ECE 5520 - Secure Hardware Design

	ECE 5520: Secure Hardware Design Spring 2010 Instructor: Patrick Schaumont Prerequisites: ECE 4514 (or equivalent). Students need an understanding of contemporary digital design using a hardware description language. Syllabus (spring 2010) Summary: Design and implementation of secure hardware at multiple levels of abstraction, covering cryptographic hardware primitives, cryptographic modules, and trusted platforms. Reverse engineering of cryptographic modules using passive attacks, active attacks, and cryptanalytic techniques. Countermeasures against reverse engineering. The course uses case studies and literature surveys to reflect on the state-of-the-art in secure hardware implementation. Cryptography theory is covered on an as-needed basis. Text Book: This course is based in part on the following references. Understanding Cryptography [Online Version] by C. Paar and J. Pelzl (Springer 2009) Cryptographic Algorithms on Reconfigurable Hardware [Online Version] by F. Rodriguez-Henriquez, N. A. Saqib, A. Diaz-Perez, and C. K. Koc (Springer 2007) Cryptographic Engineering [Online Version] by Cetin Kaya Koc, Ed. (Springer 2009) Power Analysis Attacks: Revealing the secrets of smartcards, [Online Version] by Stefan Mangard, Elisabeth Oswald, Thomas Popp (Springer 2007). Secure Telecommunication Systems, Course notes and slides by Kris Gaj, George Mason University Cryptography and Computer Network Security, Course notes and slides by Kris Gaj, George Mason University Additional References: Synthesis of Arithmetic Circuits: FPGAs, ASICs, and Embedded Systems by Jean-Pierre Deschamps, Gery Bioul, Gustavo Sutter (Wiley 2006). Synthesis of Arithmetic Circuits: FPGAs, ASICs, and Embedded Systems by Jean-Pierre Deschamps, Gery Bioul, Gustavo Sutter (Wiley 2006). Cryptography Engineering, by Niels Ferguson, Bruce Schneier, and Tadayoshi Kohno (Wiley 2010). Handbook of Applied Cryptography, by A.J. Menezes, P.C. van Oorschot, S.A. Vanstone, CRC Press, 1996. Guide to Elliptic Curve Cryptogrpahy by Darrel Hankerson, Scott Vanstone and Alfred Menezes (Springer 2004) A Classical Introduction to Cryptography by S. Vaudenay (Springer 2006) Elementary Number Theory, Cryptography and Codes by M. W. Baldoni, C. Ciliberto and G. M. P. Cattaneo (Springer 2009) Encyclopedia of Cryptography and Security by H. van Tilborg, Ed. (Springer 2005) Cryptography in C and C++ by M. Welschenbach (Springer 2005) Questions? Contact the instructor at schaum@vt.edu
	Slides spring 2010
Lecture 1	Introduction What is Secure Hardware Design? The Clipper Chip Basic Crypto Ideas
Lecture 2	Random Number Generators (Principles of Design) Standard requirements for RNG Classification of RNG: Deterministic and Non-deterministic Design of Deterministic RNG Design of Non-deterministic RNG: Entropy, Compression Function, Sources of Entropy
Lecture 3	Random Number Generators (Testing and Examples) Tests on Random Number Generator Probability density function Hypothesis test = statistic + significance Example statistic: Freq test, Runs test Test Suites: DIEHARD, NIST Random Number generator Design DRNG: LCG, RSA TRNG: Epstein, Ring Oscillator, Vasyltsov
Lecture 4	Prime Field Arithmetic: Part 1: Introduction Modular Arithmetic Finite Fields Prime Fields Multiprecision Arithmetic: Multiplication and Squaring Reduction Techniques
Lecture 5	Prime Field Arithmetic Part 2: Montgomery Multiplication & Exponentiation Exponentiation Montgomery Multiplication Montgomery Exponentiation NIST Primes
Lecture 6	Binary Field Arithmetic Part 1: Introduction Polynomial Basis Primitve Polynomial Addition Reduction Multiplication
Lecture 7	Binary Field Arithmetic Part 2: Faster Multiplication Bit-parallel Multiplication Karatstuba Offman Decomposition Montgomery Multiplication Other representations - Normal Basis Summary of Finite Field Arithmetic
Lecture 8	Elliptic Curve Cryptography: The Point Multiplication Elliptic Curves EC Group Structure Adding and Doubling of Points Point Coordinate Systems The Point Multiplication
Lecture 9	Elliptic Curve Cryptography: Efficient Implementation Making signatures with a point multiplication High-speed Point Multiplication on FPGA Hardware-supported ECC Cryptanalysis
Lecture 10	Hash Functions: Design Hash function concepts Merkle-Damgard construction Block-cipher based hash Applications Implementation Example: MD5
Lecture 11	Hash Functions: Implementation Hasing History, SHA-3 Design Example: Whirlpool Hash Module Interfaces
Lecture 12	Block Ciphers: Overview Pipelining/Retiming: Recap Block Cipher Structure: SP Network, Feistel Network, Key Schedule High-throughput Implementation
Lecture 13	Block Ciphers: AES AES History AES Round definition Standard Hardware Mapping SBox Optimization Compact Implementation
Lecture 14	Basics of Side-channel Analysis Logical vs Physical Attacks Timing Power Dissipation: Sources and Models Taking and Using Measurements
Lecture 15	Advanced Side-channel Analysis Simple Power Analysis Differential Power Analysis Example: DPA on AES Hardware Example: DPA on AES Software Multi-bit DPA (CPA) Power Models
Lecture 16	Fault Attacks Types of Faults Fault Models Fault Attacks on Symmetric-Key Algorithms Implementation Atatcks - Summary
Lecture 17	Countermeasures against SCA: Hiding SPA, DPA Hiding: WDDL Implementation Issues: ASIC, FPGA
Lecture 18	Side Channel Countermeasures: Masking SCA Countermeasures: Hiding and Masking Masking Operation Masked Functions Secret Sharing Perfect masking Masked Logic Styles: RSL, MDPL
Lecture 19	Fault-Attacks and Side-channel Analysis on ECC Plain Point Multiplication Double-Add-Always Point Multiplication Doubling Attack Randomized Double-Add-Always Point Multiplication C-Safe Error Attack Montgomery Powering Ladder Point Multiplication Trade-offs between Attacks and Countermeasures
Lecture 20	Secure Processors: Three Examples IBM 4758 AEGIS ARM Trustzone

ECE 5520: Secure Hardware DesignSpring 2010

ECE 5520: Secure Hardware Design
Spring 2010