Diplom- und Studienarbeiten


Ausschreibungen


Wir sind immer an Studierenden interessiert, die bei uns eine Studien- oder Abschlussarbeit schreiben möchten. Es sind keine besonderen Vorkenntnisse erforderlich, d.h. Grundlagen der Kryptographie, algorithmische oder VHDL Grundlagen können während der Arbeit erlernt werden. Die Ausschreibung richtet sich darüber hinaus gleichermaßen an Studierende der ET, IT, AI und ITS.

Unser Lehrstuhl bietet aktuell folgende Themen zur Bearbeitung für Studien-, Bachelor-, Master- und Diplomarbeiten an. Bei Interesse einfach an den zugehörigen Ansprechpartner wenden. Weitere interessante Abschlussarbeiten sind auch über die eigene Webseiten der Arbeitsgruppe für Sichere Hardware verfügbar.

Studierende, die noch keinen Kontakt zu einem unserer Mitarbeiter haben und sich von den unten stehenden Themen nicht angesprochen fühlen, haben darüber hinaus die Möglichkeit, an die Kontakt-Emailadresse emsec+BA_MA@rub.de eine allgemeine Anfrage nach einer Abschlussarbeit zu richten. In diesem Fall bitte ein kurzes Anschreiben (einige Worte zur eigenen Person, Stärken/Schwächen, Motivation,...) sowie den aktuellen Notenspiegel beifügen.

Bitte beachten Sie zusätzlich die offiziellen Merkblätter für Bachelorarbeiten und für Masterarbeiten.

Side-Channel Attacks using Deep Learning Techniques
(Masterarbeit)
KNN

Background:
Side-Channel Attacks: Side-Channel Attacks (SCA) enable an attacker to extract informations from a cryptographic circuit using information leakage not intended by the developer e.g. timing, power consumption, or electromagnetic emanation.

Deep Learning: In the recent years Deep Learning(DL) has seen a huge increase. Using machine learning techniques like Convolutional Neural Networks, applications like image recognition have been enabled with unseen accuracy.

What can you do?
In 2016 Maghrebi et al. presented a first study on using DL techniques to improve SCA. They tested different architectures of Neural Networks, i.e., Multilayer Perceptron, Stacked Auto-Encoder, Convolutional Neural Network, and Long and Short Term Memory, for their suitability to analyze side-channel signals. The Analysis was performed in a profiling setting. The attacker has access to an identical device he can control, which enables him to perform known-key measurements to build profiles of the leakage behavior.

The goal of this thesis is to apply different types and architectures of Deep Learning / Neural Network techniques on the problem of profiled side-channel analysis. Since Maghrebi et al. only analyzed software implementations, an interesting aspect is applying these techniques on hardware implementations which exhibit a different leakage behavior due to the parallel processing of signals.

The methods should be implemented using state of the art DL frameworks, e.g., Google's TensorFlow, which can utilize the groups GPU server to efficiently perform the calculations.

Contact:
If this sounds interesting to you, please contact Bastian Richter (bastian.richter@rub.de)

Side-Channel Reverse Engineering of White-Box Implementations: Space-Hard Ciphers
(Masterarbeit - Diplomarbeit - Bachelorarbeit)
White Box

Background:
The need for secure systems operated in untrusted environments is ever increasing. Whitebox cryptography aims to ensure the security of cryptographic algorithms when the attacker has full access to their implementations. In this context, the family of white-box secure block ciphers SPACE offer several novel features. The design of SPACE is such that the key-extraction security in the white box reduces to the well-studied problem of key recovery for block ciphers such as AES. Moreover, to mitigate the extraction and transferring of an implementation, the notion of space hardness is introduced. It measures the difficulty of compressing the white-box implementation of a cipher, and quantifies security against implementation lifting by the amount of data that needs to be extracted from the implementation by a white-box attacker to maintain its functionality.

What can you do?
Your task will be to implement different variants of the Space-Hard ciphers (providing different levels of space hardness) on an FPGA side-channel evaluation board. In addition, side-channel measurements (power or EM) should be performed in order to reverse-engineer secret parts of the implementation and to extract the data for successful implementation lifting attacks.

