Projects for students

Project topic #1
Title: Template attacks for modern embedded devices
Skills: Signal processing, Side-channel analysis, Machine learning 
Type: Master thesis, hands-on in the lab
Supervisor:  Lejla Batina
Daily supervisor: Vahid Jahandideh 

Description: An essential part of a side-channel attack is finding a suitable leakage model. A leakage model is a function that links side-channel measurements, such as power traces, with the realized values in the target device. Hamming weight is a popular approach due to its simplicity, but it is  probably not optimal. A multi-dimensional Gaussian template with weighted bits is an example of a more elaborate leakage model that requires prepossessing. Learning-based leakage modeling, such as template attacks, is another approach. The cost of building a template in most of these methods depends on the bit-width of the implementations. With emerging  {32, 64, 128, 512}-bit devices, some of the existing leakage modeling techniques are computationally unaffordable. In this project, you will explore current and evolving methods for leakage templating and model parameter estimations suitable for various bit widths. 
The work of [1] is an excellent introduction to leakage modeling. For more recent results, you can look at [2] and [3], which give an example of an ML-based approach.

Related work:

  1. A Stochastic Model for Differential Side Channel Cryptanalysis.
  2. A Novel Completeness Test and its Application to Side Channel Attacks and Simulators.
  3. Support Vector Regression: Exploiting Machine Learning Techniques for Leakage Modeling.

Project topic #2
Title: Masking
cryptographic implementations against side-channel attacks
Skills: Side-channel analysis
Type: Master thesis, hands-on in the lab
Supervisor: Lejla Batina
Daily supervisor: Vahid Jahandideh

Description: Currently, many algorithms for masking a cipher are presented in the literature. Examples include high-order boolean, threshold,  parallel, and domain-oriented masking. Some techniques are suitable for software implementations, and others are more hardware-oriented. Designing a masking scheme is more challenging if side-channel resilience is required. In this project, first, we need to review existing masking approaches and then apply them to some of the ciphers designed within our group.
F
or an introduction to side-channel and masking, see [1]. You can find parallel masking in [2] and the domain-oriented approach in [3]. Consult [4] for more recent research on making techniques. The issue of low-noise masking is discussed in [5].

Related work:

  1. Power Analysis Attacks Revealing the Secrets of Smart Cards.
  2. Parallel Implementations of Masking Schemes and the Bounded Moment Leakage Model.
  3. Domain-Oriented Masking: Compact Masked Hardware Implementations with Arbitrary Protection Order 
  4. Side-Channel Masking with Common Shares. 
  5. Breaking Masked Implementations with Many Shares on 32-bit Software Platforms.


Project topic #3
Title: Software optimization for NIST-LWC candidates
 
Skills: Experience with C/C++ Programming
Type: Bachelor / Master thesis, hands-on in the lab
Supervisor:  Lejla Batina
Daily supervisor: Vahid Jahandideh 

Description: For most of the lightweight NIST candidates, there are a lot of possibilities for developing architecture-specific codes or improving (optimization or bit-slicing for) existing codes. Most candidates lack implementations for popular architectures such as ARM, RISC-v, Intel-SSE, and Intel-AVX.  For this project, you need to have good C/C++ coding skills. To get an initial sense of questions that are addressable with architecture-based optimization, see [1]. The output of this project most likely can be code contributing to the GitHub repository of the candidates. See [2] for a list of candidates and their current state of implementation.

Related work:

  1. Chapter two of Hacker’s Delight 
  2. NIST lightweight cipher design competition.

Project topic #4
Title:
Using information-theoretic approaches to find bounds on the performance of machine learning techniques in SCA
Skills: Information theory, Side-channel analysis, Machine learning
Type: master thesis project
Supervisor: Lejla Batina
Daily supervisor: Vahid Jahandideh 

Description: Information theory is influential in many areas, including side-channel analysis, where It has been used in numerous side-channel papers. Still, research is ongoing to obtain new information-theoretic bounds for the success rate of side-channel attacks. See [1] as a recently published paper in this field. Also, see [2] for more practical information-theoretic bounds. There is also a mathematical reduction from noisy measurements to random noiseless values in [3]. In this project, we obtain new results in this field by combining the idea of the reduction with existing information-theoretic bounds.

