Ninjalab, starry-eyed cryptanalysis

It's a merciless war where good and evil clash with encrypted algorithms for control of the best-kept secrets. Since 2017, Victor Lomné and Thomas Roche have chosen to put their strengths at the service of business and research by creating the start-up NinjaLab. Their weapon: cryptanalysis.

From the Japanese -nin- for stealthy and -ja- for specialist, the ninja invariably evokes an agile, discreet silhouette tasked with slipping into any fortress and evading security systems. Transform this fortress into a wall of algorithms erected to protect your secrets, and these fighters become... cryptanalysts! Cryptology is the science of secrets," says Victor Lomné, co-founder of NinjaLab and a specialist in microelectronics. In this science you have cryptographers who invent algorithms designed to protect these secrets, and cryptanalysts whose aim is to break these algorithms."

The best defense...

You'll find these algorithms everywhere, starting in your pockets: bank cards, passports, smartphones... They're what we call embedded systems. Their weakness? Vulnerability to theft. " It's easy to steal these objects and subject them to attack techniques, so it's imperative that they are extremely well secured", explains Thomas Roche, computer mathematician and second sensei of the NinjaLab duo. And since the best defense is a good offense, product designers call on... cryptanalysts to test their security systems. "Our specialty is inventing new attacks. That's our area of innovation," says Victor Lomné. " Designers come to us forexpertise they can't find elsewhere," continues Thomas Roche.

Gaining freedom

Heir to a French ecosystem that invented the smart card, it was in the "Hardware Security" department of the prestigious ANSSI, the French national agency for information systems security, that the duo met. After a few years in government service, Vincent Lomné returned to the Laboratoire d'informatique, de robotique et de microélectronique de l'Université de Montpellier (Lirmm)*, where he had completed his thesis, while Vincent Lomné fell in love with the Apple brand. "Then, in 2017, the planets aligned. Thomas moved to Montpellier just as I wanted to try my hand at entrepreneurship, to gain the freedom I'd been missing at ANSSI," says Victor Lomné. NinjaLab was born and set up on the Saint-Priest campus. " We feel closer to a craftsman's workshop than a start-up, so the Lirmm environment suits us well," laughs Thomas Roche.

White Ninjas

A life of geek entrepreneurs punctuated by "desert crossings and moments of adrenalin, when we finally find the flaw". And when customers give them the time, the two ninjas gladly don the costumes of white hat hackers, those ethical hackers who probe the weaknesses of new products on the market, not to harm, but to warn users and designers. We call this responsible disclosure," explains Victor Lomné, " it's our research activity, and when we do it, our aim is also to publish.

In 2021, NinjaLab shot its sharpest star at Google, finding a vulnerability in the Titan security key(A side journey to Titan). A great showcase for the company, which saw its order book explode and took the opportunity to recruit a PhD student, without losing sight of the essential. To grow any bigger would mean more verticality and more administration," stresses Thomas Roche. As long as the formula works and we're having fun, we'll keep it that way! Ninja wisdom...

*Lirmm (UM, CNRS, INRIA, UPVD, UPVM)