Studentische Arbeiten und Werkstudententätigkeiten

With the transition to Post-Quantum Cryptography and the number of new algorithms proposed, there is an increasing need to evaluate the physical security of these algorithms as well as their implementability in Hardware as well as in Software.

Possible topics in this area inlcude:

• New Side-Channel Attacks on PQC
• Innovative implementation approaches in Hardware
• Acceleration of a PQC algorithm in Software using either optimized assembly or hardware accelerators
• Innovative Countermeasures against SCA

Voraussetzungen

Cryptographic implementations in high-level languages like C often suffer from compiler induced side-channel issue which allow e.g. to extract a secret key via the timing behaviour of the implementation. Implemeting in assembly is on the other hand error prone and laboursome. This topic is therefore about implementing and/or verifying certain aspects of a Post-Quantum Cryptographic algorithm in Jasmin [1]. Jasmin allows for exact control of the underlying hardware while providing more abstraction and support than pure assembly. It furthermore allows for formal proofs of the implemented algorithm.

[1]: https://github.com/jasmin-lang/jasmin

Voraussetzungen

I am looking for students who are interested in HW implementations and have knowledge of an HDL language. You would be a suitable candidate if you are also interested in cryptography and its applications.

Possible implementation tasks are the
  - Extension/implementation of symmetric ciphers
  - Extension/implementation of message authentication codes
  - Extension/implementation of error correction codes/functionality

The implementation will be analyzed for its suitability for memory encryption and integrity verification of memory contents. This assessment will measure and evaluate typical performance metrics on an FPGA.

If any topics interest you, please email me to discuss the details and your interests. Your application will benefit if you attach your current grade report and CV.

Challenge As the automotive industry continues to evolve, the need for secure data storage in vehicles is becoming increasingly important. Infineon is committed to making life safer and more secure on the road. To achieve this, we're seeking a talented individual to explore the integration of standard memory devices into our safe and secure automotive computation platform.

Objective This thesis aims to design an innovative solution for an external memory accelerator, utilizing LPDDR or SemperX interfaces, to ensure reliable and secure data storage in vehicles. This project builds upon research conducted by TUM-LIS and TUM-SEC for the CeCaS project.

Key Tasks

• Investigate state-of-the-art publications and solutions to identify promising micro-architectures for secure data storage.
• Define security functionality that leverages standard external memories without requiring protocol changes to external devices.
• Develop a system simulation using Platform Architect or Enterprise Architect to model memory accelerator performance, building upon the existing testbench from Dominik Langen.
• Optimize the accelerator's functionality for the AURIX-RC1 architecture, incorporating a defined NoC interface and LPDDR/SemperX controller interface.
• Refine the model to a synthesizable level, enabling area and power feasibility studies.
  
  

Potential attack scenarios

• RowHammer attack: In a talk from ISCA 2020, it seems RowHammer is still possible. Encryption, in theory, should prevent controlled attacks, but content can be changed randomly.
• ColdBoot attack: In short, a cooled DRAM holds its content and can be read later to get access to the content. Encryption at least prevents getting knowledge from the DRAM content.
• Attack on the LPDDR bus: Encryption prevents systematic alternation of DRAM content.
• RAMBleed: A way to read out memory content even if an MMU protects the memory area. With encryption, the content can be hidden, but stored keys can still be read.
• Opening the DRAM package and getting access to its internal cell array: This attack is very unlikely but possible for very few institutional attackers or big criminal organizations. Again, encryption helps.
• What else?

By tackling this challenge, you'll be contributing to the development of a safer and more secure automotive computing platform, ultimately making a positive impact on people's lives.  

Infineon contact
Rainer Menes  

TUM-SEC contact
Jens Nöpel  

Apply here (please attach your current grade report and a CV)

With the transition to Post-Quantum Cryptography and the number of new algorithms proposed, there is an increasing need to evaluate the physical security of these algorithms as well as their implementability in Hardware as well as in Software.

Possible topics in this area inlcude:

• New Side-Channel Attacks on PQC
• Innovative implementation approaches in Hardware
• Acceleration of a PQC algorithm in Software using either optimized assembly or hardware accelerators
• Innovative Countermeasures against SCA

Voraussetzungen

Cryptographic implementations in high-level languages like C often suffer from compiler induced side-channel issue which allow e.g. to extract a secret key via the timing behaviour of the implementation. Implemeting in assembly is on the other hand error prone and laboursome. This topic is therefore about implementing and/or verifying certain aspects of a Post-Quantum Cryptographic algorithm in Jasmin [1]. Jasmin allows for exact control of the underlying hardware while providing more abstraction and support than pure assembly. It furthermore allows for formal proofs of the implemented algorithm.