Related work:

  1. On the Success Rate of Side-Channel Attacks on Masked Implementations. 
  2. Perceived Information Revisited.
  3. Unifying Leakage Models: from Probing Attacks to Noisy Leakage.

Project topic #5
Title: A Scalable SIMD RISC-V based Processor with Customized Vector Extensions for Xoodoo 
Skills:  RISC-V knowledge, VHDL, Verilog, Cryptography knowledge 
Type: Internship / Master thesis
Supervisor:  Lejla Batina
Daily supervisor: Parisa Eliasi

Description: Xoodyak is a highly valuable candidate in the NIST Lightweight Cryptography (LWC) competition. Xoodyak relies on the Xoodoo permutation, which operates on internal states of size 384 bits, represented as a 3*4*32-bit matrix. The Xoodoo permutation can benefit from speedup through parallelization. In this project, we aim to explore the potential of parallelization of the Xoodoo permutation in RISCV-based processors through custom vector extensions on 32-bit and 64-bit architectures. Then a SIMD processor written in SystemVerilog and can support RISC-V instruction set architecture (ISA) and RISC-V vector extensions will be used to investigate the performance improvement of the Xoodyak with the goals of low latency and high throughput.

Related work:

  • Maximizing the Potential of Custom RISC-V Vector Extensions for Speeding up SHA-3 Hash Functions

Project topic #6
Title: Title Acoustic injection attacks on MEMS accelerometers 
Skills: signal processing, programming, knowledge about MEMS sensors, control theory
Type:
Supervisor:  
Lejla Batina
Daily supervisor: Parisa Eliasi

Description: It has been shown that nearby emitting acoustics could damage the integrity of a MEMS sensor’s digital outputs at resonant frequencies of the sensor. Conducted experiments show that the hardware security flaws in amplification and filtering circuits of MEMS sensors (MEMS accelerometer and MEMS gyroscope) represent the root causes of the vulnerabilities. The goal of this internship is to control the time series output of the sensor. To this end, the fluctuating false measurements should be stabilized into constant ones. This can be done by injecting an acoustic sinusoidal signal at the resonance frequency. The desired output signal is then reshaped by modulating it on top of the acoustic sinusoidal signal. However, the resonant frequencies of MEMS accelerometers are over a range, and it can deviate in each measurement. We want to design a feedback circuit to control the output series automatically by correcting the resonance frequency. 

Related work:

  • WALNUT: Waging Doubt on the Integrity of MEMS Accelerometers with Acoustic Injection Attacks

Project topic #7
Title:
Feature collection framework for Micro-architectural leakage assessment
Skills: Python programming, Pandas data frame, QEMU.
Type: Internship / Master thesis
Supervisor:  Lejla Batina
Daily supervisor: Omid Bazangani

Description: By profiling assembly instructions, operand values, and memory transactions in an ARM Cortex-M microcontroller, it’s possible to investigate micro-architectural leakages. One of the bottlenecks for this feature extraction is considering all the variations of assembly instructions and applying optimizations to the dataset creation process. The framework already exists to add more instruction supports and optimizations. Most optimizations would be related to speeding up the feature extraction and dataset preprocessing process. All the development would be in Python programming language.   

Related work: 

  • Towards Practical Tools for Side Channel Aware Software Engineering: `Grey Box' Modelling for Instruction Leakages
  • Reverse Engineering the Micro-Architectural Leakage Features of a Commercial Processor

Project topic #8
Title: Profile the
ALU micro-architecture leakage of an ARM Cortex-M3 microcontroller.
Skills: Python programming, QEMU, Embedded System, GDB, Side-Chanel
Type: Internship / Master thesis
Supervisor: Lejla Batina
Daily supervisor: Omid Bazangani

Description: By profiling assembly instructions, operand values, and memory transactions in an ARM Cortex-M microcontroller, it is possible to investigate micro-architectural leakages in this platform. In this project, we will look at the ALU component of an ARM Cortex-M3 microcontroller and profile the aforementioned features. By implementing a TVLA test, we can assess the ALU's leakage and pinpoint the assembly instructions responsible for the leaks.
Firmware draft and Python scripts for this project already exist and need to be compatible with a new target on the ChipWhisperer platform. 