Contact:
M.Sc. Pascal Sasdrich (pascal.sasdrich@rub.de)
Dr. Amir Moradi (amir.moradi@rub.de)

PROPHYLAXE – Effizientes Schlüsselmanagement
(Masterarbeit - Diplomarbeit - Studienarbeit - Bachelorarbeit)

Abstract:
Im Rahmen des Projektes „Effizientes Schlüsselmanagement für mehr Sicherheit im ‚Internet der Dinge‘“, kurz PROPHYLAXE soll ein alternatives Konzept zur Schlüsselerzeugung auf „Internet der Dinge“-Szenarien angewendet werden, das insbesondere für kleine eingebettete Knoten geeignet ist. Die wesentliche Frage in der Praxis ist immer: Wie können ALICE und BOB ein solches Geheimnis vereinbaren, ohne dass EVE den Schlüssel ebenfalls erfährt?
Prophylaxe
Das Grundprinzip des PROPHYLAXE-Verfahrens ist das Folgende: Vermessen ALICE und BOB ihren gemeinsamen Kanal nahezu gleichzeitig, werden seine Übertragungsparameter (z.B. die effektive Signalstärke) bei beiden Parteien stark korrelieren—dies wird Reziprozität genannt. Da die Übertragungsparameter durch die Umgebung des Kanals beeinflusst werden (z.B. durch Signalreflektionen, Brechungen, Störungen, Einstreuungen, etc.) können sie nicht vorhergesagt werden und verhalten sich wie zufällig. Als folge daraus generiert die Messung des Kanals bei ALICE und BOB eine Serie von Zufallszahlen, die sich stark ähnelt.
(Wir suchen 2 Masterarbeiten)
MaThe-Prototyp: Im Rahmen einer Masterarbeit würden Sie Kleinstsysteme, die via Bluetooth- oder ZigBee-basieret kommunizieren, mit unserem Ansatz erweitern. Somit können höchst aktuelle Internet-of-Things Anwendungen (Smart Home, Industrie 4.0, …) andressiert werden.
MaThe-Protokoll: PHYSEC stellt einen gänzlich neues symmetrische Primitiv dar. Mit PHYSEC sind wir erstmal in der Lage ein dynamisches SYMMERISCHES Schlüsselmanagement zu realisieren! Hierfür gibt es noch keine Protokolle (ev. Vergleichbar mit PKI-Ansätze oder Kerberos). Im Rahmen einer Masterarbeit sollen neue Protokollansätze entwickelt und in ein OpenSource-SmartHome-Server implementiert werden.
(Wir suchen 2 Bachelorarbeiten)
Experimentelle Sicherheitsanalyse: Um die Schlüsselerzeugung angriffssicher zu machen, kümmern wir uns natürlich auch um die spannende Aufgabe wie das System kompromittiert werden kann. Hier könnten Sie im Rahmen einer Abschlussarbeit Teile der Sicherheitsanalyse behandeln. Im Rahmen der Bachelorarbeit würden Sie einen PHYSEC-Contest ins Leben rufen. Basieren auf passiven Angreifern würde der Contest alle interessierten Sicherheitsexperten auffordern unser System zu evaluieren. – Eine zweite Arbeit würde aktive Kanalmanipulations-Attacken beinhalten.
Koordinator des Projekts mit einem Gesamtvolumen von 3,37 Mio. Euro ist das Fraunhofer Heinrich Hertz Institut in Berlin. Außerdem gehören die Robert Bosch GmbH, die ESCRYPT GmbH – Embedded Security, die Technische Universität Dresden (TUD), die Technische Universität Kaiserslautern (UKL) und der Lehrstuhl für Digitale Kommunikationssysteme der RUB zu den Partnern.
PROPHYLAXE Homepage