[1]: https://github.com/jasmin-lang/jasmin

Voraussetzungen

Servers Confidential Computing technologies are a promising tool for cloud computing. They aim to protect data while being processed in the cloud by preventing the cloud provider and platform owner from gaining access to it. AMD SEV-SNP and Intel TDX in particular do this by providing confidential virtual machines. Memory of these VMs remains confidential and integrity-protected at all times and the technologies provide remote attestation mechanisms for verification. Extensive work has analyzed, broken and improved upon these technologies. Especially for proof of concept implementations, however, creating, testing and verifying code requires specific server hardware that is not readily available to everyone.
This thesis aims to design and implement emulators for either AMD SEV-SNP or Intel TDX.

Task Description
In this thesis, the focus lies on providing AMD SEV-SNP or Intel TDX remote attestation mechanisms to a VM hosted on conventional hardware. For this, the student researches and evaluates required components needed to emulate these. The student then creates a design and proof of concept implementation that provides the corresponding remote attestation mechanism to the guest VM, e.g., by modifying and extending the virtual machine manager (VMM) QEMU. If possible, guest VM and host kernel shall remain unchanged.

Voraussetzungen

I am looking for students who are interested in HW implementations and have knowledge of an HDL language. You would be a suitable candidate if you are also interested in cryptography and its applications.

Possible implementation tasks are the
  - Extension/implementation of symmetric ciphers
  - Extension/implementation of message authentication codes
  - Extension/implementation of error correction codes/functionality

The implementation will be analyzed for its suitability for memory encryption and integrity verification of memory contents. This assessment will measure and evaluate typical performance metrics on an FPGA.

If any topics interest you, please email me to discuss the details and your interests. Your application will benefit if you attach your current grade report and CV.

With the transition to Post-Quantum Cryptography and the number of new algorithms proposed, there is an increasing need to evaluate the physical security of these algorithms as well as their implementability in Hardware as well as in Software.

Possible topics in this area inlcude:

• New Side-Channel Attacks on PQC
• Innovative implementation approaches in Hardware
• Acceleration of a PQC algorithm in Software using either optimized assembly or hardware accelerators
• Innovative Countermeasures against SCA

Voraussetzungen

Cryptographic implementations in high-level languages like C often suffer from compiler induced side-channel issue which allow e.g. to extract a secret key via the timing behaviour of the implementation. Implemeting in assembly is on the other hand error prone and laboursome. This topic is therefore about implementing and/or verifying certain aspects of a Post-Quantum Cryptographic algorithm in Jasmin [1]. Jasmin allows for exact control of the underlying hardware while providing more abstraction and support than pure assembly. It furthermore allows for formal proofs of the implemented algorithm.

[1]: https://github.com/jasmin-lang/jasmin

Voraussetzungen

With the transition to Post-Quantum Cryptography and the number of new algorithms proposed, there is an increasing need to evaluate the physical security of these algorithms as well as their implementability in Hardware as well as in Software.

Possible topics in this area inlcude:

• New Side-Channel Attacks on PQC
• Innovative implementation approaches in Hardware
• Acceleration of a PQC algorithm in Software using either optimized assembly or hardware accelerators
• Innovative Countermeasures against SCA

Voraussetzungen

Cryptographic implementations in high-level languages like C often suffer from compiler induced side-channel issue which allow e.g. to extract a secret key via the timing behaviour of the implementation. Implemeting in assembly is on the other hand error prone and laboursome. This topic is therefore about implementing and/or verifying certain aspects of a Post-Quantum Cryptographic algorithm in Jasmin [1]. Jasmin allows for exact control of the underlying hardware while providing more abstraction and support than pure assembly. It furthermore allows for formal proofs of the implemented algorithm.

[1]: https://github.com/jasmin-lang/jasmin

Voraussetzungen

We are currently seeking students to join our research team for a practical experience in the field of
hardware security. This opportunity offers hands-on experience in conducting side-channel analysis
of System-on-Chips (SOCs).
Responsibilities

• Conduct literature research on hardware security and side-channel analysis techniques
• Build and use a measurement setup to collect side-channel data from SOCs
• Analyze the collected data and identify potential vulnerabilities
• Develop and implement potential attacks on the devices

Voraussetzungen

I am looking for students who are interested in HW implementations and have knowledge of an HDL language. You would be a suitable candidate if you are also interested in cryptography and its applications.

Possible implementation tasks are the
  - Extension/implementation of symmetric ciphers
  - Extension/implementation of message authentication codes
  - Extension/implementation of error correction codes/functionality

The implementation will be analyzed for its suitability for memory encryption and integrity verification of memory contents. This assessment will measure and evaluate typical performance metrics on an FPGA.

If any topics interest you, please email me to discuss the details and your interests. Your application will benefit if you attach your current grade report and CV.

The course "Advanced Cryptographic Implementation" covers advanced techniques for implementing cutting-edge cryptographic algorithms including post-quantum cryptography. Students will learn how to implement advanced countermeasures to protect cryptographic implementations from side-channel and fault attacks. 

During the course, students will work on a hands-on project where they will implement, evaluate, and optimize cryptographic algorithms.

As a tutor, you will provide technical support to students during the summer semester through, e.g., virtual meetings or remote supervision via chat or email.

