Diplom- und Studienarbeiten


Ausschreibungen


Wir sind immer an Studierenden interessiert, die bei uns eine Studien- oder Abschlussarbeit schreiben möchten. Es sind keine besonderen Vorkenntnisse erforderlich, d.h. Grundlagen der Kryptographie, algorithmische oder VHDL Grundlagen können während der Arbeit erlernt werden. Die Ausschreibung richtet sich darüber hinaus gleichermaßen an Studierende der ET, IT, AI und ITS.

Unser Lehrstuhl bietet aktuell folgende Themen zur Bearbeitung für Studien-, Bachelor-, Master- und Diplomarbeiten an. Bei Interesse einfach an den zugehörigen Ansprechpartner wenden. Weitere interessante Abschlussarbeiten sind auch über die eigene Webseiten der Arbeitsgruppe für Sichere Hardware verfügbar.

Studierende, die noch keinen Kontakt zu einem unserer Mitarbeiter haben und sich von den unten stehenden Themen nicht angesprochen fühlen, haben darüber hinaus die Möglichkeit, an die Kontakt-Emailadresse emsec+BA_MA@rub.de eine allgemeine Anfrage nach einer Abschlussarbeit zu richten. In diesem Fall bitte ein kurzes Anschreiben (einige Worte zur eigenen Person, Stärken/Schwächen, Motivation,...) sowie den aktuellen Notenspiegel beifügen.

Bitte beachten Sie zusätzlich die offiziellen Merkblätter für Bachelorarbeiten und für Masterarbeiten.

Location-based Group-Key Extraction from the Sky
(Masterarbeit oder herausfordernde Bachelorarbeit)
Zenger_Location-based-Group-Key-Extraction-from-the-Sky_2 Zenger_Location-based-Group-Key-Extraction-from-the-Sky_3

Background:
Location or proximity based key establishment enables security that is intuitive and easy to understand. For example, it would be nice to provide all cars within a given environment with a group key for privacy-preserving/anonymous communication. However, using state-of-the-art approaches, such as, pseudonym certificates, are insufficient and new solutions are urgently needed for C2C/C2X-communication.

What is this thesis about?
We propose a group key extraction mechanism that is based on time/space-complexity. Specifically we use the random time/space behavior of the ionosphere (we start with the one of our earth) to generate vicinity-based key material. We have developed a first ionosphere measurement setup utilizing signals from GPS-satellites. The setup is based on GNU-radio [1] and GNSS-SDR [2]. We are searching for a Master (or highly motivated Bachelor) student who is interested in wireless systems and software-defined radios. You need to be able to program C (maybe also C++) and Python.

[1] http://gnuradio.org
[2] http://gnss-sdr.org

Contact:
If this sounds interesting to you, please contact Christian Zenger (christian.zenger@rub.de)

Cryptanalysis of Lightweight Ciphers
(Masterarbeit - Bachelorarbeit)
Rasoolzadeh_Cryptanalysis-of-Lightweight-Ciphers

Abstract:
Lightweight Cryptography In last decade, some symmetric-key primitives namely lightweight ciphers are designed which are appropriate to use in concentrated source computing devices. Due to the limitation of resources, these pervasive devices are extremely limited in computing power, battery supply and memory, the structure of designed lightweight ciphers are innovative and sometimes simple that makes the computation operations lighter. Hence their cryptographic security need to be studied carefully.
The target of this project is to investigate theoretical security of some lightweight block or stream ciphers using well-known symmetric-key attacks (like differential, linear, mitm, integral and ... ).

Requirements
Some knowledge about Cryptanalysis of Symmetric Ciphers will be a benefit.