Related work: 

  • Towards Practical Tools for Side Channel Aware Software Engineering: `Grey Box' Modelling for Instruction Leakages
  • Reverse Engineering the Micro-Architectural Leakage Features of a Commercial Processor
  • MIRACLE: MIcRo-ArChitectural Leakage Evaluation

Project topic #9
Title: Side-channel analysis on RISCV
Skills: programming (C/C++), signal processing
Type: Internship / Master thesis
Supervisor:  Lejla Batina
Daily supervisor: Léo Weissbart 

Description: Implementation and evaluation of cryptographic algorithm on RISCV platform. The platform for development is a RISCV SCA evaluation platform (a.k.a. Saidoyoki). The Worcester Polytechnic Institute (WPI) has designed the board as a hardware and software side-channel test platform. It has two chips with various cryptographic coprocessors: three different versions of AES and ASCON.

Related work: 


Project topic #10
Title: Hardware design for triggering based on real-time signal processing
Skills: Hardware design, signal processing
Type: Internship / Master thesis
Supervisor:  Lejla Batina
Daily supervisor: Léo Weissbart 

Description: In the side-channel analysis and fault injection, generating a trigger pulse at the right time is essential. However, programs running on top of an OS are highly sensitive to clock jitter, and random program interrupts. This phenomenon makes it difficult for an evaluator in academia to do SCA and can lead to inaccurate timing of the injection of faults, measuring too long a time window, slowing down the data acquisition process, collecting too much data, and leading to strongly misaligned traces. A solution is to detect a pattern in the signal just before the point a fault should be injected, or measurement should start and send a trigger in real-time. We would use an FPGA-based platform (e.g., Basys3, Zedboard, or a cheaper FPGA board) to make a design that could generate a trigger pulse after real-time detection of a pattern in a side-channel power trace.


Project topic #11
Title: Implementing neural network SCA attacks in Riscure Inspector
Skills: Programming (Java)
Type: Bachelor thesis / Internship
Supervisor:  Ileana Buhan
Daily supervisor: Péter Horváth

Description: Riscure Inspector is a side-channel evaluation software that provides several tools to aid side-channel analysis. Most of the modules in Inspector are aimed at attacking cryptographic implementations. It lacks support for attacking different neural network algorithms (such as convolutional layers) but allows users to implement their own modules into the tool.
Therefore, the student would implement efficient modules that cover fundamental neural network layers (e.g. convolutional, fully-connected) with different activation layers (e.g. ReLU, Sigmoid) in Java to integrate them into Riscure Inspector. Furthermore, the implemented modules would be expected to facilitate attacks like Differential Power Analysis (DPA) on the implemented layers. 

Related work:

  • CSI--NN: Reverse Engineering of Neural Network Architectures Through Electromagnetic Side Channel. Batina et al. (2019)
  • https://cs230.stanford.edu/syllabus/ (to get familiar with neural networks)

Project topic #12
Title: Screen Gleaning for digital transmission protocols
Skills: Signal processing, side-channel analysis, machine learning 
Type: Internship / Master thesis, hands-on in the lab
Supervisor:  Lejla Batina
Daily supervisor: Dirk Lauret, Zhuoran Liu

Description: Screen Gleaning attack demonstrated that leakages from mobile phone displays can be captured and used to reconstruct the screen's contents [1]. This attack, however, could only be performed at very small distances (up to several centimeters). This attack was extended further to increase the distance between the attacker and the device up to a meter [2]. This project will extend the Screen Gleaning approach and dive deeper in the techniques used to capture digital signals at a distance. Your tasks will include applying the approach used for Screen Gleaning to different digital transmission protocols, like HDMI.

Related work:

  1. Screen Gleaning: A Screen Reading TEMPEST Attack on Mobile Devices Exploiting an Electromagnetic Side. NDSS 2021.
  2. Screen Gleaning Exploration of the Display Cable Side-Channel. https://pure.tue.nl/ws/portalfiles/portal/198803500/Lauret_D.pdf

Project topic #13
Title: Deep
learning side-channel analysis on masked FPGA implementation of the AES
Skills: Machine learning, side-channel analysis, (preferably) hardware description language (e.g., Verilog)
Type: Master thesis project
Supervisor: Lejla Batina
Daily supervisor: Zhuoran Liu

Description: State-of-the-art side-channel attacks leverage machine learning methods to predict cryptographic keys from side-channel measurements [1, 2, 3], e.g., power traces. Currently, most methods need expert knowledge to pre-process the trace data, e.g., manually clip or align traces based on observations [2]. Deep learning methods make it possible to automate the feature engineering process, however still difficult in some cases, especially for raw traces. In this project, we focus on creating an end-to-end deep learning model that looks at power traces collected from the SMAesH implementation [4]. 

