Studentische Arbeiten und Werkstudententätigkeiten

Auf dieser Seite finden Sie studentische Arbeiten und Werkstudententätigkeiten, die derzeit am Lehrstuhl für Sicherheit in der Informationstechnik und am Fraunhofer AISEC angeboten werden.

Die Arbeiten oder Werkstudententätigkeiten mit dem Zusatz (AISEC) werden am Fraunhofer AISEC in Garching durchgeführt.

Falls Sie sich bezüglich Ihrer Vorkenntnisse unsicher sind, kontaktieren Sie gerne den bei der Auschreibung genannten Kontakt. Sie haben kein Thema gefunden möchten aber trotzdem Ihre Arbeit bei uns schreiben? Kontaktieren Sie bitte einen Mitarbeiter im für Sie interessanten Forschungsbereich. Bitte legen Sie bei Bewerbungen immer einen aktuellen Notenauszug sowie einen kurzen Lebenslauf bei, damit wir Ihre Eignung für das Thema Ihrer Wahl einschätzen können.

Offene Arbeiten und Werkstudententätigkeiten

Bachelorarbeiten

Machine Learning in Side-Channel Analysis (AISEC)

Beschreibung

Utilizing statistical techniques, side-channel analysis exploits information that a cryptographic device is leaking. Possible sources of this leakage are electromagnetic or power side-channel traces. Machine learning based side-channel analysis extends the statistical toolbox with Neural Networks, Belief Propagation or different methods of this field to recombine and exploit leakage.

In collaboration with the Technical University of Munich, the Fraunhofer AISEC's hardware security department offers a variety of open positions in this field. Depending on your strengths, we provide both pure software-based and practical hardware topics, such as the following:

• Trace analysis using explainable machine learning
• Leakage recombination using belief propagation - light-weight or post-quantum algorithms
• Belief propagation performance optimization using GPUs
• Pattern-based triggering using software-defined radios

On request, other topics can be offered.

Voraussetzungen

• Programming skills, at least one language (Python, C, Rust)
• Interest in hardware security
• Basic Linux skills

Kontakt

Emanuele Strieder
Telefon: +49 89 322-9986-140
E-Mail: emanuele.strieder@aisec.fraunhofer.de

Fraunhofer Research Institution for Applied and Integrated Security (AISEC)
Department Hardware Security
Parkring 4, 85748 Garching (near Munich), Germany
https://www.aisec.fraunhofer.de

Betreuer:

Georg Sigl - Emanuele Strieder (Fraunhofer AISEC)

Exploring netlist representations for netlist RE

Beschreibung

Reverse engineering of silicon hardware designs is an interesting task for various applications in science and industry, such as patent infringement detection, security analysis or hardware trojan detection.

One of the most challenging tasks is to go from the flat netlist, that is a graph of logic gates and wires between them, to a high level description of the design.

In this work, you will analyze and compare different methods for representing a netlist and the benefits and problems when analyzing the netlist using the different representations

 

Voraussetzungen

The following list of prerequisites is neither complete nor binding, but shall give you an idea, what the topic is about.

  • Sufficient knowledge in a python to use our existing framework
  • Basic knowledge of a hardware description language such as vhdl or verilog to understand what you are analyzing
  • Basic knowledge in graph theory, algorithms etc. to cope with problems on the way.

 

Kontakt

If you are interested in this topic, don't hesitate to ask for an appointment via

alex.hepp@tum.de

Please include a grade report and a CV, so I can evaluate different focus areas to fit your experience.

 

Betreuer:

Alexander Hepp

Bringing a RISC-V to Life: Implementation of tooling for a RISC-V CPU

Beschreibung

RISC-V is the upcoming instruction set architecture of the future. We have taped out our own RISC-V chip for security purposes.

Your task is to implement various testing routines for a RISC-V CPU existing at the chair.

Voraussetzungen

This list is not final, rather a guideline for the competences required for successfully completing the project.

  • Sufficient knowledge of C
  • Experience with embedded programming and environment
  • Some knowledge of cmake, as compilation works via cmake
  • Some knowledge of python, as tooling is partially implemented with it.

Betreuer:

Alexander Hepp

Entwicklung von Werkzeugen für das Reverse Engineering

Beschreibung

Während dem Reverse Engineering von digitalen Schaltungen trifft man oft auf Probleme, deren Komplexität durch Automatisierung besser beherrscht werden kann. Viele Tools müssen dabei an die spezifische Forschung angepasst werden und helfen dann dabei, mit Standard-IC-Design-Werkzeugen weiterzuarbeiten.

Beispielsweise erhält man eine Netzliste, die mit einer unbekannten Zellbibliothek synthetisiert wurden. Nun ist es notwendig, die verwendete Zellbibliothek zu reverse-engineeren, z.B. mithilfe der Pin und Zell-Namen und daraus eine einfache Bibliothek herzustellen, mit der die Netzliste dann mit den Standard-Tools verarbeitet werden kann.

In dieser Ingenieurspraxis arbeiten Sie eng mit einem Wissenschaftler im Reverse Engineering-Bereich zusammen und erstellen ein oder mehrere hochwertige Werkzeuge für das Reverse Engineering von Netzlisten.

Kontakt

If you are interested in this topic, don't hesitate to ask for an appointment via

alex.hepp@tum.de

Please include a grade report and a CV, so I can evaluate different focus areas to fit your experience.

Betreuer:

Alexander Hepp

Masterarbeiten

Machine Learning in Side-Channel Analysis (AISEC)

Beschreibung

Utilizing statistical techniques, side-channel analysis exploits information that a cryptographic device is leaking. Possible sources of this leakage are electromagnetic or power side-channel traces. Machine learning based side-channel analysis extends the statistical toolbox with Neural Networks, Belief Propagation or different methods of this field to recombine and exploit leakage.

In collaboration with the Technical University of Munich, the Fraunhofer AISEC's hardware security department offers a variety of open positions in this field. Depending on your strengths, we provide both pure software-based and practical hardware topics, such as the following:

• Trace analysis using explainable machine learning
• Leakage recombination using belief propagation - light-weight or post-quantum algorithms
• Belief propagation performance optimization using GPUs
• Pattern-based triggering using software-defined radios

On request, other topics can be offered.

Voraussetzungen

• Programming skills, at least one language (Python, C, Rust)
• Interest in hardware security
• Basic Linux skills

Kontakt

Emanuele Strieder
Telefon: +49 89 322-9986-140
E-Mail: emanuele.strieder@aisec.fraunhofer.de

Fraunhofer Research Institution for Applied and Integrated Security (AISEC)
Department Hardware Security
Parkring 4, 85748 Garching (near Munich), Germany
https://www.aisec.fraunhofer.de

Betreuer:

Georg Sigl - Emanuele Strieder (Fraunhofer AISEC)

Practical Side Channel Analysis of Masking and Shuffling in Lattice-based Cryptography (AISEC)

Beschreibung

In the near future, lattice-based cryptography will replace RSA and ECC as standard for public key cryptography. This puts the implementation security of lattice-based cryptography into the spotlight, in particular the number theoretic transform. Its internal structure makes it a target for power/electromagnetic side channel attacks. During this thesis, you will conduct a practical side channel analysis of the number theoretic transform in our laboratory and evaluate different countermeasures like masking and shuffling.

