Wissenschaftliches Seminar Sicherheit in der Informationstechnik

Vortragende/r (Mitwirkende/r)
  • Moritz Wettermann
Nummer0000004153
ArtHauptseminar
SemesterWintersemester 2024/25
UnterrichtsspracheDeutsch
Stellung in StudienplänenSiehe TUMonline

Teilnahmekriterien

Lernziele

Durch die Teilnahme an den Modulveranstaltungen erhält der Studierende Kenntnisse über aktuelle Probleme und Aufgabenstellungen im Bereich Sicherheit in informationstechnischen Systemen. Der Studierende ist anschließend in der Lage eine Aufgabenstellung aus einem aktuellen Themengebiet der Sicherheit in der Informationstechnik selbstständig auf wissenschaftliche Weise zu bearbeiten, eine schriftliche Ausarbeitung dazu anzufertigen sowie die Qualität von wissenschaftlichen Texten zu bewerten. Darüber hinaus kann der Studierende die von ihm erarbeiteten Erkenntnisse vor einem fachlichen Publikum präsentieren.

Beschreibung

Wechselnde Schwerpunktthemen zur Sicherheit in Informationstechnischen Systemen. Die Modulteilnehmer erarbeiten selbstständig aktuelle wissenschaftliche Beiträge und fertigen eine schriftliche Ausarbeitung. Die Resultate werden anschließend in Form von Vorträgen allen Teilnehmern präsentiert. Es erfolgt eine intensive Behandlung der Thematik in der Diskussion.

Inhaltliche Voraussetzungen

Folgende Module sollten vor der Teilnahme bereits erfolgreich absolviert sein: - Kryptologie oder gleichwertige Grundlagenvorlesung Es wird empfohlen, ergänzend an folgenden Modulen teilzunehmen: - Sichere Implementierung kryptographischer Verfahren - Selected Topics in System Security

Lehr- und Lernmethoden

Jeder Teilnehmer bearbeitet eine individuelle fachliche Aufgabenstellung. Dies geschieht insbesondere in selbstständiger Einzelarbeit des Studierenden. Der Teilnehmer bekommt - abhängig von seinem individuellen Thema - einen eigenen Betreuer zugeordnet. Der Betreuer hilft dem Studierenden insbesondere zu Beginn der Arbeit, indem er in das Fachthema einführt, geeignete Literatur zur Verfügung stellt und hilfreiche Tipps sowohl bei der fachlichen Arbeit als auch bei der Erstellung der schriftlichen Ausarbeitung und des Vortrags gibt. Darüber hinaus wird ein Präsentationstraining zusammen mit ProLehre und eine Einführung in das Schreiben von wissenschaftlichen Arbeiten angeboten.

Studien-, Prüfungsleistung

Modulprüfung mit folgenden Bestandteilen: - Schriftliche Ausarbeitung über vorgegebenes Thema (50%). - ca. 30 minütige Präsentation des vorgegebenen Themas incl. anschließender Diskussion (50%)

Links

Weitere Informationen

Wird im Winter- und Sommersemester angeboten.

Sprache

Arbeitssprache ist Deutsch, Ausarbeitung und Vorträge auch auf Englisch möglich.

Organisatorisches

  • Begrenzung auf 15 Teilnehmer
  • Anwesenheitspflicht
  • im Rahmen des Hauptseminars wird ein Präsentationstraining von ProLehre angeboten
  • das Seminar wird durch die E-Learning Plattform Moodle unterstützt
  • die Ausarbeitung soll den Umfang von 4 Seiten nicht überschreiten und im Stil einer wissenschaftlichen Publikation verfasst werden

Themenwahl

Die Themen werden ca. 2 Wochen vor Semesterbegin online gestellt und können dann gewählt werden. Studierende die auf der Warteliste in TUMonline angemeldet sind, werden entsprechend informiert.

Themenwahl

Bei Interesse an einem der folgenden Themen kontaktieren Sie bitte den jeweiligen Betreuer über den unten stehenden Link. Es besteht auch die Möglichkeit ein eigenes Thema vorzuschlagen.

