ECE 5520: Secure Hardware DesignSpring 2010

Instructor: Patrick Schaumont
Prerequisites: ECE 4514 (or equivalent).
Students need an understanding of contemporary digital design using a hardware description language.

Syllabus (spring 2010)

Summary: Design and implementation of secure hardware at multiple levels of abstraction, covering cryptographic hardware primitives, cryptographic modules, and trusted platforms. Reverse engineering of cryptographic modules using passive attacks, active attacks, and cryptanalytic techniques. Countermeasures against reverse engineering. The course uses case studies and literature surveys to reflect on the state-of-the-art in secure hardware implementation. Cryptography theory is covered on an as-needed basis.

Text Book:
This course is based in part on the following references.

Questions? Contact the instructor at schaum@vt.edu

Slides spring 2010
Lecture 1 Introduction
• What is Secure Hardware Design?
• The Clipper Chip
• Basic Crypto Ideas
Lecture 2 Random Number Generators (Principles of Design)
• Standard requirements for RNG
• Classification of RNG: Deterministic and Non-deterministic
• Design of Deterministic RNG
• Design of Non-deterministic RNG: Entropy, Compression Function, Sources of Entropy
Lecture 3 Random Number Generators (Testing and Examples)
• Tests on Random Number Generator
• Probability density function
• Hypothesis test = statistic + significance
• Example statistic: Freq test, Runs test
• Test Suites: DIEHARD, NIST
• Random Number generator Design
• DRNG: LCG, RSA
• TRNG: Epstein, Ring Oscillator, Vasyltsov
Lecture 4 Prime Field Arithmetic: Part 1: Introduction
• Modular Arithmetic
• Finite Fields
• Prime Fields
• Multiprecision Arithmetic: Multiplication and Squaring
• Reduction Techniques
Lecture 5 Prime Field Arithmetic Part 2: Montgomery Multiplication & Exponentiation
• Exponentiation
• Montgomery Multiplication
• Montgomery Exponentiation
• NIST Primes
Lecture 6 Binary Field Arithmetic Part 1: Introduction
• Polynomial Basis
• Primitve Polynomial
• Reduction
• Multiplication
Lecture 7 Binary Field Arithmetic Part 2: Faster Multiplication
• Bit-parallel Multiplication
• Karatstuba Offman Decomposition
• Montgomery Multiplication
• Other representations - Normal Basis
• Summary of Finite Field Arithmetic
Lecture 8 Elliptic Curve Cryptography: The Point Multiplication
• Elliptic Curves
• EC Group Structure
• Adding and Doubling of Points
• Point Coordinate Systems
• The Point Multiplication
Lecture 9 Elliptic Curve Cryptography: Efficient Implementation
• Making signatures with a point multiplication
• High-speed Point Multiplication on FPGA
• Hardware-supported ECC Cryptanalysis
Lecture 10 Hash Functions: Design
• Hash function concepts
• Merkle-Damgard construction
• Block-cipher based hash
• Applications
• Implementation Example: MD5
Lecture 11 Hash Functions: Implementation
• Hasing History, SHA-3
• Design Example: Whirlpool
• Hash Module Interfaces
Lecture 12 Block Ciphers: Overview
• Pipelining/Retiming: Recap
• Block Cipher Structure: SP Network, Feistel Network, Key Schedule
• High-throughput Implementation
Lecture 13 Block Ciphers: AES
• AES History
• AES Round definition
• Standard Hardware Mapping
• SBox Optimization
• Compact Implementation
Lecture 14 Basics of Side-channel Analysis
• Logical vs Physical Attacks
• Timing
• Power Dissipation: Sources and Models
• Taking and Using Measurements
• Simple Power Analysis
• Differential Power Analysis
• Example: DPA on AES Hardware
• Example: DPA on AES Software
• Multi-bit DPA (CPA)
• Power Models
Lecture 16 Fault Attacks
• Types of Faults
• Fault Models
• Fault Attacks on Symmetric-Key Algorithms
• Implementation Atatcks - Summary
Lecture 17 Countermeasures against SCA: Hiding
• SPA, DPA
• Hiding: WDDL
• Implementation Issues: ASIC, FPGA
Lecture 18 Side Channel Countermeasures: Masking
• SCA Countermeasures: Hiding and Masking
• Secret Sharing