ECE 525: Hardware-Oriented Security and Trust

Instructor: Jim Plusquellic
Department of ECE, UNM

* HOST Flyer
* Course Description
* Syllabus


* Course Introduction (video)

* HOST Introduction
* HOST Introduction I (video)
* Crypto I (PDF)
* Crypto I(A) (video)
* Crypto I(B) (video)
* Crypto I(C) (video)
* Crypto II (PDF)
* Crypto II(A) (video)
* Crypto II(B) (video)
* Crypto II(C) (video)
* Crypto III (PDF)
* Crypto III(A) (video)
* Crypto III(B) (video)
* Crypto III(C) (video)
* PUFs I (PDF)
* PUFs I(A) (video)
* PUFs I(B) (video)
* PUFs I(C) (video)
* PUFs I(D) (video)
* PUFs I(E) (video)
* PUFs I(F) (video)
* PUFs I(G) (video)
* PUFs II (PDF)
* PUFs II(A) (video)
* PUFs II(B) (video)
* PUFs II(C) (video)
* PUFs II(D) (video)
* PUFs II(E) (video)
* PUFs II(F) (HELP) (video)
* PUFs II(G) (HELP) (video)
* PUFs II(H) (HELP) (video)
* PUFs II(I) (HELP) (video)
* PUFs II(J) (HELP) (video)
* Authentication Overview (PDF)
* Authentication Overview (A) (video)
* Authentication Overview (B) (video)
* PUF-Based Authentication (PDF)
* PUF-Based Authentication (A) (video)
* PUF-Based Authentication (B) (video)
* PUF-Based Authentication (C) (video)
* PUF-Based Authentication Protocols (PDF)
* PUF-Based Authentication Protocols (A) (video)
* PUF-Based Authentication Protocols (B) (video)
* PUF-Based Authentication Protocols (C) (video)
* PUF-Based Authentication Protocols (D) (video)
* PUF-Based Authentication Protocols (E) (video)
* PUF-Based Authentication Protocols (F) (HELP Protocol) (video)
* PUF-Based Authentication Protocols (G) (HELP Protocol) (video)
* PUF-Based Authentication Protocols (H) (HELP Protocol) (video)
* PUF-Based Authentication Protocols (I) (HELP Protocol) (video)
* Secure Boot I (PDF)
* Secure Boot I(A) (video)
* Secure Boot I(B) (video)
* Secure Boot I(C) (SASB and BulletProoF) (video)
* Secure Boot I(D) (SASB and BulletProoF) (video)
* Hardware Trojans I (PDF)
* Hardware Trojans I (A) (video)
* Hardware Trojans I (B) (video)
* Hardware Trojans I (C) (video)
* Hardware Trojans I (D) (video)
* Hardware Trojans I (E) (video)
* Hardware Trojans II (PDF)
* Hardware Trojans II (A) (video)
* Hardware Trojans II (B) (video)
* Hardware Trojans II (C) (video)
* Hardware Trojans II (D) (video)
* Hardware Trojans II (E) (video)
* Hardware Trojans II (F) (video)
* Hardware Trojans II (G) (video)
* Side-Channel Attacks (PDF)
* Side-Channel Attacks (A) (video)
* Side-Channel Attacks (B) (video)
* Side-Channel Attacks (C) (video)
* SCA CounterMeasures I (PDF)
* SCA CounterMeasures (A) (video)
* SCA CounterMeasures (B) (video)
* SCA CounterMeasures (C) (video)
* SCA CounterMeasures II (PDF)
* SCA CounterMeasures II (A) (SPREAD) (video)
* SCA CounterMeasures II (B) (SPREAD) (video)
* Obfuscation I (PDF)

Book Chapters

* PUF-Based Authentication, J. Plusquellic
* Detecting Hardware Trojans using Delay Analysis, J. Plusquellic and F. Saqib

Supplemental Material

* Hardware Trojans III (PDF)
* Practical Aspects of PUFs
* Statistics
* Software and Hardware Tradeoffs
* Manufacturing Test Basics
* RSA
* DES

