structural, material, and technical realities of the manifestation of threat and risk is not adequately addressed in regional cooperation, which by its excessive ambitions and homogenization of the maritime context, hardly takes into account the necessity of an evolutive multi-scalar dimension, based on local and national realities. Within the disciplinary field of geopolitics and maritime geostrategies, and more specifically, the issues of maritime security, this study, which considers national and regional factors of maritime vulnerability through the “Safety-Security” binomial, offers a contribution to the question, “why provide security”, but also “how to provide security”, across four strategies: the diagnosis of maritime vulnerability, the evaluation of responses of States to address it, the spatial heterogeneity of this vulnerability, and to propose multiscalar reforms in light of maritime security regionalism
Lone, Sang Fernand. "Protection des systèmes informatiques contre les attaques par entrées-sorties". Phd thesis, INSA de Toulouse, 2012. http://tel.archives-ouvertes.fr/tel-00863020.
Pełny tekst źródłaBenzine, Mehdi. "Combinaison sécurisée des données publiques et sensibles dans les bases de données". Versailles-St Quentin en Yvelines, 2010. http://www.theses.fr/2010VERS0024.
Pełny tekst źródłaProtection of sensitive data is a major issue in the databases field. Many software and hardware solutions have been designed to protect data when stored and during query processing. Moreover, it is also necessary to provide a secure manner to combine sensitive data with public data. To achieve this goal, we designed a new storage and processing architecture. Our solution combines a main server that stores public data and a secure server dedicated to the storage and processing of sensitive data. The secure server is a hardware token which is basically a combination of (i) a secured microcontroller and (ii) a large external NAND Flash memory. The queries which combine public and sensitive data are split in two sub queries, the first one deals with the public data, the second one deals with the sensitive data. Each sub query is processed on the server storing the corresponding data. Finally, the data obtained by the computation of the sub query on public data is sent to the secure server to be mixed with the result of the computation on sensitive data. For security reasons, the final result is built on the secure server. This architecture resolves the security problems, because all the computations dealing with sensitive data are done by the secure server, but brings performance problems (few RAM, asymmetric cost of read/write operations. . . ). These problems will be solved by different strategies of query optimization