Verfügbare Themen

On different statistical tests

Beschreibung

Different statistical tests are used in the assessment of side-channel leakage. The goal of this topic is to provide an overview over different tests used in side-channel analysis with particular emphasis on the g-test [1] used in [2]. The work should compare their properties as well as where they are used in SCA.

[1]: Hoey, Jesse. "The two-way likelihood ratio (G) test and comparison to two-way chi squared test." arXiv preprint arXiv:1206.4881 (2012).

[2]: https://ches.iacr.org/2024/papers-issue-4/4_18.pdf

Kontakt

Jonas.Schupp@tum.de

Betreuer:

Jonas Schupp

Oil and Vinegar and Mayo - Comparison of Multivariate Post-Quantum-Cryptography (PQC)

Beschreibung

Multivariate cryptography is the generic term for asymmetric cryptographic primitives based on multivariate polynomials over a finite field, and it is one of the main areas of candidates in the current standardization process for quantum-resistant public-key cryptographic algorithms by the NIST (National Institute of Standards and Technology). Many of the candidates rely on the (Unbalanced) Oil and Vinegar Signature Scheme [1][2]. Among others, two promising candidates are UOV [3] and MAYO [4].
The idea of this seminar topic is to compare the UOV and MAYO signature schemes.

[1] Jacques Patarin. The oil and vinegar signature scheme. Presented at the Dagstuhl Workshop on Cryptography, September 1997.
[2] Aviad Kipnis, Jacques Patarin and Louis Goubin. Unbalanced Oil and Vinegar schemes. In EUROCRYPT 1999, LNCS vol. 1592, pp. 206–222. Springer, 1999.
[3] https://www.uovsig.org/
[4] https://pqmayo.org/

Kontakt

moritz.wettermann@tum.de

Betreuer:

Moritz Wettermann

Overview of the NIST Competition for Additional Digital Signature Schemes

Beschreibung

In 2016 the NIST (National Institute of Standards and Technology) started a standardization process for quantum-resistant public-key cryptographic algorithms.
Since then, suitable candidates for digital signatures and key encapsulation have been selected and standardized. Now the NIST calls for additional digital signature proposals to be considered for standardization.
The goal of this seminar topic is to give an overview of the current submissions in the first round of the NIST standardization process for additional digital signature schemes.
The call for proposals can be found on the NIST website, as well as a list of all round one submissions [1][2].

[1] https://csrc.nist.gov/Projects/pqc-dig-sig/standardization
[2] https://csrc.nist.gov/Projects/pqc-dig-sig/round-1-additional-signatures

Kontakt

moritz.wettermann@tum.de

Betreuer:

Moritz Wettermann

Quantum Key Distribution - getting ready for operation

Beschreibung

Quantum Key Distribution (QKD) is an alternative method for establishing shared secret keys [1]. Unlike the name suggests, it does not rely on quantum computers or post-quantum cryptography. Instead, the protocols are based on comparatively simple effects in fiber-optic connections. And because of this, QKD systems can already be rolled out for field-testing.

Target of this work is to evaluate publications on practical results and to compare the security claims against the theory.

[1] Experimental realization of three quantum key distribution protocols, Warke, A., Behera, B.K. & Panigrahi, P.K., Quantum Inf Process 19, 407 (2020). https://doi.org/10.1007/s11128-020-02914-z

[2] Field trial of a three-state quantum key distribution scheme in the Florence metropolitan area, Bacco, D., Vagniluca, I., Da Lio, B. et al., EPJ Quantum Technol. 6, 5 (2019). https://doi.org/10.1140/epjqt/s40507-019-0075-x

Kontakt

Betreuer:

Niklas Stein

Polymorphic code for Side-Channel resistance

Beschreibung

Side-Channel attacks can be very powerful vulnerabilities on Edge- and IoT-Devices, they can reveal secret keys using just an oscilloscope. As an universal countermeasure, a random shuffling of the code executions has proven effective. However, on modern processor architectures, this is easier said than done.
One way to implement this is a polymorphic code: a program that can recompile at runtime, generating different machine code for the same task [1]. 

Target of this work is to summarize and compare several publications from recent years. Some background knowledge in informatics is recommended.

