Programme et Équipement Prioritaires de Recherche pour la sécurité du Cloud

Journée marseillaise lancement TRUSTINCloudS

Jeudi 25 janvier 2024 : 09h30 - 17h

Auditorium A2 au CIRM
Campus de Luminy - Case 916 - F 13288 Marseille cedex 9

9h30-10h Accueil café
10h-10h10 ENOCH Stefan, VP recherche AMU, Ouverture
10h10-10h30 Emmanuel GODARD, LIS, Aix-Marseille Université, Présentation du PEPR, TRUSTINCloudS
10h30-11h40 Renaud SIRDEY, CEA LIST, Université Paris-Saclay
Title: Petite introduction au chiffrement homomorphe pour le non spécialiste
Abstract: Dans cet exposé, nous présenterons les principes de base du chiffrement homomorphes, un corpus de techniques permettant de calculer directement sur des données chiffrées. Même si le calcul homomorphe reste coûteux sur le plan computationnel, pour des raisons intrinsèques que nous aborderons, il trouve d’ores et déjà quelques applications pratiques. Par exemple nous montrerons comment le mettre à profit afin de fournir des garanties de confidentialité sur les données d’entraînement dans le cadre de protocoles d’apprentissage fédéré.
11h40-12h10 Sara TUCCI-PIERGIOVANNI, CEA LIST, Université Paris-Saclay
Title: An Introduction to Byzantine Fault-tolerant Federated Learning
Abstract: In this presentation, I aim to bridge the gap between the classical Byzantine Generals problem (Lamport 1984) and contemporary challenges posed by Byzantine attacks in federated learning. By initially exploring the foundational concepts of Byzantine fault-tolerance in distributed systems alongside an introduction to federated learning, I will navigate the intricate landscape surrounding the implementation of Byzantine Fault-Tolerance in Federated Learning environments. This talk will also shed light on recent research advocating blockchain technology as a solution while addressing the persisting hurdles in achieving Byzantine Fault-Tolerance. Geared toward an audience unfamiliar with federated learning and Byzantine fault-tolerance, this talk serves as an accessible introduction to these concepts.
12h10-13h40 pause déjeuner (restaurant du CIRM)
13h40-14h10 Clémentine Gritti, Eurecom
Title: Let Them Drop: Scalable and Efficient Federated Learning Solutions Agnostic to Client Failures
Abstract: Secure model aggregation is nowadays recognized as the key component for Federated Learning (FL). It enables the collaborative training of a global machine learning model without leaking any information about FL clients’ local models. It is shown that clients who fail to complete the protocol, referred to as dropped clients, can seriously affect the correct computation of the global machine learning model. While the literature counts numerous fault-tolerant secure aggregation protocols that use secret sharing to reconstruct the inputs of dropped clients, the performance of these solutions decreases with an increase in the dropout rate. In this talk, we present Eagle, a fault-tolerant, secure aggregation solution that is agnostic to client failures and therefore outperforms existing solutions. Eagle is inherently compatible with realistic FL schemes which implement client selection. Furthermore, existing state-of-the-art solutions usually apply to basic FL settings whereby all clients are synchronized. Overcoming such a strong assumption, we present Owl, a secure aggregation solution suitable for the asynchronous setting.
14h10-14h50 Thierry Leblond, Scille
Title: Parsec : Data Zero Trust et Cipher Data Centric Security (DCS#3)
Abstract: Dans un monde où les données transitent en clair sur des serveurs étrangers, il existe un vrai problème de sécurité inhérent à la maîtrise du partage des data. La sécurité des données doit de plus en plus être gérée de manière cryptographique au plus près de l’utilisateur et du terminal afin de couvrir toutes les fonctions de sécurité : confidentialité, intégrité, non-répudiation, authenticité, anonymisation, traçabilité, historisation, révocation. PARSEC, est un logiciel cryptographique open source “Data Zero Trust”, simple d’usage et certifié par l’Agence Nationale de Sécurité des Systèmes d’Information (ANSSI). Spécialisé dans le partage et la collaboration “Zero Trust” des données sensibles sur le Cloud, ce système apporte la garantie cryptographique que le partage des données sensibles et confidentielles n’est ni lu ni modifié par un tiers n’ayant pas à en connaître. PARSEC se présente comme une « Dropbox » (copier-coller), asynchrone, résistant à la rupture de réseau, très simple d’usage, de distribution décentralisée de la confiance de bout en bout, zero trust, zero knowledge et anti-ransonware. Il a été développé en partenariat avec le ministère des Armées et est en cours de déploiement dans l’administration française et chez d’autres clients du secteur privé. Les fonctions de sécurité des données prises en charges sont notamment : confidentialité, intégrité, historisation, non-répudiation, révocation, authenticité. L’exposé vise à soulever le capot pour présenter dans un premier temps quelques principes techniques du logiciel. Nous aborderons les principaux challenges et difficultés