hardware and systems security labs
3ec4dd46 — jleightcap 3 years ago
e622f39c — jleightcap 3 years ago
misc typos, cite
ba4f4956 — jleightcap 3 years ago
lab descriptions


browse  log 



You can also use your local clone with git send-email.

#Hardware and System Security Labs

#01 - Basic Cryptography

Profiling AES and RSA encryption. Send encrypted messages across sockets.

See FIPS 197, Advanced Encryption Standard (AES).

#02 - Correlation Power Attack (CPA)

Use data from power traces recorded during encryption to recover key.

See Differential Power Analysis [1999] (Kocker, Jaffe, Jun)

#03 - Differential Fault Analysis (DFA)

Inject faults in repeated encryptions to recover key.

See Differential Fault Analysis of Secret Key Cryptosystems [1997] (Biham, Shamir)

#04 - Keyboard Acoustic Emanations

Use audio recordings of typing as training data to recover key from audio recording of it being typed.

See Keyboard Acoustic Emanations [2004] (Asonov, Agrawal)

#05 - Flush+Reload Attack Against AES

Use timing characteristics of RAM versus cache to recover key from running encryption process.

See Flush+Reload: a High Resolution, Low Noise, L3 Cache Side-Channel Attack [2014] (Yarom, Falkner)

#06 - Meltdown Attack and Out-Of-Order Execution

Use same timing characteristics as Flush+Reload to demonstrate read from protected kernel memory.

See Meltdown: Reading Kernel Memory from User Space [2018] (Lipp, Schwarz, Gruss, et al.)

#07 - Arbiter-Based Physical Unclonable Function (PUF) Design and Implementation

Use unpredictable hardware characteristics of an FPGA to derive random keys.

See Physical Unclonable Functions for Device Authentication and Secret Key Generation [2007] (Suh, Devadas)


This software is not to be reproduced (especially by students with similar assignments). Implementations are largely derived from their associated research papers and class starter code.