One solution to deal with noisy transmission is error correction with codes. In current communication standards the length of these codes can be up to several thousands of bits (e.g. [1]).

However, in the context of PUFs, short code-lengths are needed to derive a secret key despite the noise, because PUF devices are very resource constraint.

Thus this topic deals with finding powerful yet short error correction codes. At the same time, it will be important to see if these codes are suitable for hardware implementation (e.g. [2]).

Reference:

• [1] Balatsoukas-Stimming, Alexios, Pascal Giard, and Andreas Burg. "Comparison of polar decoders with existing low-density parity-check and turbo decoders." Wireless Communications and Networking Conference Workshops (WCNCW), 2017 IEEE. Ieee, 2017.
• [2] Pamuk, Alptekin. "An FPGA implementation architecture for decoding of polar codes." Wireless Communication Systems (ISWCS), 2011 8th International Symposium on. IEEE, 2011.

Error evaluation and fault attacks as well as error correction in the contect of neural networks can be divided into two parts: safety aware publications and security aware publications. In the safety domain, Bosio et al. analyze 2 networks YOLO and LeNet in regard of the occurred faults and categorize them depending on how critical they are [1]. Faults are Hou et al. transfer the fault analysis to a practical setup where they use localized laser fault injections to analyze the network’s behavior [2].

An active attack considered to be a security thread is for example DeepStrike by Luo et al. [3] or DeepDup by Rakin et al. [4]. They implement a power sensing circuit alongside the neural network of interest on the same FPGA in a multi-tenant scenario. Breier et al. build an approach to reverse engineer the last layer of a neural network in a student-teacher network scenario by inducing faults [5]. This topic aims to provide an overview of the state of the art in terms of neural networks and fault attacks as well as resistance. The focus should thereby lay on classical NN implementations.

• [1] A. Bosio, P. Bernardi, A. Ruospo, and E. Sanchez, “A reliability analysis of a deep neural network,” in 2019 IEEE Latin American Test Symposium (LATS), pp. 1–6, IEEE, 2019.
• [2] X. Hou, J. Breier, D. Jap, L. Ma, S. Bhasin, and Y. Liu, “Security evaluation of deep neural network resistance against laser fault injection,” in 2020 IEEE International Symposium on the Physical and Failure Analysis of Integrated Circuits (IPFA), pp. 1–6, IEEE, 2020.
• [3] Y. Luo, C. Gongye, Y. Fei, and X. Xu, “Deepstrike: Remotely-guided fault injection attacks on dnn accelerator in cloud-fpga,” arXiv preprint arXiv:2105.09453, 2021.
• [4] A. S. Rakin, Y. Luo, X. Xu, and D. Fan, “{Deep-Dup}: An adversarial weight duplication attack framework to crush deep neural network in {Multi-Tenant}{FPGA},” in 30th USENIX Security Symposium (USENIX Security 21), pp. 1919–1936, 2021.
• [5] J. Breier, D. Jap, X. Hou, S. Bhasin, and Y. Liu, “Sniff: Reverse engineering of neural networks with fault attacks,” arXiv preprint arXiv:2002.11021, 2020.

With the advent of post-quantum computers, new paradigms for public-key cryptography that can withstand quantum attacks are required. In general, post-quantum cryptography can be grouped into problems from the domain of algebraic lattices, hashes, error correcting codes, multivariate equations and isogenies.

Recently, NIST standardized three signature schemes (Dilithium, Falcon and SPHINCS+) that are based on lattices and hashes. A drawback of these schemes is, however, that their signature sizes are quite large compared to classical signatures that are in use today.

This work aims to investigate isogeny based signature schemes. Although these schemes are typically computational intensive, they allow to generate small signatures. The student should give an overview on isogeny based signatures in general and afterwards, focus on explaining one scheme in more detail.

References:

• https://doi.org/10.1007/978-3-030-17659-4_26

Memristors are an emerging technology and are recently being developed for memory applications, but also in the domain of neuromorphic computing. Memristor-based artificial neural networks are proposed to have many benefits, e.g. in terms of performance or energy efficiency, over current hardware implementations and thus a topic of ongoing research.

Next to theoretical considerations, hardware implementations of memristor-based neural networks recently started to emerge (e.g. [1, 2]). Some works also claimed that inherent weaknesses of memristors in these applications could be security benefits (e.g. [3]).

The aim of this work is a comprehensive literature review summarising

• the current state of the art of memristor-based neuromorphic computing compared to classical, silicon-based implementations,
• predominant memristor technologies and network architectures, and
• security considerations when using memristor neural networks.

[1] https://www.nature.com/articles/s41586-020-1942-4
[2] https://www.mdpi.com/2072-666X/13/3/433
[3] https://ieeexplore.ieee.org/document/7527493

Due to long production and supply chains, circuit designs are prone to theft and manipulation. Logic locking inserts a locking key into the circuit netlist to secure them against these risks. However, so called SAT-based attacks [1], which check the satisfiability of netlists, were developed to extract the locking keys again.

To apply SAT-based attacks also on sequential circuits, i.e. circuits with memory elements, sequential SAT-based attacks or model checker attacks were developed [2-4].

This seminar work should explain the different techniques of how to perform a sequential SAT-based or model checker attack and give an overview of already existing methods.

References:

• [1] P. Subramanyan, S. Ray, and S. Malik, “Evaluating the security of logic encryption algorithms,” in 2015 IEEE International Symposium on Hardware Oriented Security and Trust (HOST), 2015, pp. 137–143.
• [2] Y. Kasarabada, S. Chen, and R. Vemuri, “On sat-based attacks on encrypted sequential logic circuits,” in 20th International Symposium on Quality Electronic Design (ISQED), 2019, pp. 204–211.
• [3] El Massad, M.; Garg, S. & Tripunitara, M. Reverse engineering camouflaged sequential circuits without scan access 2017 IEEE/ACM International Conference on Computer-Aided Design (ICCAD), 2017, 33-40
• [4] K. Shamsi, M. Li, D. Z. Pan, and Y. Jin, “Kc2: Key-condition crunching for fast sequential circuit deobfuscation,” in Design, Automation & Test in Europe Conference & Exhibition (DATE). IEEE, 2019, pp. 534–539.

Differential Computation Analysis (DCA) is the software counterpart of the Differential Power Analysis (DPA) that uses the power consumption of a device to extract secret information.
A DCA can be mounted on white-box implementations of cryptographic algorithms, i.e., an attacker has full access to the internal state and can extract software traces containing the read and write accesses made to memory.

This work should give an insight into DCA. Moreover, the limitations of DCA should be discussed as well as possible countermeasures.

References

• Bos, Joppe W., Hubain, Charles, Michiels, Wil, Teuwen, Philippe. 'Differential Computation Analysis: Hiding Your White-Box Designs is Not Enough'. Cryptographic Hardware and Embedded Systems -- CHES 2016. Springer Berlin Heidelberg. 2016.