Hardware Security Organisational stuff Digital Security Radboud - - PowerPoint PPT Presentation

hardware security
SMART_READER_LITE
LIVE PREVIEW

Hardware Security Organisational stuff Digital Security Radboud - - PowerPoint PPT Presentation

Jun 18, 2023 319 likes •425 views

Hardware Security Organisational stuff Digital Security Radboud University Nijmegen 1 Other faces youll see Lejla Batina lectures on side-channels Anna Guinet & Niels Samwel JavaCard project & side-channel lab 2 This course:

slide-1
SLIDE 1

1

Hardware Security

Organisational stuff

Digital Security Radboud University Nijmegen

slide-2
SLIDE 2

Other faces you’ll see

2

Lejla Batina lectures on side-channels Anna Guinet & Niels Samwel JavaCard project & side-channel lab

slide-3
SLIDE 3

This course: topics

  • Smartcards & RFID tags

– as prime example of ‘secure’ hardware today – the standard solution for authentication if username/password is not secure enough – smartcards have a long evolution in attacks and countermeasures

  • Attacks & countermeasures.
  • esp. side-channel attacks
  • Case studies: EMV, e-passport, TEEs, Mifare, ..

3

slide-4
SLIDE 4

Other kinds of secure hardware & attacks

Other forms of secure hardware

  • HSM (Hardware Security Modules)
  • TPM (Trusted Platform Modules)
  • TEE (Trusted Execution Enviroments)

Other attacks on embedded systems that we won’t look at:

  • JTAG – debugging interface for all sort of electronics
  • reading or modifying firmware
  • cold boot attacks to extract data from RAM
  • ...

4

slide-5
SLIDE 5

This course: form

  • 1. lectures & some reading material
  • 2. group JavaCard smartcard project

in groups of 4 students

  • 3. side-channel lab assignments

3 assignments, 2 in groups of 2 & 1 individually

  • 4. execursion to a hardware security evaluation

lab of Riscure Grade based on 2 & 3: 60% group project + 40% side channel lab

5

slide-6
SLIDE 6

JavaCard smartcard project

  • Building smartcard system
  • Goals

– experience the whole process from high-level design, given security requirements and assumptions, down to actual code on real hardware – appreciate complexity & interplay of

  • design considerations & constraints,
  • key management & distribution,
  • protocols,
  • silly hardware limitations, weird crypto padding,...
  • practicalities of getting all this working,...

6

slide-7
SLIDE 7

JavaCard smartcard project

Four choices 1) electronic purse 2) loyalty card 3) petrol rationing 4) car rental

  • Form

rm groups

  • ups of 4 persons

rsons asap ap

– also let us know any group problems asap!!

so we can distribute smartcards & readers

7

slide-8
SLIDE 8

Side-channel lab assignments

  • practical experience with very successful method of

attack on smartcards: Power Analysis

  • using Mathlab & Lejla’s toys in the lab

8

slide-9
SLIDE 9

9