Voraussetzungen

* Experience with embedded programming: C or Rust
* Experience with Python
* Experience with Linux
* Motivation to learn about implementation security and side channel attacks

Kontakt

Please send an email with:
* A short CV
* A short cover letter
* Your last grading sheet
* 3-5 dates, which fit to your schedule, for a meeting.

Felix Oberhansl, felix.oberhansl@aisec.fraunhofer.de

Betreuer:

Georg Sigl - Felix Oberhansl (Fraunhofer AISEC)

Securing volatile and non-volatile memories with lightweight encryption techniques

Beschreibung

In the recent years, many Non-Volatile Memories technologies such as Phase Change Memory or Spin-Transfer Torque Memory have emerged as possible alternative to SRAM and DRAM. With this trend it becomes crucial to protect data that is stored persistently in memory and thereby prevent attacks such as cold-boot [1], replay or memory manipulation. The techniques traditionally used for that purpose rely on an authenticated encryption scheme based on AES and integrity trees such as the Bonsai-Merkle Tree to protect the encryption meta-data [2].
In this thesis, a memory protection concept based on lightweight cryptographic algorithms currently under standardization is to be evaluated. The developped concept should be suitable for systems containing a mix of conventional volatile main memory and NVMs [3]. As an evaluation platform, a RISCV-V microcontroller can be used.

Voraussetzungen

Good knowledge in hardware design with VHDL or Verilog
Good knowledge in Python or another scripting language
Good knowledge of computer architecture is preferred

 

[1] J. Alex Halderman, Seth D. Schoen, Nadia Heninger, William Clarkson, William Paul, Joseph A. Calandrino, Ariel J. Feldman, Jacob Appelbaum, and Edward W. Felten. 2009. Lest we remember: cold-boot attacks on encryption keys. Commun. ACM 52, 5 (May 2009), 91–98. https://doi.org/10.1145/1506409.1506429
[2] Fan Yang, Youyou Lu, Youmin Chen, Haiyu Mao, and Jiwu Shu. 2019. No Compromises: Secure NVM with Crash Consistency, Write-Efficiency and High-Performance. In Proceedings of the 56th Annual Design Automation Conference 2019 (DAC '19). Association for Computing Machinery, New York, NY, USA, Article 31, 1–6. https://doi.org/10.1145/3316781.3317869
[3] Amro Awad, Mao Ye, Yan Solihin, Laurent Njilla, and Kazi Abu Zubair. 2019. Triad-NVM: persistency for integrity-protected and encrypted non-volatile memories. In Proceedings of the 46th International Symposium on Computer Architecture (ISCA '19). Association for Computing Machinery, New York, NY, USA, 104–115. https://doi.org/10.1145/3307650.3322250
 

Betreuer:

Mathieu Gross

Post-Quantum Crypto on RISC-V

Beschreibung

As the ongoing development of quantum computers poses a significant threat to classic assymetric cryptography, new approaches for assymetric encryption and signatures need to be developed. These post-quantum secure cryptography can be grouped into different subsets, among them schemes based on lattices, error-correcting codes, isogenies or multivariate equations.

The NIST (National Institute of Standards and Technology) chose 3 lattice-based Post-Quantum secure algorithms for standardization in July 2022.

The goals of this work is to implement one these algorithms on a State-of-the-Art RISC-V platform and evaluate its potential for hardware acceleration as well as its side-channel resilience.

References:

NIST Round 3 Report

Voraussetzungen

  • Very good programming skills in C and RISC-V assembly
  • Experience in hardware design with VHDL or SystemVerilog

Kontakt

Betreuer:

Jonas Schupp

Hardware-based memory safety in RISC-V (AISEC)

Beschreibung

Memory safety bugs, e.g., buffer-overflows or use-after-free, remain in the top ranks of security
vulnerabilities. New hardware extensions such as the ARM Memory Tagging Extension help as
mitigation, but are not yet available for all architectures. In this work, you will analyze and com-
pare different methods for hardware-based memory safety approaches and will identify their
advantages/disadvantages. You will then implement support for memory safety for RISC-V in
the gem5 simulator. The work done is part of the Chip Design Center Bayern Innovative that
helps build an independent Chip Design infrastructure in Bavaria.In this project the Fraun-
hofer AISEC helps to develop secure RISC-V systems and encourages publication of the final
results.

Voraussetzungen

The following list of prerequisites is not complete, but shall give you an idea what is expected.

  • Knowledge in C/C++ to use and adapt the instrumentation and simulation framework
  • Basic knowledge of computer architectures
  • Basic knowledge in a scripting language, e.g. Python

 

 

 

Kontakt

Fraunhofer AISEC
Lichtenbergstraße 11
85748 München
Konrad Hohentanner
or via email: konrad.hohentanner@aisec.fraunhofer.de

Betreuer:

Georg Sigl - Konrad Hohentanner (Fraunhofer AISEC)

Metrics for Obfuscation of Sequential Circuits

Beschreibung

Obfuscation of sequential circuits targets the protection of finite state machines. There exist different approaches to achieve this, like modifying the state machine on RTL level or modifying the corresponding flip-flops on gate-level [1]. A metric can be used to evaluate the success of an obfuscation technique and make it comparable to other methods. Due to the wide variety of sequential obfuscation methods, there are no uniform and very few metrics at all.

This work should analyze existing metrics in terms of how well they can be generalized and thus applied to as many obfuscation techniques as possible. In addition, the work should develop an improved metric.

Please contact me to get more information about the topic and the aim of this work.

 

References:

  • [1] Kamali, Hadi Mardani, et al. "Advances in Logic Locking: Past, Present, and Prospects." Cryptology ePrint Archive (2022).
  • R. S. Chakraborty and S. Bhunia, "HARPOON: An Obfuscation-Based SoC Design Methodology for Hardware Protection," in IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, vol. 28, no. 10, pp. 1493-1502, Oct. 2009, doi: 10.1109/TCAD.2009.2028166.

Kontakt

Michaela Brunner, M.Sc.

Technical University of Munich, Chair of Security in Information Technology

Room N1008, Email: michaela.brunner@tum.de

 

Betreuer:

Michaela Brunner

Exploring netlist representations for netlist RE

Beschreibung

Reverse engineering of silicon hardware designs is an interesting task for various applications in science and industry, such as patent infringement detection, security analysis or hardware trojan detection.

One of the most challenging tasks is to go from the flat netlist, that is a graph of logic gates and wires between them, to a high level description of the design.

In this work, you will analyze and compare different methods for representing a netlist and the benefits and problems when analyzing the netlist using the different representations

 

Voraussetzungen

The following list of prerequisites is neither complete nor binding, but shall give you an idea, what the topic is about.

