ECE 525: Hardware-Oriented Security and Trust

Instructor: Jim Plusquellic
Department of ECE, UNM

* HOST Flyer
* Course Description
* Syllabus


* Course Introduction (video)

* HOST Introduction (PDF)
* HOST Introduction I (video)
* Crypto I (PDF)
* Crypto I(A) (video)
* Crypto I(B) (video)
* Crypto I(C) (video)
* Crypto II (PDF)
* Crypto II(A) (video)
* Crypto II(B) (video)
* Crypto II(C) (video)
* Crypto III (PDF)
* Crypto III(A) (video)
* Crypto III(B) (video)
* Crypto III(C) (video)
* PUFs I (PDF)
* PUFs I(A) (video)
* PUFs I(B) (video)
* PUFs I(C) (video)
* PUFs I(D) (video)
* PUFs I(E) (video)
* PUFs I(F) (video)
* PUFs I(G) (video)
* PUFs II (PDF)
* PUFs II(A) (video)
* PUFs II(B) (video)
* PUFs II(C) (video)
* PUFs II(D) (video)
* PUFs II(E) (video)
* PUFs II(F) (HELP) (video)
* PUFs II(G) (HELP) (video)
* PUFs II(H) (HELP) (video)
* PUFs II(I) (HELP) (video)
* PUFs II(J) (HELP) (video)
* Authentication Overview (PDF)
* Authentication Overview (A) (video)
* Authentication Overview (B) (video)
* PUF-Based Authentication (PDF)
* PUF-Based Authentication (A) (video)
* PUF-Based Authentication (B) (video)
* PUF-Based Authentication (C) (video)
* PUF-Based Authentication Protocols (PDF)
* PUF-Based Authentication Protocols (A) (video)
* PUF-Based Authentication Protocols (B) (video)
* PUF-Based Authentication Protocols (C) (video)
* PUF-Based Authentication Protocols (D) (video)
* PUF-Based Authentication Protocols (E) (video)
* PUF-Based Authentication Protocols (F) (HELP Protocol) (video)
* PUF-Based Authentication Protocols (G) (HELP Protocol) (video)
* PUF-Based Authentication Protocols (H) (HELP Protocol) (video)
* PUF-Based Authentication Protocols (I) (HELP Protocol) (video)
* Secure Boot I (PDF)
* Secure Boot I(A) (video)
* Secure Boot I(B) (video)
* Secure Boot I(C) (SASB and BulletProoF) (video)
* Secure Boot I(D) (SASB and BulletProoF) (video)
* Hardware Trojans I (PDF)
* Hardware Trojans I (A) (video)
* Hardware Trojans I (B) (video)
* Hardware Trojans I (C) (video)
* Hardware Trojans I (D) (video)
* Hardware Trojans I (E) (video)
* Hardware Trojans II (PDF)
* Hardware Trojans II (A) (video)
* Hardware Trojans II (B) (video)
* Hardware Trojans II (C) (video)
* Hardware Trojans II (D) (video)
* Hardware Trojans II (E) (video)
* Hardware Trojans II (F) (video)
* Hardware Trojans II (G) (video)
* Side-Channel Attacks (PDF)
* Side-Channel Attacks (A) (video)
* Side-Channel Attacks (B) (video)
* Side-Channel Attacks (C) (video)
* SCA CounterMeasures I (PDF)
* SCA CounterMeasures (A) (video)
* SCA CounterMeasures (B) (video)
* SCA CounterMeasures (C) (video)
* SCA CounterMeasures II (PDF)
* SCA CounterMeasures II (A) (SPREAD) (video)
* SCA CounterMeasures II (B) (SPREAD) (video)
* Obfuscation I (PDF)

Study Guide Questions

* HOST Introduction
* Crypto I
* Crypto II
* Crypto III
* PUFs I
* PUFs II
* Authentication Overview
* PUF-Based Authentication
* PUF-Based Authentication Protocols
* Secure Boot I
* Hardware Trojans I
* Hardware Trojans II
* Side-Channel Attacks
* SCA CounterMeasures I
* SCA CounterMeasures II

Book Chapters

* PUF-Based Authentication, J. Plusquellic
* Detecting Hardware Trojans using Delay Analysis, J. Plusquellic and F. Saqib

Supplemental Material

* Hardware Trojans III (PDF)
* Practical Aspects of PUFs
* Statistics
* Software and Hardware Tradeoffs
* Manufacturing Test Basics
* RSA
* DES

Announcements

* UNM requires all classes to go on-line.
As you have noticed, all of my lectures are screencast.
Here is the schedule you should follow regarding screen casts:
Mar 23 - Mar 29: PUF II (F) through (J), Authentication Overview (A) and (B)
Mar 30 - Apr 5: PUF_Based Authentication Protocols (A) through (I)
Apr 6 - Apr 12: Secure Boot (A) through (D), Hardware Trojans I (A) through (E)
Apr 13 - Apr 19: Hardware Trojans II (A) through (G)
Apr 20 - Apr 26: Side-Channel Attacks (A) thr (C), SCA CounterMeasures (A) thr (C), SCA CounterMeasures II (A) thr (B)
Apr 27 - May 3: Labs/Project
May 4 - May 10: Labs/Project
May 11 - May 17: Labs/Project

* MAY 8th: FINAL EXAM: 9am-12pm (3 hours)
I've placed some additional quiz-like study guide questions on my website to help you prepare for the exam.

You will not need a calculator for the exam and you are free to use whatever materials are available to you.

But you will not do well on the exam if you do not watch the videos and think through the questions I have
provided to you through the sample exam and now the Study Guide questions. If you need to start looking things
up in the PDFs or videos, the 3 hours are going to pass quickly and you will not be able to finish the exam.
The exam will be tailored as a FINAL exam, which means if you know the material well, you be able to finish it in the 2
hour time slot normally allocated for a FINAL exam. You will need at least some of the additional hour I am giving to you
to handle the logistics, downloading the exam, printing it (if you choose to submit it as
a scanned PDF), etc.

Please do not submit anything except your answers, either on the PDF that I emailed to you or as text in an email.
YOU MUST submit the exam by 12pm SHARP. I will not accept exams after that time.

Once again, the FINAL exam will be given on May 8th starting at 9am and lasting until 12pm (noon).

You are not allowed to work together on this exam. It is an individual effort.

*
The labs assignments will be posted with due dates. Please pay attention to updates to my webpage.
If you have not yet turned in Lab 2, please do so today. You may email the lab report to me.
*
CLASS IS CANCELLED on Monday, Feb. 3rd.
* Sample midterm exam

Links

* AES Crypto Core
* Project twofish
* index
* FIPS-197
* KAT AES
* TripleDES vectors
* AESAVS
* "Implementation of DES Algorithm Using FPGA Technology", Arnaud Lagger, Ilhan Hatirnaz, and Yusuf Leblebici
* "A VHDL Implemetation of the Advanced Encryption Standard-Rijndael Algorithm", Rajender Manteena
* Diffie-Hellman key exchange -- plug in the keyword 'Diffie-Hellman' in wikipedia
* "Videos on the Enigma machine
* Avi Kak (kak@purdue.edu): RSA Lecture 12
* Stefan Mangard, Elisabeth Oswald and Thomas Popp, "Power Analysis Attacks, Revealing the Secrets of Smart Cards" SpringLink Text (on line)
* Birthday paradox

News Articles

* "New Evidence of Hacked Supermicro Hardware Found in U.S. Telecom, 10/9/2018
* "The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies", 10/4/2018
* "A Critical Intel Flaw Breaks Basic Security for Most Computers", 1/3/2018
* "Intel Confronts Potential ‘PR Nightmare’ With Reported Chip Flaw", 1/3/2018
* "DHS, FBI Warn of Cyberattack Threat to Nation's Power Grid", 4/10/2016
* "FBI says car hacking is a real risk", 3/18/2016
* "Inside the Cunning, Unprecedented Hack of Ukraine's Power Grid", 3/3/2016
* "Comcast Security Flaw Could Help Burglars Break into Homes Undetected", 1/5/2016
* "Hackers Remotely Kill a Jeep on the Highway - With Me in It", 7/21/2015
* "California Could Require a 'Kill Switch' for Every Smartphone", 2/7/2014
* Spy agencies shun Lenovo, finding backdoors built into the hardware, 6/30/2013
* How I Hacked An Electronic Voting Machine by By Roger Johnston, 11/5/2012
* "Defense Logistics Agency, Combating Counterfeits, by Beth Reece
* "Applied DNA Science Product Description SigNature
* "PUF - Physical Unclonable Function: Protecting next-generation Smart Card ICs with SRAM-based PUFs
* "Reflections on Trusting Trust by Ken Thompson", Aug. 1984
* "Backdoor (computing)"
* "Cyberattacks on Iran -- Stuxnet and Flame", NORMAN ASA, via PR Newswire, Aug. 9th, 2012
* "ALLARD: Who leaked the Stuxnet virus attack on Iran?", By Col. Ken Allard, Jan. 18th, 2013
* "Los Alamos replaces computer switches because of security concerns, Jan. 13th, 2013
* "Gone in 3 Minutes: Keyless BMWs a Boon to Hacker Thieves", Kim Zetter, wired.com, July 10th, 2012
* "Chinese Microchips Are Considered Impossible To Regulate", David Fulghum, Bill Sweetman, Jen DiMascio, June 4th, 2012
* "Experts dispute threat posed by backdoor found in Chinese chip", Steven Musil, May 29th, 2012
* "Report reveals fake chips in U.S. military hardware", Peter Clarke, May 23, 2012
* "Clamping Down on Counterfeits", Tam Harbert, February 22, 2012
* "State of SCADA Security Worries Researchers", Feb. 2012
* "Researchers: Don't trust satellite phones", encryption broken, Feb. 2012
* "Counterfeit Parts Found on P-8 Posiedons", DefenseTech, November 8th, 2011
* "U.S. official says pre-infected computer tech entering country", M. Alex Johnson, MSNBC, July 8th, 2011
* "The Navy Bought Fake Chinese Microchips That Could Have Disarmed U.S. Missiles", Robert Johnson, Business Insider, June 27th, 2011
* "The Hunt for the Kill Switch", Sally Adee, IEEE Spectrum, May 2008
* "Counterfeit Chips Raise Big Hacking, Terror Threats, Experts Say", Glenn Derene and Joe Pappalardo, Popular Mechanics, April 2008
* "Fairy Dust, Secrets, and the Real World", S.W. Smith, Security and Privacy
* "Princeton Professor Finds No Hardware Security In E-Voting Machine", Antone Gonsalves, InformationWeek, Feb. 2007
* "Cunning Circuits Confound Crooks", Brian Dipert, EDN, 2000
* "Secure Chips for Gadgets Set to Soar", John P. Mello Jr,, TechNewsWorld, 2007
* "Six Decades of Cryptography", Rodney Gedda, 2009 (Courtesy of Colby)
* "Old Trick Threatens the Newest Weapons", JOHN MARKOFF, New York Times, Science, Oct 27th, 2009
* Can DARPA Fix the Cybersecurity 'Problem From Hell?, Aug, 2011
* "Good Chip, Bad Chip, Evil Chip: Viterbi Experts Developing Tests to Tell Which is Which", July, 2011

Government Hardware Trojan Reports

* "Defense Science Board Task Force On HIGH PERFORMANCE MICROCHIP SUPPLY", Office of the Under Secretary of Defense, Feb. 2005
* "White Paper: National Security Aspects of the Global Migration of the U.S. Semiconductor Industry", Senator Joseph I. Lieberman, June 2003
* "TRUST, A Proposed Plan for Trusted Integrated Circuits", Dean. R. Collins, Deputy Director Microsystems Technology Office, DARPA

Supplimentary Reading

* Handbook of Applied Cryptography, A. J. Menezes, P. C. van Oorschot and S. A. Vanstone
* Physical Unclonable Functions, Constructions, Properties and Applications, R. Maes

Papers

* "Trojan Detection using IC Fingerprinting", Dakshi Agrawal, Selcuk Baktir, Deniz Karakoyunlu, Pankaj Rohatgi and Berk Sunar, Symposium on Security and Privacy, 2007
* "Physical One-Way Functions", Ravikanth Pappu, Ben Recht, Jason Taylor, Neil Gershenfeld, Science, Vol. 297. no. 5589, Sept. 2002, pp. 2026-2030.

Laboratory Support

* Download sts-2.1.1.zip from NIST site, untar, compile and run either one or more of the data sets in the NIST 'data' directory.
* Diehard test suite

FPGA Links:

* Digilent Cora Z7 Board Website
* NOTE: The Cora Z7-07S does NOT ship with a microSD, a microUSB or a short ethernet cable. You must also buy these at your favorite place on-line or Walmart/Target.
* Digilent Cora Z7 Resource Center
* Zynq SoC Overview
* Cora Z7-07S Master XDC file
* Readme and source files for Cora board
* Ivan Bow's tutorial on how to run linux on a Window's 10 machine

Laboratory Lectures:

* Vivado: Installation, Part A (video)
* Vivado: Installation, Part B (video)
* SDK Instruction, HELP Enrollment (video)

Laboratory and Homework Assignments

* Purchase the Cora-07S for $99 (see link above). Note you'll also need to buy a 16GB micro-SD (NOT larger than 32 GB), a micro-USB cable and a short network twisted pair cable. Instructions for setting up the two partitions on the microSD card are given in the readme file. (see Readme and source files link above). The boot images and root filesystem are also provided there for the Cora-07S board. Install Vivado so we can compile programs for the Zynq 7000 device on the Cora board -- see installation videos, note, expect differences in the appearence of the Xilinx website from that shown in the video). Starting with Vivado 2019.2, Xilinx has changed to Vitis, which is okay. If you prefer Vivado, than install a version between 2018.3 and 2019.1, any of these will work -- due at the end of the first week
* Reading assignment: Chapter 1 of HAC text (http://cacr.uwaterloo.ca/hac/) -- due at the end of the first week
* Network instructions (PDF)
* Lab Grading Criteria (applies to all labs except Lab0) (PDF)
* Lab0 (PDF)
* Lab1 files (DUE: March 9, 2020)
* Lab2 files (DUE: March 23, 2020)

Project

Jim Plusquellic / ECE /