Foto von Jonas Ruchti

M.Sc. Jonas Ruchti

Pronomen: er/ihn; pronouns: he/him

Forschungsinteressen

  • Memristorbasierte Physical Unclonable Functions
  • Anwendungen für In-Memory Computing in sicherheitsrelevanten Themen
  • Fehlerangriffe auf Hardwareimplementierungen

Offene studentische Arbeiten

Eigene Vorschläge und Ideen in meinen oben genannten Forschungsschwerpunkten sind jederzeit willkommen.

Bachelorarbeiten

Quantitative Comparison of Different Side Channels

Beschreibung

Despite any  theoretical strength a cryptographics algorithm might offer, a real-world application can only be as good as the eventual implementation. For example, side channel leakage is a common problem: unless particular care is taken during the implementation, any computation running on real hardware leaks information about the processed secrets. Common examples include timing side channels, where the execution time depends on secret bits, or power side channels, where e.g. a CPU’s power draw depends on the processed data.

This work is concerned with gathering measurement data from cryptographic algorithms running on embedded hardware before running attacks based on the collected traces. Ultimately, the aim is a quantitative comparison of different operating conditions and side channels, assessing the information content of the emanated signals and the resulting complexity of extracting the processed secrets using a side channel attack.

Voraussetzungen

  • Necessary: Experience programming in Python
  • Preferrable: Basic understanding of cryptographics algorithms
  • Preferrable: Experience programming microcontrollers in C
  • Optional: HDL hardware design experience

Kontakt

If you are interested in this work, please contact me via email with a short CV and grade report. We will then arrange a short meeting where we can discuss the details.

Jonas Ruchti, M.Sc.
Technical University of Munich, Chair of Security in Information Technology
Room N1014
E-Mail: j.ruchti@tum.de

 

Betreuer:

Jonas Ruchti, Lars Tebelmann

Masterarbeiten

Machine Learning Resistant PUF Authentication Schemes

Beschreibung

A Physical Unclonable Function (PUF) is a hardware element which uses subtle manufacturing variabilities to derive a device-unique secret. In the case of a multi-challenge PUF (or ‘strong PUF’), the PUF functions as a device-unqiue function, mapping challenges to PUF responses.

A PUF like this is very useful for authentication scenarios, where e.g. a server provides challenges to a device, which replies with the PUF response the server can now check against an internal model or response database.

Protocols like these, however, suffer from data leaks, allowing an attacker to create a model of a device’s PUF from captured challenge-response pairs. Thjus, the ostensibly unclonable device may be replicated just be eavesdropping on authentication communication.

The aim of this work is to investigate novel approaches for PUF authentication procedures which plug data leaks with simple on-device preprocessing while still allowing for reliable authentication in the presence of measurement noise. A software implementation can then be evaluated e.g. against a more standard implementation in terms of performance, complexity or resistance against a machine learning attack.

This work can either be conducted in German or in English.

I am happy to provide more details and answer your questions upon request.

Voraussetzungen

  • Necessary: Basic cryptography knowledge; mathematical background; programming skills
  • Favourably: Experience with machine learning techniques
  • Optionally: Basic knowledge of error-correcting codes, PUFs

Kontakt

If you are interested in this work, please contact me via email with a short CV and grade report. We will then arrange a short meeting where we can discuss the details.

Jonas Ruchti, M.Sc.
Technical University of Munich, Chair of Security in Information Technology
Room N1014
E-Mail: j.ruchti@tum.de

Betreuer:

Jonas Ruchti

Forschungspraxis (Research Internships)

Quantitative Comparison of Different Side Channels

Beschreibung

Despite any  theoretical strength a cryptographics algorithm might offer, a real-world application can only be as good as the eventual implementation. For example, side channel leakage is a common problem: unless particular care is taken during the implementation, any computation running on real hardware leaks information about the processed secrets. Common examples include timing side channels, where the execution time depends on secret bits, or power side channels, where e.g. a CPU’s power draw depends on the processed data.

This work is concerned with gathering measurement data from cryptographic algorithms running on embedded hardware before running attacks based on the collected traces. Ultimately, the aim is a quantitative comparison of different operating conditions and side channels, assessing the information content of the emanated signals and the resulting complexity of extracting the processed secrets using a side channel attack.

Voraussetzungen

  • Necessary: Experience programming in Python
  • Preferrable: Basic understanding of cryptographics algorithms
  • Preferrable: Experience programming microcontrollers in C
  • Optional: HDL hardware design experience

Kontakt

If you are interested in this work, please contact me via email with a short CV and grade report. We will then arrange a short meeting where we can discuss the details.

Jonas Ruchti, M.Sc.
Technical University of Munich, Chair of Security in Information Technology
Room N1014
E-Mail: j.ruchti@tum.de

 

Betreuer:

Jonas Ruchti, Lars Tebelmann

Machine Learning Resistant PUF Authentication Schemes

Beschreibung

A Physical Unclonable Function (PUF) is a hardware element which uses subtle manufacturing variabilities to derive a device-unique secret. In the case of a multi-challenge PUF (or ‘strong PUF’), the PUF functions as a device-unqiue function, mapping challenges to PUF responses.

A PUF like this is very useful for authentication scenarios, where e.g. a server provides challenges to a device, which replies with the PUF response the server can now check against an internal model or response database.

Protocols like these, however, suffer from data leaks, allowing an attacker to create a model of a device’s PUF from captured challenge-response pairs. Thjus, the ostensibly unclonable device may be replicated just be eavesdropping on authentication communication.

The aim of this work is to investigate novel approaches for PUF authentication procedures which plug data leaks with simple on-device preprocessing while still allowing for reliable authentication in the presence of measurement noise. A software implementation can then be evaluated e.g. against a more standard implementation in terms of performance, complexity or resistance against a machine learning attack.

This work can either be conducted in German or in English.

I am happy to provide more details and answer your questions upon request.

Voraussetzungen

  • Necessary: Basic cryptography knowledge; mathematical background; programming skills
  • Favourably: Experience with machine learning techniques
  • Optionally: Basic knowledge of error-correcting codes, PUFs

Kontakt

If you are interested in this work, please contact me via email with a short CV and grade report. We will then arrange a short meeting where we can discuss the details.

Jonas Ruchti, M.Sc.
Technical University of Munich, Chair of Security in Information Technology
Room N1014
E-Mail: j.ruchti@tum.de

Betreuer:

Jonas Ruchti