Difference between revisions of "Available Master Projects"

From CryptoLUX
Jump to: navigation, search
Line 125: Line 125:
  
  
 +
* '''Simple Power Analysis of Public-Key Cryptosystems'''
  
 +
The actual security of a cryptographic system depends not only on the cryptanalytic complexity of the underlying algorithm, but also on the quality of its implementation. This became apparent in the late 1990's with the
 +
emergence of so-called [http://en.wikipedia.org/wiki/Side_channel_attack Side-Channel Analysis (SCA)], a special form of cryptanalysis that exploits measurable physical phenomena (e.g. variations in execution time, power consumption, electromagnetic emanation, etc.) of a device executing a cryptographic algorithm to reveal information about the secret key. One of the most practical variants of SCA is Simple Power Analysis (SPA), an attack that requires only one (or a few) power consumption traces of a device to obtain bits of the key. A common countermeasure to thwart SPA is to implement a cryptographic algorithm in a "regular" way such that always exactly the same sequence of instructions is executed. Even though this countermeasure is very common in practice, there exist only few studies that investigate the actual SPA protection such an approach can achieve. The goal of this project is to mount SPA attacks on software implementations of different public-key cryptosystems (e.g. RSA, ECC) executed on an embedded microcontroller and to develop new SPA countermeasures.
  
 +
Required skills:
 +
 +
- Basic programming skills in C and ARM assembly language
 +
 +
- Interest in software development for embedded microcontrollers
 +
 +
- Experience in performing power measurements with an oscilloscope is a plus
 +
 +
Contact: [[Alex Biryukov]] and [http://lacs.uni.lu/members/johann_groszschaedl Johann Großschädl].
 +
 +
 +
<!--
 
* '''Lightweight Cryptography for Wireless Sensor Networks'''
 
* '''Lightweight Cryptography for Wireless Sensor Networks'''
 
A Wireless Sensor Network (WSN) is a network consisting of a (potentially very large) number of autonomous devices, so-called motes, which are deployed in the environment to cooperatively monitor [http://www.nsf.gov/news/special_reports/sensor/overview.jsp physical conditions]. In fact, WSNs are a prime example of what is often referred to by such buzz phrases like "pervasive computing," "smart dust," or the "internet of things". The magazine Technology Review listed WSNs among [http://www.gap-optique.unige.ch/HomeExtras/MIT/10%20Emerging%20Technologies%20That%20Will%20Change%20the%20World.htm 10 emerging technologies that will change the world]. Today, WSNs play a vital role in a multitude of applications ranging from environmental surveillance over medical monitoring to home automation.
 
A Wireless Sensor Network (WSN) is a network consisting of a (potentially very large) number of autonomous devices, so-called motes, which are deployed in the environment to cooperatively monitor [http://www.nsf.gov/news/special_reports/sensor/overview.jsp physical conditions]. In fact, WSNs are a prime example of what is often referred to by such buzz phrases like "pervasive computing," "smart dust," or the "internet of things". The magazine Technology Review listed WSNs among [http://www.gap-optique.unige.ch/HomeExtras/MIT/10%20Emerging%20Technologies%20That%20Will%20Change%20the%20World.htm 10 emerging technologies that will change the world]. Today, WSNs play a vital role in a multitude of applications ranging from environmental surveillance over medical monitoring to home automation.
Line 140: Line 155:
  
 
Contact: [http://lacs.uni.lu/members/johann_groszschaedl Johann Gro&szlig;sch&auml;dl]  
 
Contact: [http://lacs.uni.lu/members/johann_groszschaedl Johann Gro&szlig;sch&auml;dl]  
 +
-->
  
 
<!--
 
<!--

Revision as of 14:57, 15 December 2014

Master Project topics for Uni.lu and Erasmus students

We are looking for capable students who would like to do their master/bachelor thesis or a semester project. Below is the list of open topics. Student jobs related to these projects are also available upon request. These projects can be done also in collaboration with external university. Foreign students may look for financial support from Erasmus Mundus programme.


  • Proof-of-Work as Anonymous Micropayment

This project is to implement Proof-of-Work as a way for micropayment. This can be done on example of Tor relays providing extended services to clients who mine alt-currencies. This can be also done for news-websites and other cases. In case of Tor, clients do not pay Tor relays with electronic cash directly but submit proof of work shares which the relays can either resubmit to a crypto-currency mining pool or become mining pools by themselves. Relays credit users who submit shares with tickets that can later be used to purchase improved service.

This is a followup project for our work, which is to appear at Financial Crypto 2015 conference.