Contact:
If this sounds interesting to you, please contact Shahram Rasoolzadeh (shahram.rasoolzadeh@rub.de)

Nano-Scale Side-Channel Analysis
(Masterarbeit - Bachelorarbeit)
Moos_Nano-Scale-Side-Channel-Analysis

Background:
The traditional use case of cryptography, namely transferring secret messages between two distant parties, does not involve any adversarial access to the machines that execute cryptographic algorithms. Hence, for several decades, mathematical security of the applied ciphers was the only important criterion. For many of todays applications on the other hand this assumption is no longer suitable. Smart-cards, RFID tags, electronic door locks and keys as well as many further small scale devices in the IoT are in the hands of potential adversaries with a constant and non-observable physical access to them. The most prominent class of attacks that becomes important in such a setting is the side-channel analysis. Side-channel analysis attacks are based on the observation of the physical properties of a cryptographic device and try to learn information about the internal key material. These physical properties, like e.g. the power consumption or the electromagnetic emanation, vary significantly when the respective technology is scaled down as aggressively as current nanometer CMOS processes. Thus, it is crucial to keep effective countermeasures against side-channel attacks up-to-date and to generate new ones that fit the altered conditions.

What can you do?
One of the most important – technology scaling-induced – changes in the power consumption characteristics of physical devices is the rise of the static power consumption. Since many countermeasures against power analysis attacks are based on concealing the data dependency in the dynamic currents, it can be possible to circumvent these by exploiting the information leakage through the static power dissipation.
Our group has recently built a sophisticated measurement setup for static power analysis and carried out several preliminary experiments with promising results. However, it is necessary to advance the research in this area. Concrete thesis topics can include the development and test of new countermeasures against static power analysis, the study of temperature effects on the static and dynamic power consumption in different technologies and the improvement of the existing measurement setup.
The topic is well suited both for students of ITS and ET/IT. To practically implement and test the countermeasures and to work with the FPGA boards, it is necessary that you are familiar with VHDL and at least one suitable PC programming language, e.g., C or C++. It is also possible to realize smaller parts of the project as a Studien- or Bachelorarbeit.

Contact:
If this sounds interesting to you, please contact Thorben Moos (thorben.moos@rub.de)

Provable Privacy on Embedded Devices
(Master Thesis - Bachelor Thesis)
Hoffmann_Provable-Privacy-on-Embedded-Devices

Background:
Provable Privacy hides user data in transactions such that no party can link a transaction to a certain user. This protects privacy and thus encourages user trust in services. To convince users of the reliability of the algorithms, the privacy attribute has to be mathematically proven, which leads to computationally intense algorithms.

What can you do?
Provable privacy is often connected to zero-knowledge proofs of knowledge (ZK-POK) which are computationally demanding. A straightforward implementation of such a system for embedded systems may result in impractical running times and therefore render the system unusable.
Therefore it is interesting to investigate ZK-POKs and analyze which proof systems are suitable for embedded systems, by comparing supported proof languages and implementing proof systems on embedded platforms with low computational power. It is also interesting to see how the same systems perform on a more powerful embedded platform like a smartphone.
Furthermore, methods for batch verification of multiple ZK-POKs can be analyzed to generate more efficient systems and reduce workload for servers, assuming they have to verify the ZK-POKs.
The topic combines mathematical analysis of ZK-POKs with implementing algorithms for embedded platforms. It is required that you have a basic understanding of formal mathematical proofs and that you are familiar with C and possibly Assembly.

Contact:
If this sounds interesting to you, please contact Max Hoffmann (max.hoffmann@rub.de)

Kleptography - Attacking Cryptography Using Cryptography
(Master Thesis - Bachelor Thesis)
Hoffmann_Kleptography

Background:
Kleptography is the art of stealing information securely and subliminally. A kleptographic attack cannot be detected if the device under test is analyzed as a black-box. Even if a kleptographic Trojan is discovered by analyzing the device, it is impossible to tell when information was leaked. In addition, previous transcripts cannot be classified as affected or not. Kleptography has similarities to the area of subliminal channels. However, once a subliminal channel is discovered, everyone can read the transmitted data. Kleptography takes the approach to not create a hidden channel, but use existing channels and hide information in a way, such that only the Trojan engineer is capable of reading it. Therefore, kleptography is also referred to as using cryptography against cryptography.

What can you do?
Understanding and implementing kleptographic algorithms is not a challenging task in general. However most research in this area has been theory and no practical evaluation was done.
The same problem applies to detection and countermeasures: Theoretic approaches exist but they rely on unrealistic assumptions or were not validated in real-world applications. After implementing cryptographic algorithms and infecting them with a kleptographic Trojan, it would be interesting to analyze devices and evaluate different detection methods. This task can be done on both, microcontrollers or FPGAs.
The topic combines basic mathematical manipulation of cryptographic systems, implementations for embedded platforms and analysis of runtime characteristics. It is required that you have a good understanding of mathematical descriptions of cryptographic algorithms and that you are familiar with C and possibly Assembly or VHDL/Verilog.