Timeline and working hours:

From 01.05.2025 until 31.07.2025 with a total of 84 hours. Flexible working hours and flexible working period are possible.

Prerequisites

·         Knowledge of cryptography and embedded systems

·         Hands-on experience with C/ASM/Python programming

·         Self-motivated and independent working style

·         Previous attendance to the course is desirable, but not required

Task Description:

Side-channel analysis is an established research field which exploits unintended signal emanations of hardware that processes secret information. An attacker may be able to gain access to processed secrets by observing the electromagnetic (EM) field of a microcontroller that executes a cryptographic algorithm. In this work you will perform side-channel leakage analysis on an FPGA target in one of our state of the art hardware security laboratories. You will assist in all steps from experiment design, firmware development, measurements and finally data analysis.

Within this work, you will:

• implement FPGA firmware for the experiments

 • evaluate side-channel leakage behavior.

• perform measurements of the EM side channel in our state-of-the art hardware security lab.

•evaluate the measurements

• write code to integrate the FPGA target into our automated measurement framework.

Voraussetzungen

With the transition to Post-Quantum Cryptography and the number of new algorithms proposed, there is an increasing need to evaluate the physical security of these algorithms as well as their implementability in Hardware as well as in Software.

Possible topics in this area inlcude:

• New Side-Channel Attacks on PQC
• Innovative implementation approaches in Hardware
• Acceleration of a PQC algorithm in Software using either optimized assembly or hardware accelerators
• Innovative Countermeasures against SCA

Voraussetzungen

The smart card lab is a laboratory tailored for master students who want to expand their theoretical knowledge in side-channel analysis. Using the lessons learned in SIKA (Secure Implementation of Cryptographic Algorithms), students explore first-hand how to perform a correlation power analysis and break cryptographic implementations themselves. Howevel, the lab, is not only limited to just breaking implementations, but also covers a variety of approaches to secure implementations.

Given the broad scope of this lab, I am looking for a tutor (6-8 hours per week) to support my students, while working together with me to develop new ideas and refine existing exercises.

To give you a glimpse into potential tasks, on the hardware side you can

• assemble new smart cards, logic analyzers and debug adapter PCBs
• repair existing hardware if a malfunction can be seen
• drive the development of a new hardware revision

But you are not limited to the hardware aspects, we also strive to

• improve the existing smart card firmware to make it even more secure
• experiment with new ways to make the exercises more exciting. For example to give the students the opportunity to compete in a CTF-like scenario
• create a solution to automatically test and evaluate the code submitted by the students

If you are interested in embedded systems and hardware-software co-design, this could be the student job for you. I do not have the prerequesite of you having taken the course already.

Voraussetzungen

The project AUTOPSY aims to protect the privacy of the data collected and processed in cars and researches on the impact of deploying Privacy Enhancing Techniques (PETs) in an automotive scenario with a focus on platooning in the initial demonstration.
Goal of this work is to build upon an existing demonstrator and further improve it to showcase results in an interesting and interactive way. We are therefore looking for a motivated working student with strong background in embedded systems.
Task description

The tasks cover in particular:
• Developing and improving code for PET implementations, communication and system software
• Deployment of code on automotive embedded systems
• Improvement of visualization and user experience

Voraussetzungen

Fehlerangriffe auf kryptografische Verfahren sind eine Methode mittels derer ein geheimer Schlüssel aus einem Gerät extrahiert werden kann, indem während der Ausführung mit einer gezielten Störung des Geräts (z.B. durch einen starken elektromagnetischen Puls) eine fehlerhafte Berechnung des kryptografischen Algorithmus erzwungen wird. Abhängig vom kryptografischen Verfahren existieren eine Vielzahl von Angriffen, die auf Basis von fehlerhaften Ausgabewerten den verwendeten Schlüssel ermitteln können.
Aufgabe der hier ausgeschriebenen Stelle ist die Mitarbeit am Aufbau eines Tooling Frameworks für das Hardware Security Labor des Fraunhofer AISEC. Das Tooling soll verschiedene existierende Angriffe implementieren sodass diese für Analysen im Labor genutzt werden können. Folgende Tätigkeiten sind hierfür voraussichtlich durchzuführen:
• Literaturrecherche sowie Lesen und Verstehen von relevanten Publikationen
• Python-Implementierung von kryptografischen Verfahren mit der Möglichkeit Fehlerinjektionen zu simulieren
• Implementierung und Testen ausgewählter Angriffe

Voraussetzungen

I am looking for students who are interested in HW implementations and have knowledge of an HDL language. You would be a suitable candidate if you are also interested in cryptography and its applications.

Possible implementation tasks are the
  - Extension/implementation of symmetric ciphers
  - Extension/implementation of message authentication codes
  - Extension/implementation of error correction codes/functionality

The implementation will be analyzed for its suitability for memory encryption and integrity verification of memory contents. This assessment will measure and evaluate typical performance metrics on an FPGA.

If any topics interest you, please email me to discuss the details and your interests. Your application will benefit if you attach your current grade report and CV.