Contact: Alex Biryukov and Ivan Pustogarov


De-obfuscator toolkit

Obfuscation is the deliberate act of making source code or machine code difficult for humans to understand. Programmers may deliberately obfuscate code to conceal its purpose or its logic, in order to prevent tampering and reverse engineering difficult. Programs known as obfuscators transform readable code into obfuscated code using various techniques.

Recently an open source obfuscator based on LLVM was released (see @ollvm) and with this new development we believe that obfuscation will become mainstream. Conversely to what many people believe, good obfuscation is not easy to achieve. When analyzing security of a software application understanding the complexity of the obfuscator used is of the essence.

Research question: Can you build a tool to remove obfuscation applied by state-of-the-art tools?

Expected outcome

- Toolkit that can be used to de-obfuscate:

- Code flattening

- Opaque predicates

- Bogus control flow


Skills

- SW Reverse Engineering - Program analysis - Compiler design

Contact: Ileana Buhan and Alex Biryukov This is an internship project in a Dutch company Riscure.


WhiteBox attacks toolkit

Whitebox cryptography is an implementation of a cryptographic algorithms in software, in such a way that an attacker with full access to the software is not able to gain any advantage compared to a black box attacker. For example, it should not be possible to obtain key information directly from memory, or intermediate results from the cryptographic algorithm. This research focuses on attempting to recover key information by performing side channel analysis (e.g. MIA or similar attacks) on whitebox implementations.

Research question: Can you build a toolkit to extract keys from white-box crypto implementations?

Expected outcome

- state-of-the-art study

- implement well-known attacks

- research new WBC attack methods

- feasibility study

- prototype attack code

Skills:

- SW Reverse Engineering - Program analysis - Cryptographic attacks

Contact: Ileana Buhan and Alex Biryukov This is an internship project in a Dutch company Riscure.


Evaluation of state-of-the-art side channel techniques on real-life targets

Research papers suggest many promising techniques for side channel analysis (SCA) ranging from signal filtering to attack metrics. The techniques are often supported only with a limited experimental evidence in weak scenarios. As a security testing lab, Riscure is interested in evaluating the reproducibility, effectiveness, and efficiency of the academic advances in the context of security evaluations of embedded devices and integrated circuits.

Examples of the techniques include but are not limited to (to be discussed on individual basis):

- algorithms for full key rank estimation in SCA http://eprint.iacr.org/2014/920

- optimal filtering for side channel trace preprocessing http://cosade.org/cosade14/presentations/session7_a.pdf

Here and here are more details.

Research questions: is an SCA technique reproducible for one or two real-life targets?

Expected outcome:

- prototype tool to apply the attack and interpret results

- methodology for application of the technique

- related literature study

- master thesis

- preferably a publication

- familiarity with side channel evaluations of embedded targets


Skills: - basic crypto and embedded security - statistics and/or signal processing - scientific programming (Python, MATLAB, Java)

Contact: Ilya Kizhvatov and Alex Biryukov This is an internship project in a Dutch company Riscure.



  • Pebbling games and their applications in cryptography

This project is to explore relations between pebbling games, proofs of space, memory-hard functions etc. This project is for mathematically/algorithmically inclined students.

Contact: Alex Biryukov and Dmitry Khovratovich for more details.


  • Simple Power Analysis of Public-Key Cryptosystems

The actual security of a cryptographic system depends not only on the cryptanalytic complexity of the underlying algorithm, but also on the quality of its implementation. This became apparent in the late 1990's with the emergence of so-called Side-Channel Analysis (SCA), a special form of cryptanalysis that exploits measurable physical phenomena (e.g. variations in execution time, power consumption, electromagnetic emanation, etc.) of a device executing a cryptographic algorithm to reveal information about the secret key. One of the most practical variants of SCA is Simple Power Analysis (SPA), an attack that requires only one (or a few) power consumption traces of a device to obtain bits of the key. A common countermeasure to thwart SPA is to implement a cryptographic algorithm in a "regular" way such that always exactly the same sequence of instructions is executed. Even though this countermeasure is very common in practice, there exist only few studies that investigate the actual SPA protection such an approach can achieve. The goal of this project is to mount SPA attacks on software implementations of different public-key cryptosystems (e.g. RSA, ECC) executed on an embedded microcontroller and to develop new SPA countermeasures.

Required skills:

- Basic programming skills in C and ARM assembly language

- Interest in software development for embedded microcontrollers

- Experience in performing power measurements with an oscilloscope is a plus

Contact: Alex Biryukov and Johann Großschädl.