techniques qui ont dues être surmontées pour la mise au point opérationnelle de ce système : Comment distribuer facilement les clés ? Comment construire la confiance initiale quand l’utilisateur enrôlé est inconnu ? Comment valider les données en mode Zero Trust, c’est-à-dire toujours vérifier et ne jamais faire confiance ? À quel niveau granulaire doit-on travailler pour traiter les gros volumes de données et les flux de données ? Comment assurer la compatibilité ascendante du modèle de données en mode asynchrone ? Comment gérer la consistance éventuelle de ce système distribué et asynchrone ? Enfin, nous projetterons les perspectives de ce système qui a le potentiel pour créer un écosystème collaboratif Zero Trust notamment l’édition collaborative Zero Trust, Data Centric Security pour les armées de la coalition otanienne.
14h50-15h20 Damien IMBS, LIS, Aix-Marseille Université
Title : Are Byzantine Failures Really Different from Crash Failures?
Abstract : In the theory of distributed systems, various fault models have been proposed. The crash failure is one of the weakest, whereas the Byzantine failure is arguably the strongest. From a computability perspective, are Byzantine failures “different” from crash failures? We will see in this presentation that, under certain assumptions, the answer is “no” for asynchronous message-passing systems. This can be proved using a distributed simulation suited to such asynchronous message-passing systems. More precisely, this is an algorithm that simulates a system where up to t processes may crash, on top of a basic system of n processes where up to t processes may be Byzantine, with t<n/3. This simulation allows crash-tolerant algorithms, designed for colorless tasks in asynchronous read/write systems, to be executed on top of asynchronous message-passing systems prone to Byzantine failures.
15h20-15h40 pause café
15h40-16h10 Benjamin Monmege, LIS, Aix-Marseille Université
Title: Game Theoretic Decision Making for Multi-Party Access Control
Abstract: Social computing applications, such as online social networks and collaborative platforms, have experienced significant growth momentum in the last decades. These applications enable users to collaboratively create, manage, and share resources with other users in real-time. Although they provide several benefits for users and organizations, these applications also open new privacy and security issues. Users typically specify privacy preferences determining the accessibility and visibility of their data. However, they might not be aware of exactly who can access the data, as access can be granted by other co-controllers of the data. More in general, conflicts in co-controllers’ privacy preferences can result in undesired disclosure of sensitive information for some co-controllers and in reducing sharing utility for others. In this talk, I will present our investigation of the application of game theory concepts to support the decision- making process in multi-party access control scenarios. In particular, we propose a bargaining framework, which, given the co-controllers’ initial privacy preferences for a shared resource, computes automatically an optimal collective access decision. I will demonstrate some preliminary results obtained via a prototype implementation. This is a joint work with Gelareh Hasel Mehri, Clara Bertolissi and Nicola Zannone.
16h10-16h40 Kevin Atighehchi, LIMOS, Université Clermont Auvergne
Title: Oblivious Secure Sketches from Groups
Abstract: Designing secure biometric-based authentication protocols is considered to be more challenging than designing token or password-based protocols because of the noisy nature and the personally identifying characteristics of the input, and the fact that biometric characteristics of an individual are not easy to renew. We introduce a new notion of oblivious secure sketch (OSS) and instantiate two OSS protocols. Our protocols allow a client (prover) to create a sketch of their input data (e.g., face image, fuzzy password) to be stored by a server (verifier). The client can later interact with the server and recover the original input as long as the client can generate another input that is close to their original input (e.g., another face image, slightly incorrect password). The interaction is oblivious in the sense that the client and the server do not learn any additional information. Our OSS protocols prevent offline attacks and can detect malicious client behavior during the recovery process, which are distinguishing factors from the traditional secure sketches. They naturally lend themselves to (oblivious) fuzzy extractors, and hence to noisy-input (e.g., biometric, fuzzy password) based authenticated key exchange protocols, and satisfy standard security requirements such as irreversibility, indistinguishability, and reusability under certain assumptions. Our OSS protocols also offer useful features for real-life applications: They can handle different proximity notions (e.g., Hamming distance, L_1, set difference) and efficiently tolerate a linear fraction of errors.
16h40 Cloture