Patents by Inventor Damien Courousse
Damien Courousse has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20240069917Abstract: A method for executing a machine code with a computer, including constructing a signature for a current instruction on the basis of signals generated by a stage of a hardware processing path, this stage being a decoder or a stage following the decoder in the hardware processing path, and on the basis of the preceding signature constructed for an instruction which precedes it, then checking the integrity of the executed machine code by comparing the signature constructed for the current instruction with a prestored reference signature, then only when the integrity of the current instruction has been checked successfully, decrypting a cryptogram of the following instruction using the signature constructed for the current instruction.Type: ApplicationFiled: August 23, 2023Publication date: February 29, 2024Applicants: Commissariat à l'Energie Atomique et aux Energies Alternatives, CENTRE NATIONAL DE LA RECHERCHE SCIENTIFIQUE, SORBONNE UNIVERSITEInventors: Thomas CHAMELOT, Damien COUROUSSE, Karine HEYDEMANN
-
Patent number: 11704128Abstract: An execution method includes supplying of a machine code, the machine code being formed by a succession of base blocks and each base block being associated with a signature and comprising instructions to be protected. Each instruction to be protected is immediately preceded or followed by an instruction for constructing the value of the signature associated with the base block. Each construction instruction is coded on strictly less than N bits, and each word of the machine code which comprises at least one portion of one of said instructions to be protected also comprises one of the construction instructions so that A is not possible to load an instruction to be protected into an execution file, without at the same time loading a construction instruction which modifies the value of the signature associated with the base block when it is executed.Type: GrantFiled: March 20, 2018Date of Patent: July 18, 2023Assignees: COMMISSARIAT A L'ENERGIE ATOMIQUE ET AUX ENERGIES ALTERNATIVES, SORBONNE UNIVERSITE, CENTRE NATIONAL DE LA RECHERCHE SCIENTIFIQUEInventors: Damien Courousse, Karine Heydemann, Thierno Barry
-
Patent number: 11442738Abstract: An execution method comprises the following operations: —every time an instruction to be protected of a preceding basic block is loaded, constructing a new value of a signature of this preceding basic block from the value of this instruction to be protected and the preceding value of the signature. The method further includes loading an initialization vector contained in a subsequent basic block and calculating, from said loaded initialization vector, a value reached for signing the preceding basic block. The method also includes comparing the constructed value of the signature with the expected value of this signature, and—only if these values do not match, triggering the signaling of a fault during the execution of the machine code.Type: GrantFiled: September 14, 2018Date of Patent: September 13, 2022Assignee: COMMISSARIAT A L'ENERGIE ATOMIQUE ET AUX ENERGIES ALTERNATIVESInventor: Damien Courousse
-
Patent number: 11157659Abstract: A method for executing a polymorphic machine code, wherein: for each branching address at which a base block of a flow of generated instructions starts, the microprocessor automatically adds, in the generated flow of instructions, a renewal instruction suitable, when it is executed, for triggering the renewal of an initialization vector of a module for decryption by flow with a specific value associated with this branching address, then a flow encryption module encrypts the flow of instructions as it is generated and, during this encryption, each base block is encrypted using a specific value associated with the branching address at which it starts. Only the instruction flow encrypted in this way is recorded in the main memory. During execution of the encrypted instruction flow, the added renewal instructions are executed as they are encountered.Type: GrantFiled: December 14, 2017Date of Patent: October 26, 2021Assignee: COMMISSARIAT A L'ENERGIE ATOMIQUE ET AUX ENERGIES ALTERNATIVESInventors: Damien Courousse, Thomas Hiscock, Olivier Savry
-
Publication number: 20210273778Abstract: A method for executing a function secured by time synchronisation, comprising the random choice of a value of a delay from a group G2,k of n2,k possible values, the random choice being performed according to a probability law Sk, the values of the group G2,k fulfilling the following condition: wherein x0 to Xn2,k?1 are the n2,k values of the group G2,k, Sk[xI] is the probability of occurrence associated with the value Xi by the law Sk, SSk is the statistical distribution of the possible values of the accumulated delays already introduced between times tref and tsk, tsk is the time at which the microprocessor executes the first instruction of a sequence Seqk, tref is the reference time when the microprocessor executes a particular instruction, SSmaxk is the largest value of the statistical distribution SSk, and p is a real number greater than 1.3.Type: ApplicationFiled: July 2, 2019Publication date: September 2, 2021Applicant: COMMISSARIAT A L'ENERGIE ATOMIQUE ET AUX ENERGIES ALTERNATIVESInventors: Nicolas BELLEVILLE, Damien COUROUSSE
-
