Course detail
Secure Hardware Devices
FIT-BZAAcad. year: 2021/2022
The main goal of the introductory part is to overview existing secure hardware devices. This is leading us toward the area of side channels. A statement that implementation of a device without a side channel is infeasible is guiding us through topics of their seriousness and evaluation. The following part is dedicated to two important attacks on side channels: Timing and power analyses. Timing analysis is applicable not only on secure devices but also on software implementations of security protocols. The simplest secure devices are smart-cards and we go through their design, electrical properties, communication protocols, and overall security. Power and fault analyses are two other very powerful attacks on smart-cards and we dedicate a couple of lectures to their theoretical descriptions and examples of results obtainable through these techniques. The topic of mitigation of side-channels' capacities and especially TEMPEST follow. The last logical part of the lectures belongs to hardware security modules: Evolution, principal applications, definition of API, and attacks on API with demonstrations of common errors.
Language of instruction
Number of ECTS credits
Mode of study
Guarantor
Department
Learning outcomes of the course unit
Students start looking at information systems from an attacker's point of view. They also learn to identify potentially disasterous parts of information systems.
Prerequisites
Co-requisites
Planned learning activities and teaching methods
Assesment methods and criteria linked to learning outcomes
Course curriculum
Work placements
Aims
Specification of controlled education, way of implementation and compensation for absences
Recommended optional programme components
Prerequisites and corequisites
Basic literature
Recommended reading
Cetin Kaya Koc: Cryptographic Engineering, Springer Publishing Company, 2008, ISBN: 0387718168 9780387718163
Debdeep Mukhopadhyay, Rajat Subhra Chakraborty: Hardware Security: Design, Threats, and Safeguards, Chapman and Hall/CRC, 2014, ISBN 9781439895832
Menezes, A.J., van Oorschot, P., Vanstone, S.: Handbook of Applied Cryptography, CRC Press Series on Discrete Mathematics and Its Applications, Hardcover, 816 pages, CRC Press, 1997.
Menezes, A.J., van Oorschot, P., Vanstone, S.: Handbook of Applied Cryptography, CRC Press Series on Discrete Mathematics and Its Applications, Hardcover, 816 pages, CRC Press, 1997, dostupné na http://www.cacr.math.uwaterloo.ca/hac/
Rankl, W., Effing, W.: Smart Card Handbook, John Wiley and Sons, pp. 1120, 3rd edition, 2004.
Elearning
Classification of course in study plans
- Programme IT-MSC-2 Master's
branch MBI , 0 year of study, summer semester, elective
branch MBS , 0 year of study, summer semester, compulsory-optional
branch MGM , 0 year of study, summer semester, elective
branch MIN , 0 year of study, summer semester, compulsory-optional
branch MIS , 2 year of study, summer semester, compulsory-optional
branch MMM , 0 year of study, summer semester, elective
branch MPV , 0 year of study, summer semester, elective
branch MSK , 0 year of study, summer semester, elective - Programme MITAI Master's
specialization NADE , 0 year of study, summer semester, elective
specialization NBIO , 0 year of study, summer semester, elective
specialization NCPS , 0 year of study, summer semester, elective
specialization NEMB , 0 year of study, summer semester, elective
specialization NGRI , 0 year of study, summer semester, elective
specialization NHPC , 0 year of study, summer semester, elective
specialization NIDE , 0 year of study, summer semester, compulsory
specialization NISD , 0 year of study, summer semester, elective
specialization NMAL , 0 year of study, summer semester, elective
specialization NMAT , 0 year of study, summer semester, elective
specialization NNET , 0 year of study, summer semester, elective
specialization NSEC , 2 year of study, summer semester, compulsory
specialization NSEN , 0 year of study, summer semester, elective
specialization NSPE , 0 year of study, summer semester, elective
specialization NVER , 0 year of study, summer semester, elective
specialization NVIZ , 0 year of study, summer semester, elective - Programme RRTES_P Master's
specialization RRTS , 1 year of study, summer semester, compulsory-optional
- Programme MITAI Master's
specialization NISY up to 2020/21 , 0 year of study, summer semester, elective
specialization NISY , 0 year of study, summer semester, elective
Type of course unit
Lecture
Teacher / Lecturer
Syllabus
- Introduction to secure hardware devices mentioning evolution, architectures, and applications. Random number generators (HW + SW).
- Smart-cards - a lecture covering their design, electrical properties, communication protocols. Followed by their security properties and API security.
- Side channels - their importance from the viewpoint of implementations, evaluations, and possible classification.
- Timing analysis from its beginning in 1996 till actual implementations and performed attacks including detailed descriptions and definitions of the conditions necessary for its application.
- Power and fault analyses represent powerful attacks on side channels available on smart-cards.
- IoT security.
- Half-term exam.
- Nonarchitectural Attacks - Specter, Meltdown, Cache Abuse, Predictors, etc.
- Student presentations on selected topics.
- LFSR.
- Protection of devices against side channels, various approaches to protection, principles, influence on the functionality of the devices.
- Reverse Engineering - Techniques, Instruments, Examples.
- Hardware security modules (HSM) and their evolution, main applications including examples of deployment and design of protocols based on HSMs.
Elearning