Contact:
If this sounds interesting to you, please contact Max Hoffmann (max.hoffmann@rub.de)

Investigating Integrity Assumptions in Powerful Adversarial Models
(Master Thesis - Bachelor Thesis)
Boss_Investigating-Integrity-Assumptions

Background:
A basic assumption in cryptography relates to the integrity of the underlying hardware. The idea being that security breaks down once an attacker is able to control or modify the hardware in some way. This is a natural enough assumption to make. In particular, we really want our CPU to be trustworthy. Over the last few years it has been made clear that hardware integrity assumptions may not hold in the face of nation-state attackers. A possibly interesting avenue for research is to investigate, specifically, the integrity of CPU microcode. What happens if you break that integrity? What attacks are possible? How do we verify the integrity? If verified, what other (positive) applications does it have?

What can you do?
EMSEC is currently starting up a project dealing with the questions outlined above. The topics can range from more straightforward development work on the tools used in this research, to finding novel attacks in this attacker model, and possibly many other things. It is a fairly interdisciplinary subject, requiring knowledge of several different fields to be fully effective.
Ideally, the student is expected to be already familiar with a hardware-design language (preferably Verilog), software programming in C/C++ (and one or two interpreted languages may help) and should have some background in computer architectures. Some of this can of course be learned “on the job”. Other tasks may only involve a subset of these proficiencies, depending on the skill set of the student.

Contact:
If this sounds interesting to you, please contact Erik Boss (erik.boss@rub.de)

Image Processing in Hardware Reverse Engineering
(Masterarbeit - Diplomarbeit - Studienarbeit - Bachelorarbeit)
clockbending

Background:
VLSI circuits are from millions of transistors, generating logical and analog signals on the silicon die. Multiple transistors group into logical functions like INVERTER, NAND and NOR gates. Within one chip several hundred different logic-gates can be distinguished, each repeating multiple thousand up to multiple million times over the chip.
Hardware Reverse Engineering is the invasive approach to find hard-wired proprietary implementations and functions in ASICs. Besides the interpretation of VLSI circuits and functions, acquiring clean images from the metal layers and the polysilicon layer are essential for reverse engineering. Each layer is step by step delayered in a wet-chemical polishing process and acquired to get a digital image of the chip. Promising new approaches are using neuronal networks for street detection and might be adjustable.
The sheer number of transistors and gates makes the reverse engineering impossible to execute manually. Full and semi-automatic tools are required to help the reverser. With Moore’s Law still intact, the number of transistors and logic-cells grows exponentially showing that this approach becomes even more repetitive and tedious. First academic research tries in a semi-automatic way to find repetitive logic cells and highlights wires over multiple layers.

What can you do?
Our group is capable of producing high resolution images of multiple layers from modern CMOS chips. The aim of this work is to extend our tools to reverse engineer VLSI chips in an automatic and generic way. The academic challenge is the feature-extraction and pattern recognition of wires and logic cells on noisy layer images, as well as a new (semi)-automatic cell-function evaluation. The first focus of the thesis is thus on implementing further image processing functions and validate them on real-world CMOS images. Next, practical attacks on modern real-world devices can be realized. Optionally, advanced topics such as a combination of micro-probing and side-channel analysis may be included. The student can do his own experiments with depackaging and delayering. The topic is well suited for students in electrical-engineering, physics and and IT. To practically implement the algorithms, it is required that you are familiar with one programming language and at least know the basics of CMOS circuits. However, this is not a strict requirement, as most concepts base on simple ideas that are quickly understood. It is possible to realize only a part of the whole project as a Studien- or Bachelorarbeit. This work can be done in the high-security facility of the BKA in Wiesbaden.

Contact:
If this sounds interesting to you, please contact Christian Kison (christian.kison@rub.de)

Side-Channel Attacks using Deep Learning Techniques
(Masterarbeit)
KNN

Background:
Side-Channel Attacks: Side-Channel Attacks (SCA) enable an attacker to extract informations from a cryptographic circuit using information leakage not intended by the developer e.g. timing, power consumption, or electromagnetic emanation.

