Manufacturing large ICs with ever-shrinking features requires exhaustive chip testing. Scan chains enable test facilities to evaluate the chip's circuits individually, using sophisticated test patterns. As they provide in-depth access to the chip for debugging and testing, they become a powerful tool in an adversary's hands. Among other threats, scan chain access is a key requirement for most oracle-guided attacks against anti-reverse engineering (anti-RE) protection schemes. Therefore, scan chains must be secured against unauthorized access to prevent adversaries from circumventing anti-RE protection.

This work aims to explore and compare state-of-the-art scan chain protection mechanisms. To narrow the scope, the focus is on protecting anti-RE schemes.

References:

[1] H. M. Kamali, K. Z. Azar, F. Farahmandi, and M. Tehranipoor, “Advances in Logic Locking: Past, Present, and Prospects.” Cryptology ePrint Archive, Paper 2022/260, Mar. 2022. [Online]. Available: https://eprint.iacr.org/2022/260/20220302:140658

In recent years deep learning (DL) has proven to be an effective tool in side-channel analysis (SCA). A major advantage of DL is that common side-channel countermeasures like masking or desynchronization can be overcome without additional preprocessing. While the application of DL to SCA has largely focused on convolutional neural networks, transformer networks (TNs) have recently drawn attention for their ability to capture dependencies among distant points of interest in power or electro-magnetic traces.

The goal of this seminar is to provide an overview on the application and effectiveness of TNs to SCA.

The National Institute of Standards and Technology (NIST) is about to start a project for evaluation of of advanced cryptographic techniques based on secure multi-party computation (MPC) to construct threshold schemes [1]. The main principle is that a secret key is split into n parties and remains uncompromised even if several, i.e. up to f out of n, parties are corrupted. Such thresholding techniques can be applied to e.g. encryption or signature schemes.

The goal of this work is to provide an overview of the NIST project by working out what kind of categories exist, and what sort of schemes have been submitted as previews to the project.

References:

• [1] https://csrc.nist.gov/Projects/threshold-cryptography

The Number Theoretic Transform (NTT) is a core computational bottleneck for the NIST-standardized PQC schemes ML-KEM and ML-DSA. To mitigate this, various hardware acceleration strategies have been proposed for RISC-V processors, ranging from loosely coupled co-processors to the integration of custom butterfly instructions directly into the processor pipeline [1].

The goal of this work is to provide an overview of these different acceleration paradigms and analyze their respective trade-offs in terms of performance (cycle count), hardware area (LUTs/Gates), and software flexibility.

[1] Allart, C., Guilloux, K., Coulon, J.-R., Sintzoff, A., Potin, O., & Rigaud, J.-B. (2026). Leveraging a Superscalar CVA6 to Implement NTT Instructions for Post-Quantum Cryptography. Paper presented at the CASCADE Conference, Regensburg, Germany. https://cascade-conference.org/Paper/website_paper_pdfs/16532008.pdf

Recently, research studying attacks combining fault injection with side-channel analysis has gained traction. One proposed countermeasure is the usage of polynomial masking instead of the widely used Boolean masking. Recent work has made strides in increasing the efficiency of polynomial masking [1].

The goal of this work is to explore polynomial masking and its computational and randomness overheads.

[1] Andresen, J., Arnold, P., Berndt, S., Eisenbarth, T., Faust, S., Gourjon, M., Landthaler, E., Micheli, E., Orlt, M., Pauls, P., Wirschem, K., & Zhao, L. (2026). UP TO 50% OFF: Efficient Implementation of Polynomial Masking. IACR Transactions on Cryptographic Hardware and Embedded Systems, 2026(1), 688-731. https://doi.org/10.46586/tches.v2026.i1.688-731

Physical Layer Security (PLS) exploits channel properties, where the attacker cannot decrypt the hidden message due to too many errors on his end compared to the legitimate receiver. This achieves Information-Theoretic Security. In contrast to regular cryptography, where the security is based on the secrecy of a key, which can be computed, Information Theoretic Security promises unconditional security. That means, the message is secure EVEN with the assumption that the attacker has unlimited computational capability.

However, PLS usually rely on assumptions (degraded wiretap channel) that are not found easily in most real-life scenarios or require very rigorous validation, which makes them less practical to implement compared to regular cryptography based on secret keys.

A new Physical Layer Security scheme [1] claims to solve this problem by artificially degrading a regular wiretap channel and thus generating errors on an eavesdropper but NOT on the legitimate receiver. It uses a secret key and a Pseudo RNG for this purpose and dynamically adapts the QAM constellation of the channel.

