| Home | | | Research | | | Publications | | | | | Developed Courses | | | Seminar | | | Sponsors | | | Links | | | News | | | Contact Us |
Secure Computation LaboratoryProfessor Marten van Dijk |
|
ECE4451 & CSE5451: Hardware Security (Spring 2017)
| Instructor: Marten van Dijk | TA: Phuong Ha Nguyen |
Course Description
This course treats several topics in hardware security: The main focus is secure processor architectures – we will discuss Intel SGX as well as academic processors such as Aegis, Ascend, and Sanctum and we will discuss cryptographic concepts (no proofs or formal definitions) such as AES, RSA, Hash, MAC, digital signatures, public key encryption, ORAM. During the second half of the course we explain side channel attacks, physical unclonable functions, TRNG, supply chain management, and hardware Trojans in more detail and we give an overview of several other topics (in particular, we will talk about the power grid and smart cities). Several coding labs will give sufficient understanding of the most important taught subjects.
Prerequisite
Since this course is completely new, ECE 3401 is no longer a prerequisite. Students need to make an appointment with the instructor to obtain a permission number. During each meeting the instructor verifies whether the student understands the workload and whether the student has some basic understanding of computer architecture and/or crypto – even though the course is self-contained some prior understanding will make the workload less. Students are required to have some level of independence in taking responsibility for their own success.
Learning Objectives
To understand main hardware security concepts:
- To be able to converse intelligently in secure processor architectures and understand or even to be able to simulate performance of added hardware modules.
- Understand a wide range of hardware security concepts. In particular, be able to reason about security in terms of adversarial models, hardware vulnerabilities, and attacks.
- To have a conceptual understanding of how the field of hardware security is evolving.
Lectures and Learning Material
| Title | Readings | Lecture Video |
|---|---|---|
| Lec1: Course outline, report requirements + Application layer Slides |
||
| Lec2a: Code injection Slides |
Required reading: 1 - Aleph One, “Smashing the stack for fun and profit” 2 - Y. Younan, W. Joosen, and F. Piessens, “Runtime countermeasures for code injection attacks against C and C++ programs,” ACM Computing Surveys 44(3):1-28, June 2012 Lab1 assignment: Buffer Overflow |
|
| Lec2b: Computer architecture background Slides |
Suggested reading: Chapter 2 and Appendix B in D. A. Patterson, “Computer architecture: A quantitative approach,” 5 th edition |
|
| Lec3a: Untrusted OS + History of secure processors Slides |
Required reading: 1 - J. Rutkowska, “Intel x86 considered harmful,” 2015 2 - “ORWL – The first open source, physically secure computer” Suggested reading: Chapter 3.1 and 4 in T. W. Doeppner, “Operating Systems In Depth: Design and Programming” |
|
| Lec3b: Introduction to Intel SGX, secure enclaves Slides |
Suggested reading: V. Coston and S. Devadas, “Intel SGX explained,” (PDF) Lab2 assignment: Cache Controller |
|
| Lec4a: Life cycle of an SGX enclave Slides |
||
| Lec4b: Public key infrastructure, Digital signature, Local and remote attestation, Quoting enclave Slides |
Suggested reading: Sections 10.1 -- 10.4, 12.1 – 12.7 in J. Katz and Y. Lindell, “Introduction to modern cryptography” |
|
| Lec5: Review session Slides |
||
| Lec6ab: a) Lec4b cnt’d: AES, RSA, Hash, MAC b) Memory integrity checking: Merkle tree with caching, Intel’s MAC Tree + Aegis (a secure processor architecture) Slides |
Suggested reading: Sections 4.1 – 4.7, 5.1 -- 5.5 in J. Katz and Y. Lindell, “Introduction to modern cryptography” Required reading: (1) R. Elbaz, D. Champagne, C. Gebotys, R. B. Lee, N. Potlapally, and L. Torres, “Hardware mechanisms for memory authentication: A survey of existing techniques and engines,” Transactions on Computational Science IV, LNCS 5340, 2009 (2) G. E. Suh, D. Clarke, B. Gassend, M. van Dijk, and S. Devadas, “Efficient memory integrity verification and encryption for secure processors,” MICRO 2003 Lab3 assignment: Implementation of Merkle tree and MAC tree with caching + comparison |
|
| Lec7a: Sanctum: Memory striping, Security monitor, Secure bootstrapping Slides |
Required reading: V. Costan, I. Lebedev, and S. Devadas, “Sanctum: Minimal hardware extensions for strong software isolation,” Usenix Security 2016 |
|
| Lec7b: Ascend: Architecture for secure computation on encrypted data + Oblivious RAM (ORAM): Write-only vs. fully functional + Timing channel Slides |
Required reading: S. H. Kamran and M. van Dijk, “Flat ORAM: A simplified write-only oblivious RAM construction for secure processor architectures,” (PDF) |
|
| Lec8a: Power side channel Slides |
||
| Lec8b: Cache side channel + DMA attack Slides |
Assignment Lab4: Cache side channel (demonstration and counter measure) | |
| Lec9a: Data flow verification + Supply chain management Slides |
Required reading: C. Jin and M. van Dijk, “Secure and efficient initialization and authentication protocols for SHIELD,” (PDF) |
|
| Lec9b: Hardware Trojan Slides |
Required reading: S. H. Haider, C. Jin, and M. van Dijk, “Advancing the state-of-the-art in hardware Trojan design” (Link) |
|
| Lec10: Kleptography Slides |
||
| Lec11: Physical Unclonable Functions (PUFs) Modeling attack on PUFs + Different adversarial models; Bad PUFs, reusable PUFs, communication PUFs Slides |
Required reading: To be written (details on modeling attacks on PUFs) Lab5 assignment: Modeling attack XOR-Arbiter PUF |