Efficient Hardware Implementation of Post-Quantum Cryptography using High-Level Synthesis
by Fabian Buschkowski, Master's Thesis, Ruhr-Universität-Bochum, January 2021.
The implementation of Post-Quantum Cryptography schemes in hardware becomes increasingly important with the NIST post-quantum standardization process coming closer to its end. Implementing in hardware can be a difficult and time-consuming task, and late changes to the design can require an enormous amount of work. The concept of High-Level Synthesis offers a quicker way of creating a hardware implementation by letting a tool transform high-level language code into equivalent hardware description language code. However, the quality of resulting implementations has barely been studied so far. In this work, the use of High-Level Synthesis in the development of hardware implementations of Post-Quantum Cryptography is evaluated, and general strategies for hardware implementations using High-Level Synthesis are developed. For this purpose, High-Level Synthesis is performed on four important components of lattice-based cryptography and the FrodoKEM key encapsulation scheme, and the resulting implementations are compared to existing hardware implementations. Results indicate that High-Level Synthesis can bea very helpful tool for the implementation of Post-Quantum Cryptography in hardware by speeding up the development process while the created implementations perform similarly to the direct hardware implementations.
Security Evaluation of Embedded Devices in the Field of IoT
by Lukas Appelhoff, Bachelor's Thesis, Ruhr-Universität-Bochum, September 2020.
In recent years, a great number of \ac{IoT} devices has been deployed to operation. This wide application of IoT devices sparks interest in their security properties. Many common devices exhibit critical security flaws that are leveraged by adversaries for malicious purposes. This necessitates the security evaluation of these devices before they are deployed to their working destination. Studies in the field of IoT often focus on a particular attack strategy, leading to an incomplete coverage of common attack vectors. Much information is conveyed during conferences, but is not accessible in written form. This thesis provides a comprehensive review of common attack vectors for IoT hacking. Based on this review, all necessary steps for a security assessment are demonstrated in a case study. The security of three devices by Philips, D-Link and Samsung is assessed. In case of the Philips and D-Link devices, this assessment results in a working attack strategy. For all successful attack strategies, countermeasures are recommended and ranked by their beneficial impact on the device's security. While some attack vectors can be remedied by small modifications, others remain due to the lack of hardware security features. The Samsung device shows that good security can be archived by good practices and thoughtful hardware selection.
EM Side-channel Analysis on Smartphone Early Boot Encryption
by Oleksiy Lisovets, Master's Thesis, Ruhr-Universität-Bochum, June 2020.
Modern smartphones often implement boot component encryption in order to addan obstacle for attackers who want to analyse and possibly exploit the device. This gives a false sense of security, as obscurity through encryption does not protect against vulnerabilities. In this thesis EM side-channel is used to analyse the hardware AES implementation ofa smartphone and to recover the hardware fused encryption key. Therefore, a BootROM exploit is used to deploy a payload in boot loader context, which allows communicating with the hardware AES engine. Furthermore, the payloadis used to expose a low latency interface to the CPU by repurposing a hardware button to become a GPIO output, as well as to modify the bootloaders crypto engine invokation function such that the exposed GPIO pin signals start and end of AES decryptions. This is then used as trigger signal which allows performing EM measurements for timing, SNRand correlation analysis, eventually leading to a CPA attack which recovers the hardware fused encryption key. The recovered key allows offline decryption of current and future firmware files for thetarget device model.