The aim of this work is to compare the new PLS scheme to regular symmetric-key cryptography (such as AES) in terms of:

• The exact security guarantees of the PLS scheme compared to symmetric-key cryptography (Information-theoretic vs computiational)
• The use case scenarios where symmetric-key cryptography is applicable but the PLS scheme is not and vice versa
• (Optional) Identify possible weaknesses of the PLS scheme

[1] L. Mroueh and I. Ajayi, "Noisy and Dynamic-Index Partitioned Modulation for Physical Layer Security," in IEEE Transactions on Communications, vol. 73, no. 12, pp. 15426-15441, Dec. 2025, doi: 10.1109/TCOMM.2025.3600556.

https://ieeexplore.ieee.org/document/11131228

Physical Layer Security exploits channel properties, where the attacker cannot decrypt the hidden message due to too many errors on his end compared to the legitimate receiver. This achieves Information-Theoretic Security. In contrast to regular cryptography, where the security is based on the secrecy of a key, which can be computed, Information Theoretic Security promises unconditional security. That means, the message is secure EVEN with the assumption that the attacker has unlimited computational capability.

A modular coding scheme achieves Information-Theoretic-Security by using Universal Hash Functions together with an Error Correction Code [1].

Universal Hash Functions are also used as Entropy Extractors in order to sanitize the output of a biased True Random Number Generator (TRNG) source [2]

The aim of this work is to try to find other use cases for Universal Hash Functions (UHF) beyond the given modular coding scheme and TRNG.

• Do a literature research, in order to find more scenarios where UHFs are or can be useful
• Describe the context and the role UHFs play or can play in all those scenarios.

[1] J. Voichtleitner, M. Wiese and H. Boche, "Comparison of universal hash functions for physical layer security in wiretap channels," 2024 IEEE 25th International Workshop on Signal Processing Advances in Wireless Communications (SPAWC), Lucca, Italy, 2024, pp. 191-195, doi: 10.1109/SPAWC60668.2024.10693998. https://ieeexplore.ieee.org/abstract/document/10693998

[2] Dang, Y., Gruji?, M., Yang, B., Zhu, W., Wang, H., Zhu, M., Verbauwhede, I., & Liu, L. (2025). Entropy extractor based high-throughput post-processings for True Random Number Generators. IACR Transactions on Cryptographic Hardware and Embedded Systems, 2025(4), 145-171. https://doi.org/10.46586/tches.v2025.i4.145-171

With the growing complexity of embedded systems, traditional software-based attack detection approaches face challenges in terms of latency, visibility, and resilience against low-level attacks. Hardware-assisted monitoring, such as using Hardware Performance Counters (HPCs), offers a promising complement. These sources can reveal subtle anomalies and attack traces at the microarchitectural or physical level.

However, the diversity of proposed detection mechanisms (machine-learning-based, threshold-based, hybrid firmware-hardware schemes, etc.) and the wide range of targeted attack types (e.g., side-channel, control-flow hijack, fault injection, denial-of-service) make it difficult to systematically compare and evaluate these techniques. A structured analysis of this research landscape is therefore essential.

The aim of this work is a:

• literature review of hardware-assisted attack detection mechanisms,
• with a focus on the HPCs,
• analysing the detection methodologies,
• and summarizing the key findings.

References:

[1] Foreman, James Christopher. "A survey of cyber security countermeasures using hardware performance counters." arXiv preprint arXiv:1807.10868 (2018).

[2] C. Li and J. -L. Gaudiot, "Detecting Malicious Attacks Exploiting Hardware Vulnerabilities Using Performance Counters," 2019 IEEE 43rd Annual Computer Software and Applications Conference (COMPSAC), Milwaukee, WI, USA, 2019, pp. 588-597, doi: 10.1109/COMPSAC.2019.00090.

VOLE-in-the-Head [1] is a relatively new zero-knowledge proof technique that is built upon the MPC-in-the-Head concept. Using this technique, post-quantum secure signatures can be obtained. In the recently started on-ramp signature call by NIST, FAEST [2] is one candidate that uses the VOLE-in-the-Head concept.

In this work, the student should get an overview of the VOLE-in-the-Head framework and explain it's basic concepts and how the signature scheme FAEST is constructed from it.

References:

• [1] https://link.springer.com/chapter/10.1007/978-3-031-38554-4_19
• [2] https://faest.info/resources.html

With the increasing complexity and cost of chip manufacturing, design houses must find ways to prevent competitors from gaining knowledge of their ICs through reverse engineering. Within these chips, the FSM control circuitry is usually completely custom to a design, making it especially worthy of protection. Anti-reverse engineering (anti-RE) attempts aim to thwart the recovery of correct circuit functionality by obfuscating the chip at the netlist or gate level. In recent years, many obfuscation techniques have been proposed for combinatorial circuits, along with de-obfuscation attacks that break most of these schemes. Similar approaches can be applied to sequential FSM circuits.