Kontakt:
Betreuer: M.Sc. Christian Zenger
Mail: christian.zenger@rub.de

Bring Your Own Bug
(Bachelorarbeit)
BYOB

Abstract:
Das neue Paradigma “Bring Your Own Device” (BYOD), welches das Nutzen von privaten Geräten im Arbeitsumfeld ermöglichen und fördern soll, bringt mit sich eine eigene Klasse von Sicherheitsrisiken. Diese entstehen dadurch, dass der Arbeitgeber seinen Mitarbeitern in der Regel nicht detailliert vorschreiben kann oder darf, was diese auf ihren Geräten (z.B. Smartphones) installieren dürfen oder müssen.
Obiges Szenario birgt die Gefahr, dass Mitarbeiter leistungsstarke, ständig mit dem Internet verbundene und mit vielfältigen Sensoren ausgestattete Geräte in sensible Firmenkontexte eingebringen. Neben dem Fall des bewussten Insider-Angriffs durch einen Mitarbeiter, gibt es noch den externen Angreifer: Hier ist denkbar, dass, ohne Kenntnis eines Mitarbeiters, dessen Smartphone durch Malware kompromittiert wird.
In dieser Arbeit soll untersucht werden, wie realistisch und simpel ein möglicher Angriff aussehen kann. Die Ausgangssituation für unseren Angriff betrifft nahezu jeden, der sein Smartphone auf den Schreibtisch neben die Tastatur legt (z.B. zum Laden der Batterie). Konkret wollen wir herausfinden, ob in einem solchen Fall mittels Sensoren (Mikrofon, Beschleunigungssensor, …) eingegebene Passwörter rekonstruiert werden können (Tastatur-, Nutzer-, Tisch- und Umgebungsunabhängig).

Kontakt:
Betreuer: M.Sc. Christian Zenger
Mail: christian.zenger@rub.de

Secret-Key Generation via Uncertainty of Communication Channels
(Masterarbeit - Bachelorarbeit)
Topicbild

Abstract:
Yes, there is another approach to secure channels beside asymmetric /symmetric Crypto approaches: Physical Layer Security!
Physical Layer (PHY) Security is a rich area and a very interesting approach, which combines Coding Theory, Networking, Game Theory and Cryptography. A PHY-Security based system is able to solve the problems of key-management- and arbitrary-precision arithmetic and so it represents a very attractive approach.
In the context of our PROPHYLAXE-project supported by the Federal Ministry of Education and Research of Germany (Link) an entirely new paradigm for generating secret keys will be developed. The approach is based on a common estimation of the transmission channel by the sender and receiver whereby the secret key will be derived from channel parameters. It shall be assumed that the channel between two communication nodes is reciprocal and the entropy of spatial, temporal, and spectral characteristics is sufficiently high. Most practical channels present these requirements.
We offer highly research- and industry-related Bachelor’s and Master’s theses in the following topics:

  • Physical Layer Security protocol design based on real world requirements (by Robert BOSCH AG).
  • Implementing of a prototype system based on WiFi-n-standard (Android- or µC-based). Here you would improve our/the first channel-based prototype system.
  • First security analysis of our real-world security system (Communication engineering vs. IT-Security). For the simple reason that no system existed, a security analysis wasn’t possible so far. Now we have a running system and we want you to analyze it.

Contact:
Betreuer: M.Sc. Christian Zenger
Mail: christian.zenger@rub.de

Hardware Reverse-Engineering und Einfügen von Hardware Trojanern
(Masterarbeit - Bachelorarbeit)

Abstract:
Prophylaxe
Heutzutage werden ASICs und FPGAs in einem globalen Szenario entwickelt und gefertigt. Das Konzept des Outsourcing bietet hierbei sowohl einen Angriffsvektor für das Einfügen von Hardware Trojanern als auch Probleme in Bezug auf die Validation des Vertrauens und Integritätsverifikation von Dritt-Anbieter Designs, für die der Quellcode oftmals nicht zur Verfügung steht. In diesem Kontext bietet Reverse-Engineering (RE) eine Basis, um ein unbekanntes Design Interna zu verstehen und damit die Möglichkeit zur Detektion von Intellectual Property Verstößen und Hardware Trojanern. Gegenüberstellend kann RE auch benutzt werden, um in ein Dritt-Anbieter Design zu manipulieren und einen Hardware Trojaner einzufügen, der z.B. die Sicherheit des Gesamtsystems aushebelt.

