CVO

Operational Cryptology and Virology Laboratory

(C + V)O

Introduction to the laboratory

Research Themes


Symmetric encryption
Steganography and Steganalysis
Computer virology


Laboratory members


Contact

Introduction to the laboratory


The Laboratory of Operational Cryptology and Virology has been established in July 2007 at ESIEA Laval. He first worked in collaboration with the laboratory of Virology and Cryptology of the Ecole Supérieure et d'Application des Transmissions (ESAT) in Rennes (period from July 2007 to May 2008), the French Army Signals Academy. Then the laboratory has definitively welcome the ESAT part in late June 2008. The period 2007 - 2008 thus marks a transition phase.

Because of this legacy, the activity of the laboratory is a continuation and retains strong links not only with the Department of Defense, but also with the Departments of Justice and Interior. This applies to both the thematic part of the research activity and the creation and maintenance of a secure environment for conducting this research activity in respect of the principal regulations.

The specificity of the laboratory lies in its concern for the operational capability. If the formalization and the theoretical approach are widely promoted, the purpose of the research carried out there is to solve in the most efficient way, real-life problems and produce viable solutions. It is therefore natural that the laboratory has expanded its research activities for the service of private or public entities through contracts. This culture of the operational matter also aims at training the ESIEA engineer students to the technical and scientific realities and challenges from today and tomorrow.

Research themes


The Operational Cryptology and Virology Laboratory’s core research activity deals with computer security - mostly in virology and cryptology - in the field of defensive computing applications but in connection with offensive computer security (computer warfare).

Emphasizing both the theoretical approach - to maintain a high academic skills - and applied research inspired by problems (from the government sphere, but also from the industrial one), the main objective is not only to understand the current attacks but also and especially to predict and invent the future attacks. This proactive approach aims at anticipating the threat (defensive area) but in a context of evolution of French doctrine, to investigate towards both a theoretical and practical arsenal in the offensive area (government sphere). The key word in both areas is the operational capability.

This vision and the skills involved are likely to also be of the greatest interest for critical companies, in a context of increasing complexity of the information systems on one hand, and of a strong industrial competition on the other hand, more and more subject to attacks, particularly targeted attacks.

The main themes of the laboratory are:


  1. Symmetric encryption. In this type of encryption, the sender and recipient share a common secret key. The latter must then be established prior to the communication. It is mainly used to achieve confidentiality of large amounts of data during their storage, their transmission and/or their processing. The following main sub-themes are treated in the laboratory:

    1. Combinatorial analysis of cryptographic primitives inorder to achieve the characterization of weaknesses that can be exploited in cryptanalysis (attack).

  2. Design and evaluation of symmetric cryptosystems.

  3. Design of cryptosystems with trapdoors (introduction of undetectable mathematical weaknesses allowing a less complex cryptanalysis for anyone who has knowledge of the trapdoor).

  4. Cryptanalysis of symmetric cryptosystem based on the combinatorial properties (weaknesses) of those systems.

  5. Reconstruction techniques of unknown algorithms (coding or encryption) using the intercepted stuff only (encoded streams, encrypted messages).

    1. Analysis and design of steganographic systems. Encrypted data (COMSEC aspect only) exhibit a (too) typical statistical profile. Consequently any attacker can therefore easily identify an exchange of encrypted data. It is therefore crucial in some contexts to hide the very existence (storage, exchange) of data. It is the role of steganography (hiding the channel by considering the TRANSEC aspect). From a dual point of view, the laboratory is also interested in techniques for detecting steganographic contents(steganalysis).

    2. Computer virology:

      1. Formal characterization of viral techniques (known and unknown techniques).

      2. Study and design of new malware technologies.

      3. Formalization and design of new antiviral techniques.

      4. Malicious cryptography and steganography (potential use of encryption and / or steganographic techniques by Malware and use of malicious codes for applied cryptanalysis purposes).

      5. Analysis and Evaluation (passive and active) of antivirus software.

    3. Analysis and technical studies of the concept of computer warfare.


Laboratory members

  • Professor Eric Filiol (Laboratory director)

  • Dr Grėgoire Jacob

  • Dr Sėbastien Josse

  • Ing. Jean-Paul Fizaine

  • Ing. Frėdėric Jennequin

  • Ing. David Quenez

  • Ing. Mickaël Salaün

  • Adrien Derock (Ph D student)

  • Grėgoire Jacob (Ph D student)

  • Nicolas Bodin (Ph D student)

  • Eddy Deligne (Ph D student)

  • Christophe Grenier (Ph D student)

Contact

  • Postal address

ESIEA – Laval

Laboratoire de virologie et de cryptologie opérationnelles

38 rue des Dr Calmette et Guérin

53000 Laval

/\