Hardware Security, Spring 2018

[ main | schedule & slides | cases | smartcard practicalities | project work | side-channel lab ]

Lectures are on Mondays, from 10:30-12:30, in HG00.622, HG00.108, or HG00.062.

Schedule and Steps

To get started:
  1. Form a group with (ideally) 4 students. Pick one of the 4 topics: e-Purse, Card Rental, Loyalty Card, or Petrol Rationing.
    Once you have formed a group, email Niels, telling him your group and topic. Niels will then give each group a smartcard reader and smartcard.
  2. Read up on the info on the JavaCard project webpage, esp. the design phase.

Course content (lectures slides and reading material)

day slides background reading
Feb 5
This course;
Embedded Security & Smartcards intro
Feb 12 No lecture: Carnaval
Feb 19 The JavaCard group project
ISO 7816 and smart card OSs
Read JavaCard Project Information sheet with tips and pitfalls, plus other info on project webpage.
Feb 26 Java Card More pointers and sample code on smartcard practicalities webpage
March 5 Side Channel Analysis (I) To read: DPA Tutorial
Mar 9 Deadline design document for project
March 12
Logical and Physical attacks Background reading: Physical Tamper Resistance, Chapter 16 of Security Engineering by Ross Anderson and Advances in Smartcard security by Marc Witteman
March 19 Side Channel Analysis (II)
March 26 Side Channel Analysis: Template Attack Tutorial
April 2 Easter Monday
April 9mid-term exam period in Nijmegen - no lecture
April 16 No lecture as this is exam week in Eindhoven
April 23 TBA
April 30 May holiday - no lecture
May 7 TBA
May 14 Side Channel Analysis: Faults attacks
May 21Pentecost - no lecture
May 28 A Smart Card Secure Channel Protocol [slides in BlackBoard] by Joan Daemen
June 4 NFC and RFID Movies on Mifare Classic and car immobilisers
June 11 no lecture
June 12: deadline JavaCard project: code & final design document
to be scheduled Individual sessions per group to demo your project and answer questions about the design
June 18 Trusted Execution Environments (TEEs)


Miscellaneous other stuff, incl. some slides on organisational issues that will appear in the video recordings of the lecture


Some chapters of Ross Anderson's excellent book on Security Engineering are relevant for this course. Two chapters are required reading, namely Some chapters which provide some more general background are chapters 10, 11, 12, and 20. Note that the whole book is interesting and entertaining to read, and extremely good value for money, so it's worthwhile to buy a copy.