Research topic

My work essentially consists of finding a way to compose and automate the application of several software-based countermeasures against physical attacks on embedded systems (Side channel Attacks and Fault attacks), during the compilation process.

I'm also involved in two National projects, funded by the French National Research Agency (ANR):

COGITO: Runtime code generation to secure devices
The main objective of this Cogito is to use runtime code generation as a protection against Side Channel Attacks. For more details, viste the official web site of the project
My contribution to this project is the implementation of mechanisms that allow a binary program to modify a part of his code on the fly at runtime, while keeping the semantic equivalence; with the purpose of breaking the dependency between the data being processed inside the embedded system and the power signature emitted by the device.

PROSECCO: formally-PROven SEcured Compiled Code
The consortium of PROSECCO plans to create a technological breakthrough by developing tools that will automatically insert protections in the compilation flow and formally prove the functional equivalence and the robustness of the protected software. For more details, viste the official web site of the project

Publications:

    Papers

  • WISTP 2016 Runtime Code Polymorphism as a Protection Against Side Channel Attacks
    10th International Conference on Information Security Theory and Practice, Grete, Greece
    Damien Couroussé, Thierno Barry, Bruno Robisson, Philippe Jaillon, Olivier Potin and Lanet Jean-Louis
    -- Paper (pdf)
  • SECRYPT 2016 A Template Attack Against VERIFY PIN Algorithms
    13th International Conference on Security and Cryptography, Lisbon, Portugal
    Hélène Le Bouder, Thierno Barry, Damien Couroussé, Jean-Louis Lanet, Ronan Lashermes
  • CS2 2016 Compilation of a Countermeasure Against Instruction-Skip Fault Attacks
    3th Workshop on Cryptography and Security in Computing Systems, Prague, Czech
    Thierno Barry, Damien Couroussé, Bruno Robisson
    -- Paper (pdf)
  • SECRYPT 2014 COGITO: Code Polymorphism to Secure Devices
    11th International Conference on Security and Cryptography, Vienna, Austria
    Damien Couroussé, Thierno Barry, Bruno Robisson, Jean-Louis Lanet, Hassan Noura, Philippe Jaillon and Philippe Lalevée.
    -- Paper (pdf)
  • Talks and Posters

  • CHES 2015 Compiler-based Countermeasure Against Fault Attacks
    17th Workshop on Cryptographic Hardware and Embedded Systems, Saint-Malo, France
    Thierno Barry, Damien Couroussé and Bruno Robisson
    -- Poster (pdf)
  • CHES 2015 Runtime Code Polymorphism as a Protection Against Physical Attacks
    17th Workshop on Cryptographic Hardware and Embedded Systems, Saint-Malo, France
    Damien Couroussé, Thierno Barry and Bruno Robisson
    -- Poster (pdf)
  • Crypto'Puce 2015 Compilaton for the Composition of Sofware Protectons for Embedded Systems
    5ème édition de la rencontre Crypto'Puce, Île de Porquerolles, France
    Thierno Barry, Damien Couroussé and Bruno Robisson
    -- Presentation (pdf)

Background

Projects

Here are some projects I was involved in during my school period or my spare time

Rootkit on Windows Kernel
  • Keywords: Rootkit, SSDT, IRP, DKOM, IDT, IAT
  • Language: C, Python, ASM
  • Abstract:
    The aim is control a remote machine.
    Like any rootkit, the first task is to hide everything related to the rootkit: its files, its process, its remote connections, etc...
  • Souces: https://bitbucket.org/tbarry/rootkit
Electronic Validation and Verification
  • Keywords: OTP (On time password), Integrity, TimeStamp, Authentication
  • Language: Python, HTML/CSS
  • Abstract:
    The goal is to have a platform for validating the authenticity and integrity of a document, and allow anyone to check that the doucment has not undergone any alteration
  • Souces: https://bitbucket.org/tbarry/secure-web
IPv6 ⇐⇒ IPv4 Translator for TCP
  • Tools: Scapy, Firewall, Socat
  • Keywords: IPv4, IPv6, TCP, Routing
  • Language: Python, HTML/CSS
  • Abstract:
    The goal is to enable a machine using only the TCP/IPv6 stack to communicate with IPv4 machines seamlessly through TCP.
  • Souces: https://bitbucket.org/tbarry/ipv6-ipv4-translator
Captive portal
  • Keywords: Network, Security, Firewall
  • Language: Python, HTML/CSS
  • Abstract:
    The goal is mainly to intercept all packets regardless of address or port, until the user opens a browser and tries to access the internet . At that time the browser is redirected to a web page which may require and/or payment, or requiring the user to agree a use policy, or simply making him to do something before having access to internet.
  • Souces: https://bitbucket.org/tbarry/captive-portal
Syntax analyzer
  • Keywords: Jflex, Cup, Code generation
  • Language: Java
  • Abstract:
    Overall, it is a decidability problem, which consites of having a grammar as input, which describes a language, and then being able to decide if Yes or No an expression or group of expressions belong to the language
The Aquarium game
  • Keywords: Artificial Intelligence, Video game, Network, Client/Server
  • Language: Java
Shell-X: A Linux Command line interpreter
  • Keywords: Bison, Flex, System programming
  • Language: C
Travelling salesman
  • Keywords: Complexity and Computability
  • Language: C
An equation grapher and area calculation
  • Keywords: Mathematics, --Integral, GUI
  • Language: Python, --Tkinter
Snake Game
  • Keywords: Video Game, snake
  • Language: Python, --Tkinter
Othello Game
  • Keywords: Artificial Intelligence, Video Game
  • Language: Python, --Tkinter