Abschlussarbeiten:
In diesem Projekt bieten wir folgende BA/MA Abschlussarbeiten:

  1. Einfügen von Hardware Trojanern:
    In dieser Arbeit sollen Sie die Möglichkeiten des Angreifers genauer betrachten und einen Hardware Trojaner in einen Dritt-Anbieter Design einfügen. Das erste Ziel ist verschieden Design Charakteristiken semi-automatisch zu extrahieren, z.B., Register und Zustandsautomaten Information. Aufbauend auf den detektierten Schaltkreiselementen ist das zweite Ziel, an diese Elemente einen Hardware Trojaner anzuschließen, um die Sicherheit des Systems zu untergraben z.B. durch das Leaken eines kryptographischen Schlüssels.

  2. Detektion von Hardware Trojanern:
    In dieser Arbeit sollen Sie die Dektion von Hardware Trojanern untersuchen. Hierzu implementieren Sie verschiedene Hardware Trojaner Detektionsalgorithmen, die nach verschiedenen Trojaner spezifischen Eigenheiten suchen.

  3. Hardware Intellectual Property Verletzung:
    In dieser Arbeit sollen Sie die Sicherheit von verschiedenen watermarking Methoden für Hardware Designs analysieren. Dafür implementieren Sie ein watermarking Schema und analysieren dessen Sicherheit in Bezug auf semi-automatische Identifkation und Modifikation des Wasserzeichens.

  4. Hardware Design Obfuskation:
    In dieser Arbeit sollen Sie die verschiedenen Hardware Design Obfuskationstechniken untersuchen. Hierzu implementieren Sie verschiedene Obfuskation-Schemata und beleuchten anschließend ihre Sicherheit, indem Sie versuchen Aussagen über das obfuskierte Design zu treffen z.B. welche Funktionalität eine Gruppe von obfuskierten Hardware-Elementen umsetzt.

Vorraussetzungen
Die Vorraussetzungen varriieren, sodass der finale Umfang der Arbeit an die Vorkenntnisse des Studierenden angepasst wird. Jedoch werden Vorkenntnisse bzgl. FPGAs und C/C++ helfen.

Kontakt:
Betreuer: M.Sc. Marc Fyrbiak
Mail: marc.fyrbiak@rub.de

Implementation of Post Quantum Cryptography
(Masterarbeit - Diplomarbeit - Studienarbeit - Bachelorarbeit)
Topicbild

Abstract:
Nearly all of the currently used and well-tested asymmetric cryptographic schemes (e.g. RSA, DSA) are based either on the factoring assumption or the presumed intractability of the discrete logarithm problem. Further algorithmic advances on these problems or the appearance of a quantum computer might lead to the unpleasant situation that a large number of schemes have to be replaced with alternatives. For these alternatives to become practical and usable it is necessary that they can be implemented in an efficient and secure way. As recent results suggest, the first quantum computer might be built in the next two decades which creates peculiar need to deal with the problem now [1].

At the Hardware Security Group and Chair for Embedded Security several researchers are working on efficient and side-channel resistant implementations of schemes that are considered secure against attacks by quantum computers [2]. We therefore have several practical implementation tasks concerning:

  • Hash-based signatures
  • Multivariate Quadratic (MQ) schemes
  • Lattice-based cryptography
  • Code-based schemes

Please contact us if you are interested in this topic (as BSc or MSc thesis). Possible target hardware (depending on the student’s interests and background) are FPGAs, graphics cards, microcontrollers or the ARM and x86 architecture. The evaluation of the side-channel resistance of schemes is also a possible topic for a thesis.

[1] http://www.nytimes.com/2012/02/28/technology/ibm-inch-closer-on-quantum-computer.html

[2] http://www.pqcrypto.org/www.springer.com/cda/content/document/cda_downloaddocument/9783540887010-c1.pdf

Requirements:
Requirements vary so the final topic and scope of the thesis is chosen depending on the students's background.

Contact:
Advisor: M.Sc. Tobias Oder
Mail: tobias.oder@rub.de

Evaluating the Effectiveness of Dual-Rail Logic Styles on FPGAs
(Masterarbeit)
Topicbild

Abstract:
Designers of secure hardware are required to harden their implementations against physical threats, such as power analysis attacks. In particular, cryptographic hardware circuits are required to decorrelate their current consumption from the information inferred by processing (secret) data. A common technique to achieve this goal is the use of special logic styles that aim at equalizing the current consumption at each single processing step. However, since all hiding techniques like Dual-Rail Precharge (DRP) were originally developed for ASICs, the deployment of such countermeasures on FPGA devices with fixed and predefined logic structure poses a particular challenge. The research about DRP logic styles on FPGAs continues since more than a decade. During that period device technology, evaluation methods and measurement tools were improved so that most of the published logic styles are evaluated with different methods and devices. This fact makes it hard to clearly compare their efficiency. Goal of this work is to close this information gap by evaluating current DRP logic styles based on the same technology and knowledge conditions.