Announcements

* UNM requires all classes to go on-line. As you have noticed, all of my lectures are screencast.
Here is the schedule you should follow regarding screen casts:
Mar 23 - Mar 29: PUF II (F) through (J), Authentication Overview (A) and (B)
Mar 30 - Apr 5: PUF_Based Authentication Protocols (A) through (I)
Apr 6 - Apr 12: Secure Boot (A) through (D), Hardware Trojans I (A) through (E)
Apr 13 - Apr 19: Hardware Trojans II (A) through (G)
Apr 20 - Apr 26: Side-Channel Attacks (A) thr (C), SCA CounterMeasures (A) thr (C), SCA CounterMeasures II (A) thr (B)
Apr 27 - May 3: Labs/Project
May 4 - May 10: Labs/Project
May 11 - May 17: Labs/Project
MAY 6th or 8th: EXAM (details to be provided later)
The labs assignments will be posted with due dates. Please pay attention to updates to my webpage.
If you have not yet turned in Lab 2, please do so today. You may email the lab report to me.
* CLASS IS CANCELLED on Monday, Feb. 3rd.
* Sample midterm exam

Links

* AES Crypto Core
* Project twofish
* index
* FIPS-197
* KAT AES
* TripleDES vectors
* AESAVS
* "Implementation of DES Algorithm Using FPGA Technology", Arnaud Lagger, Ilhan Hatirnaz, and Yusuf Leblebici
* "A VHDL Implemetation of the Advanced Encryption Standard-Rijndael Algorithm", Rajender Manteena
* Diffie-Hellman key exchange -- plug in the keyword 'Diffie-Hellman' in wikipedia
* "Videos on the Enigma machine
* Avi Kak (kak@purdue.edu): RSA Lecture 12
* Stefan Mangard, Elisabeth Oswald and Thomas Popp, "Power Analysis Attacks, Revealing the Secrets of Smart Cards" SpringLink Text (on line)
* Birthday paradox

News Articles

* "New Evidence of Hacked Supermicro Hardware Found in U.S. Telecom, 10/9/2018
* "The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies", 10/4/2018
* "A Critical Intel Flaw Breaks Basic Security for Most Computers", 1/3/2018
* "Intel Confronts Potential ‘PR Nightmare’ With Reported Chip Flaw", 1/3/2018
* "DHS, FBI Warn of Cyberattack Threat to Nation's Power Grid", 4/10/2016
* "FBI says car hacking is a real risk", 3/18/2016
* "Inside the Cunning, Unprecedented Hack of Ukraine's Power Grid", 3/3/2016
* "Comcast Security Flaw Could Help Burglars Break into Homes Undetected", 1/5/2016
* "Hackers Remotely Kill a Jeep on the Highway - With Me in It", 7/21/2015
* "California Could Require a 'Kill Switch' for Every Smartphone", 2/7/2014
* Spy agencies shun Lenovo, finding backdoors built into the hardware, 6/30/2013
* How I Hacked An Electronic Voting Machine by By Roger Johnston, 11/5/2012
* "Defense Logistics Agency, Combating Counterfeits, by Beth Reece
* "Applied DNA Science Product Description SigNature
* "PUF - Physical Unclonable Function: Protecting next-generation Smart Card ICs with SRAM-based PUFs
* "Reflections on Trusting Trust by Ken Thompson", Aug. 1984
* "Backdoor (computing)"
* "Cyberattacks on Iran -- Stuxnet and Flame", NORMAN ASA, via PR Newswire, Aug. 9th, 2012
* "ALLARD: Who leaked the Stuxnet virus attack on Iran?", By Col. Ken Allard, Jan. 18th, 2013
* "Los Alamos replaces computer switches because of security concerns, Jan. 13th, 2013
* "Gone in 3 Minutes: Keyless BMWs a Boon to Hacker Thieves", Kim Zetter, wired.com, July 10th, 2012
* "Chinese Microchips Are Considered Impossible To Regulate", David Fulghum, Bill Sweetman, Jen DiMascio, June 4th, 2012
* "Experts dispute threat posed by backdoor found in Chinese chip", Steven Musil, May 29th, 2012
* "Report reveals fake chips in U.S. military hardware", Peter Clarke, May 23, 2012
* "Clamping Down on Counterfeits", Tam Harbert, February 22, 2012
* "State of SCADA Security Worries Researchers", Feb. 2012
* "Researchers: Don't trust satellite phones", encryption broken, Feb. 2012
* "Counterfeit Parts Found on P-8 Posiedons", DefenseTech, November 8th, 2011
* "U.S. official says pre-infected computer tech entering country", M. Alex Johnson, MSNBC, July 8th, 2011
* "The Navy Bought Fake Chinese Microchips That Could Have Disarmed U.S. Missiles", Robert Johnson, Business Insider, June 27th, 2011
* "The Hunt for the Kill Switch", Sally Adee, IEEE Spectrum, May 2008
* "Counterfeit Chips Raise Big Hacking, Terror Threats, Experts Say", Glenn Derene and Joe Pappalardo, Popular Mechanics, April 2008
* "Fairy Dust, Secrets, and the Real World", S.W. Smith, Security and Privacy
* "Princeton Professor Finds No Hardware Security In E-Voting Machine", Antone Gonsalves, InformationWeek, Feb. 2007
* "Cunning Circuits Confound Crooks", Brian Dipert, EDN, 2000
* "Secure Chips for Gadgets Set to Soar", John P. Mello Jr,, TechNewsWorld, 2007
* "Six Decades of Cryptography", Rodney Gedda, 2009 (Courtesy of Colby)
* "Old Trick Threatens the Newest Weapons", JOHN MARKOFF, New York Times, Science, Oct 27th, 2009
* Can DARPA Fix the Cybersecurity 'Problem From Hell?, Aug, 2011
* "Good Chip, Bad Chip, Evil Chip: Viterbi Experts Developing Tests to Tell Which is Which", July, 2011

