Secure Hardware Devices

• 39 hrs lectures
• 13 hrs projects

• 51 pts final exam (written part)
• 20 pts mid-term test (written part)
• 29 pts projects

Theoretical and practical proficiency in design of secure information systems based on secure hardware devices. Ability to integrate secure devices (from smart-cards to hardware security modules) and identify weaknesses. Skill in thinking from an attacker's point of view and ability to use it for IS design. Theoretical and practical knowledge of essential attack categories.
Students start looking at information systems from an attacker's point of view. They also learn to identify potentially disasterous parts of information systems.

The course applies knowledge acquired in the courses of Cryptography and Security of Information Systems (although they are not necessary prerequisite) in a particular area. It exends students' proficiency in implementation of secure and cryptographic devices. The goal is to make students search and analyse side-channels (unintended sources of information).

This course is essential to all engineers working in the areas of computer engineering. Students will learn basic principles of information systems security and cryptography in hardware devices. 

• Debdeep Mukhopadhyay, Rajat Subhra Chakraborty: Hardware Security: Design, Threats, and Safeguards, Chapman and Hall/CRC, 2014, ISBN 9781439895832
• Menezes, A.J., van Oorschot, P., Vanstone, S.: Handbook of Applied Cryptography, CRC Press Series on Discrete Mathematics and Its Applications, Hardcover, 816 pages, CRC Press, 1997, dostupné na http://www.cacr.math.uwaterloo.ca/hac/
• Cetin Kaya Koc: Cryptographic Engineering, Springer Publishing Company, 2008, ISBN: 0387718168 9780387718163
• Menezes, A.J., van Oorschot, P., Vanstone, S.: Handbook of Applied Cryptography, CRC Press Series on Discrete Mathematics and Its Applications, Hardcover, 816 pages, CRC Press, 1997.
• Bond, M. K.: Understanding Security APIs, PhD. thesis, Cambridge 2004.
• Rankl, W., Effing, W.: Smart Card Handbook, John Wiley and Sons, pp. 1120, 3rd edition, 2004.

• Introduction to secure hardware devices mentioning evolution, architectures, and applications. Random number generators (HW + SW).
• Smart-cards - a lecture covering their design, electrical properties, communication protocols. Followed by their security properties and API security.
• Side channels - their importance from the viewpoint of implementations, evaluations, and possible classification.
• Timing analysis from its beginning in 1996 till actual implementations and performed attacks including detailed descriptions and definitions of the conditions necessary for its application.
• Power and fault analyses represent powerful attacks on side channels available on smart-cards.
• IoT security.
• Half-term exam.
• Nonarchitectural Attacks - Specter, Meltdown, Cache Abuse, Predictors, etc.
• Student presentations on selected topics.
• LFSR.
• Protection of devices against side channels, various approaches to protection, principles, influence on the functionality of the devices.
• Reverse Engineering - Techniques, Instruments, Examples.
• Hardware security modules (HSM) and their evolution, main applications including examples of deployment and design of protocols based on HSMs.

Control of the study is performed via mid-term exam, completion of due course projects, and final exam. Evaluation of projects is based on the completeness and correctness of the delivered solutions.