Secure Computation Laboratory

Professor Marten van Dijk


ECE4451 & CSE5451: Hardware Security (Spring 2017)

Instructor: Marten van Dijk TA: Phuong Ha Nguyen

Course Description

This course treats several topics in hardware security: The main focus is secure processor architectures – we will discuss Intel SGX as well as academic processors such as Aegis, Ascend, and Sanctum and we will discuss cryptographic concepts (no proofs or formal definitions) such as AES, RSA, Hash, MAC, digital signatures, public key encryption, ORAM. During the second half of the course we explain side channel attacks, physical unclonable functions, TRNG, supply chain management, and hardware Trojans in more detail and we give an overview of several other topics (in particular, we will talk about the power grid and smart cities). Several coding labs will give sufficient understanding of the most important taught subjects.


Since this course is completely new, ECE 3401 is no longer a prerequisite. Students need to make an appointment with the instructor to obtain a permission number. During each meeting the instructor verifies whether the student understands the workload and whether the student has some basic understanding of computer architecture and/or crypto – even though the course is self-contained some prior understanding will make the workload less. Students are required to have some level of independence in taking responsibility for their own success.

Learning Objectives

To understand main hardware security concepts:

  • To be able to converse intelligently in secure processor architectures and understand or even to be able to simulate performance of added hardware modules.
  • Understand a wide range of hardware security concepts. In particular, be able to reason about security in terms of adversarial models, hardware vulnerabilities, and attacks.
  • To have a conceptual understanding of how the field of hardware security is evolving.

Lectures and Learning Material

TitleReadingsLecture Video
Course outline, report requirements + Application layer
Code injection
Required reading:
1 - Aleph One, “Smashing the stack for fun and profit
2 - Y. Younan, W. Joosen, and F. Piessens, “Runtime countermeasures for code injection attacks against C and C++ programs,” ACM Computing Surveys 44(3):1-28, June 2012
Lab1 assignment: Buffer Overflow
Computer architecture background
Suggested reading:
Chapter 2 and Appendix B in D. A. Patterson, “Computer architecture: A quantitative approach,” 5 th edition
Untrusted OS + History of secure processors
Required reading:
1 - J. Rutkowska, “Intel x86 considered harmful,” 2015
2 - “ORWL – The first open source, physically secure computer
Suggested reading:
Chapter 3.1 and 4 in T. W. Doeppner, “Operating Systems In Depth: Design and Programming”
Introduction to Intel SGX, secure enclaves
Suggested reading:
V. Coston and S. Devadas, “Intel SGX explained,” (PDF)
Lab2 assignment: Cache Controller
Life cycle of an SGX enclave
Public key infrastructure, Digital signature, Local and remote attestation, Quoting enclave
Suggested reading:
Sections 10.1 -- 10.4, 12.1 – 12.7 in J. Katz and Y. Lindell, “Introduction to modern cryptography”
Review session
a) Lec4b cnt’d: AES, RSA, Hash, MAC
b) Memory integrity checking: Merkle tree with caching, Intel’s MAC Tree + Aegis (a secure processor architecture) Slides
Suggested reading:
Sections 4.1 – 4.7, 5.1 -- 5.5 in J. Katz and Y. Lindell, “Introduction to modern cryptography”
Required reading:
(1) R. Elbaz, D. Champagne, C. Gebotys, R. B. Lee, N. Potlapally, and L. Torres, “Hardware mechanisms for memory authentication: A survey of existing techniques and engines,” Transactions on Computational Science IV, LNCS 5340, 2009
(2) G. E. Suh, D. Clarke, B. Gassend, M. van Dijk, and S. Devadas, “Efficient memory integrity verification and encryption for secure processors,” MICRO 2003
Lab3 assignment: Implementation of Merkle tree and MAC tree with caching + comparison
Sanctum: Memory striping, Security monitor, Secure bootstrapping
Required reading:
V. Costan, I. Lebedev, and S. Devadas, “Sanctum: Minimal hardware extensions for strong software isolation,” Usenix Security 2016
Ascend: Architecture for secure computation on encrypted data + Oblivious RAM (ORAM): Write-only vs. fully functional + Timing channel
Required reading:
S. H. Kamran and M. van Dijk, “Flat ORAM: A simplified write-only oblivious RAM construction for secure processor architectures,” (PDF)
Power side channel
Cache side channel + DMA attack
Assignment Lab4: Cache side channel (demonstration and counter measure)
Data flow verification + Supply chain management
Required reading:
C. Jin and M. van Dijk, “Secure and efficient initialization and authentication protocols for SHIELD,” (PDF)
Hardware Trojan
Required reading:
S. H. Haider, C. Jin, and M. van Dijk, “Advancing the state-of-the-art in hardware Trojan design” (Link)
Physical Unclonable Functions (PUFs)
Modeling attack on PUFs + Different adversarial models; Bad PUFs, reusable PUFs, communication PUFs
Required reading:
To be written (details on modeling attacks on PUFs)
Lab5 assignment: Modeling attack XOR-Arbiter PUF