Patent number: 10903978Abstract: A method of encrypting messages in clear with the aid of a secret key, the method of encryption implementing at least one substitution layer using a substitution table and a diffusion layer using a diffusion matrix, the substitution layer and/or the diffusion layer being configured in a dynamic manner by a control parameter obtained by combining the secret key with the output word from a counter and by performing a non-invertible transformation on the combination. The counter is incremented at least once between two successive plaintext messages. The configuration of the substitution layer is manifested by an identical permutation of bits of each element of the substitution table and the configuration of the diffusion layer is manifested by a permutation of the elements of the diffusion matrix.Type: GrantFiled: December 2, 2015Date of Patent: January 26, 2021Assignee: COMMISSARIAT A L'ENERGIE ATOMIQUE ET AUX ENERGIES ALTERNATIVESInventors: Hassan Noura, Damien Courousse
-
Publication number: 20200272475Abstract: An execution method comprises the following operations: —every time an instruction to be protected of a preceding basic block is loaded, constructing a new value of a signature of this preceding basic block from the value of this instruction to be protected and the preceding value of the signature. The method further includes loading an initialization vector contained in a subsequent basic block and calculating, from said loaded initialization vector, a value reached for signing the preceding basic block. The method also includes comparing the constructed value of the signature with the expected value of this signature, and —only if these values do not match, triggering the signaling of a fault during the execution of the machine code.Type: ApplicationFiled: September 14, 2018Publication date: August 27, 2020Applicant: COMMISSARIAT A L'ENERGIE ATOMIQUE ET AUX ENERGIES AL TERNATIVESInventor: Damien COUROUSSE
-
Publication number: 20200257805Abstract: This execution method comprises the supplying of the machine code, this machine code being formed by a succession of base blocks, each base block being associated with a signature and comprising instructions to be protected, each instruction to be protected being immediately preceded or followed by an instruction for constructing the value of the signature associated with this base block, wherein: each construction instruction is coded on strictly less than N bits, and each word of the machine code which comprises at least one portion of one of said instructions to be protected also comprises one of said construction instructions so that it is not possible to load an instruction to be protected into an execution file, without at the same time loading a construction instruction which modifies the value of the signature associated with this base block when it is executed.Type: ApplicationFiled: March 20, 2018Publication date: August 13, 2020Applicants: COMMISSARIAT A L'ENERGIE ATGMIGUE ET AUX ENERGIES ALTERNATIVES, SORBONNE UNIVERSITE, CENTRE NATIONAL DE LA RECHERCHE SCIENTIFIQUEInventors: Damien COUROUSSE, Karine HEYDEMANN, Thierno BARRY
-
Publication number: 20200089919Abstract: A method for executing a polymorphic machine code, wherein: for each branching address at which a base block of a flow of generated instructions starts, the microprocessor automatically adds, in the generated flow of instructions, a renewal instruction suitable, when it is executed, for triggering the renewal of an initialization vector of a module for decryption by flow with a specific value associated with this branching address, then a flow encryption module encrypts the flow of instructions as it is generated and, during this encryption, each base block is encrypted using a specific value associated with the branching address at which it starts. Only the instruction flow encrypted in this way is recorded in the main memory. During execution of the encrypted instruction flow, the added renewal instructions are executed as they are encountered.Type: ApplicationFiled: December 14, 2017Publication date: March 19, 2020Applicant: COMMISSARIAT A L'ENERGIE ATOMIQUE ET AUX ENERGIES ALTERNATIVESInventors: Damien COUROUSSE, Thomas HISCOCK, Olivier SAVRY
-
Patent number: 10146565Abstract: A method for executing a program includes: storing, in a table associated with each address of a specialized code of a parameterized function, a value of each of specialized parameters for generating the specialized code, and each time the address of a specialized code must be modified, deleted from, or added to the table, a microprocessor generates and records in a memory a search routine written in machine language of the microprocessor, this search routine containing, coded as constants, each address and each specialized parameter value stored in the table, such that the search routine does not include any reading operation of the value of a specialized parameter or of the address of a specialized code outside the continuous address range in which this search routine is recorded, and the microprocessor runs this recorded search routine directly.Type: GrantFiled: June 28, 2016Date of Patent: December 4, 2018Assignee: COMMISSARIAT À L'ÉNERGIE ATOMIQUE ET AUX ÉNERGIES ALTERNATIVESInventors: Caroline Queva, Damien Courousse, Yves Lhuillier
-
Patent number: 10140135Abstract: A method for executing a program including updating a value of a first counter each time a parameterized function is implemented with a first specific value of a parameter; checking whether the value of the first counter exceeds a first precalculated threshold, and in response, generating a specialized code for this function; and executing the preceding operations replacing the first specific value, the first counter, and the first precalculated threshold by a second specific value, a second counter and a second precalculated threshold, respectively; the first precalculated threshold being calculated on the basis of an execution outlay when the first specific value is used, the second precalculated threshold being calculated on the basis of an execution overlay when the second specific value is used.Type: GrantFiled: June 28, 2016Date of Patent: November 27, 2018Assignee: COMMISSARIAT A L'ENERGIE ATOMIQUE ET AUX ENERGIES ALTERNATIVESInventors: Caroline Queva, Damien Courousse, Yves Lhuillier
