- Department of Information Security
The course provides the knowledge needed for the analysis and design of computer systems security solutions. Students get an overview of safeguards against abuse of the system using hardware means. They will be able to safely use and integrate hardware components into systems and test them for resistance to attacks.
Students will gain knowledge about the cryptographic accelerators, PUF, random number generators, smart cards, biometric devices, and devices for internal security functions of the computer.
Basics of computer security and cryptography, programming
- Syllabus of lectures:
1. Design of hardware security modules.
2. Cryptographic accelerators.
3. HW resources for authentication operations.
4. Utilization of sensor data for security.
5. Types of side channels, the impact of technology and architecture.
6. Power and electromagnetic side-channel analysis, power analysis.
7. Differential power analysis.
8. Defense against side-channel attacks.
9. Resistance to tampering - monitors of physical parameters.
10. Securing code execution (trusted platform), security storage.
11. HW malware - detection and prevention, fault injection.
12. Protection of intellectual property, protection of FPGA bitstream.
13. Design of PUF & TRNG.
- Syllabus of tutorials:
1. Introduction to measurement with oscilloscope and smart card
2. Measurement with oscilloscope, data transfer to PC
3. Differential power analysis
4. DPA - power models, evaluation methods
5. Trace alignment and compression
6. Attacking countermeasures - hiding in time
7. Attacking hiding in time
8. Analysis of correlation with instructions
9. Analysis of correlation with instructions
10. Attacking masking
11. Task finalization
12. Task finalization, credit
- Study Objective:
Students will understand the problems of security hardware devices in computer systems. They will be able to perform certain hardware attacks and design countermeasures against them.
- Study materials:
1. Menezes, A. - Oorschot, P. - Vanstone, S.: Handbook of Applied Cryptography. CRC Press. 1996. 0849385237.
2. Paar, C. - Pelzl, J.: Understanding Cryptography. Springer. 2010. 978-3-642-04100-6.
3. Rankl, W. - Effing, W.: Smart Card Handbook (3rd Edition). Wiley. 2004. 978-0-470-85669-7.
4. Anderson, R. J.: Security Engineering: A Guide to Building Dependable Distributed Systems (2nd Edition). Wiley. 2008. 978-0-470-06852-6.
5. Vacca, J. R.: Biometric Technologies and Verification Systems. Elsevier. 2007. 978-0-7506-7967.
6. Ecks, M.: Smartcard development with JavaCard and the OpenCard Framework: A feasibility study. VDM Verlag Dr. Müller. 2008. 3836499894.
- Further information:
- No time-table has been prepared for this course
- The course is a part of the following study plans:
- Computer Security, Presented in English, Version 2016 to 2019 (compulsory course of the specialization)
- Computer Systems and Networks, Presented in English, Version 2016 to 2019 (elective course)
- Design and Programming of Embedded Systems, in English, Version 2016 to 2019 (elective course)
- Specialization Software Engineering, in English, Version 2016 to 2019 (elective course)