ECE 525: Hardware-Oriented Security and Trust

Instructor: Jim Plusquellic
Department of ECE, UNM


* HOST Flyer
* Course Description
* Syllabus


* Course Introduction (video)

* HOST Introduction (PDF)
* HOST Introduction I (video)
* Crypto I (PDF)
* Crypto I(A) (video)
* Crypto I(B) (video)
* Crypto I(C) (video)
* Crypto II (PDF)
* Crypto II(A) (video)
* Crypto II(B) (video)
* Crypto II(C) (video)
* Crypto III (PDF)
* Crypto III(A) (video)
* Crypto III(B) (video)
* Crypto III(C) (video)
* PUFs I (PDF)
* PUFs I(A) (video)
* PUFs I(B) (video)
* PUFs I(C) (video)
* PUFs I(D) (video)
* PUFs I(E) (video)
* PUFs I(F) (video)
* PUFs I(G) (video)
* PUFs II (PDF)
* PUFs II(A) (video)
* PUFs II(B) (video)
* PUFs II(C) (video)
* PUFs II(D) (video)
* PUFs II(E) (video)
* PUFs II(F) (HELP) (video)
* PUFs II(G) (HELP) (video)
* PUFs II(H) (HELP) (video)
* PUFs II(I) (HELP) (video)
* PUFs II(J) (HELP) (video)
* Authentication Overview (PDF)
* Authentication Overview (A) (video)
* Authentication Overview (B) (video)
* PUF-Based Authentication (PDF)
* PUF-Based Authentication (A) (video)
* PUF-Based Authentication (B) (video)
* PUF-Based Authentication (C) (video)
* PUF-Based Authentication Protocols (PDF)
* PUF-Based Authentication Protocols (A) (video)
* PUF-Based Authentication Protocols (B) (video)
* PUF-Based Authentication Protocols (C) (video)
* PUF-Based Authentication Protocols (D) (video)
* PUF-Based Authentication Protocols (E) (video)
* PUF-Based Authentication Protocols (F) (HELP Protocol) (video)
* PUF-Based Authentication Protocols (G) (HELP Protocol) (video)
* PUF-Based Authentication Protocols (H) (HELP Protocol) (video)
* PUF-Based Authentication Protocols (I) (HELP Protocol) (video)
* Secure Boot I (PDF)
* Secure Boot I(A) (video)
* Secure Boot I(B) (video)
* Secure Boot I(C) (SASB and BulletProoF) (video)
* Secure Boot I(D) (SASB and BulletProoF) (video)
* Hardware Trojans I (PDF)
* Hardware Trojans I (A) (video)
* Hardware Trojans I (B) (video)
* Hardware Trojans I (C) (video)
* Hardware Trojans I (D) (video)
* Hardware Trojans I (E) (video)
* Hardware Trojans II (PDF)
* Hardware Trojans II (A) (video)
* Hardware Trojans II (B) (video)
* Hardware Trojans II (C) (video)
* Hardware Trojans II (D) (video)
* Hardware Trojans II (E) (video)
* Hardware Trojans II (F) (video)
* Hardware Trojans II (G) (video)
* Side-Channel Attacks (PDF)
* Side-Channel Attacks (A) (video)
* Side-Channel Attacks (B) (video)
* Side-Channel Attacks (C) (video)
* SCA CounterMeasures I (PDF)
* SCA CounterMeasures (A) (video)
* SCA CounterMeasures (B) (video)
* SCA CounterMeasures (C) (video)
* SCA CounterMeasures II (PDF)
* SCA CounterMeasures II (A) (SPREAD) (video)
* SCA CounterMeasures II (B) (SPREAD) (video)
* Obfuscation I (PDF)

Study Guide Questions

* HOST Introduction
* Crypto I
* Crypto II
* Crypto III
* PUFs I
* PUFs II
* Authentication Overview
* PUF-Based Authentication
* PUF-Based Authentication Protocols
* Secure Boot I
* Hardware Trojans I
* Hardware Trojans II
* Side-Channel Attacks
* SCA CounterMeasures I
* SCA CounterMeasures II