 

[1] Runtime Code Polymorphism as a Protection Against Side Channel Attacks, Damien Couroussé and Thierno Barry and Bruno Robisson and Philippe Jaillon and Olivier Potin and Jean-Louis Lanet, https://eprint.iacr.org/2017/699

Kontakt

Contact: niklas.stein@tum.de

Betreuer:

Niklas Stein

LESS - Linear Equivalence Signature Scheme

Beschreibung

As quantum computers will be able to break conventional public-key cryptography, there is a need for quantum-secure alternatives. Recognizing this, NIST recently started a new call for additional post-quantum secure signatures.

LESS [1] is a signature scheme that is based on the hardness of the Linear Equivalence Problem (LEP). It has been submitted to the NIST call for additional post-quantum secure signature schemes. Recently, there has been an improvement/reformulation of LEP [2] which significantly reduces the signature sizes of LESS.

This work aims at understanding and explaining how LESS [1] works in general. Then, the reformulation of LEP [2] shall be explained to provide some understanding where the savigs in signature size come from.

 

References:

  • [1] https://www.less-project.com/home.html
  • [2] https://link.springer.com/chapter/10.1007/978-981-99-8739-9_12

Kontakt

Betreuer:

Patrick Karl

Attacker Models for Memristor PUFs

Beschreibung

An often-cited advantage of key storage with physical unclonable functions (PUFs) is that protection mechanisms for stored cryptographic keys need only be active during runtime. Since the secret only exists while the device is active, expensive secure non-volatile storage is no longer needed.

A comprehensive evaluation of such claims however, needs a clearly defined attacker model. Especially in the domain of memristor-based PUFs, discussions of attacker capabilities have been far from commonplace. Some works (e.g. [1]) discuss measures to harden the PUF primitive against prospecitve attackers, some discuss specific attacks (e.g. [2]), while others use the memristors as non-volatile storage (e.g. [3]).

The aim of this work is a

  • literature review of memristor-based PUFs with a
  • focus on their explicit and implicit security assumptions,
  • summarising the results into predominant categories for attacker models.

[1] https://www.science.org/doi/full/10.1126/sciadv.abn7753
[2] https://arxiv.org/abs/2307.01041
[3] https://ieeexplore.ieee.org/abstract/document/7001345

Kontakt

Betreuer:

Jonas Ruchti

Probing Models

Beschreibung

Masking schemes to protect an implementation against side-channel attacks usually come with security proofs in so-called probing models [1, 2].
There exists different probing models that address different leakage characteristics, such as glitches [3].

The goal is to give insight into different probing models, their characteristics and limitations.


References

[1] Ishai, Y., Sahai, A., Wagner, D. (2003). Private Circuits: Securing Hardware against Probing Attacks. In: Boneh, D. (eds) Advances in Cryptology - CRYPTO 2003. CRYPTO 2003. Lecture Notes in Computer Science, vol 2729. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-45146-4_27

[2] Cassiers, Gaetan & Standaert, François-Xavier. (2020). Trivially and Efficiently Composing Masked Gadgets With Probe Isolating Non-Interference. IEEE Transactions on Information Forensics and Security. PP. 1-1. 10.1109/TIFS.2020.2971153.

[3] Faust, S., Grosso, V., Merino Del Pozo, S., Paglialonga, C., & Standaert, F.-X. (2018). Composable Masking Schemes in the Presence of Physical Defaults & the Robust Probing Model. IACR Transactions on Cryptographic Hardware and Embedded Systems, 2018(3), 89–120. https://doi.org/10.13154/tches.v2018.i3.89-120

Kontakt

Betreuer:

Manuel Brosch

Hybrid Memristor-CMOS PUFs—Worth the Effort?

Beschreibung

Physical Unclonable Functions offer a way to convert uncontrollable hardware manufacturing variations into digital secrets. The most-researched PUF designs are based on typical CMOS manufacturing processes and thus inherit their inexpensiveness.

With memristors slowly becoming a more concretely available technology, PUFs based on memristor memory structures have been proposed. However, also hybrid designs have been proposed, often combining classical CMOS PUF structures with incremental improvements through added memristors (e.g. [1]), which sometimes can also be used for additional functionality (e.g. [2, 3]).

The aim of this work is a comprehensive literature search

  • summarising hybrid memristor-CMOS PUF designs,
  • determining the benefits and drawbacks compared to purely CMOS PUF designs, and
  • evaluating whether the benefits can be worth the manufacturing overhead of combining multiple processes.