Requirements:
Some knowledge about FPGAs will be of benefit.

Contact:
Advisor: Dipl.-Ing. Alexander Wild
Mail: Alexander.Wild@rub.de

Precise Signal Delay Measurement on FPGAs
(Masterarbeit - Bachelorarbeit)
Topicbild

Abstract:
FPGAs are widespread reconfigurable hardware components which provide a good platform to emulate hardware designs. Especially in the research area of hardware security, FPGAs are gaining in popularity. In general, hardware designs are defined in a hardware description language and mapped to the fixed structure of an FPGA. This process is performed by a synthesis tool chain. The synthesyzer has planty of options to place and route a design on FPGA. In some cases (e.g. for hiding techniques or PUF evaluation) it is important for hardware developers to know the exact routing and signal delays of their designs. Goal of this work is to develop and implement techniques which are able to extract the signal delays of specified routes on FPGAs.

Requirements:
Some knowledge about FPGAs will be of benefit.

Contact:
Advisor: Dipl.-Ing. Alexander Wild
Mail: Alexander.Wild@rub.de

Security Analysis of Real-World Devices
(Masterarbeit - Diplomarbeit - Studienarbeit - Bachelorarbeit)
Topicbild

Abstract:
The goal of this thesis is to investigate the size of the gap between cryptographic research and whats implemented in real world. This includes the reverse-engineering of the program code running on an embedded device, a security analysis of the revealed scheme, and the development of attacks that exploit the found flaws.

Contact:
Betreuer: M.Sc. Falk Schellenberg
Mail: falk.schellenberg@rub.de

[Ausführliche Beschreibung]
Laser Fault Injection Attacks
(Masterarbeit - Diplomarbeit - Studienarbeit - Bachelorarbeit)
Topicbild

Abstract:
Fault Injection Attacks allow to break mathematically secure cryptographic schemes by disturbing the execution of the actual implementation, e.g., on a microcontroller or a smartcard. In the past, semi-invasive techniques based on the exposure of an IC to laser light have proven to be particularly successful.

Contact:
Betreuer: M.Sc. Falk Schellenberg
Mail: falk.schellenberg@rub.de


[Ausführliche Beschreibung]
Security Analysis of Physical Unclonable Functions
(Masterarbeit - Diplomarbeit - Studienarbeit - Bachelorarbeit)
Analysis-PUF

Abstract:
Physical Unconable Functions (PUF) have gained a lot of research attention in the last years as a new cryptographic building block. PUFs rely on the fact that every chip that is manufactured has some differences to other chips, due to the manufacturing or the used materials. PUFs magnify these differences between physical instances of the same design to create a unique identity of every manufactured chip. The advantage of using PUFs compared to traditional cryptography is that no key needs to be programmed or stored. Furthermore, PUFs are often much smaller than traditional cryptography, making them very interesting for constrained embedded devices.
One problem of PUFs are that they can often be modeled using Machine learning algorithms given enough challenge and response pairs. In this project we want to look at the security of different PUFs against different machine learning attacks as well as against side-channel attacks.

Contact:
Betreuer: Georg Becker
Mail: Georg.Becker@rub.de

Clock Bending
(Masterarbeit - Diplomarbeit - Studienarbeit - Bachelorarbeit)

clockbending

Background
One of the biggest key elements of synchronous embedded systems is the clock signal. We need to synchronize or take full control of the clock signal to improve or even allow a different attacks and analysis steps. Side Channel Analysis (SCA) and fault attacks are two major fields which improve immensely from a stable and jitter-free signal. There also exist glitch attacks solely on the clock signal allowing to reduce the number of AES round or even bypass the code signature of gameconsoles and smartcards. Whoever is able to take control of the clock, gains a vast vector of possibilities and analysis methods.
Many vendors know this and start generating their signal internally. Often this can not be avoided as the clock signals are too fast to be routed on the PCB, outside of the die. Nevertheless it is theoretically possible to clock the whole device slower as intended, once we have access to the clock signal.