Book Chapters

* PUF-Based Authentication, J. Plusquellic
* Detecting Hardware Trojans using Delay Analysis, J. Plusquellic and F. Saqib

Supplemental Material

* Hardware Trojans III (PDF)
* Practical Aspects of PUFs
* Statistics
* Software and Hardware Tradeoffs
* Manufacturing Test Basics
* RSA
* DES

Announcements

* Sample midterm exam

Links

* AES Crypto Core
* Project twofish
* index
* FIPS-197
* KAT AES
* TripleDES vectors
* AESAVS
* "Implementation of DES Algorithm Using FPGA Technology", Arnaud Lagger, Ilhan Hatirnaz, and Yusuf Leblebici
* "A VHDL Implemetation of the Advanced Encryption Standard-Rijndael Algorithm", Rajender Manteena
* Diffie-Hellman key exchange -- plug in the keyword 'Diffie-Hellman' in wikipedia
* "Videos on the Enigma machine
* Avi Kak (kak@purdue.edu): RSA Lecture 12
* Stefan Mangard, Elisabeth Oswald and Thomas Popp, "Power Analysis Attacks, Revealing the Secrets of Smart Cards" SpringLink Text (on line)
* Birthday paradox

News Articles

* "The chip industry's open secret: Adversaries' military tech relies on U.S. components", Kristina Partsinevelos and Cait Freda, 2023
* "New Evidence of Hacked Supermicro Hardware Found in U.S. Telecom", 10/9/2018
* "The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies", 10/4/2018
* "A Critical Intel Flaw Breaks Basic Security for Most Computers", 1/3/2018
* "Intel Confronts Potential ‘PR Nightmare’ With Reported Chip Flaw", 1/3/2018
* "DHS, FBI Warn of Cyberattack Threat to Nation's Power Grid", 4/10/2016
* "FBI says car hacking is a real risk", 3/18/2016
* "Inside the Cunning, Unprecedented Hack of Ukraine's Power Grid", 3/3/2016
* "Comcast Security Flaw Could Help Burglars Break into Homes Undetected", 1/5/2016
* "Hackers Remotely Kill a Jeep on the Highway - With Me in It", 7/21/2015
* "California Could Require a 'Kill Switch' for Every Smartphone", 2/7/2014
* Spy agencies shun Lenovo, finding backdoors built into the hardware, 6/30/2013
* How I Hacked An Electronic Voting Machine by By Roger Johnston, 11/5/2012
* "Defense Logistics Agency, Combating Counterfeits, by Beth Reece
* "Applied DNA Science Product Description SigNature
* "PUF - Physical Unclonable Function: Protecting next-generation Smart Card ICs with SRAM-based PUFs
* "Reflections on Trusting Trust by Ken Thompson", Aug. 1984
* "Backdoor (computing)"
* "Cyberattacks on Iran -- Stuxnet and Flame", NORMAN ASA, via PR Newswire, Aug. 9th, 2012
* "ALLARD: Who leaked the Stuxnet virus attack on Iran?", By Col. Ken Allard, Jan. 18th, 2013
* "Los Alamos replaces computer switches because of security concerns, Jan. 13th, 2013
* "Gone in 3 Minutes: Keyless BMWs a Boon to Hacker Thieves", Kim Zetter, wired.com, July 10th, 2012
* "Chinese Microchips Are Considered Impossible To Regulate", David Fulghum, Bill Sweetman, Jen DiMascio, June 4th, 2012
* "Experts dispute threat posed by backdoor found in Chinese chip", Steven Musil, May 29th, 2012
* "Report reveals fake chips in U.S. military hardware", Peter Clarke, May 23, 2012
* "Clamping Down on Counterfeits", Tam Harbert, February 22, 2012
* "State of SCADA Security Worries Researchers", Feb. 2012
* "Researchers: Don't trust satellite phones", encryption broken, Feb. 2012
* "Counterfeit Parts Found on P-8 Posiedons", DefenseTech, November 8th, 2011
* "U.S. official says pre-infected computer tech entering country", M. Alex Johnson, MSNBC, July 8th, 2011
* "The Navy Bought Fake Chinese Microchips That Could Have Disarmed U.S. Missiles", Robert Johnson, Business Insider, June 27th, 2011
* "The Hunt for the Kill Switch", Sally Adee, IEEE Spectrum, May 2008
* "Counterfeit Chips Raise Big Hacking, Terror Threats, Experts Say", Glenn Derene and Joe Pappalardo, Popular Mechanics, April 2008
* "Fairy Dust, Secrets, and the Real World", S.W. Smith, Security and Privacy
* "Princeton Professor Finds No Hardware Security In E-Voting Machine", Antone Gonsalves, InformationWeek, Feb. 2007
* "Cunning Circuits Confound Crooks", Brian Dipert, EDN, 2000
* "Secure Chips for Gadgets Set to Soar", John P. Mello Jr,, TechNewsWorld, 2007
* "Six Decades of Cryptography", Rodney Gedda, 2009 (Courtesy of Colby)
* "Old Trick Threatens the Newest Weapons", JOHN MARKOFF, New York Times, Science, Oct 27th, 2009
* Can DARPA Fix the Cybersecurity 'Problem From Hell?, Aug, 2011
* "Good Chip, Bad Chip, Evil Chip: Viterbi Experts Developing Tests to Tell Which is Which", July, 2011