  • Sufficient knowledge in a python to use our existing framework
  • Basic knowledge of a hardware description language such as vhdl or verilog to understand what you are analyzing
  • Basic knowledge in graph theory, algorithms etc. to cope with problems on the way.

 

Kontakt

If you are interested in this topic, don't hesitate to ask for an appointment via

alex.hepp@tum.de

Please include a grade report and a CV, so I can evaluate different focus areas to fit your experience.

 

Betreuer:

Alexander Hepp

HW implementations for Post-Quantum Cryptography

Beschreibung

Classic asymmetric cryptography is based on mathematical problems like discrete logarithm or integer factorization. With large-scale quantum computers, these problems can be solved in very short time, which causes a serious threat to cryptographic systems.

Post-Quantum Cryptography (PQC) describes cryptographic approaches that are secure even in the presence of such quantum computers. To evaluate the security and efficiency of such systems, NIST started a competition that aims to define a new standard [1].

Depending on the scope of this work, the goal is to implement HW accelerators for commonly used operations in PQC, integrate them into a RISC-V environment and evaluate their impact on performance for PQC.

[1] https://csrc.nist.gov/projects/post-quantum-cryptography

Voraussetzungen

Ideally, you should have knowledge of the following:

  • A hardware description language like VHDL/Verilog/SystemVerilog
  • Experience running simulations using ModelSim
  • Basic C programming skills

Kontakt

patrick.karl@tum.de

Betreuer:

Patrick Karl

Error Correction for PUFs

Stichworte:
Channel Coding, Error Correction, PUF, Security

Beschreibung

Each integrated ciruict is subject to process variations. PUFs can derive secret keys from this fingerprint-like feature of a device. To ensure stable cryptographic keys error correction is needed.

If this might be interesting for you, feel free to contact me. With this position, I am not targeting a specific topic, but it is rather a nice opportunity work on any kind of error correction topic for PUFs. Depending on your kind of thesis/internship, your background and knowledge, and most importantly your interests, we can try to find a suitable topic together.

Voraussetzungen

Helpful previous knowledge:

  • Error correcting Codes
  • PUFs

Helpful Tools (you will not need all of them at once most likely)

  • Python
  • Matlab
  • Verilog (for FPGA)
  • Reading Papers
  • C (e.g for Microcontroller)

 

Betreuer:

Christoph Frisch

Interdisziplinäre Projekte

Parameter exploration of an FPGA-based fault injection framework

Beschreibung

Ring Oscillators or circuits relying on glitch amplification have been demonstrated to be efficient for implementing fault attacks remotely in FPGAs [1,2]

In this work, the parameter exploration of an existing FPGA to CPU fault injection framework is to be performed. The optimization goals should lead to a small fault injection circuit capable of implementing fault injection on Linux, while minimizing the number of system crashes.

[1]: Krautter, J., Gnad, D. R. E., & Tahoori, M. B. (2018). FPGAhammer: Remote Voltage Fault Attacks on Shared FPGAs, suitable for DFA on AES. IACR Transactions on Cryptographic Hardware and Embedded Systems, 2018(3), 44–68. https://doi.org/10.13154/tches.v2018.i3.44-68

[2]: K. Matas, T. M. La, K. D. Pham and D. Koch, "Power-hammering through Glitch Amplification – Attacks and Mitigation," 2020 IEEE 28th Annual International Symposium on Field-Programmable Custom Computing Machines (FCCM), 2020, pp. 65-69, doi: 10.1109/FCCM48280.2020.00018.

Voraussetzungen

  • Good knowledge in C programming
  • Good knowledge in Python
  • Previous experience with Hardware design in VHDL preferred

Betreuer:

Mathieu Gross

Automotive radio analysis framework (AISEC)

Beschreibung

Modern cars use besides well known wireless standards like WLAN or Bluetooth, a plethora of proprietary radio communication protocols. For example, current tire pressure is transmitted via Ultrahigh Frequency (UHF) to a controller in the car. Radio Data System (RDS) is also still used to embed information like traffic messages, title names or sender logos into FM radio broadcasting. As a final example, radio keys use Low Frequency (LF) as well as UHF to implement different functions to unlock and start the car. Especially Remote Keyless Entry (RKE) is highly popular although implementing little security.
This work shall develop a framework to test automotive wireless services. The main focus should lie with vehicle keys and immobilizers. First of all, devices to analyse LF as well as UHF should be integrated and as necessary expanded. Based on this, tests shall be conceived, like testing RKE for replay or relay vulnerabilities. Finally, these tests may be optimized, e.g. by tuning antenna or other hardware to increase distance.

Voraussetzungen

The following list of prerequisites is neither complete nor binding, but shall give you an idea, what the topic is about:
• Experience with radio communication basics (Modulation, Encoding, ...)
• Experience in programming for embedded devices
• Ability to work self-directed and systematically
Please attach a current grade sheet and a short CV to your application so that we can assess your qualification for the topic of your choice.

Kontakt

Nikolai Puch
Sebastian Peters
Phone:    +49 89 322-9986-142
Phone:    +49 89 322-9986-1037
E-mail:    nikolai.puch@aisec.fraunhofer.de
E-mail:    sebastian.peters@aisec.fraunhofer.de
Fraunhofer Research Institute for Applied and Integrated Security AISEC
Department Product Protection and Industrial Security Lichtenbergstraße 11, 85748 Garching near Munich, Germany https://www.aisec.fraunhofer.de

Betreuer:

Georg Sigl - Nicolai Puch, Sebastian Peters (Fraunhofer AISEC)

Bringing a RISC-V to Life: Implementation of tooling for a RISC-V CPU

Beschreibung

RISC-V is the upcoming instruction set architecture of the future. We have taped out our own RISC-V chip for security purposes.

Your task is to implement various testing routines for a RISC-V CPU existing at the chair.

Voraussetzungen

This list is not final, rather a guideline for the competences required for successfully completing the project.

  • Sufficient knowledge of C
  • Experience with embedded programming and environment
  • Some knowledge of cmake, as compilation works via cmake
  • Some knowledge of python, as tooling is partially implemented with it.

Betreuer:

Alexander Hepp

Entwicklung von Werkzeugen für das Reverse Engineering

Beschreibung

Während dem Reverse Engineering von digitalen Schaltungen trifft man oft auf Probleme, deren Komplexität durch Automatisierung besser beherrscht werden kann. Viele Tools müssen dabei an die spezifische Forschung angepasst werden und helfen dann dabei, mit Standard-IC-Design-Werkzeugen weiterzuarbeiten.

Beispielsweise erhält man eine Netzliste, die mit einer unbekannten Zellbibliothek synthetisiert wurden. Nun ist es notwendig, die verwendete Zellbibliothek zu reverse-engineeren, z.B. mithilfe der Pin und Zell-Namen und daraus eine einfache Bibliothek herzustellen, mit der die Netzliste dann mit den Standard-Tools verarbeitet werden kann.

