[ main | schedule | cases | smartcard practicalities | project work | side-channel practicum ]
Hardware plays a role in securing some computer systems. Currently, this is
most obviously the case for smartcards, for which there is a relatively long
history of attacks and countermeasures. In the future secure hardware looks
set to play an increasingly important role in the - highly controversial -
Trusted Computing initiatives. This might present a solution to some security
woes, but only if other fundamental problems with operating systems can be
addressed.
The focus of this course is on smartcards as an example of secure hardware,
incl. a project to develop a working smartcard application,
and then as time permits looks on the other issues.
Magnetic stripe cards, smartcards, and RFID tags. Smartcard hardware and communication. Contact and contactless cards. Memory and microprocessor cards. Smartcard operating systems (basic file OS, MULTOS, modern JavaCard OS). Attacks (logical, physical, side channel, fault injection, ...) and countermeasures. Defensive programming.
As an exercise, you will have to build a working system using programmable smartcards we provide. This will involve thinking about security requirements and threats, overall design incl. key management and protocols, and getting all this to work on actual hardware.