[1] https://dl.acm.org/doi/10.1145/2736285
[2] https://ieeexplore.ieee.org/document/9272678
[3] https://ieeexplore.ieee.org/document/9424347

Kontakt

Betreuer:

Jonas Ruchti

Vergebene Themen

On different side-channel templates

Beschreibung

Template attacks are one of the most powerful forms of side-channel attacks as they ideally only require a single trace to extract significant information from a target implementation. In the past, template attacks were mainly applied byte-wise, as e.g. in [1]. Recent work discusses their application to 32 bit architectures using either an bytewise approach [2] or try to target 32 bits directly [3].

The goal of this seminar is to provide an overview over different template widths used and their advantages and disadvantages.

[1]: Chari, S., Rao, J.R., Rohatgi, P. (2003). Template Attacks. In: Kaliski, B.S., Koç, ç.K., Paar, C. (eds) Cryptographic Hardware and Embedded Systems - CHES 2002. CHES 2002. Lecture Notes in Computer Science, vol 2523. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-36400-5_3

[2]: You, SC., Kuhn, M.G. (2022). Single-Trace Fragment Template Attack on a 32-Bit Implementation of Keccak. In: Grosso, V., Pöppelmann, T. (eds) Smart Card Research and Advanced Applications. CARDIS 2021. Lecture Notes in Computer Science(), vol 13173. Springer, Cham. https://doi.org/10.1007/978-3-030-97348-3_1

[3]: Efficient Regression-Based Linear Discriminant Analysis for Side-Channel Security Evaluations: Towards Analytical Attacks against 32-bit Implementations. (2023). IACR Transactions on Cryptographic Hardware and Embedded Systems, 2023(3), 270-293. https://doi.org/10.46586/tches.v2023.i3.270-293

Kontakt

Jonas.Schupp@tum.de

Betreuer:

Jonas Schupp

Firmware Code Injection Attacks in Embedded Devices

Beschreibung

In the embedded devices, the device firmware is a low-level piece of software responsible for the main functionality of the device, mostly by controlling the hardware components. By compromising firmware, the attackers can bypass software-based security measures and have control over the device. An example of a firmware attack is firmware code injection attacks [1], where the attacker alters device firmware by injecting a malicious code, which can be achieved locally (via physical access) or remotely.

 

The aim of this work is to:

- conduct a literature review of different firmware code injection attacks [2],

- list the advantages and disadvantages of the reviewed attack methods,

- and compare with each other.

Voraussetzungen

References:

[1] Code Injection, https://en.wikipedia.org/wiki/Code_injection#:~:text=Code%20injection%20is%20a%20class,the%20course%20of%20its%20execution.

[2] H. A. Noman and O. M. F. Abu-Sharkh, “Code Injection Attacks in Wireless-Based Internet of Things (IoT): A Comprehensive Review and Practical Implementations,” Sensors, vol. 23, no. 13, p. 6067, 2023.

Kontakt

Betreuer:

Utku Budak

Overview of Secure Boot in Embedded Devices

Beschreibung

The secure boot [1] aims to prevent the execution of unauthorized code during the boot sequence of the device and to ensure that only trusted code is executed at boot time. 

 

The aim of this work is to:

- conduct a literature review of different secure boot approaches, including symmetric [2], asymmetric, PQ-secure [3], software-based, hardware-based, etc.,

- list the advantages and disadvantages of the selected approaches,

- and compare with each other.

Voraussetzungen

References;

[1] Secure Boot, https://en.wikipedia.org/wiki/UEFI#Secure_Boot

[2] A. Dave, N. Banerjee and C. Patel, "CARE: Lightweight Attack Resilient Secure Boot Architecture with Onboard Recovery for RISC-V based SOC," 2021 22nd International Symposium on Quality Electronic Design (ISQED), Santa Clara, CA, USA, 2021, pp. 516-521 

[3] Kumar, Vinay BY, et al. "Post-quantum secure boot." 2020 Design, Automation & Test in Europe Conference & Exhibition (DATE). IEEE, 2020.

Kontakt

Betreuer:

Utku Budak

Chiplets - How secure is modularity?

