Sites Inria

Version française

Telecoms, networks, multimedia

The first high-security laboratory dedicated to computer security

Reconnaissance oculaire d’accès au laboratoire de haute sécurité © INRIA

Located at the heart of the Inria Nancy - Grand-Est centre, the High-Security Computing Laboratory (known by its French acronym LHS) is designed to cater to decisive research work for making networks, Internet exchanges and associated telecommunications equipment safe. Alongside its partners, Inria is today inaugurating this completely new research facility. The LHS provides the technological and regulatory framework needed for scientific advances that accompany developments in our technological society. Open to industrial partners, the laboratory also represents a favourable opportunity for the reliability tests that are needed before various technological products or solutions can be put on the market.

A completely new facility to support cutting-edge computer security work

Reconnaissance oculaire d’accès au laboratoire de haute sécurité @ INRIA / Photo Kaksonen

Placed in an enclosed environment with an insulated Internet network and with access protected by biometric recognition, the laboratory offers a reliable technological and regulatory framework for conducting sensitive tests and operations .  It has been designed to guarantee the security of the data, phenomena and equipment being analysed.

The LHS is comprised of three separate areas:

  • A working room for researchers
  • A cluster room equipped with three units:
a virtual telescope  that picks up malicious codes and signs of attacks and which enables Internet probe experiments, a "test-tube" sealed network  that allows users to conduct sensitive experiments, such as analysing malicious codes, without running the risk of contaminating the entire network, 
and a production unit for distributing the tools developed in the LHS: anti-virus, analysis tools, etc.
  • A "red" room. Not connected to the network, this involves the handling of very sensitive information and data. This room receives equipment or material to be studied in total confidentiality under partnerships with industry.

Three main areas of expertise: virology, network analysis and protection, and detection of weaknesses in communicating systems.

Virology: how can tomorrow's viruses be recognised?

  Researchers from the CARTE team analyse malicious codes and develop the anti-virus solutions of the future.

They have developed a new virus detection method that takes into account  a fundamental parameter: the ability of viruses to mutate, just like living viruses. Awarded a prize in the 2009 national competition to encourage innovative technology businesses in the "Emergence" category, their technique allows the virus' signature or skeleton to be extracted, namely the part of the program that does not change despite the mutations.

"This outcome enables us to envisage anti-virus programs that are more effective because they are capable of recognising viruses even once they have mutated. There are other scientific challenges to be faced, such as developing methods for identifying new viruses whose skeleton we don't yet recognise! With the LHS, we have the environment we need to run our tests in the future ," emphasises Jean-Yves Marion, the CARTE team's director.

In addition, the CARTE team is working on neutralising botnets, networks of infected computers that are used for sending spam and which could also be used for attacking Internet services. The researchers are also taking an interest in other vulnerable technology platforms such as telephones and embedded systems (e.g. in cars etc.)

  Network supervision: how can network exchanges be analysed and made secure?

  Researchers from the MADYNES team are studying major communication systems to understand their functioning and to implement analysis and control systems, notably for combating security failures.

Their latest achievements include the design of an algorithm enabling probes to be placed on a large network pair by pair and allowing activity on this network to be observed.  The researchers have succeeded in analysing the traffic on a network with 4 million machines by placing around twenty probes and without having to resort to large computing capacities. "Several areas of application have already been envisaged, notably as part of the French National Research Agency's MAPE programme, to help the appropriate authorities in their fight against cyber crime ," says Olivier Festor, the team's director.

 Detection of vulnerabilities in communicating systems: enabling industry to conduct reliability tests

 In the design and certification phase, equipment manufacturers need to be able to test their equipment's reliability and to evaluate its resistance to different types of attacks or threats. With an insulated Internet network and ultra-secure equipment, the LHS is a perfect place for conducting these types of tests.

The risks identified include telephony services over the Internet in particular. In this field, researchers from the MADYNES team have developed a software suite called KIF, which allows telephony over IP weaknesses to be detected automatically.

A completely new structure in France involving numerous partners

 The High-Security Computing Laboratory of the Inria Nancy - Grand-Est Centre has received funding from the ERDF, the Region of Lorraine, the Greater Nancy Metropolitan District and the French Ministry for Higher Education and Research via the Regional Research and Technology Delegation.
 The research undertaken is carried out in partnership with universities in Lorraine, the French National Centre for Scientific Research and the General Delegation for Ordinance.