The scope of this work is a summary of anti-RE techniques for FSMs. In addition, existing attacks on these strategies should be evaluated.

References:

[1] H. M. Kamali, K. Z. Azar, F. Farahmandi, and M. Tehranipoor, “Advances in Logic Locking: Past, Present, and Prospects.” Cryptology ePrint Archive, Paper 2022/260, Mar. 2022. [Online]. Available: https://eprint.iacr.org/2022/260/20220302:140658

Conduct a literature review on replay protection mechanisms for data at rest and data in use. Summarize key approaches, including nonce-based schemes, timestamping, sequence numbers, cryptographic freshness guarantees, and hardware-assisted protections. Compare their effectiveness, performance overhead, common limitations, and implementation challenges.

https://www.vlei.wiki/concept/replay-attack
https://rwc.iacr.org/2016/Slides/RWC_2016_Gueron_2016_01_08.pdf

Classical power or electro-magnetic side-channel analysis requires knowledge of either an input or output of a computation to extract a secret value, e.g. a cryptographic key, based on statistical correlation of intermediate values involving both the known and the secret value to observable leakages. Blind side-channel analysis aims to extract secret values solely by exploiting the joint distributions of observable leakages.

The goal of this seminar is to provide an overview on approaches to blind side-channel analysis.

[1] C. Clavier and L. Reynaud, ‘Improved Blind Side-Channel Analysis by Exploitation of Joint Distributions of Leakages’, in Cryptographic Hardware and Embedded Systems -- CHES 2017, 2017, pp. 24–44. [2] A. Rezaeezade, T. Yap, D. Jap, S. Bhasin, and S. Picek, ‘Breaking the blindfold: deep learning-based blind side-channel analysis’, in Proceedings of the 34th USENIX Conference on Security Symposium, Seattle, WA, USA, 2025.

While CMOS flash, DRAM, and SRAM dominate the memory market, they are far from the only memory technologies which can be integrated into silicon, with other like PCM or FeRAM being in use for significant time as well. A number of emerging technologies are starting to be available in off-the-shelf chips and hence it becomes even more relevant to investigate possible physical attacks on these technologies.

Some research details data extraction via atomic force microscopy on RRAM [1] or STT-MRAM [2]. Other techniques, such as laser-voltage probing might be applicable as well and should be investigated.

The aim of this work is a

• literature review of practical physical attacks on emerging memories,
• summarising the apparent capabilities of the mounted attacks, and
• identifying gaps in the current research landscape.

[1] https://ieeexplore.ieee.org/document/10249197
[2] https://ieeexplore.ieee.org/document/10691262

An often-cited advantage of key storage with physical unclonable functions (PUFs) is that protection mechanisms for stored cryptographic keys need only be active during runtime. Since the secret only exists while the device is active, expensive secure non-volatile storage is no longer needed.

A comprehensive evaluation of such claims however, needs a clearly defined attacker model. Especially in the domain of memristor-based PUFs, discussions of attacker capabilities have been far from commonplace. In the subfield of MRAM-based PUFs, research into this domain has begun, with works discussing attacks and countermeasures [1].

The aim of this work is a

• literature review of MRAM-based PUFs with a
• focus on their explicit and implicit security assumptions,
• summarising the results into predominant categories for attacker models.

[1] https://doi.org/10.1002/aelm.202500814

As the development of neural networks requires large amounts of data, expertise, and resources, they are considered valuable intellectual property. This necessitates research into possible attack vectors that could enable the extraction of neural network model parameters. One such attack vector are the memory access patterns of a neural network during inference.

The goal of this seminar is to provide an overview on memory access pattern side channel attacks against neural networks.

[1] X. Hu, L. Liang, S. Li, L. Deng, P. Zuo, Y. Ji, X. Xie, Y. Ding, C. Liu, T. Sherwood, et al. DeepSniffer: A DNN model extraction framework based on learning architectural hints. In ACM International Conference on Architectural Support for Programming Languages and Operating Systems, 2020.

The core of most ciphers and hash functions is a small substitution table, the S-Box, which provides the confusion and diffusion needed for a good cryptographic security. While such table look-ups are trivial in software, the efficient implementation in hardware modules is still an open question. Various heuristics have been proposed to minimize the area and latency of such almost random circuits.

The task of this seminar is to present and compare several such algorithms.

[1] Y. Jeon et al.: Framework for Generating S-Box Circuits with Boyar–Peralta Algorithm-Based Heuristics, https://tches.iacr.org/index.php/TCHES/article/view/11940/11800