Government Hardware Trojan Reports

* "Defense Science Board Task Force On HIGH PERFORMANCE MICROCHIP SUPPLY", Office of the Under Secretary of Defense, Feb. 2005
* "White Paper: National Security Aspects of the Global Migration of the U.S. Semiconductor Industry", Senator Joseph I. Lieberman, June 2003
* "TRUST, A Proposed Plan for Trusted Integrated Circuits", Dean. R. Collins, Deputy Director Microsystems Technology Office, DARPA

Supplimentary Reading

* Handbook of Applied Cryptography, A. J. Menezes, P. C. van Oorschot and S. A. Vanstone
* Physical Unclonable Functions, Constructions, Properties and Applications, R. Maes

Papers

* "Trojan Detection using IC Fingerprinting", Dakshi Agrawal, Selcuk Baktir, Deniz Karakoyunlu, Pankaj Rohatgi and Berk Sunar, Symposium on Security and Privacy, 2007
* "Physical One-Way Functions", Ravikanth Pappu, Ben Recht, Jason Taylor, Neil Gershenfeld, Science, Vol. 297. no. 5589, Sept. 2002, pp. 2026-2030.

Laboratory Support

* Download sts-2.1.1.zip from NIST site, untar, compile and run either one or more of the data sets in the NIST 'data' directory.
* Diehard test suite

ZYBO:

* Digilent ZYBO Z7-10 Board Website
* NOTE: The ZYBO Z7-10 does NOT ship with a microSD, a microUSB or a short ethernet cable. You must also buy these at your favorite place on-line or Walmart/Target.
* ZYBO Z7-10 Master XDC file
* ZYBO Z7-10 Boot Files
* ZYBO Z7-10 Board Files (Add these files to (Xilinx_install_dir)/Vivado/2017.2/data/boards/board_files/zybo-z7-10/A.0/ directory)
* ZYBO Z7-10 Boot Files with sqlite3 + JTAG

CORA:

* Digilent Cora Z7 Board Website
* NOTE: The Cora Z7-07S does NOT ship with a microSD, a microUSB or a short ethernet cable. You must also buy these at your favorite place on-line or Walmart/Target.
* Cora Z7-07S Master XDC file
* CORA Z7-10 Boot Files
* CORA Z7-07S Board Files (Add these files to (Xilinx_install_dir)/Vivado/2017.2/data/boards/board_files/cora-z7-07s/B.0/ directory)

FPGA Links:

* Zynq SoC Overview
* Ivan Bow's tutorial on how to run linux on a Window's 10 machine

Laboratory Lectures:

* Vivado: Installation, Part A (video)
* Vivado: Installation, Part B (video)
* SDK Instruction, HELP Enrollment (video)
* Network instructions (PDF)
* Lab Grading Criteria (applies to all labs except Lab0) (PDF)

Project

* PROJECT: PUF-Cash V3.0: (DUE DATE: FINAL EXAM DAY/TIME)
* PUF-Cash V3.0 Paper
Jim Plusquellic / ECE /