In dieser Ingenieurspraxis arbeiten Sie eng mit einem Wissenschaftler im Reverse Engineering-Bereich zusammen und erstellen ein oder mehrere hochwertige Werkzeuge für das Reverse Engineering von Netzlisten.

Kontakt

If you are interested in this topic, don't hesitate to ask for an appointment via

alex.hepp@tum.de

Please include a grade report and a CV, so I can evaluate different focus areas to fit your experience.

Betreuer:

Alexander Hepp

Error Correction for PUFs

Stichworte:
Channel Coding, Error Correction, PUF, Security

Beschreibung

Each integrated ciruict is subject to process variations. PUFs can derive secret keys from this fingerprint-like feature of a device. To ensure stable cryptographic keys error correction is needed.

If this might be interesting for you, feel free to contact me. With this position, I am not targeting a specific topic, but it is rather a nice opportunity work on any kind of error correction topic for PUFs. Depending on your kind of thesis/internship, your background and knowledge, and most importantly your interests, we can try to find a suitable topic together.

Voraussetzungen

Helpful previous knowledge:

  • Error correcting Codes
  • PUFs

Helpful Tools (you will not need all of them at once most likely)

  • Python
  • Matlab
  • Verilog (for FPGA)
  • Reading Papers
  • C (e.g for Microcontroller)

 

Betreuer:

Christoph Frisch

Forschungspraxis (Research Internships)

Machine Learning in Side-Channel Analysis (AISEC)

Beschreibung

Utilizing statistical techniques, side-channel analysis exploits information that a cryptographic device is leaking. Possible sources of this leakage are electromagnetic or power side-channel traces. Machine learning based side-channel analysis extends the statistical toolbox with Neural Networks, Belief Propagation or different methods of this field to recombine and exploit leakage.

In collaboration with the Technical University of Munich, the Fraunhofer AISEC's hardware security department offers a variety of open positions in this field. Depending on your strengths, we provide both pure software-based and practical hardware topics, such as the following:

• Trace analysis using explainable machine learning
• Leakage recombination using belief propagation - light-weight or post-quantum algorithms
• Belief propagation performance optimization using GPUs
• Pattern-based triggering using software-defined radios

On request, other topics can be offered.

Voraussetzungen

• Programming skills, at least one language (Python, C, Rust)
• Interest in hardware security
• Basic Linux skills

Kontakt

Emanuele Strieder
Telefon: +49 89 322-9986-140
E-Mail: emanuele.strieder@aisec.fraunhofer.de

Fraunhofer Research Institution for Applied and Integrated Security (AISEC)
Department Hardware Security
Parkring 4, 85748 Garching (near Munich), Germany
https://www.aisec.fraunhofer.de

Betreuer:

Georg Sigl - Emanuele Strieder (Fraunhofer AISEC)

Practical Side Channel Analysis of Masking and Shuffling in Lattice-based Cryptography (AISEC)

Beschreibung

In the near future, lattice-based cryptography will replace RSA and ECC as standard for public key cryptography. This puts the implementation security of lattice-based cryptography into the spotlight, in particular the number theoretic transform. Its internal structure makes it a target for power/electromagnetic side channel attacks. During this thesis, you will conduct a practical side channel analysis of the number theoretic transform in our laboratory and evaluate different countermeasures like masking and shuffling.

Voraussetzungen

* Experience with embedded programming: C or Rust
* Experience with Python
* Experience with Linux
* Motivation to learn about implementation security and side channel attacks

Kontakt

Please send an email with:
* A short CV
* A short cover letter
* Your last grading sheet
* 3-5 dates, which fit to your schedule, for a meeting.

Felix Oberhansl, felix.oberhansl@aisec.fraunhofer.de

Betreuer:

Georg Sigl - Felix Oberhansl (Fraunhofer AISEC)

Parameter exploration of an FPGA-based fault injection framework

Beschreibung

Ring Oscillators or circuits relying on glitch amplification have been demonstrated to be efficient for implementing fault attacks remotely in FPGAs [1,2]

In this work, the parameter exploration of an existing FPGA to CPU fault injection framework is to be performed. The optimization goals should lead to a small fault injection circuit capable of implementing fault injection on Linux, while minimizing the number of system crashes.

[1]: Krautter, J., Gnad, D. R. E., & Tahoori, M. B. (2018). FPGAhammer: Remote Voltage Fault Attacks on Shared FPGAs, suitable for DFA on AES. IACR Transactions on Cryptographic Hardware and Embedded Systems, 2018(3), 44–68. https://doi.org/10.13154/tches.v2018.i3.44-68

[2]: K. Matas, T. M. La, K. D. Pham and D. Koch, "Power-hammering through Glitch Amplification – Attacks and Mitigation," 2020 IEEE 28th Annual International Symposium on Field-Programmable Custom Computing Machines (FCCM), 2020, pp. 65-69, doi: 10.1109/FCCM48280.2020.00018.

Voraussetzungen

  • Good knowledge in C programming
  • Good knowledge in Python
  • Previous experience with Hardware design in VHDL preferred

Betreuer:

Mathieu Gross

Post-Quantum Crypto on RISC-V

Beschreibung

As the ongoing development of quantum computers poses a significant threat to classic assymetric cryptography, new approaches for assymetric encryption and signatures need to be developed. These post-quantum secure cryptography can be grouped into different subsets, among them schemes based on lattices, error-correcting codes, isogenies or multivariate equations.

The NIST (National Institute of Standards and Technology) chose 3 lattice-based Post-Quantum secure algorithms for standardization in July 2022.

The goals of this work is to implement one these algorithms on a State-of-the-Art RISC-V platform and evaluate its potential for hardware acceleration as well as its side-channel resilience.

References:

NIST Round 3 Report

Voraussetzungen

  • Very good programming skills in C and RISC-V assembly
  • Experience in hardware design with VHDL or SystemVerilog

Kontakt

Betreuer:

Jonas Schupp

Hardware-based memory safety in RISC-V (AISEC)

Beschreibung

Memory safety bugs, e.g., buffer-overflows or use-after-free, remain in the top ranks of security
vulnerabilities. New hardware extensions such as the ARM Memory Tagging Extension help as
mitigation, but are not yet available for all architectures. In this work, you will analyze and com-
pare different methods for hardware-based memory safety approaches and will identify their
advantages/disadvantages. You will then implement support for memory safety for RISC-V in
the gem5 simulator. The work done is part of the Chip Design Center Bayern Innovative that
helps build an independent Chip Design infrastructure in Bavaria.In this project the Fraun-
hofer AISEC helps to develop secure RISC-V systems and encourages publication of the final
results.

Voraussetzungen

The following list of prerequisites is not complete, but shall give you an idea what is expected.

