This course provides to the attendees with a advanced knowledge of the threats to the security of computing systems, with a focus on the technologies which employ cryptographic means to provide security services. The course is split in 6 modules as follows:
Module 1 (4 hours) -- Cryptography fundamentals: Symmetric and asymmetric crypto-systems, secure transport protocols (TLS/SSH) and data-at-rest encryption techniques (IEEE-P1619).
Module 2 (4 hours) -- Passive Side channel attacks: Definition of a passive side channel attack, taxonomy of viable side channels (e.g., execution time, power consumption), statistical methods to extract information from timing and power consumption side channels. Data driven models (templates) for side channels.
Module 3 (4 hours) -- Fault attacks: definition of differential and safe-error fault attacks: Taxonomy of fault injection techniques. Analysis of fault attacks against standardized symmetric crypto-systems (AES) and asymmetric crypto-systems (RSA-CRT). Impact of software-induced fault attacks (CLKSCRW, Rowhammer) on the security of cryptographic primitives.
Module 4 (4 hours) -- Techniques to prevent side channel and fault attacks: Timing and micro-architectural attacks mitigations through constant-time execution. Passive side channel attack countermeasures for software implementations (hiding, masking, code morphing). Hardening against fault attacks: redundant implementations and error correction codes.
Module 5 (4 hours) -- Technologies and cryptographic primitives for private and trustworthy computation: An introduction to homomorphic encryption primitives. Architectural solutions for trusted computing: Intel SGX and ARM TrustZone.
Module 6 (5 hours) -- Long term security: quantum computing resistant (Post-Quantum) cryptographic primitives: Hard problems, primitives, status of the ongoing US NIST standardization contest, with a focus on code based crypto-systems.
Prerequisite: A bachelor's degree or equivalent in computer engineering, computer science, telecommunications, electronics, or mathematics.
Having attended undergraduate courses dealing with one or more of the following subjects is beneficial but not required:computer architecture, digital electronics, introduction to cryptography, number theory, algebra.
Lecturers: Gerardo PELOSI, Alessandro BARENGHI
Knowledge and understanding: The students will learn the fundamentals of applied cryptography, in particular concerning the threats and secure design techniques affecting real-world implementation of secure systems.
In particular, after providing a summary of the required background, the course provides notions and competence on passive and active side channel attacks, their countermeasures, and the design of architectural solutions for security features such as Intel's SGX and ARM's Trustzone approaches.
Finally the course provides an outlook into the most modern cryptographic techniques, among which the cryptoschemes allowing computation on encrypted data (homomorphic encryption), and schemes able to withstand attacks lead with quantum computers.
Applying Knowledge and understanding: Given a hardware or software system (or a composition thereof) requiring one or more security services to deal with data in trasfer or at rest, the student will be able to identify the composition of cryptographic primitives that best match the requirements motivating their choices. In addition, the acquired notions and knowledges will enable them to read and understand the description of more recent developments concerning secure protocols and applications.
Making judgements: Given a cryptographic application, students will be able to analyze and understand its security requirements and will be able to recommend the best configuration parameters and to suggest modifications to the system, keeping into account also implementation issues.
Communication: Students will learn how to clearly and concisely express in writing their technical assessments concerning theoretical and practical security solutions, and to critically assess innovative solutions in the domain of applied cryptography.
Lifelong learning skills: Students will learn how to properly choose and configure a cryptographic system, as well as assessing whether the cryptographic building blocks are properly used in complex systems and protocols.