What can you do?
We can provide necessary equipment to find and probe signals on the depackaged chip surface. Aim of this work is to build a clock-bending system that is able to inject a desired clock signal.
The first step of the thesis is the physical setup of an FPGA or Rasperry Pi to generate a desired clock signal. The setup needs to be configurable from a normal PC. After localizing the clock wire, a practical attack is desired. Optionally the work can be extended to generate glitches or support more complex configurations.
The topic is well suited both for students of ITS and ET/IT. To practically implement the algorithms, it is required that you are familiar with C/C++ or VHDL. However, this is not a strict requirement, as most concepts base on simple ideas that are quickly understood. It is possible to realize only a part of the whole project as a Studien- or Bachelorarbeit. This work can be done in the high-security facility of the BKA in Wiesbaden, therefore a compensation will be paid for the traveling and housing in Wiesbaden.

Contact:
If this sounds interesting to you, please contact Christian Kison (christian.kison@rub.de)

Image Processing in Hardware Reverse Engineering
(Masterarbeit - Diplomarbeit - Studienarbeit - Bachelorarbeit)

cmosrecognition

Background
Each chip is build up from millions of transistors, generating logical and analog signals on the die for functionality. Multiple transistors group into logical functions like INVERTER, NAND and NOR gates. Within one chip several hundred different logic-gates can be distinguished, each repeating multiple thousand times over the chip.
Hardware Reverse Engineering is the invasive approach to find hard-wired proprietary implementations and functions in ASICs. Besides the interpretation of VLSI circuits and functions, acquiring clean images from the metal layers and the polysilicon layer are essential for reverse engineering. Each layer is step by step delayered in a wet-chemical polishing process and acquired to get a digital image of the chip.
The sheer number of transistors and gates makes the reverse engineering impossible to execute manually. Full and semi-automatic tools are required to help the reverser. With Moore’s Law still intact, the number of transistors and logic-cells grows exponentially showing that this approach becomes even more repetitive and tedious. First academic research tries in a semi-automatic way to find repetitive logic cells and highlights wires over multiple layers.

What can you do?
Our group is capable of producing high resolution images of multiple layers from modern CMOS chips. The aim of this work is to extend our tools to reverse engineer VLSI chips in an automatic and generic way. The academic challenge is the feature-extraction and pattern recognition of wires and logic cells on noisy layer images, as well as a new (semi)automatic cell-function evaluation.
The first focus of the thesis is thus on implementing further image processing functions and validate them on real-world CMOS images. Next, practical attacks on modern realworld devices can be realized. Optionally, advanced topics such as a combination of micro-probing and side-channel analysis may be included. The student can do his own experiments with depackaging and delayering.
The topic is well suited both for students of ITS and ET/IT. To practically implement the algorithms, it is required that you are familiar with Matlab, C++ (openCV) or Python and have an interest in image processing and pattern recognition. However, this is not a strict requirement, as most concepts are based on simple ideas that are quickly understood. It is possible to realize only a part of the whole project as a Studien- or Bachelorarbeit.

Contact:
If this sounds interesting to you, please contact Christian Kison (christian.kison@rub.de)

Image Processing in Hardware Reverse Engineering
(Masterarbeit - Diplomarbeit - Studienarbeit - Bachelorarbeit)
creditcardsecurity

Background
Credit Card fraud is nowaydays a well established criminal business. Most of the fraud happening is due to the old credit card system based on magnetstripes. Therefore the attacks are mostly done in countries still supporting magnetostripe cards as it is the easiest way to use gained credit card information. With disappearing magnetocards the frauds will begin to search for new attack vectors in modern EMV chipcards.