  • Knowledge in C/C++ to use and adapt the instrumentation and simulation framework
  • Basic knowledge of computer architectures
  • Basic knowledge in a scripting language, e.g. Python

 

 

 

Kontakt

Fraunhofer AISEC
Lichtenbergstraße 11
85748 München
Konrad Hohentanner
or via email: konrad.hohentanner@aisec.fraunhofer.de

Betreuer:

Georg Sigl - Konrad Hohentanner (Fraunhofer AISEC)

Metrics for Obfuscation of Sequential Circuits

Beschreibung

Obfuscation of sequential circuits targets the protection of finite state machines. There exist different approaches to achieve this, like modifying the state machine on RTL level or modifying the corresponding flip-flops on gate-level [1]. A metric can be used to evaluate the success of an obfuscation technique and make it comparable to other methods. Due to the wide variety of sequential obfuscation methods, there are no uniform and very few metrics at all.

This work should analyze existing metrics in terms of how well they can be generalized and thus applied to as many obfuscation techniques as possible. In addition, the work should develop an improved metric.

Please contact me to get more information about the topic and the aim of this work.

 

References:

  • [1] Kamali, Hadi Mardani, et al. "Advances in Logic Locking: Past, Present, and Prospects." Cryptology ePrint Archive (2022).
  • R. S. Chakraborty and S. Bhunia, "HARPOON: An Obfuscation-Based SoC Design Methodology for Hardware Protection," in IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, vol. 28, no. 10, pp. 1493-1502, Oct. 2009, doi: 10.1109/TCAD.2009.2028166.

Kontakt

Michaela Brunner, M.Sc.

Technical University of Munich, Chair of Security in Information Technology

Room N1008, Email: michaela.brunner@tum.de

 

Betreuer:

Michaela Brunner

Exploring netlist representations for netlist RE

Beschreibung

Reverse engineering of silicon hardware designs is an interesting task for various applications in science and industry, such as patent infringement detection, security analysis or hardware trojan detection.

One of the most challenging tasks is to go from the flat netlist, that is a graph of logic gates and wires between them, to a high level description of the design.

In this work, you will analyze and compare different methods for representing a netlist and the benefits and problems when analyzing the netlist using the different representations

 

Voraussetzungen

The following list of prerequisites is neither complete nor binding, but shall give you an idea, what the topic is about.

  • Sufficient knowledge in a python to use our existing framework
  • Basic knowledge of a hardware description language such as vhdl or verilog to understand what you are analyzing
  • Basic knowledge in graph theory, algorithms etc. to cope with problems on the way.

 

Kontakt

If you are interested in this topic, don't hesitate to ask for an appointment via

alex.hepp@tum.de

Please include a grade report and a CV, so I can evaluate different focus areas to fit your experience.

 

Betreuer:

Alexander Hepp

Parameter Optimitzation for On-Chip Voltage Sensor

Beschreibung

In a Multi-tenant FPGA scenario multiple users have their own partial reconfigurable region on a single FPGA. Each of theses regions allows a single user to implement her/his design, without being able to directly interact with the design of another user on the same FPGA. So-called Time to Digital Converters (TDCs) can be used to perform remote side-channel attacks in such multi-tenant FPGAs, to extract secrets from other users.

The TDC is used as remote power measurement unit of the FPGA. The working principle is to use a long path in which timing violations are caused. Since the delay of transistors are proportional to the supply voltage, the amount of timing violations is a measure of the devices power consumption.

Different publications have already shown that cryptographic implementations [1, 2] and neural networks [3] can be attacked with such sensors.

In this work, design parameters of the TDC should be explored, in order to evaluate the influence on measurements of the on-device power consumption.

 

[1] F. Schellenberg, D. R. E. Gnad, A. Moradi, and M. B. Tahoori, “An inside job: Remote power analysis attacks on FPGAs,” in Design, Automation and Test in Europe Conference & Exhibition (DATE), 2018, pp. 1111–1116.

[2] O. Glamo?anin, L. Coulon, F. Regazzoni, and M. Stojilovi?, “Are cloud fpgas really vulnerable to power analysis attacks?” in 2020 Design, Automation & Test in Europe Conference & Exhibition (DATE). IEEE, 2020, pp. 1007–1010.

[3] V. Meyers, D. Gnad and M. Tahoori, "Reverse Engineering Neural Network Folding with Remote FPGA Power Analysis," 2022 IEEE 30th Annual International Symposium on Field-Programmable Custom Computing Machines (FCCM), 2022, pp. 1-10, doi: 10.1109/FCCM53951.2022.9786107.

Voraussetzungen

VHDL/Verilog knowledge, Python skills

Kontakt

manuel.brosch@tum.de
matthias.probst@tum.de

Betreuer:

Manuel Brosch, Matthias Probst

IP Risk Through Satisfiability Checking Tools

Beschreibung

Due to long production and supply chains, circuit designs are prone to theft and manipulation. Logic locking inserts a locking key into the circuit netlist to secure them against these risks. However, so called SAT-based attacks, which check the satisfiability of netlists, were developed to extract the locking keys again.

This work should create a better understanding of sequential SAT-based attacks and extend them towards further applications.

Please contact me to get more information about the topic and the aim of this work.

 

References:

  • Subramanyan, P.; Ray, S. & Malik, S. Evaluating the security of logic encryption algorithms 2015 IEEE International Symposium on Hardware Oriented Security and Trust (HOST), 2015, 137-143
  • El Massad, M.; Garg, S. & Tripunitara, M. Reverse engineering camouflaged sequential circuits without scan access 2017 IEEE/ACM International Conference on Computer-Aided Design (ICCAD), 2017, 33-40

 

Kontakt

Michaela Brunner, M.Sc.

Technical University of Munich, Chair of Security in Information Technology

Room N1008, Email: michaela.brunner@tum.de

 

Betreuer:

Michaela Brunner

Hardware Supply Chain Security (AISEC)

Beschreibung

Most customers put trust in their hardware vendors and the corresponding supply chain. No matter how well secured these customers’ own infrastructures are, this trust has the potential to devolve the weaknesses of their vendors (and even the vendors’ vendors etc.) into the customers’ own environment, constituting a blind spot in their overall security architecture.
Proposals to address this multi-dimensional problem on the one hand include organizational measures as, for example, establishing Cyber Supply Chain Risk Management (C-SCRM) or demanding third-party certifications, which confirm conformance with standards such as the ISA/IEC 62443 series. On the other hand, technology-based approaches as, for example, physical unclonable functions or IDevID certificates can also help to decrease the amount of trust which has to be put into the hardware supply chain.

Topic
The overall goal of this guided research is to compile a comprehensive overview of the hardware supply chain security landscape including challenges and potential solutions/countermeasures. The focus should lie on but not solely be limited to industrial automation and control systems (IACS).
The first part is to investigate both real-world incidents and academic approaches exploiting the hardware supply chain. Based on this preliminary research and reasoning, a holistic paradigm of trust relationships and corresponding problems in the hardware supply chain has to be derived and consolidated.
In the second part, suitable countermeasures have to be investigated and mapped to this paradigm. These countermeasures should in turn be categorized based on their maturity (ready-to-use, academic PoC, proposal etc.).

Voraussetzungen

  • Self-initiative and the ability to work in a self-directed way
  • Knowledge in the field of IT/IACS security
  • First experiences with hardware security would be ideal

Please attach a current grade sheet and a short CV to your application.

