Type of work: Master's thesis / Bachelor's thesis (possibly with adapted content)

Technical background: A forwarding attack is the forwarding of signals to simulate the presence of a device. An example would be forwarding the communication between a wireless car key and the car.

The Konrad Zuse House (Institute of Computer Science) is equipped with mechatronic keys. The key and lock communicate via the 1-wire protocol. 

Task description: The feasibility of a forwarding attack on a mechatronic locking system is to be demonstrated. For this purpose, a mechatronic key is to communicate with the lock over long distances, for example via the Internet.

The following questions are to be answered:

• What protective measures would be possible against such a forwarding attack?
• What protective measures have possibly been implemented in the locking system?
• How high is the risk of such an attack?
• Does the communication between the lock and the key open up further possibilities for attack? What could they be?

Possible work steps:

• Familiarization with the protocols and technologies used
• 1-Wire
• Cryptographic procedures for two-way authentication
• Possible attacks during authentication
• Design of a test setup
• Reading the communication between lock and key
• Analyzing the communication
• Drawing conclusions about the cryptographic methods and key lengths used
• Analysis of possible manipulation options
• Attempts to forward
• Different delays
• Manipulation of messages
• Evaluation and report
• Assessment of the risk
• Derivation of recommendations for action

The exact topic is determined in consultation with the supervisors, taking into account any topics already assigned to other students. It may be possible for several students to work together on different sub-topics. 

Literature and resources:

• Linke, Bernhard, Reading and Writing 1-Wire Devices ThroughSerial Interfaces (Application Note 74), 2009, Maxim Integrated
• Vömel, Christof, et al, The secret life of keys: on the calculation of mechanical lock systems. SIAM Review, 2017, 59th vol. no. 2, pp. 393-422.

Supervisor: Dr. Thomas Mundt (thomas.mundt@uni-rostock.de) 

Prerequisites: None in particular, programming knowledge in a higher programming language is an advantage. A basic understanding of the electrical properties of networks is helpful.