Interview with Prof. José M. Fernandez

"A unique structure that paves the way for high-quality scientific work"

 

Interview with José M. Fernandez, http://www.professeurs.polymtl.ca/jose.fernandez/Assistant Professor at the Department of Computer Engineering and Software Engineering at the Polytechnic School of Montreal. He  directs a unit similar to the LHS at the Polytechnic School of Montreal, namely the Information Systems Security Research Laboratory (known by its French acronym SecSI).

Why is it necessary to conduct computer security experiments, particularly in an environment such as the LHS?

José M. Fernandez: Computer security is a relatively new scientific field. The "hacker" mentality defines those who attack systems as much as it does those who look to defend them. And, like in any war, the victor is the one who, as Sun Tzu said, makes "the best calculations. " In other words, the person who is best at predicting the consequences of their choices.

In the realm of security, this means being capable of predicting and measuring as accurately as possible the effectiveness of attack parameters, on the one hand, and the effectiveness of the counter-measures deployed, on the other. It is often difficult to model everything and not very practical or even very wise to use the "real world" to obtain these measurements. It is therefore necessary to use laboratory testing. In this way, with reliable forecasts, it becomes possible to determine which measures will be most effective. We can then optimise the solutions to be delivered by considering issues such as cost, loss of performance, etc. that these counter-measures give rise to.

Why do computer security researchers need a facility such as the LHS?

José M. Fernandez:  The experiments carried out in this field often involve the use of sensitive data, such as the configurations of critical systems, or potentially dangerous tools (malware, advanced piracy tools, etc.). It is therefore necessary to protect installations where this type of testing is carried out. These installations must have a large amount of equipment, special software and, in particular, very highly specialised personnel. The aim is to achieve realistic test conditions in terms of scale (several thousands of machines emulated) and variety of behaviours. This ranges from the variety of configurations of machines that can be found on the Internet to the different types of user behaviour. All of these parameters have a major impact on the security of systems.

Unfortunately, very few researchers in the field have grasped this yet. Most researchers are still following a scientific approach that does not satisfy these demands. Assessments of the performance of developed solutions often lack rigour and use poorly suited methods (testing in restricted laboratory conditions, testing on real production systems, etc.).

A facility such as the LHS is virtually unique in the community. It opens the way for the highest quality and most comprehensive scientific work in the field of computer security. I can only congratulate the researchers and partners who are making this possible and offering science the right conditions for progress. Well done to them!

Computer security

Computer security:  a multi-theme research field involving numerous Inria project-teams

INRIA @ Photo Kaksonen

Around 50 Inria research teams are conducting research work connected with computer security, an issue that is central to the work of around 15 of these teams.

This field contains several aspects that correspond to different research disciplines and the teams address a number of themes:

  • Cryptography
  • Cryptographic protocols
  • Formal methods and verification for security
  • Code analysis, information flow control, failures
  • Secure communication in networks and on grids
  • Intrusion prevention and detection, virology
  • Data security and protection
  • Identification and protection of the individual: biometry, video surveillance
  • Digital voting
  • Digital security and society: respect for privacy, legislation
 Guaranteeing the security of cryptographic systems - Cracking the RSA 768 key

 Inria team CARAMEL– Inria Nancy - Grand-Est Centre

Cryptographic systems guarantee the security of data exchanges over the Internet and are at the heart of e-commerce. It is therefore essential to ensure their reliability. Cracking the protection codes of a cryptographic system triggers the search for new solutions and provides arguments in favour of adopting more secure systems.

The RSA algorithm (which stands for Rivest, Shamir and Adleman) forms part of the family of public-key systems that enable confidential information to be exchanged or documents to be electronically signed.

The CARAMEL team at Inria Nancy - Grand-Est (a joint team together with Nancy University and the French National Centre for Scientific Research) and its Swiss, Japanese, Dutch and German partners (EPFL, CWI, NTT, University of Bonn) have pooled different computing capabilities to successfully factorise a 768-bit RSA key. By combining the result of extensive work carried out in algorithms with computing capabilities at their disposal for the last two and a half years, they managed to crack this 232-digit key by finding its main constituent factors. This new record is a superb illustration of the effectiveness of distributed computing systems and confirms the recommendations of the French National Agency of Information System Security by demonstrating the vulnerability of a 768-bit RSA key.