Kontakt

Michael Heinl
Nikolai Puch
Phone:    +49 89 322-9986-125
Phone:    +49 89 322-9986-142
E-mail:    michael.heinl@aisec.fraunhofer.de
E-mail:    nikolai.puch@aisec.fraunhofer.de
Fraunhofer Research Institute for Applied and Integrated Security AISEC
Department Product Protection and Industrial Security Lichtenbergstraße 11, 85748 Garching near Munich, Germany https://www.aisec.fraunhofer.de

Betreuer:

Georg Sigl - Michael Heinl und Nikolai Puch (Fraunhofer AISEC)

Automotive radio analysis framework (AISEC)

Beschreibung

Modern cars use besides well known wireless standards like WLAN or Bluetooth, a plethora of proprietary radio communication protocols. For example, current tire pressure is transmitted via Ultrahigh Frequency (UHF) to a controller in the car. Radio Data System (RDS) is also still used to embed information like traffic messages, title names or sender logos into FM radio broadcasting. As a final example, radio keys use Low Frequency (LF) as well as UHF to implement different functions to unlock and start the car. Especially Remote Keyless Entry (RKE) is highly popular although implementing little security.
This work shall develop a framework to test automotive wireless services. The main focus should lie with vehicle keys and immobilizers. First of all, devices to analyse LF as well as UHF should be integrated and as necessary expanded. Based on this, tests shall be conceived, like testing RKE for replay or relay vulnerabilities. Finally, these tests may be optimized, e.g. by tuning antenna or other hardware to increase distance.

Voraussetzungen

The following list of prerequisites is neither complete nor binding, but shall give you an idea, what the topic is about:
• Experience with radio communication basics (Modulation, Encoding, ...)
• Experience in programming for embedded devices
• Ability to work self-directed and systematically
Please attach a current grade sheet and a short CV to your application so that we can assess your qualification for the topic of your choice.

Kontakt

Nikolai Puch
Sebastian Peters
Phone:    +49 89 322-9986-142
Phone:    +49 89 322-9986-1037
E-mail:    nikolai.puch@aisec.fraunhofer.de
E-mail:    sebastian.peters@aisec.fraunhofer.de
Fraunhofer Research Institute for Applied and Integrated Security AISEC
Department Product Protection and Industrial Security Lichtenbergstraße 11, 85748 Garching near Munich, Germany https://www.aisec.fraunhofer.de

Betreuer:

Georg Sigl - Nicolai Puch, Sebastian Peters (Fraunhofer AISEC)

HW implementations for Post-Quantum Cryptography

Beschreibung

Classic asymmetric cryptography is based on mathematical problems like discrete logarithm or integer factorization. With large-scale quantum computers, these problems can be solved in very short time, which causes a serious threat to cryptographic systems.

Post-Quantum Cryptography (PQC) describes cryptographic approaches that are secure even in the presence of such quantum computers. To evaluate the security and efficiency of such systems, NIST started a competition that aims to define a new standard [1].

Depending on the scope of this work, the goal is to implement HW accelerators for commonly used operations in PQC, integrate them into a RISC-V environment and evaluate their impact on performance for PQC.

[1] https://csrc.nist.gov/projects/post-quantum-cryptography

Voraussetzungen

Ideally, you should have knowledge of the following:

  • A hardware description language like VHDL/Verilog/SystemVerilog
  • Experience running simulations using ModelSim
  • Basic C programming skills

Kontakt

patrick.karl@tum.de

Betreuer:

Patrick Karl

SystemC modeling of Cryptographic Functions

Beschreibung

SystemC [1] is a C++ extension that facilitates system modeling and architecture exploration. Hardware models can be abstracted and design options can be evaluated in a higher abstraction level compared to HDL languages.

The goal of this work is to model cryptographic building blocks and evaluate the performance for different design options.

[1] https://systemc.org/

Voraussetzungen

  • Good knowledge of C/C++
  • Basic knowledge of SystemC

 

Upon application, please attach a short CV and list your experience using C/C++/SystemC

Kontakt

patrick.karl@tum.de

Betreuer:

Patrick Karl

Error Correction for PUFs

Stichworte:
Channel Coding, Error Correction, PUF, Security

Beschreibung

Each integrated ciruict is subject to process variations. PUFs can derive secret keys from this fingerprint-like feature of a device. To ensure stable cryptographic keys error correction is needed.

If this might be interesting for you, feel free to contact me. With this position, I am not targeting a specific topic, but it is rather a nice opportunity work on any kind of error correction topic for PUFs. Depending on your kind of thesis/internship, your background and knowledge, and most importantly your interests, we can try to find a suitable topic together.

Voraussetzungen

Helpful previous knowledge:

  • Error correcting Codes
  • PUFs

Helpful Tools (you will not need all of them at once most likely)

  • Python
  • Matlab
  • Verilog (for FPGA)
  • Reading Papers
  • C (e.g for Microcontroller)

 

Betreuer:

Christoph Frisch

Ingenieurpraxis

Temperaturlogging Labor

Kurzbeschreibung:
Konzeptionierung und Aufbau/Implementierung einer Temperaturüberwachung für ein Messlabor

Beschreibung

Seitenkanalmessungen können von Umwelteinflüssen erheblich beeinflusst werden. Um einen Zusammenhang zwischen potentiell fehlerhaften Messungen und der Temperatur des Messplatzes herstellen zu können, soll eine dauerhafte Temperaturübewachung des Labors etabliert werden, die Werte in regelmäßigen Abständen protokolliert und sowohl eine visuelle als automatisierbare Auswertung der Daten über beliebige Zeiträume bietet.

Voraussetzungen

  • Grundkenntnisse der Webentwicklung (z.B.: PHP, RubyOnRails, Javascript)
  • Grundkenntnisse Datenbanken (z.B.: PostgreSQL)
  • Grundkenntnisse Programmierung auf Linux
  • Grundkenntnisse Hardwareentwicklung

Kontakt

Betreuer:

Jonas Schupp

Studentische Hilfskräfte

Machine Learning in Side-Channel Analysis (AISEC)

Beschreibung

Utilizing statistical techniques, side-channel analysis exploits information that a cryptographic device is leaking. Possible sources of this leakage are electromagnetic or power side-channel traces. Machine learning based side-channel analysis extends the statistical toolbox with Neural Networks, Belief Propagation or different methods of this field to recombine and exploit leakage.

In collaboration with the Technical University of Munich, the Fraunhofer AISEC's hardware security department offers a variety of open positions in this field. Depending on your strengths, we provide both pure software-based and practical hardware topics, such as the following:

• Trace analysis using explainable machine learning
• Leakage recombination using belief propagation - light-weight or post-quantum algorithms
• Belief propagation performance optimization using GPUs
• Pattern-based triggering using software-defined radios

On request, other topics can be offered.

