Titulo Estágio
Firmware Encryption – Product Security Intern
Local do Estágio
Logitech Europe S.A., EPFL Quartier de l Innovation Daniel Borel Innovation Center, CH-1015 Lausanne
Enquadramento
Firmware encryption mechanisms are sensitive to key extraction through side channel attacks. These
attacks can be either based on Time, Power consumption, or Electromagnetic field analysis. In this
internship the intern will be able to contribute to the Product Security effort at Logitech, by learning,
applying, and researching side channel attacks and mitigations on different types of hardware.
Objetivo
The objective of this internship is to complete:
• Side channel attacks on firmware encryption to recover the encryption key
• Investigate possibilities to prevent such attack
• Implement secure firmware encryption mechanisms (secure against side channel attacks).
Plano de Trabalhos - Semestre 1
Semestre 1 (Tempo parcial 32h/s):
T1. Setup and lab preparation. Get familiar with the oscilloscope and prepare the devices and computer to
extract power traces with the tools available in the lab. Analyse and understand the inner workings of
the Advanced Encryption Standard.
T2. Learn hardware architecture and its interaction with firmware software.
T3. Record power usage tracing from the firmware encryption process of different hardware devices.
T4. Develop a program to extract the encryption keys of the devices, by reverse engineering the AES
encryption process and correlating results.
T5. Write the intermediate report.
Plano de Trabalhos - Semestre 2
Semestre 2 (Tempo inteiro 40h/s):
T6. Prepare and present the obtained results and proof of concept to stakeholders.
T7. Research state of the art mechanisms and possibilities to prevent such side channel attacks (key
extraction via Power Consumption analysis).
T8. Discuss the identified mechanisms and mitigations.
T9. Implement a software-based solution to enforce secure firmware encryption (secure against side
channel attacks). Evaluate its effectiveness.
T10.
Write the final report.
Condições
Condições:
-Requirements: embedded software development, signal processing, statistics.
- Strong interest in current cyber security developments.
-Has a fluent English level.
-A lunch card is provided to be used in nearby restaurants.
-The candidate will be assigned the necessary informatic and lab resources.
Observações
-
Orientador
Nabil Hamzi
nhamzi@logitech.com 📩