What can you do?
The Bundeskriminalamt (BKA) offers the required capabilities to perform very invasive attacks on any nano-scale CMOS device. By using a Focused-Ion-Beam (FIB) and other visualization techniques we can analyse and probe the chip while running and change a few selected interconnects to our liking.
The first focus of the thesis is to select multile modern payment cards and terminals and collect interesting attack vectors for the physical attack. Once a good understanding of the protocol and the mechanisms are given the student will try to access the internal execution code. Optionally, advanced topics such as a combination of fault injection and side-channel analysis may be included. The results aim to reveal exisiting hardware security threats and influence future payment-card design criteria.
The topic is well suited both for students of ITS and ET/IT. To practically implement the algorithms, it is required that you are familiar with at least one suitable PC programming language, e.g., C or C++ and know the basics of CMOS circuits. However, this is not a strict requirement, as most concepts base on simple ideas that are quickly understood. It is possible to realize only a part of the whole project as a Studien- or Bachelorarbeit.

Contact:
If this sounds interesting to you, please contact Christian Kison (christian.kison@rub.de)

Development of a Layout-Level Hardware Obfuscation Tool
(Masterarbeit - Diplomarbeit - Studienarbeit - Bachelorarbeit)

Abstract:
Hardware reverse-engineering is a major problem for companies trying to protect their intellectual properties against counterfeits. Furthermore, the hardware reverse-engineering can reveal important information for to an attacker, e.g. to perform fault injection attacks or to reveal other vulnerabilities in the design. In this project we develop a layout-level hardware obfuscation tool that aims to prevent hardware reverse-engineering. The work is done in cooperation with the University of Massachusetts and a first prototype already exists. However, there are a lot of interesting research and engineering problems left. In particular, the student can work of one of the following problems:

  1. Custom Cell Design: An obfuscation cell that cannot be revere-engineered is the heart of the obfuscation tool. In this part of the project the student designs a new custom cell that is resistant to some improved attacks that were recently published.
    Skills & Tools: Background in VLSI, Cadence Layout Editor, HSpice [Experience with the tools are an advantage but can also be learned during the project.]
  2. Obfuscation Algorithm: The obfuscation tool not only replaces the standard cell with obfuscated cells, but also obfuscates the structure of the design. In this part of the project, a flexible tool needs to be developed that performs this obfuscation efficiently.
    Skills & Tools: Some background in Hardware Design, implementation skills.
The work is done in cooperation with the University of Massachusetts where Prof. Paar is currently on sabbatical. Visiting UMass for (part) of the project might be possible.

Contact:
Betreuer: Dr. Georg Becker
Mail: georg.becker@rub.de

Side-channel based Hardware Reverse-Engineering
(Masterarbeit - Diplomarbeit)

Abstract:
To successfully attack a crypto system, the used algorithm needs to be known. Hence, reverse-engineering is needed if the details of the used cryptographic algorithms are not known. However, hardware reverse-engineering is a costly and time-consuming task. In this project side-channel analysis is used to reverse-engineer the internal details of proprietary ciphers or obfuscation functions implemented in hardware. The goal is to find efficient strategies to reverse-engineer all of the typical building blocks of block or stream ciphers, such as S-Boxes, permutations, Mix-Column operations or LFSRs. The tasks for the student will be to implement different algorithms on an FPGA, take power or EM measurements and perform the side-channel analysis.

Contact:
Betreuer: Dr. Georg Becker
Mail: georg.becker@rub.de

Improving Power Analysis Measurements by means of Arbitrary Waveform Generator
(Studienarbeit - Bachelorarbeit - Masterarbeit - Diplomarbeit)

Abstract:
Power consumption traces, used in DPA attacks, usually have a high peak-to-peak amplitude, but their variation depending on the processed data are minimal. Therefore, for many applications -- especially hardware platforms -- several traces are required to perform a successful attack. Further, in cases that the implementation is equipped with some countermeasures, much more traces are required to examine the vulnerability. The goal of this project is to develop a simple small PCB (board) which combines the signal coming from the device under attack and the signal generated by an arbitrary waveform generator. A script (in C++) should also be written to controls the board, the oscilloscope, and the signal generator.