Deep Learning: In the recent years Deep Learning(DL) has seen a huge increase. Using machine learning techniques like Convolutional Neural Networks, applications like image recognition have been enabled with unseen accuracy.

What can you do?
In 2016 Maghrebi et al. presented a first study on using DL techniques to improve SCA. They tested different architectures of Neural Networks, i.e., Multilayer Perceptron, Stacked Auto-Encoder, Convolutional Neural Network, and Long and Short Term Memory, for their suitability to analyze side-channel signals. The Analysis was performed in a profiling setting. The attacker has access to an identical device he can control, which enables him to perform known-key measurements to build profiles of the leakage behavior.

The goal of this thesis is to apply different types and architectures of Deep Learning / Neural Network techniques on the problem of profiled side-channel analysis. Since Maghrebi et al. only analyzed software implementations, an interesting aspect is applying these techniques on hardware implementations which exhibit a different leakage behavior due to the parallel processing of signals.

The methods should be implemented using state of the art DL frameworks, e.g., Google's TensorFlow, which can utilize the groups GPU server to efficiently perform the calculations.

Contact:
If this sounds interesting to you, please contact Bastian Richter (bastian.richter@rub.de)

PROPHYLAXE – Effizientes Schlüsselmanagement
(Masterarbeit - Diplomarbeit - Studienarbeit - Bachelorarbeit)

Abstract:
Im Rahmen des Projektes „Effizientes Schlüsselmanagement für mehr Sicherheit im ‚Internet der Dinge‘“, kurz PROPHYLAXE soll ein alternatives Konzept zur Schlüsselerzeugung auf „Internet der Dinge“-Szenarien angewendet werden, das insbesondere für kleine eingebettete Knoten geeignet ist. Die wesentliche Frage in der Praxis ist immer: Wie können ALICE und BOB ein solches Geheimnis vereinbaren, ohne dass EVE den Schlüssel ebenfalls erfährt?
Prophylaxe
Das Grundprinzip des PROPHYLAXE-Verfahrens ist das Folgende: Vermessen ALICE und BOB ihren gemeinsamen Kanal nahezu gleichzeitig, werden seine Übertragungsparameter (z.B. die effektive Signalstärke) bei beiden Parteien stark korrelieren—dies wird Reziprozität genannt. Da die Übertragungsparameter durch die Umgebung des Kanals beeinflusst werden (z.B. durch Signalreflektionen, Brechungen, Störungen, Einstreuungen, etc.) können sie nicht vorhergesagt werden und verhalten sich wie zufällig. Als folge daraus generiert die Messung des Kanals bei ALICE und BOB eine Serie von Zufallszahlen, die sich stark ähnelt.
(Wir suchen 2 Masterarbeiten)
MaThe-Prototyp: Im Rahmen einer Masterarbeit würden Sie Kleinstsysteme, die via Bluetooth- oder ZigBee-basieret kommunizieren, mit unserem Ansatz erweitern. Somit können höchst aktuelle Internet-of-Things Anwendungen (Smart Home, Industrie 4.0, …) andressiert werden.
MaThe-Protokoll: PHYSEC stellt einen gänzlich neues symmetrische Primitiv dar. Mit PHYSEC sind wir erstmal in der Lage ein dynamisches SYMMERISCHES Schlüsselmanagement zu realisieren! Hierfür gibt es noch keine Protokolle (ev. Vergleichbar mit PKI-Ansätze oder Kerberos). Im Rahmen einer Masterarbeit sollen neue Protokollansätze entwickelt und in ein OpenSource-SmartHome-Server implementiert werden.
(Wir suchen 2 Bachelorarbeiten)
Experimentelle Sicherheitsanalyse: Um die Schlüsselerzeugung angriffssicher zu machen, kümmern wir uns natürlich auch um die spannende Aufgabe wie das System kompromittiert werden kann. Hier könnten Sie im Rahmen einer Abschlussarbeit Teile der Sicherheitsanalyse behandeln. Im Rahmen der Bachelorarbeit würden Sie einen PHYSEC-Contest ins Leben rufen. Basieren auf passiven Angreifern würde der Contest alle interessierten Sicherheitsexperten auffordern unser System zu evaluieren. – Eine zweite Arbeit würde aktive Kanalmanipulations-Attacken beinhalten.
Koordinator des Projekts mit einem Gesamtvolumen von 3,37 Mio. Euro ist das Fraunhofer Heinrich Hertz Institut in Berlin. Außerdem gehören die Robert Bosch GmbH, die ESCRYPT GmbH – Embedded Security, die Technische Universität Dresden (TUD), die Technische Universität Kaiserslautern (UKL) und der Lehrstuhl für Digitale Kommunikationssysteme der RUB zu den Partnern.
PROPHYLAXE Homepage

