Cybersecurity PEPR is taking shape: things to know

PERP, which is linked to the national cyber security strategy, experienced some form of formalization last week. How does he present himself?

More than a year of work … and finally some kind of achievement. Last week, on Campus Cyber, we formalized the first seven PEPR cyber security projects.

This initiative is part of the fourth investment program for the future (PIA 4). This is in line with the actions “Structuring Equipment for Research” and “Priority Research Programs” in PIA 3.

Excerpt from a report issued by the National Assembly as part of the consideration of the Finance Act for 2022 (click to enlarge)

There are two types of PERPs. On the one hand, those that fit into a national strategy. On the other hand, those who are called “exploratory”. These are aimed at new scientific or technological sectors. For some, the areas of application of their research work may still fall under working hypotheses. MoleculArXiv, which focuses on storing DNA data, falls e.g. fall into this category. Its pilot: CNRS.

The CNRS is also at the forefront of PERP cyber security, which is linked to the national strategy unveiled by the government in early 2021 and which provides it with a preliminary framework of around € 1 billion.

summary amounts

Three pilots and about twenty academic partners

The budget for cybersecurity PERP amounts to 65 million euros over six years. Compare this with € 150 million for the one dedicated to quantum technologies, € 80 million for the one dedicated to carbon-free hydrogen or even € 60 million for the one dedicated to digital health.

CNRS is not alone in leading PERP. He is responsible for managing it with CEA and Inria. Gildas Avoine, Bruno Charrat and François Cuny are the respective representatives of the three organizations.

Twenty universities and large schools are in the loop. According to the latest news, PERP is to involve about 200 permanent researchers and teacher researchers. And fund about 140 dissertations. The idea is to support upstream research … and the transfer of knowledge to the industrial world.

list of companies

A PEPR without post-quantum cryptography

The first seven targeted projects benefit from envelopes of 5.5 to 7.5 M €. A call for projects – which is scheduled to start this summer – will make it possible to fund three more. There will be no one in post-quantum cryptography: by common agreement, it is quantum PERP that will carry this effort.

Four of these projects relate to information security: DefMal, iPOP, SecureCompute and SVP.

The University of Versailles-Saint-Quentin-en-Yvelines is leading the project iPOP, ruled by Inria. Purpose: to design techniques for the protection of personal data.

Bag DefMal, which is the University of Lorraine. The idea is to improve the knowledge and understanding of malicious programs involving the discipline of humanities and social sciences.

ENS-PSL is at the forefront SecureCompute. The project touches on so-called “confidential” computing. Or how to secure the calculation (data processing) based on cryptography techniques.

Also in the field of cryptography, the CNRS is leading the project please. Which consists of analyzing the security of the protocols to move towards more robust solutions.

A place for multimedia data and cryptographic primitives

The other three projects concern system security. CEA takes two of them. Firstly, Arseny, which is aimed at the security of embedded data processing. The other, Securitywhich should result in tools for detecting hardware and software vulnerabilities.

Inria, on the other hand, is piloting Monitor. Its focus: discovery, response and remediation within major IS.

The three projects that will be added to the list cover the following areas:

– Multimedia data protection (video tagging, biometrics, AI security …)
– Vulnerability research and exploitation techniques
– Cryptanalysis (= security assessment) of cryptographic primitives

Main artwork © studio v-zwoelf – Adobe Stock

Leave a Comment