Voraussetzungen

• Programming skills, at least one language (Python, C, Rust)
• Interest in hardware security
• Basic Linux skills

Kontakt

Emanuele Strieder
Telefon: +49 89 322-9986-140
E-Mail: emanuele.strieder@aisec.fraunhofer.de

Fraunhofer Research Institution for Applied and Integrated Security (AISEC)
Department Hardware Security
Parkring 4, 85748 Garching (near Munich), Germany
https://www.aisec.fraunhofer.de

Betreuer:

Georg Sigl - Emanuele Strieder (Fraunhofer AISEC)

Secure Video Processing and Streaming (AISEC)

Beschreibung

The most of contemporary video recording and streaming software do not provide strong security guarantees, in terms of confidentiality, provable authenticity of the video data, as well as enforced access policies. To demonstrate possible solutions to those shortcomings, Fraunhofer AISEC develops software for secure and trusted video applications, e.g., security cameras.
This software is written in C/C++ for Linux-based systems and applies security mechanisms and policies on video data. For the current implementation state we are seeking support for various extensions and improvements. The position provides an opportunity to work on a project bringing cutting edge security into the video-based applications. The candidates are expected to be able to find her way through technical documentations, understand third-party libraries and tools, and of course have fun trying out new approaches.

Voraussetzungen

• High motivation and independent work style
• Ability to grasp new technlogies and concepts quickly
• Good knowledge and experience in C/C++ programming
• Knowledge in the field of video processing and codecs is advantageous

Kontakt

Mykolai Protsenko, Dr.-Ing.
Telefon: +49 89 322-9986-192
E-Mail:    mykolai.protsenko@aisec.fraunhofer.de
Fraunhofer Institute for Applied and Integrated Security (AISEC)
Secure Operating Systems
Lichtenbergstraße 11, 85748 Garching (near Munich), Germany https://www.aisec.fraunhofer.de

Betreuer:

Georg Sigl - Mykolai Protsenko (Fraunhofer AISEC)

Working Student: Chip Design for Security Applications (AISEC)

Beschreibung

Fraunhofer AISEC and TU Munich are collaborating in designing security chip prototypes for various research projects. You have the opportunity to work with a team of researchers on realizing innovative security solutions on hardware circuits. During your work, you will both learn valuable skills related to the different stages of chip design and have the opportunity to contribute to cutting edge research, e.g. Physical Unclonable Functions, Post Quantum Cryptography, Hardening of cryptographic algorithms, … . This job is an ideal starting point for a future career in chip design and information security.

Voraussetzungen

* One of the following and the motivation to learn the other:
      Experience with at least one hardware description language, e.g. (System) Verilog or VHDL
      Experience with embedded software development, e.g. C, Assembly (ARM/RISC-V), Rust
* Experience with Python
* Experience with Linux
* Motivation for learning more about chip design
* Motivation for contributing to research in hardware security

Kontakt

Please send an email with:
* A short CV
* A short cover letter
* Your last grading sheet
* 3-5 dates, which fit to your schedule, for a meeting.
Felix Oberhansl, felix.oberhansl@aisec.fraunhofer.de

Betreuer:

Georg Sigl - Felix Oberhansl (Fraunhofer AISEC)

Studentische Hilfskraft Public Relations & Marketing (m/w/d) (AISEC)

Beschreibung

Die Fraunhofer-Gesellschaft (www.fraunhofer.de) betreibt in Deutschland derzeit 76 Institute und Forschungseinrichtungen und ist die weltweit führende Organisation für anwendungsorientierte Forschung. Rund 30 000 Mitarbeitende erarbeiten das jährliche Forschungsvolumen von 2,9 Milliarden Euro.  

 

Das Fraunhofer-Institut für Angewandte und Integrierte Sicherheit AISEC (http://www.aisec.fraunhofer.de/) mit Hauptsitz in Garching bei München und Standorten in Berlin und Weiden gestaltet mit international anerkannter Spitzenforschung im Bereich Cybersicherheit die digitalen Transformationsprozesse in Schlüsselbranchen wie der Automobilindustrie, dem Maschinenbau, der Luftfahrt und der Gesundheitswirtschaft mit.

 

Was Sie bei uns tun

 

Als Unterstützung für unser PR- und Marketing-Team erwartet Sie ein vielseitiges und interessantes Aufgabenspektrum. Dazu zählt die aktive Mitarbeit sowohl an der Kommunikation des Fraunhofer AISEC mit seinen wichtigsten internen und externen Stakeholdern, als auch am Marketing seines Know-hows und seiner Technologien gegenüber Kund*innen und potentiellen Bewerber*innen.

 

Voraussetzungen

Was Sie mitbringen

 

  • Sie studieren Kommunikations-, Medien- oder Geisteswissenschaften bzw. interessieren sich für einen Einstieg ins Berufsfeld „PR & Marketing“ und bringen erste Kenntnisse in digitaler Kommunikation mit.
  • Als Digital Native haben Sie keine Scheu vor digitalen Tools, verstehen es Social-Media-Kanäle geschickt zu nutzen und haben ein Händchen für digitale Foto-, Video- oder Audio-Inhalte.
  • Es macht Ihnen Spaß, Veranstaltungen und Messen – sowohl Präsenz- als auch Online-Formate – zu organisieren.
  • Sicheres Auftreten, Teamarbeit und soziale Kompetenz sind für unser Team ebenso wichtig wie Flexibilität und selbstständiges, genaues Arbeiten.
  • Gute MS Office-Kenntnisse und einen sicheren Umgang mit dem Internet setzen wir voraus. Erste Erfahrungen mit Tools zur Grafikerstellung bzw. zur Bearbeitung von Foto-, Video- und Audio-Dateien sind hilfreich.
  • Außerdem sollten Sie ein Grundverständnis von Cybersicherheit und eine Vorstellung von ihrer Relevanz bzw. ihren Funktions- und Wirkungsweisen haben.

 

Kontakt

Tobias Steinhäußer

 

Head of PR & Marketing

 

Fraunhofer AISEC/CCIT

 

Tel. +49 3229986-170

 

 

Fraunhofer-Institut für Angewandte und Integrierte Sicherheit AISEC 

 

www.aisec.fraunhofer.de 


Kennziffer: 22082   

 

Betreuer:

Georg Sigl - Tobias Steinhäußer (Fraunhofer AISEC)

Exploring netlist representations for netlist RE

Beschreibung

Reverse engineering of silicon hardware designs is an interesting task for various applications in science and industry, such as patent infringement detection, security analysis or hardware trojan detection.

One of the most challenging tasks is to go from the flat netlist, that is a graph of logic gates and wires between them, to a high level description of the design.

In this work, you will analyze and compare different methods for representing a netlist and the benefits and problems when analyzing the netlist using the different representations

 

Voraussetzungen

The following list of prerequisites is neither complete nor binding, but shall give you an idea, what the topic is about.

  • Sufficient knowledge in a python to use our existing framework
  • Basic knowledge of a hardware description language such as vhdl or verilog to understand what you are analyzing
  • Basic knowledge in graph theory, algorithms etc. to cope with problems on the way.

 

Kontakt

If you are interested in this topic, don't hesitate to ask for an appointment via

alex.hepp@tum.de

Please include a grade report and a CV, so I can evaluate different focus areas to fit your experience.