Kontakt:
Betreuer: M.Sc. Christian Zenger
Mail: christian.zenger@rub.de

Bring Your Own Bug
(Bachelorarbeit)
BYOB

Abstract:
Das neue Paradigma “Bring Your Own Device” (BYOD), welches das Nutzen von privaten Geräten im Arbeitsumfeld ermöglichen und fördern soll, bringt mit sich eine eigene Klasse von Sicherheitsrisiken. Diese entstehen dadurch, dass der Arbeitgeber seinen Mitarbeitern in der Regel nicht detailliert vorschreiben kann oder darf, was diese auf ihren Geräten (z.B. Smartphones) installieren dürfen oder müssen.
Obiges Szenario birgt die Gefahr, dass Mitarbeiter leistungsstarke, ständig mit dem Internet verbundene und mit vielfältigen Sensoren ausgestattete Geräte in sensible Firmenkontexte eingebringen. Neben dem Fall des bewussten Insider-Angriffs durch einen Mitarbeiter, gibt es noch den externen Angreifer: Hier ist denkbar, dass, ohne Kenntnis eines Mitarbeiters, dessen Smartphone durch Malware kompromittiert wird.
In dieser Arbeit soll untersucht werden, wie realistisch und simpel ein möglicher Angriff aussehen kann. Die Ausgangssituation für unseren Angriff betrifft nahezu jeden, der sein Smartphone auf den Schreibtisch neben die Tastatur legt (z.B. zum Laden der Batterie). Konkret wollen wir herausfinden, ob in einem solchen Fall mittels Sensoren (Mikrofon, Beschleunigungssensor, …) eingegebene Passwörter rekonstruiert werden können (Tastatur-, Nutzer-, Tisch- und Umgebungsunabhängig).

Kontakt:
Betreuer: M.Sc. Christian Zenger
Mail: christian.zenger@rub.de

Secret-Key Generation via Uncertainty of Communication Channels
(Masterarbeit - Bachelorarbeit)
Topicbild

Abstract:
Yes, there is another approach to secure channels beside asymmetric /symmetric Crypto approaches: Physical Layer Security!
Physical Layer (PHY) Security is a rich area and a very interesting approach, which combines Coding Theory, Networking, Game Theory and Cryptography. A PHY-Security based system is able to solve the problems of key-management- and arbitrary-precision arithmetic and so it represents a very attractive approach.
In the context of our PROPHYLAXE-project supported by the Federal Ministry of Education and Research of Germany (Link) an entirely new paradigm for generating secret keys will be developed. The approach is based on a common estimation of the transmission channel by the sender and receiver whereby the secret key will be derived from channel parameters. It shall be assumed that the channel between two communication nodes is reciprocal and the entropy of spatial, temporal, and spectral characteristics is sufficiently high. Most practical channels present these requirements.
We offer highly research- and industry-related Bachelor’s and Master’s theses in the following topics:

  • Physical Layer Security protocol design based on real world requirements (by Robert BOSCH AG).
  • Implementing of a prototype system based on WiFi-n-standard (Android- or µC-based). Here you would improve our/the first channel-based prototype system.
  • First security analysis of our real-world security system (Communication engineering vs. IT-Security). For the simple reason that no system existed, a security analysis wasn’t possible so far. Now we have a running system and we want you to analyze it.

