TTM4205

This will be the official course website for TTM4205 Secure Cryptographic Implementations during Fall of 2024.

This course was taught for the first time during the fall semester of 2023. The course material and assignments from fall 2023 can be found here. Furthermore, the grade distribution in this course can be found at karakterer.net/course/TTM4205, and I encourage you to check out the student evaluations from 2023.

Course Description

The course covers how to implement, analyse, attack, protect and securely compose cryptographic algorithms in practice.
It goes in depth on how to implement computer arithmetic, attacking implementations using side-channel attacks and fault
injection, exploit padding oracles and low-entropy randomness, utilise techniques to defend against these attacks, and how
to securely design misuse-resistant APIs.

See the full course description at ntnu.edu/studies/courses/TTM4205.

Course Staff

Lecturer:   Tjerand Silde
Contact:    tjerand.silde@ntnu.no
Office:      Electro B225
Webpage:   tjerandsilde.no

Lab/Teaching Assistant: Caroline Sandsbråten
Contact:    caroline.sandsbraten@ntnu.no
Office:      Electro B211
Webpage:   carosa.no

Reference Group

The reference group consist of the following members:

Reference group meetings:

Ed Forum

We use Ed as a forum in this course, and enrolled students can access the forum at edstem.org/eu/courses/1290.
Note that the first time you log in to Ed you must do so using the link in the sidebar on Blackboard.

Course Materials

The course materials are the lecture slides, references therein, and the assignments.
We do not require that you buy any books, but recommend the following literature:

  1. Serious Cryptography by Jean-Philippe Aumasson at akademika.no
  2. Real-World Cryptography by David Wong at akademika.no
  3. The Hardware Hacking Handbook by Jasper van Woudenberg and Colin O’Flynn at akademika.no

Additional great resources in applied cryptography are:

Portfolio Assignment

The evaluation in this course will consist of three assignments of 100 points total.

All assignments must be submittet via Ovsys2 at: ovsys.iik.ntnu.no.

Weekly Problems (40 points)

This assignment will contain the following kinds of problems:

The assignement is available here: TTM4205 Weekly Problems (published 19/8)

The submission deadline is December 6th at 23:59.

ChipWhisperer Lab (20 points)

This assignment will contain side-channel attack (SCA) lab work using the ChipWhisperer Husky
or ChipWhisperer Level 1 equipment, which we will provide to all students who signed up for the
course. You have access to the CRYPTO-LAB in Electro A176 to work on the assignment.

The assignement is available here: TTM4205 ChipWhisperer Lab (updated 16/10)

The submission deadline is December 6th at 23:59.

Technical Essay (40 points)

This assignment is to write a technical essay about a topic not covered by the
lectures or to cover a topic from the lectures in more depth. It is mandatory for
each group to present their work, but it does not count towards the final grades.

Most important guidelines:

The assignement is available here: TTM4205 Technical Essay (published 19/8)

Deadlines:

Grading

You must pass all assignments to pass the course; at least 40% on each.

We will use the official NTNU grading scale to assign combined grades.

Lecture Plan

We have the following sessions in lecture hall B2 this semester:

Guest Lectures in November:

  1. Tuesday 12/11: Håkon Jacobsen (Thales Norway) on “FPGAs and Cryptography”
  2. Friday 15/11: Hans Heum (NTNU) on “Quantum Computers and Cryptography”

(the schedule might be subject to small changes)

Week Date Format Responsible Topic Resources
34 20/8 Lecture Tjerand Course Introduction Slides
34 23/8 Lecture Tjerand Randomness 1: Entropy Slides
34 23/8 Exercises Caroline Exercise Class  
35 27/8 Lecture Tjerand Randomness 2: Randomization Slides
35 30/8 Lecture Caroline Randomness 3: Breaking ECDSA Slides
35 30/8 Exercises Caroline Exercise Class  
36 3/9 No Class      
36 6/9 No Class      
36 6/9 No Class      
37 10/9 Lecture Tjerand Legacy Crypto 1: Crypto Wars Slides
37 13/9 Lecture Tjerand Legacy Crypto 2: Attacks on TLS Slides
37 13/9 Exercises Caroline Exercise Class  
38 17/9 Lab Caroline SCA Lab 1 (Setup Tutorial) Slides, Install
38 20/9 Lecture Tjerand Side-Channel Attacks (SCA): Intro Slides
38 20/9 Lab Caroline SCA Lab 2  
39 24/9 Lab Caroline SCA Lab 3  
39 27/9 Lecture Tjerand SCA on Symmetric Key Crypto Slides
39 27/9 Lab Caroline SCA Lab 4  
40 1/10 Lab Caroline SCA Lab 5  
40 4/10 Lecture Caroline SCA on Public Key Crypto Slides
40 4/10 Lab Caroline SCA Lab 6  
41 8/10 Lab Caroline SCA Lab 7  
41 11/10 Lab Caroline SCA Lab 8  
41 11/10 Lecture Tjerand SCA on Post-Quantum Crypto Slides
42 15/10 Lecture Tjerand Padding Oracles 1: CBC and SHA Slides
42 18/10 Lecture Tjerand Padding Oracles 2: RSA Encryption Slides
42 18/10 Exercises Caroline Exercise Class  
43 22/10 Lecture Tjerand Crypto API Failures Slides
43 25/10 No Class      
43 25/10 No Class      
44 29/10 Lecture Tjerand Commitments and Zero-Knowledge Slides
44 1/11 Lecture Tjerand Protocol Composition 1: RSA Slides
44 1/11 Exercises Tjerand Exercise Class  
45 5/11 Lecture Tjerand Protocol Composition 2: DLOG Slides
45 8/11 Lecture Tjerand Course Summary Slides
45 8/11 Exercises Caroline Exercise Class  
46 12/11 Guest Lecture Tjerand Guest Lecture 1: Håkon Jacobsen Slides
46 15/11 Guest Lecture Tjerand Guest Lecture 2: Hans Heum Slides
46 15/11 Exercises Caroline Exercise Class  
47 19/11 Presentations Tjerand Project Presentations  
47 22/11 Presentations Tjerand Project Presentations  
47 22/11 Exercises Caroline Exercise Class