Contact:
Betreuer: Dr. Amir Moradi
Mail: amir.moradi@rub.de


EM Analysis of Intel AES Instruction Set
(Studienarbeit - Bachelorarbeit - Masterarbeit - Diplomarbeit)

Abstract:
Intel AES instructions are a new set of instructions available in many Intel cores. These instructions enable fast and secure data encryption and decryption using the AES. The architecture consists of six instructions that offer full hardware support for AES. Four instructions support the AES encryption and decryption, and other two instructions support the AES key expansion. The AES instructions have the flexibility to support all usages of AES, including all standard key lengths, standard modes of operation. They offer a significant increase in performance compared to the current pure-software implementations. Beyond improving performance, it is claimed that the AES instructions provide important security benefits. By running in data-independent time and not using tables, they help in eliminating the major timing and cache-based attacks that threaten table-based software implementations of AES. In addition, they make AES simple to implement, with reduced code size, which may help reducing the risk of inadvertent introduction of security flaws, such as difficult-to-detect side-channel leaks. The goal of this project is to try EM analysis when the AES module is operated. The student will be provided by a suitable board whose EM signal can be - relatively easily - measured. The corresponding program to use the AES instruction set and the operating system are also available. Knowledge about Linux is a big plus.

Contact:
Betreuer: Dr. Amir Moradi
Mail: amir.moradi@rub.de


Software-based DPA Countermeasure based on Constant HW/HD
(Studienarbeit - Bachelorarbeit - Masterarbeit - Diplomarbeit)

Abstract:
Power analysis attacks can easily recover the secret key used by cryptographic algorithms implemented on software (microprocessor) platforms. There exist many different countermeasures to defeat such attacks. One category of countermeasures is known as hiding countermeasures which - considering a power model - try to equalize the power consumption of the circuit for any processed data. Since HW and HD models are the well-known power models for DPA attacks on software platforms, one option is to attempt to equalize the HW (and/or HD) of all processed data of an implementation. If so, the attacks using HW/HD models will be - most likely - hardened. For preliminary study see here (Software Implementation of Dual-Rail Representation). The target of this project is to find codes (sets of binary codewords) to implement a lightweight symmetric cipher in a way that HW and HD of all operands are constant.

Contact:
Betreuer: Dr. Amir Moradi
Mail:amir.moradi@rub.de


SHK gesucht für 1 Jahr oder länger
(Bachelor oder Masterarbeit sind möglich)
Topicbild

Abstract:
Im Rahmen des BMBF-Programms „IT-Sicherheitsforschung“ sucht der Lehrstuhl für Eingebettete Sicherheit ab sofort eine studentische Hilfskraft. Die Tätigkeiten können dynamisch an den Studienalltag angepasst werden und umfassen einem Aufwand von ca. 10 Stunden pro Woche. Der Student sollte ein abgeschlossenes Studium im Bereich Elektrotechnik haben. Wünschenswert sind nachrichtentechnische Kenntnisse im Bereich der Messtechnik, Hochfrequenztechnik, digitalen Signalverarbeitung und Entwurf digitaler Empfangssysteme sowie Erfahrungen in MatLab-, und C-Programmierung vorweisen. Koordinator des Projekts mit einem Gesamtvolumen von mehr als 3 Mio. Euro ist das Fraunhofer Heinrich Hertz Institut in Berlin. Außerdem gehören die Robert Bosch GmbH, die ESCRYPT GmbH – Embedded Security, die Technische Universität Dresden (TUD), die Technische Universität Kaiserslautern (UKL) und der Lehrstuhl für Digitale Kommunikationssysteme der RUB zu den Partnern. Haben wir Ihr Interesse geweckt? Für weitere Informationen christian.zenger@rub.de.

Kontakt:
Betreuer: M.Sc. Christian Zenger
Mail: christian.zenger@rub.de

KeeLoq on COPACOBANA
(Masterarbeit - Diplomarbeit)
Topicbild

Abstract:
KeeLoq algorithm is widely used on remote key-less entry systems, e.g., remote of garage door openers and the central lock of some vehicles. The algorithm has been analyzed by several researches, and some cryptanalytical attacks are possible on the KeeLoq algorithm. The best attack which has been proposed so far needs 2^{16} pairs of plaintext and ciphertext implemented on 50-core PCs and can recover the secret key in average around 4 days. The aim of this project is to try implementing the already verified attack on COPACOBANA. Since the attack needs a huge amount of memory and must generate and search inside some tables, the most of the work in this project would be to manage the usage of memory and communication bottleneck.

Contact:
Betreuer: Dr. Amir Moradi
Mail: moradi@crypto.rub.de


[Ausführliche Beschreibung]