Catalog Description:Design and implementation of secure hardware at multiple levels of abstraction, covering cryptographic hardware primitives, cryptographic modules, and trusted platforms. Reverse engineering of cryptographic modules using passive attacks, active attacks, and cryptanalytic techniques. Countermeasures against reverse engineering. The course uses case studies and literature surveys to reflect on the stateoftheart in secure hardware implementation. Cryptography theory is covered on an asneeded basis.
Syllabus (Spring 2010)
This course is based in part on the following references.

Understanding Cryptography
[Online Version]
by C. Paar and J. Pelzl (Springer 2009) 
Cryptographic Algorithms on Reconfigurable Hardware
[Online Version]
by F. RodriguezHenriquez, N. A. Saqib, A. DiazPerez, and C. K. Koc (Springer 2007)  Cryptographic
Engineering
[Online Version]
by Cetin Kaya Koc, Ed. (Springer 2009)  Power Analysis Attacks:
Revealing the secrets of smartcards,
[Online Version]
by Stefan Mangard, Elisabeth Oswald, Thomas Popp (Springer 2007).  Secure Telecommunication Systems,
Course notes and slides by Kris Gaj, George Mason University  Cryptography and Computer Network Security,
Course notes and slides by Kris Gaj, George Mason University
Additional References:
 Synthesis
of Arithmetic Circuits: FPGAs, ASICs, and Embedded Systems
by JeanPierre Deschamps, Gery Bioul, Gustavo Sutter (Wiley 2006).  Synthesis
of Arithmetic Circuits: FPGAs, ASICs, and Embedded Systems
by JeanPierre Deschamps, Gery Bioul, Gustavo Sutter (Wiley 2006). 
Cryptography Engineering,
by Niels Ferguson, Bruce Schneier, and Tadayoshi Kohno (Wiley 2010).  Handbook of Applied Cryptography,
by A.J. Menezes, P.C. van Oorschot, S.A. Vanstone, CRC Press, 1996. 
Guide to Elliptic Curve Cryptogrpahy
by Darrel Hankerson, Scott Vanstone and Alfred Menezes (Springer 2004) 
A Classical Introduction to Cryptography
by S. Vaudenay (Springer 2006)  Elementary Number Theory, Cryptography and Codes
by M. W. Baldoni, C. Ciliberto and G. M. P. Cattaneo (Springer 2009)  Encyclopedia of Cryptography and Security
by H. van Tilborg, Ed. (Springer 2005)  Cryptography in C and C++
by M. Welschenbach (Springer 2005)
Lecture 1: Introduction
 What is Secure Hardware Design?
 The Clipper Chip
 Basic Crypto Ideas
Lecture 2: Random Number Generators (Principles of Design)
 Standard requirements for RNG
 Classification of RNG: Deterministic and Nondeterministic
 Design of Deterministic RNG
 Design of Nondeterministic RNG: Entropy, Compression Function, Sources of Entropy
Lecture 3: Random Number Generators (Testing and Examples)
 Tests on Random Number Generator
 Probability density function
 Hypothesis test = statistic + significance
 Example statistic: Freq test, Runs test
 Test Suites: DIEHARD, NIST
 Random Number generator Design
 DRNG: LCG, RSA
 TRNG: Epstein, Ring Oscillator, Vasyltsov
Lecture 4: Prime Field Arithmetic: Part 1: Introduction
 Modular Arithmetic
 Finite Fields
 Prime Fields
 Multiprecision Arithmetic: Multiplication and Squaring
 Reduction Techniques
Lecture 5: Prime Field Arithmetic Part 2: Montgomery Multiplication & Exponentiation
 Exponentiation
 Montgomery Multiplication
 Montgomery Exponentiation
 NIST Primes
Lecture 6: Binary Field Arithmetic Part 1: Introduction
 Polynomial Basis
 Primitve Polynomial
 Addition
 Reduction
 Multiplication
Lecture 7: Binary Field Arithmetic Part 2: Faster Multiplication
 Bitparallel Multiplication
 Karatstuba Offman Decomposition
 Montgomery Multiplication
 Other representations  Normal Basis
 Summary of Finite Field Arithmetic
Lecture 8: Elliptic Curve Cryptography: The Point Multiplication
 Elliptic Curves
 EC Group Structure
 Adding and Doubling of Points
 Point Coordinate Systems
 The Point Multiplication
Lecture 9: Elliptic Curve Cryptography: Efficient Implementation
 Making signatures with a point multiplication
 Highspeed Point Multiplication on FPGA
 Hardwaresupported ECC Cryptanalysis
Lecture 10: Hash Functions: Design
 Hash function concepts
 MerkleDamgard construction
 Blockcipher based hash
 Applications
 Implementation Example: MD5
Lecture 11: Hash Functions: Implementation
 Hasing History, SHA3
 Design Example: Whirlpool
 Hash Module Interfaces
Lecture 12: Block Ciphers: Overview
 Pipelining/Retiming: Recap
 Block Cipher Structure: SP Network, Feistel Network, Key Schedule
 Highthroughput Implementation
Lecture 13: Block Ciphers: AES
 AES History
 AES Round definition
 Standard Hardware Mapping
 SBox Optimization
 Compact Implementation
Lecture 14: Basics of Sidechannel Analysis
 Logical vs Physical Attacks
 Timing
 Power Dissipation: Sources and Models
 Taking and Using Measurements
Lecture 15: Advanced Sidechannel Analysis
 Simple Power Analysis
 Differential Power Analysis
 Example: DPA on AES Hardware
 Example: DPA on AES Software
 Multibit DPA (CPA)
 Power Models
Lecture 16: Fault Attacks
 Types of Faults
 Fault Models
 Fault Attacks on SymmetricKey Algorithms
 Implementation Atatcks  Summary
Lecture 17: Countermeasures against SCA: Hiding
 SPA, DPA
 Hiding: WDDL
 Implementation Issues: ASIC, FPGA
Lecture 18: Side Channel Countermeasures: Masking
 SCA Countermeasures: Hiding and Masking
 Masking Operation
 Masked Functions
 Secret Sharing
 Perfect masking
 Masked Logic Styles: RSL, MDPL
Lecture 19: aultAttacks and Sidechannel Analysis on ECC
 Plain Point Multiplication
 DoubleAddAlways Point Multiplication
 Doubling Attack
 Randomized DoubleAddAlways Point Multiplication
 CSafe Error Attack
 Montgomery Powering Ladder Point Multiplication
 Tradeoffs between Attacks and Countermeasures
Lecture 20: Secure Processors: Three Examples
 IBM 4758
 AEGIS
 ARM Trustzone