-
Publication number: 20180189086Abstract: A method for executing a program includes: storing, in a table associated with each address of a specialized code of a parameterized function, a value of each of specialized parameters for generating the specialized code, and each time the address of a specialized code must be modified, deleted from, or added to the table, a microprocessor generates and records in a memory a search routine written in machine language of the microprocessor, this search routine containing, coded as constants, each address and each specialized parameter value stored in the table, such that the search routine does not include any reading operation of the value of a specialized parameter or of the address of a specialized code outside the continuous address range in which this search routine is recorded, and the microprocessor runs this recorded search routine directly.Type: ApplicationFiled: June 28, 2016Publication date: July 5, 2018Applicant: COMMISSARIAT A L'ENERGIE ATOMIQUE ET AUX ENERGIES AL TERNATIVESInventors: Caroline QUEVA, Damien COUROUSSE, Yves LHUILLIER
-
Publication number: 20180189085Abstract: A method for executing a program including updating a value of a first counter each time a parameterized function is implemented with a first specific value of a parameter; checking whether the value of the first counter exceeds a first precalculated threshold, and in response, generating a specialized code for this function; and executing the preceding operations replacing the first specific value, the first counter, and the first precalculated threshold by a second specific value, a second counter and a second precalculated threshold, respectively; the first precalculated threshold being calculated on the basis of an execution outlay when the first specific value is used, the second precalculated threshold being calculated on the basis of an execution overlay when the second specific value is used.Type: ApplicationFiled: June 28, 2016Publication date: July 5, 2018Applicant: COMMISSARIAT A L'ENERGIE ATOMIQUE ET AUX ENERGIES ALTERNATIVESInventors: Caroline QUEVA, Damien COUROUSSE, Yves LHUILLIER
-
Publication number: 20170366339Abstract: A method of encrypting messages in clear with the aid of a secret key, the method of encryption implementing at least one substitution layer using a substitution table and a diffusion layer using a diffusion matrix, the substitution layer and/or the diffusion layer being configured in a dynamic manner by a control parameter obtained by combining the secret key with the output word from a counter and by performing a non-invertible transformation on the combination. The counter is incremented at least once between two successive plaintext messages. The configuration of the substitution layer is manifested by an identical permutation of bits of each element of the substitution table and the configuration of the diffusion layer is manifested by a permutation of the elements of the diffusion matrix.Type: ApplicationFiled: December 2, 2015Publication date: December 21, 2017Applicant: COMMISSARIAT A L'ENERGIE ATOMIQUE ET AUX ENERGIES ALTERNATIVESInventors: Hassan NOURA, Damien COUROUSSE
-
Patent number: 9489315Abstract: Executing polymorphic binary code of a predetermined function includes acquiring polymorphic binary code of the function, the code having instruction blocks and control instructions. One block acquires a random number; the other defines a specific generator that generates target instructions to execute the function. The control instructions place the target instructions in memory. Each instruction has an opcode that codes a nature of an operation to be executed, and operands that define parameters of the operation. The generator incorporates coding variants of the function and selection instructions. Each variant generates instructions that perform the function. These instructions differ from each other and enable choosing a variant, based on the random number, to generate the target instructions. The choice is made only between different coding variants of the predetermined function.Type: GrantFiled: October 1, 2014Date of Patent: November 8, 2016Assignee: Commissariat à l'énergie atomique et aux énergies alternativesInventor: Damien Courousse
-
Publication number: 20150095659Abstract: Executing polymorphic binary code of a predetermined function includes acquiring polymorphic binary code of the function, the code having instruction blocks and control instructions. One block acquires a random number; the other defines a specific generator that generates target instructions to execute the function. The control instructions place the target instructions in memory. Each instruction has an opcode that codes a nature of an operation to be executed, and operands that define parameters of the operation. The generator incorporates coding variants of the function and selection instructions. Each variant generates instructions that perform the function. These instructions differ from each other and enable choosing a variant, based on the random number, to generate the target instructions. The choice is made only between different coding variants of the predetermined function.Type: ApplicationFiled: October 1, 2014Publication date: April 2, 2015Inventor: Damien Courousse