Glossary to Support Applied International Research on Decision Making for High Conflict Urban Marches and Parades

This article was created in context of OPMoPS (Organized Pedestrian Movement in Public Spaces), a French-German interdisciplinary collaboration on high conflict urban marches and parades. As OPMoPS aims to support decision making for authorities of public order, both a French and a German police institution are members of the consortium. Communication with target group was insofar challenging, as their experts' language is close to everyday terms. Thus the authors are proposing the following glossary to support applied international research in this field. Both authors are not skilled language experts but pragmatic members of OPMoPS's police institutions. All terms can be found in English, German and French, with a focus on police and on German police procedure. It is firstly classed in thematic order, and secondly in alphabetical order

Forensic smartphone analysis using adhesives:Transplantation of Package on Package components

International audienceInvestigators routinely recover data from mobile devices. In many cases the target device is severely damaged. Events such as airplane crashes, accidents, terrorism or long submersion may bend or crack the device's main board and hence prevent using standard forensic tools. This paper shows how to salvage forensic information when NAND memory, SoC or cryptographic chips are still intact. We do not make any assumptions on the state of the other components. In usual forensic investigations, damaged phone components are analysed using a process called “forensic transplantation”. This procedure consists of unsoldering (or lapping) chips, re-soldering them on a functionnal donor board and rebooting.Package on Package (PoP) component packaging is a new technique allowing manufacturers to stack two silicon chips, e.g. memory, CPU or cryptographic processors. Currently, PoP is widely used by most device manufacturers and in particular by leading brands such as Apple, BlackBerry, Samsung, HTC and Huawei. Unfortunately, forensic transplantation destroys PoP components.This work overcomes this difficulty by introducing a new chip-off analysis method based on High Temperature Thixotropic Thermal Conductive Adhesive (HTTTCA) for gluing the PoP packages to prevent misalignment during the transplantation process. The HTTTCA process allows the investigator to safely unsolder PoP components, which is a crucial step for transplantation. To demonstrate feasibility, we describe in detail an experimental forensic transplantation of a secure mobile phone PoP CPU

Physical Fault Injection and Side-Channel Attacks on Mobile Devices:A Comprehensive Analysis

Today's mobile devices contain densely packaged system-on-chips (SoCs) with multi-core, high-frequency CPUs and complex pipelines. In parallel, sophisticated SoC-assisted security mechanisms have become commonplace for protecting device data, such as trusted execution environments, full-disk and file-based encryption. Both advancements have dramatically complicated the use of conventional physical attacks, requiring the development of specialised attacks. In this survey, we consolidate recent developments in physical fault injections and side-channel attacks on modern mobile devices. In total, we comprehensively survey over 50 fault injection and side-channel attack papers published between 2009-2021. We evaluate the prevailing methods, compare existing attacks using a common set of criteria, identify several challenges and shortcomings, and suggest future directions of research

Rétro-conception de systèmes sécurisés par attaques physiques

When considering the latest generation of encrypted mobile devices (BlackBerry’s PGP, Apple’s iPhone), data extraction by experts is an increasingly complex task. Forensic analyses even become a real challenge following an air crash or a terrorist attack. In this thesis, we have developed physical attacks on encrypted systems for the purpose of forensic analysis. A new low-temperature re-soldering technique of damaged electronic components, using a 42Sn/58Bi eutectic mixture, has been developed. Then we have exploited the physico-chemical properties of polymer adhesives and have used them for the extraction of encrypted data. A new technique has been developed to facilitate injection and high-frequency data modification. By a man-in-the-middle attack, the prototype allows analysing, in real-time, the data exchanges between the processor and the memory. Both techniques are now used in more complex attacks of cryptographic systems. Our research has led us to successfully sensitise polymer adhesives to laser attacks by pigmentation. This process allowed complex repairs with a laser with 15 micrometres precision and has been used in advanced forensic repair of crypto-processors and memory chips. Finally, the techniques developed in this thesis, put end-to-end and coupled with physical devices (X-ray 3D tomography, laser, SEM, fuming acids), have made it possible to have successful forensic transplants of encrypted systems in degraded conditions. We have successfully applied them, for the first time, on PGP-encrypted BlackBerry mobile phone.Avec l’arrivée des dernières générations de téléphones chiffrés (BlackBerry PGP, iPhone), l’extraction des données par les experts est une tâche de plus en plus complexe et devient un véritable défi notamment après une catastrophe aérienne ou une attaque terroriste. Dans cette thèse, nous avons développé des attaques physiques sur systèmes cryptographiques à des fins d’expertises judiciaires. Une nouvelle technique de re-brasage à basse température des composants électroniques endommagés, utilisant un mélange eutectique 42Sn/58Bi, a été développée. Nous avons exploité les propriétés physico-chimiques de colles polymères et les avons utilisées dans l’extraction de données chiffrées. Une nouvelle technique a été développée pour faciliter l’injection et la modification à haute-fréquence des données. Le prototype permet des analyses en temps réel des échanges processeur-mémoire en attaque par le milieu. Ces deux techniques sont maintenant utilisées dans des dispositifs d’attaques plus complexes de systèmes cryptographiques. Nos travaux nous ont mené à sensibiliser les colles polymères aux attaques laser par pigmentation. Ce processus permet des réparations complexes avec une précision laser de l’ordre de 15 micromètres. Cette technique est utilisable en réparations judiciaires avancées des crypto-processeurs et des mémoires. Ainsi, les techniques développées, mises bout à bout et couplées avec des dispositifs physiques (tomographie 3D aux rayons X, MEB, laser, acide fumant) ont permis de réussir des transplantations judiciaires de systèmes chiffrés en conditions dégradées et appliquées pour la première fois avec succès sur les téléphones BlackBerry chiffrés à l’aide de PGP

Origines de l'expertise judiciaire scientifique

International audienc

Origines de l'expertise judiciaire scientifique

International audienc

Forensic Reverse Engineering of Secure Mobile Devices

International audienc

How to Cryptanalyze a Bomb ?

International audienceA bomb explodes; the smartphone controlling the firing trigger mechanism is shattered. How do law enforcement and intelligence agencies extract information from torn components and broken PCBs? Any resemblance to actual events, to persons living or dead, is possibly not the result of chance

International Program Committee Member (PC) of the International Conference on Sustainability in Software Engineering & Business Information Management: Innovation and Applications (SSEBIM), University of Applied Sciences and Arts Northwestern, Olten, Switzerland, October 8th-9th

International audienceThe primary goal of SEBS is to bring together the researchers from academia and industry as well as practitioners to share ideas, problems and solutions relating to sustainability in software engineering, business models and management. The target is to focus on the latest trends, techniques and applications areas adapting sustainability

Program Committee Member (PC) of the 16th International Workshop on Security and Trust Management, 17 - 18 September, 2020. Guildford, UK

International audienceSTM (Security and Trust Management) is a working group of ERCIM (European Research Consortium in Informatics and Mathematics). STM 2020 is the sixteenth workshop in this series and will be held at the University of Surrey, Guildford, UK, in conjunction with the 25th European Symposium On Research in Computer Security (ESORICS 2020). The workshop seeks submissions from academia, industry, and government presenting novel research on all theoretical and practical aspects of security and trust in ICTs