Contact:
Betreuer: M.Sc. Christian Zenger
Mail: christian.zenger@rub.de

Hardware Reverse-Engineering und Einfügen von Hardware Trojanern
(Masterarbeit - Bachelorarbeit)

Abstract:
Prophylaxe
Heutzutage werden ASICs und FPGAs in einem globalen Szenario entwickelt und gefertigt. Das Konzept des Outsourcing bietet hierbei sowohl einen Angriffsvektor für das Einfügen von Hardware Trojanern als auch Probleme in Bezug auf die Validation des Vertrauens und Integritätsverifikation von Dritt-Anbieter Designs, für die der Quellcode oftmals nicht zur Verfügung steht. In diesem Kontext bietet Reverse-Engineering (RE) eine Basis, um ein unbekanntes Design Interna zu verstehen und damit die Möglichkeit zur Detektion von Intellectual Property Verstößen und Hardware Trojanern. Gegenüberstellend kann RE auch benutzt werden, um in ein Dritt-Anbieter Design zu manipulieren und einen Hardware Trojaner einzufügen, der z.B. die Sicherheit des Gesamtsystems aushebelt.

Abschlussarbeiten:
In diesem Projekt bieten wir folgende BA/MA Abschlussarbeiten:

  1. Einfügen von Hardware Trojanern:
    In dieser Arbeit sollen Sie die Möglichkeiten des Angreifers genauer betrachten und einen Hardware Trojaner in einen Dritt-Anbieter Design einfügen. Das erste Ziel ist verschieden Design Charakteristiken semi-automatisch zu extrahieren, z.B., Register und Zustandsautomaten Information. Aufbauend auf den detektierten Schaltkreiselementen ist das zweite Ziel, an diese Elemente einen Hardware Trojaner anzuschließen, um die Sicherheit des Systems zu untergraben z.B. durch das Leaken eines kryptographischen Schlüssels.

  2. Detektion von Hardware Trojanern:
    In dieser Arbeit sollen Sie die Dektion von Hardware Trojanern untersuchen. Hierzu implementieren Sie verschiedene Hardware Trojaner Detektionsalgorithmen, die nach verschiedenen Trojaner spezifischen Eigenheiten suchen.

  3. Hardware Intellectual Property Verletzung:
    In dieser Arbeit sollen Sie die Sicherheit von verschiedenen watermarking Methoden für Hardware Designs analysieren. Dafür implementieren Sie ein watermarking Schema und analysieren dessen Sicherheit in Bezug auf semi-automatische Identifkation und Modifikation des Wasserzeichens.

  4. Hardware Design Obfuskation:
    In dieser Arbeit sollen Sie die verschiedenen Hardware Design Obfuskationstechniken untersuchen. Hierzu implementieren Sie verschiedene Obfuskation-Schemata und beleuchten anschließend ihre Sicherheit, indem Sie versuchen Aussagen über das obfuskierte Design zu treffen z.B. welche Funktionalität eine Gruppe von obfuskierten Hardware-Elementen umsetzt.

Vorraussetzungen
Die Vorraussetzungen varriieren, sodass der finale Umfang der Arbeit an die Vorkenntnisse des Studierenden angepasst wird. Jedoch werden Vorkenntnisse bzgl. FPGAs und C/C++ helfen.

Kontakt:
Betreuer: M.Sc. Marc Fyrbiak
Mail: marc.fyrbiak@rub.de

Implementation of Post Quantum Cryptography
(Masterarbeit - Bachelorarbeit)
Topicbild

Background:
Nearly all of the currently used and well-tested asymmetric cryptographic schemes (e.g. RSA, DSA) are based either on the factoring assumption or the presumed intractability of the discrete logarithm problem. Further algorithmic advances on these problems or the appearance of a quantum computer might lead to the unpleasant situation that a large number of schemes have to be replaced with alternatives. For these alternatives to become practical and usable it is necessary that they can be implemented in an efficient and secure way. As recent results suggest, the first quantum computer might be built in the next two decades which creates peculiar need to deal with the problem now. As a consequence, a NIST standardization contest for post-quantum cryptography has been launched [1].

What can you do?
Depending on your background, it is possible to develop efficient and side-channel resistant implementations of schemes that are considered secure against attacks by quantum computers, as for example:

  • Hash-based signatures
  • Multivariate Quadratic (MQ) schemes
  • Lattice-based cryptography
  • Code-based schemes
Possible target hardware are FPGAs, graphics cards, microcontrollers or x86 architecture. The evaluation of the side-channel resistance of schemes is also a possible topic for a thesis.