Beschreibung

The idea of Chiplets has many benefits, like high modularity and smaller silicon sizes, resulting in better yields. However, what implications does the modularity of chiplets have for their security?

A good starting point is:
[1] On Hardware Security and Trust for Chiplet-Based 2.5D and 3D ICs: Challenges and Innovations

Kontakt

Betreuer:

Jens Nöpel

What do you remember? Error Correction Codes for Memories

Beschreibung

This is a survey of state-of-the-art error correction codes, especially used in memory controllers. This work shall comprehensively compare their properties, e.g., feasibility of hw en-/decoders, their size, speed and memory overhead.

A good starting point is folowing paper:
[1] A framework for generating and evaluating error correcting memory controller designs

Kontakt

Betreuer:

Jens Nöpel

Overview of Hardware Attacks on Neural Network Implementations

Beschreibung

Implementations of neural networks are demonstrated to be vulnerable to hardware attacks.
For instance, side-channel analysis can be used to extract parameters of the neural network [1] or also fault injection [2] can be used.

The goal of this work is to give insight into attacks on different implementations of neural networks and possible countermeasures.


References

[1] Lejla Batina, Shivam Bhasin, Dirmanto Jap, and Stjepan Picek. 2019. CSI NN: reverse engineering of neural network architectures through electromagnetic side channel. In Proceedings of the 28th USENIX Conference on Security Symposium (SEC'19). USENIX Association, USA, 515–532.

[2] Breier, Jakub ; Jap, Dirmanto ; Hou, Xiaolu et al. SNIFF: Reverse Engineering of Neural Networks With Fault Attacks. in: IEEE Trans. Reliab. 2022 ; Jahrgang 71, Nr. 4. S. 1527-1539.

Kontakt

Betreuer:

Manuel Brosch

Formal Verification Principles

Stichworte:
Formal Verificati on, Side-Channel Analysis, Masking
Kurzbeschreibung:
Formal verifcation tools are gaining popularity for evaluating the security of protected implementations. Within this work, the underlaying principles should be summarized and compared.

Beschreibung

Formal verification tools [1,2] are increasingly important since they allow the proof of the effectiveness of masking schemes based on their hardware description. Thus, the security of a hardware design can be analyzed before implementing it. This saves time since no deployment on real-world hardware is necessary, and no measurement campaigns need to be conducted. Formal verification tests the applicability of non-interference (NI) [4] under some probing model. Typical examples are non-interference (NI), strong-NI (SNI) [4], or probe-isolated-NI (PINI) [5], which are typically tested under the assumption of so-called glitch-extended probes.

This Seminar topic summarizes existing probing models and the notion of non-interference in the state-of-the-art literature. Furthermore, all different models should be compared in terms of what assumptions they cover and their implications on the hardware design.

[1] HADZIC, Vedad; BLOEM, Roderick. COCOALMA: A versatile masking verifier

[2] KNICHEL, David; SASDRICH, Pascal; MORADI, Amir. SILVER–statistical independence and leakage verification

[3] BARTHE, Gilles, et al. Strong non-interference and type-directed higher-order masking

[4] CASSIERS, Gaëtan; STANDAERT, François-Xavier. Trivially and efficiently composing masked gadgets with probe-isolating non-interference

 

Kontakt

Matthias Probst (matthias.probst@tum.de)

Betreuer:

Matthias Probst

Secure Gadgets for Post-Quantum Cryptography

Beschreibung

For real world deployment, cryptographic devices must be protected against physical attacks. Against power-side channels, masking in its different flavors (e.g., Boolean, arithmetic masking) is a common approach. To implement masked cryptographic schemes, secure gadgets that are proven to be secure in certain probing models are typically used.

The first part of this work aims at explaining security notions like non-interference (NI), strong non-interference (SNI) [1], that are used within the context of secure gadgets. Afterwards, the work should investigate and explain some secure gadgets and procedures that are commonly used in post-quantum cryptography, as for example proposed in [2].

 

References

  • [1]: https://dl.acm.org/doi/abs/10.1145/2976749.2978427
  • [2]: https://link.springer.com/chapter/10.1007/978-3-030-21568-2_17

Kontakt

Betreuer:

Patrick Karl