Related work:

  1. SoK: Deep Learning-based Physical Side-channel Analysis. ACM Computing Surveys, 2023.
  2. Generic Attacks against Cryptographic Hardware through Long-Range Deep Learning. arXiv 2023.
  3. Side Channel Analysis against the ANSSI’s protected AES implementation on ARM. JCEN 2023.
  4. https://github.com/simple-crypto/SMAesH-challenge. 2023.

Project topic #14
Title: Availability data poisoning for privacy protection in machine learning.
Skills
: Python and PyTorch, machine learning. 
Type: Internship / Master thesis
Supervisor: Lejla Batina
Daily supervisor: Zhuoran Liu

Description: Perturbative Availability Poisoning (PAP) is a promising method to protect users’ data from being mis-used [1, 2]. However, when mixed with clean data, PAPs can still contribute to learning [3]. One preliminary hypothesis behind this observation is that a small proportion of clean training data dominates the training process, defeating the influence of PAPs. Under the dominant representation model, poisoned patterns in PAPs are suppressed, and regular patterns can still contribute to the task. Another preliminary hypothesis is that the interrelationship of PAPs is kept, contributing to the learning task. This project will refine/enrich current hypotheses and validate them through experiments.

Related work:

  1. Unlearnable Examples: Making Personal Data Unexploitable. ICLR 2021.
  2. Adversarial Examples Make Strong Poisons. NeurIPS 2021.
  3. Image Shortcut Squeezing: Countering Perturbative Availability Poisons with Compression. ICML 2023.

Project topic #15
Title:
Python Library for Deep Learning based Side-Channel Analysis (DL-SCA)
Skills: Python programming
Type: Bachelor thesis / Internship
Supervisor: Ileana Buhan
Daily supervisor: Abraham Basurto

Description: Side-channel attacks exploit information leaked from the physical implementations of cryptographic algorithms. Applying Machine Learning techniques to defeat cryptographic implementations, particularly Deep Learning techniques, is a very actively researched topic with great potential.
Getting started with DL-SCA can be a real challenge, even for those familiar with side-channel analysis. The concepts, tools, and resources required for a basic setup can be daunting.
Through this project, we aim to make DL-SCA more accessible to newcomers and help practitioners by creating a Python library that provides the base infrastructure on which users can learn and build to create more advanced functionality as they gain experience. 

Related work:


Project topic #16
Title:
VHDL Implementation of  cryptographic permutations
Skills: Basic knowledge of VHDL
Type: Bachelor thesis / Internship
Supervisor: Lejla Batina
Daily supervisor: Konstantina Miteloudi

Description: Several cryptographic permutations have a round function that is almost shift-invariant. This project focuses on the hardware implementation of one of the permutations with almost shift-invariant round functions: AES unkeyed, Salsa, or Chacha. 
The primary objective is to understand the challenges of implementing these permutations in VHDL. By the end of this internship, the students will have enhanced their VHDL coding skills but also they will have identified and overcome challenges of the hardware implementation of cryptographic primitives.


Project topic #17
Title:
VHDL Implementation of the ROCKY countermeasure in cryptographic algorithms
Skills: Basic knowledge of VHDL
Type: Bachelor thesis / Internship
Supervisor: Lejla Batina
Daily supervisor: Konstantina Miteloudi

Description: The ROCKY countermeasure has been designed to protect cryptographic algorithms against fault attacks. This project focuses on applying ROCKY to existing VHDL implementations of one of the following cryptographic algorithms: Keccak, Subterranean, or ASCON. 
The primary objective is to integrate ROCKY into these algorithms and understand the challenges associated with such an implementation in VHDL. By the end of this internship, students will have deepened their VHDL coding skills and also gained experience in integrating countermeasures.

Related work: