hardware security
play

Hardware Security Organisational stuff Digital Security Radboud - PowerPoint PPT Presentation

Jun 18, 2023 •319 likes •424 views

Hardware Security Organisational stuff Digital Security Radboud University Nijmegen 1 Other faces youll see Lejla Batina lectures on side-channels Anna Guinet & Niels Samwel JavaCard project & side-channel lab 2 This course:

  1. Hardware Security Organisational stuff Digital Security Radboud University Nijmegen 1

  2. Other faces you’ll see Lejla Batina lectures on side-channels Anna Guinet & Niels Samwel JavaCard project & side-channel lab 2

  3. This course: topics • Smartcards & RFID tags – as prime example of ‘secure’ hardware today – the standard solution for authentication if username/password is not secure enough – smartcards have a long evolution in attacks and countermeasures • Attacks & countermeasures. esp. side-channel attacks • Case studies: EMV, e-passport, TEEs, Mifare, .. 3

  4. Other kinds of secure hardware & attacks Other forms of secure hardware HSM (Hardware Security Modules) • TPM (Trusted Platform Modules) • TEE (Trusted Execution Enviroments) • Other attacks on embedded systems that we won’t look at: JTAG – debugging interface for all sort of electronics • reading or modifying firmware • cold boot attacks to extract data from RAM • ... • 4

  5. This course: form 1. lectures & some reading material 2. group JavaCard smartcard project in groups of 4 students 3. side-channel lab assignments 3 assignments, 2 in groups of 2 & 1 individually 4. execursion to a hardware security evaluation lab of Riscure Grade based on 2 & 3: 60% group project + 40% side channel lab 5

  6. JavaCard smartcard project • Building smartcard system • Goals – experience the whole process from high-level design, given security requirements and assumptions, down to actual code on real hardware – appreciate complexity & interplay of • design considerations & constraints, • key management & distribution, • protocols, • silly hardware limitations, weird crypto padding,... • practicalities of getting all this working,... 6

  7. JavaCard smartcard project Four choices 1) electronic purse 2) loyalty card 3) petrol rationing 4) car rental • Form rm groups oups of 4 persons rsons asap ap – also let us know any group problems asap!! so we can distribute smartcards & readers 7

  8. Side-channel lab assignments • practical experience with very successful method of attack on smartcards: Power Analysis • using Mathlab & Lejla’s toys in the lab 8

  9. 9

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Sec Secure ure Hardware Hardware and Hardware and Hardware- En Enabled abled Security

Sec Secure ure Hardware Hardware and Hardware and Hardware- En Enabled abled Security

SP SPACE ACE 201 2016 Sec Secure ure Hardware Hardware and Hardware and Hardware- En Enabled abled Security Security: : New Front New Frontiers iers Swarup Bhunia Professor Electrical & Computer Engineering SPACE | Dec 2016 1

607 views • 29 slides
Endorse Brand - free Hardware Security Web + Hardware Security is much, much more than just:

Endorse Brand - free Hardware Security Web + Hardware Security is much, much more than just:

Why W3C needs to Remain Neutral and Endorse Brand - free Hardware Security Web + Hardware Security is much, much more than just: Image source: halfelf.org It is about decentralizing ID validation and key storage (my religion)

522 views • 16 slides
HARDSPLOIT Framework for Hardware Security Audit a bridge between hardware & a so0ware

HARDSPLOIT Framework for Hardware Security Audit a bridge between hardware & a so0ware

HARDSPLOIT Framework for Hardware Security Audit a bridge between hardware & a so0ware pentester Who am I ? Julien Moinard - Electronic engineer @opale-security (French company) - Security consultant, Hardware & SoDware pentester -

803 views • 40 slides
CrypTech October 2018 Barcelona Hardware Security Module From Wikipedia: A hardware security

CrypTech October 2018 Barcelona Hardware Security Module From Wikipedia: A hardware security

CrypTech October 2018 Barcelona Hardware Security Module From Wikipedia: A hardware security module (HSM) is a physical computing device that safeguards and manages digital keys for strong authentication and provides crypto processing. These

977 views • 34 slides
Cryptech The Open Hardware Security Module Platform Joachim Strmbergson ::1 Assured AB

Cryptech The Open Hardware Security Module Platform Joachim Strmbergson ::1 Assured AB

Cryptech The Open Hardware Security Module Platform Joachim Strmbergson ::1 Assured AB https://github.com/secworks IT security Embedded systems ASIC, FPGA Biometrics Open Crypto Hardware CPU design Assembly hacking Hardware Security

896 views • 50 slides
Hardware Security Group at Lab-STICC 8 faculties and 12 PhD students / postdocs / ATER /

Hardware Security Group at Lab-STICC 8 faculties and 12 PhD students / postdocs / ATER /

Hardware Security Group at Lab-STICC 8 faculties and 12 PhD students / postdocs / ATER / engineers Hardware security for embedded systems: memory and communication protection Arithmetic Tradeoffs on Performance/Cost/Security secure

310 views • 14 slides
for hardware or embedded security Erik Poll Digital Security Radboud University Nijmegen 1

for hardware or embedded security Erik Poll Digital Security Radboud University Nijmegen 1

Attacker Models for hardware or embedded security Erik Poll Digital Security Radboud University Nijmegen 1 Security-sensitive hardware: examples 2 Naive attacker model Attacks on communication channels exploiting lousy crypto or insecure

904 views • 45 slides
Advanced Systems Security: Hardware Security Trent Jaeger Systems and Internet

Advanced Systems Security: Hardware Security Trent Jaeger Systems and Internet

Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA Advanced Systems Security: Hardware Security Trent Jaeger

703 views • 46 slides
Security & Pie Android 9.0 & APK Security Plan of Attack Start at the hardware

Security & Pie Android 9.0 & APK Security Plan of Attack Start at the hardware

Security & Pie Android 9.0 & APK Security Plan of Attack Start at the hardware Work up to Android OS Climb into the Play Store Discuss Application (APK) Connor Tumbleson Senior Software Engineer @Sourcetoad

672 views • 56 slides
& Trusted Computing Erik Poll Digital Security Radboud University Nijmegen Classic

& Trusted Computing Erik Poll Digital Security Radboud University Nijmegen Classic

Hardware Security Trusted Execution Environments (TEEs) & Trusted Computing Erik Poll Digital Security Radboud University Nijmegen Classic hardware-backed security solutions smartcard for users HSM (Hardware Security Module) in

774 views • 63 slides
Who we are Eshard - Embedded Security Company Software & Hardware Security What do we

Who we are Eshard - Embedded Security Company Software & Hardware Security What do we

Who we are Eshard - Embedded Security Company Software & Hardware Security What do we do: @eshardNews Tools: Side Channel / Code Analysis Consultancy https://www.eshard.com Audit contact@eshard.com Training

752 views • 54 slides
FROM HARDWARE TO 0-DAY Or how to buy a security camera and never use it for its intended purpose

FROM HARDWARE TO 0-DAY Or how to buy a security camera and never use it for its intended purpose

FROM HARDWARE TO 0-DAY Or how to buy a security camera and never use it for its intended purpose PIETRO OLIVA WHOAMI Name: Pietro Oliva Twitter: @0xsysenter Current role: Security researcher (R3) Previous roles: Security

795 views • 30 slides
Security in modern CPU Guillaume Bouffard ( guillaume.bouffard@ssi.gouv.fr ) Hardware Security

Security in modern CPU Guillaume Bouffard ( guillaume.bouffard@ssi.gouv.fr ) Hardware Security

Security in modern CPU Guillaume Bouffard ( guillaume.bouffard@ssi.gouv.fr ) Hardware Security Labs National Cybersecurity Agency of France (ANSSI) DIENS, ENS, CNRS, PSL University Workshop SILM 21 November 2019 Who am I? Me Expert in

1.18k views • 80 slides
HOST Introduction ECE 525 Hardware-Oriented Security and Trust (HOST) Instructor: Prof. Jim

HOST Introduction ECE 525 Hardware-Oriented Security and Trust (HOST) Instructor: Prof. Jim

HOST Introduction ECE 525 Hardware-Oriented Security and Trust (HOST) Instructor: Prof. Jim Plusquellic Text: The Hardware Trojan War: Attacks, Myths, and Defenses, Chapter 10, J. Plusquellic and F. Saqib, "Detecting Hardware

293 views • 6 slides
Systems Security: Hardware, embedded system and IoT security Stjepan Picek s.picek@tudelft.nl

Systems Security: Hardware, embedded system and IoT security Stjepan Picek s.picek@tudelft.nl

Systems Security: Hardware, embedded system and IoT security Stjepan Picek s.picek@tudelft.nl Delft University of Technology, The Netherlands April 23, 2018 Outline 1 General Information 2 Lightweight Cryptography 3 Random Number Generators 4

1.35k views • 64 slides
Computer Security 3e Dieter Gollmann Security.di.unimi.it/sicurezza1516/ Chapter 10: 1 Chapter

Computer Security 3e Dieter Gollmann Security.di.unimi.it/sicurezza1516/ Chapter 10: 1 Chapter

Computer Security 3e Dieter Gollmann Security.di.unimi.it/sicurezza1516/ Chapter 10: 1 Chapter 10: Software Security Chapter 10: 2 Defences Chapter 10: 3 Prevention Hardware Hardware features can stop buffer overflow attacks from

470 views • 23 slides
JavaCard group project Erik Poll Digital Security Radboud University Nijmegen 1 Smartcard

JavaCard group project Erik Poll Digital Security Radboud University Nijmegen 1 Smartcard

JavaCard group project Erik Poll Digital Security Radboud University Nijmegen 1 Smartcard group project You have been contracted to build a system electronic purse loyalty card petrol rationing car rental Only design

461 views • 30 slides
Security-by-Contract for Applications Evolution in Multi-Application Smart Cards Nicola

Security-by-Contract for Applications Evolution in Multi-Application Smart Cards Nicola

DTU Informatics Department of Informatics and Mathematical Modelling Security-by-Contract for Applications Evolution in Multi-Application Smart Cards Nicola Dragoni ndra@imm.dtu.dk http://www2.imm.dtu.dk/~ndra Embedded Systems Engineering

475 views • 35 slides
Verification of Security Protocols Part I eronique Cortier 1 V September, 2010 Fosad 2010 1

Verification of Security Protocols Part I eronique Cortier 1 V September, 2010 Fosad 2010 1

Introduction on security protocols Formal models Unbounded number of sessions Verification of Security Protocols Part I eronique Cortier 1 V September, 2010 Fosad 2010 1 LORIA, CNRS 1/65 V eronique Cortier Verification of Security

1.29k views • 111 slides
Memory Usage Estimation for Java Smart Cards G ERARDO S CHNEIDER IRISA/INRIA - R ENNES , F RANCE

Memory Usage Estimation for Java Smart Cards G ERARDO S CHNEIDER IRISA/INRIA - R ENNES , F RANCE

Memory Usage Estimation for Java Smart Cards G ERARDO S CHNEIDER IRISA/INRIA - R ENNES , F RANCE CASTLES: Conception dAnalyses Statiques et de Tests pour le Logiciel Embarqu e S ecuris e NWPT04 - Uppsala, 06 October 2004 Memory

828 views • 43 slides
C.b) RSA with Applications W. Schindler: Cryptography, B-IT, winter 2006 / 2007 2 C.31 RSA The

C.b) RSA with Applications W. Schindler: Cryptography, B-IT, winter 2006 / 2007 2 C.31 RSA The

1 C.b) RSA with Applications W. Schindler: Cryptography, B-IT, winter 2006 / 2007 2 C.31 RSA The RSA algorithm was introduced by Rivest, Shamir and Adleman in 1977. p,q large primes (to be kept secret) n := pq modulus (publicly

858 views • 69 slides
Derivations vs Parses Grammar is used to derive string or construct parser A derivation is a

Derivations vs Parses Grammar is used to derive string or construct parser A derivation is a

9/18/2012 Derivations vs Parses Grammar is used to derive string or construct parser A derivation is a sequence of applications of rules Starting from the start symbol S ... ... ... (sentence) Context Free Gram m ars

401 views • 5 slides
MasterCard and Cryptographic Research: an International Retail Financial Services Industry

MasterCard and Cryptographic Research: an International Retail Financial Services Industry

MasterCard and Cryptographic Research: an International Retail Financial Services Industry perspective Michael Ward VP, Emerging Technologies Product Security MasterCard International STORK Cryptography Workshop, Bruges, 27 November 2002

131 views • 9 slides
Adoption Assistance Advocacy Josh Kroll, Project Coordinator Adoption Subsidy Resource Center

Adoption Assistance Advocacy Josh Kroll, Project Coordinator Adoption Subsidy Resource Center

Adoption Assistance Advocacy Josh Kroll, Project Coordinator Adoption Subsidy Resource Center North American Council on Adoptable Children About This Webinar You will be able to see the webinar slides on your computer. To hear the

615 views • 38 slides

More recommend