To carry out this large-scale calculation, Inria used a section of the Grid’5000 infrastructure that links 1,544 machines in France, or more than 5,000 core processors. In total, together with the involvement of the other partners, the equivalent of 1,700 core processors used for one year were utilised, amounting to 425 quad-core PCs for one year.

 Optimising the reliability of electronic signatures: the Shabal cryptographic algorithm

 Inria project-team involved: SECRET - Inria Paris - Rocquencourt Centre

The various cryptographic algorithms in existence include those used for the electronic signatures that guarantee document authenticity, among other uses.

To build these algorithms, scientists use hash functions that enable very large files (software, long texts) to be reduced to a fingerprint, i.e. a small version of a fixed size (for example 256 bits). This fingerprint allows files to be authenticated and an electronic signature to be rapidly produced.

In 2004, hash standards came under fire and were destroyed one after the other by attacks that uncovered unacceptable flaws.

In 2008, America's National Institute of Standards and Technology launched an international competition to find the solution to these failures and to define the future cryptographic hash standard, which will be called SHA-3 (which stands for Secure Hash Algorithm).

The 14 proposed algorithms still in the running in the competition include Shabal. The SECRET team at Inria, which specialises in the study and development of functions that, when combined, form large cryptographic protocols, participated in its development. The main benefits of this algorithm are its speed of execution and its operating mode (the way it divides the file up into fixed-sized blocks and processes these in turn to calculate the fingerprint), which is based on a new construction whose security can be proved.

Shabal is the fruit of work by a team of 14 researchers from seven academic and industrial research teams working as part of a project financed by the French National Research Agency. There are expected to be five finalists left in August 2010, with the winner being named in 2012.

 Remaining in control of your personal data: the personalised medical and welfare record

 SMIS project-team - Inria Paris - Rocquencourt Centre

To address the vulnerability of database servers and the difficulties in establishing confidence in the protection of the personal data that they manage, researchers from the SMIS team devise personal database servers on chips. The latest major application is the French personalised medical and welfare record, which facilitates the coordination of healthcare for dependent persons.

So how does it do this? By using a solution that gives patients a secure USB stick incorporating a new generation of smart card with a large storage capacity. This stick contains a person's entire medical records managed by an embedded personal data server. This server can therefore be used to store a full set of medical records, allowing interaction through a dedicated application and synchronisation with a central server, all with strong safeguards to ensure confidentiality. Patients can also place some of their records on a central server to make them available online to health professionals, who in turn have a secure USB card that utilises cryptographic protocols for the exchange of data.

Patients have input on the data access policy, giving them control over which parties can access their personal data. 
Several organisations are working on this project: Santeos, a company specialising in information systems, is developing the solution for the central server, while Inria and Gemalto, the world leader in smart cards, are developing the secure USB stick and its embedded software.

The personalised medical and welfare records project is being conducted in collaboration with the PlugDB project coordinated by Inria and supported by the French National Research Agency.

 Developing the protocols that guarantee security in electronic voting

 CASSIS project-team - Inria Nancy - Grand-Est Centre, and SECSI project-team - Saclay –Île de France Centre

To ensure that electronic voting is reliable and controllable, certain aspects need to be respected, such as anonymity, voting confidentiality, giving voters the possibility to verify that their vote has actually been counted, that their identity has not been stolen, etc. However, paperless voting and the absence of ballot papers, see-through ballot boxes and voting certificates make the process non-transparent.
 Since the beginning of 2008, the CASSIS and SECSI teams at Inria, in collaboration with the Verimag laboratory (joint research teams from the French National Centre for Scientific Research/Grenoble Institute of Technology/Joseph Fourier University), have been participating in the French National Research Agency's Avoté project, which aims to offer tools to verify protocols in electronic voting, particularly online. Their work is expected to create solutions for identifying faults in electronic voting systems and stating the guaranteed properties.

The difficulties to overcome include providing precise and formal definitions of the various security properties that a protocol must meet, then being capable of formally verifying that these protocols actually comply with the requested properties. The researchers are expected to provide a convincing response within two years.

Keywords: Botnet Attack Virus Anti-virus Laboratory Software Network Security

Top