 

Betreuer:

Alexander Hepp

Unterstützung im Auf- und Ausbau der Labore (AISEC)

Kurzbeschreibung:
Die Abteilung PIN verfügt über vier Labore, die sich über die Bereiche Automotive, Elektronik bis Industrie erstrecken. Diese beinhalten Ausrüstung wie einen Rollenprüfstand mit Hebebühne, 3D Drucker, eine Platinenfräse oder Lötarbeitsplätze. Aktuell sind diese Arbeitsplätze aber noch nicht final eingerichtet und konnten weiter optimiert und ergänzt werden. Im Rahmen der Arbeit am AISEC sollen die Arbeitsprozesse und Ausstattung der Labore und Werkstatten optimiert werden. Beispielsweise können dabei Methoden und Ideen aus dem Toyota/Lean Produktionssystem angewendet werden. Aber auch Unterstützung bei Aufbauten für das Tagesgeschäft ist möglich. Aufgaben sind beispielsweise:

Beschreibung

Testen der Werkstattausstattung, um Lücken oder Ineffizienzen zu identifizieren

  •     Seiton & Seiketsu: Erstellen von Ordnungsstrukturen in den Laboren
  •     Design, Einrichten und Optimieren von Arbeitsplätzen
  •     Aufbau von Versuchsträgern
  •     Dokumentation

Voraussetzungen


    
    
Die folgende Auflistung der Voraussetzungen ist weder vollständig noch verbindlich, soll Ihnen aber einen Eindruck vermitteln worauf es bei der Arbeit ankommt:

  •     Praktische Erfahrung mit elektronischen / mechanischen Aufbauten
  •     Maker-Spirit, Kreativität und Lösungsdenken
  •     Optimalerweise Berufserfahrung, Ausbildung oder Erfahrung mit praktischer Arbeit in Laboren
  •     Fertigkeit zum selbstständigen und systematischen Arbeiten


Bitte beachte, dass durch die Art der Arbeit i.d.R. Anwesenheit am Institut in Garching nötig ist.
Bitte legen Sie bei Bewerbungen immer einen aktuellen Notenauszug sowie einen kurzen Lebenslauf bei, damit wir Ihre Eignung für das Thema einschätzen können.

Kontakt

Dr. Sven Plaga
Nikolai Puch
Phone:    +49 89 322-9986-117
Phone:    +49 89 322-9986-142
E-mail:    sven.plaga@aisec.fraunhofer.de
E-mail:    nikolai.puch@aisec.fraunhofer.de
Fraunhofer Research Institute for Applied and Integrated Security AISEC
Department Product Protection and Industrial Security Lichtenbergstraße 11, 85748 Garching near Munich, Germany https://www.aisec.fraunhofer.de

Betreuer:

Georg Sigl - Sven Plaga und Nicolai Puch (Fraunhofer AISEC)

HIWI: Advanced Cryptographic Implementations

Beschreibung

The course Advanced Cryptographic Implementation (ACI) provides an introduction to advanced implementation techniques to optimize state-of-the-art cryptographic algorithms on embedded systems, including advanced countermeasures to secure cryptographic implementations against side-channel and fault attacks.
The course relies on a practical hands-on project. During the project students are asked to implement and optimize cryptographic algorithms on a RISC-V based microcontroller using both C and assembly.
As a HIWI you will help improving the current RISC-V based evaluation framework and tooling, and improve the current solutions of the project by implementing and/or optimizing portions of current cryptographic implementations.  
Timeline and working hours:
From 01.04.2022 until 31.08.2022 with a total of 160 hours. Flexible working hours and flexible working period are possible.

Voraussetzungen

* Basic knowledge of cryptography
* Hands-on experience with C/ASM programming and microcontrollers
* Self-motivated and independent working style
* Previous knowledge of RISC-V and attendance to the course are desirable, but not required

Kontakt

Betreuer:

Fabrizio De Santis - Fabrizio De Santis ()

Tutor/in: Advanced Cryptographic Implementations

Beschreibung

The course Advanced Cryptographic Implementation (ACI) provides an introduction to advanced implementation techniques to optimize state-of-the-art cryptographic algorithms on embedded systems, including advanced countermeasures to secure cryptography implementations against side-channel and fault attacks.
The exercise part of the course relies on a practical hands-on project. During the project students will be asked to implement and optimize cryptographic algorithms on a RISC-V based microcontroller using both C and assembly.
As a tutor you will provide technical support to students during the project period in form of (virtual) meetings or remote supervision (e.g., chat or mail) and help with the organization of the project (preparation).
Timeline and working hours:
From 01.04.2022 until 29.07.2022 with a total of 84 hours. Flexible working hours and flexible working period are possible.

Voraussetzungen

* Basic knowledge of cryptography
* Hands-on experience with C/ASM programming and microcontrollers
* Self-motivated and independent working style
* Previous knowledge of RISC-V and attendance to the course are desirable, but not required

Kontakt

Fabrizio De Santis

fabrizio.desantis@siemens.com

Betreuer:

Fabrizio De Santis - Fabrizio De Santis ()

Bringing a RISC-V to Life: Implementation of tooling for a RISC-V CPU

Beschreibung

RISC-V is the upcoming instruction set architecture of the future. We have taped out our own RISC-V chip for security purposes.

Your task is to implement various testing routines for a RISC-V CPU existing at the chair.

Voraussetzungen

This list is not final, rather a guideline for the competences required for successfully completing the project.

  • Sufficient knowledge of C
  • Experience with embedded programming and environment
  • Some knowledge of cmake, as compilation works via cmake
  • Some knowledge of python, as tooling is partially implemented with it.

Betreuer:

Alexander Hepp

Entwicklung von Werkzeugen für das Reverse Engineering

Beschreibung

Während dem Reverse Engineering von digitalen Schaltungen trifft man oft auf Probleme, deren Komplexität durch Automatisierung besser beherrscht werden kann. Viele Tools müssen dabei an die spezifische Forschung angepasst werden und helfen dann dabei, mit Standard-IC-Design-Werkzeugen weiterzuarbeiten.

Beispielsweise erhält man eine Netzliste, die mit einer unbekannten Zellbibliothek synthetisiert wurden. Nun ist es notwendig, die verwendete Zellbibliothek zu reverse-engineeren, z.B. mithilfe der Pin und Zell-Namen und daraus eine einfache Bibliothek herzustellen, mit der die Netzliste dann mit den Standard-Tools verarbeitet werden kann.

In dieser Ingenieurspraxis arbeiten Sie eng mit einem Wissenschaftler im Reverse Engineering-Bereich zusammen und erstellen ein oder mehrere hochwertige Werkzeuge für das Reverse Engineering von Netzlisten.

Kontakt

If you are interested in this topic, don't hesitate to ask for an appointment via

alex.hepp@tum.de

Please include a grade report and a CV, so I can evaluate different focus areas to fit your experience.

Betreuer:

Alexander Hepp