[1] http://http://csrc.nist.gov/groups/ST/post-quantum-crypto/

Contact:
If this sounds interesting to you, please contact Tobias Oder (tobias.oder@rub.de)

Security Analysis of Real-World Devices
(Masterarbeit - Diplomarbeit - Studienarbeit - Bachelorarbeit)
Topicbild

Background:
Research in the field of cryptology offered convenient algorithms and protocols to fulfill certain security goals. Even though there are no strict mathematical proofs for many algorithms, public scrutiny enables confidence in the schemes. In contrast, manufacturers of security-relevant devices sometimes tend to implement proprietary algorithms to create an “additional layer” of security or to save cost in terms of program size or performance. As shown multiple times, when the undisclosed mechanisms are reverse-engineered or leak to the public, the implemented schemes turned out to be insecure with respect to their claimed security features.

What can you do?
The goal of this thesis is to investigate the size of the gap between cryptographic research and what is implemented in real world. To this end, we have multiple widely deployed candidates available for a detailed analysis of the implemented proprietary security mechanisms. The first step here is to reverse-engineer the extracted program code running on the device. This enables an understanding of the used methods and the possibility to reason about the level of security. In the second step, you can exploit possible flaws by developing attacks or the required hardware to circumvent the claimed security. The topic is well suited for students of ITS, ET/IT, and AI. To be able to understand the recovered program code, it is required that you are familiar with microcontrollers and at least one assembly programming language, e.g., AVR-asm. The underlying concepts can be quickly transferred to other devices and their corresponding instruction set. It is possible to find the most suitable target and to realize only a part of the whole project as a Studien- or Bachelorarbeit.

Contact:
If this sounds interesting to you, please contact Endres Puschner (endres.puschner@rub.de)

Improving Power Analysis Measurements by means of Arbitrary Waveform Generator
(Studienarbeit - Bachelorarbeit - Masterarbeit - Diplomarbeit)

Abstract:
Power consumption traces, used in DPA attacks, usually have a high peak-to-peak amplitude, but their variation depending on the processed data are minimal. Therefore, for many applications -- especially hardware platforms -- several traces are required to perform a successful attack. Further, in cases that the implementation is equipped with some countermeasures, much more traces are required to examine the vulnerability.
The goal of this project is to develop a simple small PCB (board) which combines the signal coming from the device under attack and the signal generated by an arbitrary waveform generator. A script (in C++) should also be written to controls the board, the oscilloscope, and the signal generator.

Contact:
Betreuer: Dr. Amir Moradi
Mail: amir.moradi@rub.de

SHK gesucht für 1 Jahr oder länger
(Bachelor oder Masterarbeit sind möglich)
Topicbild

Abstract:
Im Rahmen des BMBF-Programms „IT-Sicherheitsforschung“ sucht der Lehrstuhl für Eingebettete Sicherheit ab sofort eine studentische Hilfskraft. Die Tätigkeiten können dynamisch an den Studienalltag angepasst werden und umfassen einem Aufwand von ca. 10 Stunden pro Woche. Der Student sollte ein abgeschlossenes Studium im Bereich Elektrotechnik haben. Wünschenswert sind nachrichtentechnische Kenntnisse im Bereich der Messtechnik, Hochfrequenztechnik, digitalen Signalverarbeitung und Entwurf digitaler Empfangssysteme sowie Erfahrungen in MatLab-, und C-Programmierung vorweisen. Koordinator des Projekts mit einem Gesamtvolumen von mehr als 3 Mio. Euro ist das Fraunhofer Heinrich Hertz Institut in Berlin. Außerdem gehören die Robert Bosch GmbH, die ESCRYPT GmbH – Embedded Security, die Technische Universität Dresden (TUD), die Technische Universität Kaiserslautern (UKL) und der Lehrstuhl für Digitale Kommunikationssysteme der RUB zu den Partnern. Haben wir Ihr Interesse geweckt? Für weitere Informationen christian.zenger@rub.de.

Kontakt:
Betreuer: M.Sc. Christian Zenger
Mail: christian.zenger@rub.de