Internship, PhD, job proposals…

Embedded applications with strong security requirements use sophisticated cryptographic algorithms and protocols. These algorithms and protocols are usually considered resistant against cryptanalysis (even if the algorithms sometimes rely on a kind of "very hard" problem which we don't know exactly how "hard" it is…) Inside the complete system they are implemented either in software or hardware form.

Unfortunately any computation is eventually performed by a piece of hardware (microprocessor or hardware dedicated accelerator) and every hardware device leaks symptoms of its activity (power consumption, electromagnetic emanations, computation time, sounds, temperature variations, etc.) Attackers can exploit such "side channels" to retrieve embedded secrets. They can also inject and exploit faults by modifying the power supply, the clock frequency, shooting lasers on devices or even by modifying them.

This course offers a survey of several well known hardware attacks. For each of them the conditions of success are explored and some counter measures are derived.

A two hours written exam, with all documents you want, accounts for 100% of the overall mark. Example past exams:

• 2024 (2 hours)
• 2023 (2 hours)

Please do not ask for the official answers of these past exams, there are no official answers.

Recommendations for the lab sessions

All labs are distributed and managed using git and GitLab.

• If you never used the EURECOM GitLab instance, first visit it and log in using your EURECOM credentials (LDAP). This will activate your GitLab account.
• Once you will have been enrolled as a developer of the hwsec GitLab project, visit the web page of the project and follow the instructions.

You read one of these documents? Or another that is not in the list and should? Please drop me a note and give me some feedback.

Books

Side-channel attacks

Fault attacks

Probing attacks