Government Hardware Trojan Reports

* "Defense Science Board Task Force On HIGH PERFORMANCE MICROCHIP SUPPLY", Office of the Under Secretary of Defense, Feb. 2005
* "White Paper: National Security Aspects of the Global Migration of the U.S. Semiconductor Industry", Senator Joseph I. Lieberman, June 2003
* "TRUST, A Proposed Plan for Trusted Integrated Circuits", Dean. R. Collins, Deputy Director Microsystems Technology Office, DARPA

Supplimentary Reading

* Handbook of Applied Cryptography, A. J. Menezes, P. C. van Oorschot and S. A. Vanstone
* Physical Unclonable Functions, Constructions, Properties and Applications, R. Maes

Papers

* "Trojan Detection using IC Fingerprinting", Dakshi Agrawal, Selcuk Baktir, Deniz Karakoyunlu, Pankaj Rohatgi and Berk Sunar, Symposium on Security and Privacy, 2007
* "Physical One-Way Functions", Ravikanth Pappu, Ben Recht, Jason Taylor, Neil Gershenfeld, Science, Vol. 297. no. 5589, Sept. 2002, pp. 2026-2030.

Laboratory Support

* Download sts-2.1.1.zip from NIST site, untar, compile and run either one or more of the data sets in the NIST 'data' directory.
* Diehard test suite

FPGA Links:

* Digilent Cora Z7 Board Website
* NOTE: The Cora Z7-07S does NOT ship with a microSD, a microUSB or a short ethernet cable. You must also buy these at your favorite place on-line or Walmart/Target.
* Digilent Cora Z7 Resource Center
* Zynq SoC Overview
* Cora Z7-07S Master XDC file
* Readme and source files for Cora board
* Ivan Bow's tutorial on how to run linux on a Window's 10 machine

Laboratory Lectures:

* Vivado: Installation, Part A (video)
* Vivado: Installation, Part B (video)
* SDK Instruction, HELP Enrollment (video)

Laboratory and Homework Assignments

* Purchase the Cora-07S for $99 (see link above). Note you'll also need to buy a 16GB micro-SD (NOT larger than 32 GB), a micro-USB cable and a short network twisted pair cable. Instructions for setting up the two partitions on the microSD card are given in the readme file. (see Readme and source files link above). The boot images and root filesystem are also provided there for the Cora-07S board. Install Vivado so we can compile programs for the Zynq 7000 device on the Cora board -- see installation videos, note, expect differences in the appearence of the Xilinx website from that shown in the video). Starting with Vivado 2019.2, Xilinx has changed to Vitis, which is okay. If you prefer Vivado, than install a version between 2018.3 and 2019.1, any of these will work -- due at the end of the first week
* Reading assignment: Chapter 1 of HAC text (http://cacr.uwaterloo.ca/hac/) -- due at the end of the first week
* Network instructions (PDF)
* Lab Grading Criteria (applies to all labs except Lab0) (PDF)
* Lab0 (PDF)
* Lab1 files (DUE: March 9, 2020)
* Lab2 files (DUE: March 23, 2020)

Project

Jim Plusquellic / ECE /