Embedded Files
What is this about?
For the (ongoing) course related stuffs, please go this page
Have you heard about the following attacks:
https://www.evona.com/blog/elon-musks-starlink-hacked/
Well, this course is about how you get such expertise. In fact, we shall learn how to hack even more complex mathematical objects -- the cryptographic schemes. We shall learn to recover their secret keys -- the heart of their security.
Cryptography is widely considered the backbone of modern secure computing. Most modern cryptographic primitives and protocols come with elegant definitions and proofs of security, which make them impenetrable in theory. However, the practical picture is different. It has been shown on several occasions that a cryptographic algorithm, if not carefully implemented, may leak its secret within a few seconds through some physical defaults (e.g., power consumption, timing, electromagnetic radiation, or faults) of the system on which it runs. This results in practical attacks on cryptosystems widely known as Side-Channel Attacks (SCA). Currently, such attacks are considered a serious threat by every company in the computing business, especially those working in IoT and embedded systems (Google, NXP, and Apple, to name a few).
This course will look into the (hardware and software) implementation aspects of cryptography, focusing on what causes such attacks and how to prevent them. We shall go deeply into SCA attacks, fault attacks, and timing attacks and discuss recent developments in this area .
The course will have hands-on, so be prepared to code.
Instructor
Sayandeep Saha (sayandeepsaha [at] cse [dot] iitb [dot] ac [dot] in)
Contact Hours
After class, or get an appointment by email
TAs
To be announced soon...
Who can take?
If you are a CSE/EE student (>=2nd year)...
Why to take?
Just for fun....and maybe to join a security team in leading companies like Qualcomm, Apple, Google, Bosch. And to enter the world of security research..
Prerequisites
Basic mathematic skills. Some coding skills in C++/Python. Basic Verilog/VHDL skills will be a plus (but not mandatory). This course will be a mix of theory and practice.
Resources
• Hardware Security Design, Threats, and Safeguards, Debdeep Mukhopadhyay, Rajat Subhra Chakraborty CRC, 2014, Ed. 1
** You can also follow this lecture series as an alternative to this book. However, these lectures are not a replacement to the classes.
• Power Analysis Attacks Revealing the Secrets of Smart Cards, Stefan Mangard , Elisabeth Oswald , Thomas Popp, Springer 2007, Ed. 1
• The Design of Rijndael AES - The Advanced Encryption Standard, Joan Daemen , Vincent Rijmen, Springer 2002, Ed. 1
• Verilog HDL A Guide to Digital Design and Synthesis, by Samir Palnitkar, Prentice Hall, 2003, Ed. 2
• Cryptography Theory and Practice by Douglas Robert Stinson, Maura Paterson, 2018, Ed. 4
• Research papers from IACR TCHES, EUROCRYPT, ASIACRYPT, CRYPTO, DATE, DAC, ICCAD, HOST, ACM-CCS, S&P, USENIX Security
Lecture Schedule
Slot: 6
Wed-6A-11:05:00-12:30:00-CC 105
Fri-6B-11:05:00-12:30:00-CC 105
What to Expect
The course has two (overlapping) parts:
Building the basics of cryptographic hardware design through the AES example -- here you have mostly theory (some intense finite field maths), but also some hardware design exercises.
The world of attacks. Here the goal is to write attack codes. We will also see some countermeasures.
** You may find only one of the world interesting. That's fine :)
Well, this course is an advanced one. So do expect the following:
There will be at least one Verilog assignment. We will have one Verilog lecture and will point you to the relevant material (Verilog HDL A Guide to Digital Design and Synthesis, by Samir Palnitkar, Prentice Hall, 2003, Ed. 2 ). Also, the TA(s) will help you out. But end of the day, I want you to complete it so that you have some real mental satisfaction. So, at this part, you need to do some self-study. So you have to put in some effort. You can begin some self-study already. Just try to see some online resources like asicworld.com, and try the book mentioned above.
We shall see some intense finite field math which leads to efficient hardware. It will be sometime before mid-sem. I will go very very slow in this part, but please do ask questions and stop me if you do not understand something.
There will be some assignments on side-channel attacks where you have to write Python codes.
Depending on how things go, we will plan some (group-wise) paper reading sessions in the last few weeks of the course. Here you have to read and present a paper.
Tentative Lecture Schedule:
Week 1 -- 2: Connecting the dots and building the basics.
a. How does hardware security connect to the theory of crypto;
b. Basics of block ciphers and hardware design
Week 3 -- 5/6: Hardware design for AES
a. Finite field maths
b. Finite field multiplier
c. AES design.
Week 7 -- 9: Side-channel attacks
a. Power attacks basics
b. Different types of power attacks
c. Power attack countermeasures
Week 10 --
a. Fault Attacks
b. Fault attack countermeasures
c. Advanced topics
d. Paper presentations
Lectures and Slides:
Will come soon....
**First, lecture on 8th of Jan, 2025
Page updated
Google Sites
Report abuse