Hardware Security and Side-Channels

COMP 790 – 184 – Spring 2024

Instructor: Andrew Kwong
Contact: andrew@cs.unc.edu
Class Meetings: Tuesday/Thursday 9:30-10:45AM, SN11
Office Hours Thursday 3:00-4:00PM, in FB340
Syllabus

The goal of this course is to prepare students for a world where hardware vulnerabilities can leak secrets to software-only attackers. Students will read cutting-edge research papers and complete lab assignments that will guide them towards conducting state-of-the-art side-channel attacks against real hardware. This course will practically demonstrate the pitfalls of widely adopted modern hardware design decisions, and will prepare students to design hardware and software resilient against such attacks.

Course Structure

Grades will be based upon the following:

Class Participation (10%)

Students are expected to contribute to class discussions following paper presentations. Students should be able to ask insightful questions and demonstrate that they have read and understand the assigned readings. They will also be expected to come prepared with a short review of the paper, pinpointing the paper’s strengths and weaknesses.

Paper Presentations (15%)

Students will give conference style talks on assigned papers. They will prepare slides and a 20 minute presentation on the papers.

Lab Assignments (75%)

Students will complete programming-oriented lab assignments that are designed to guide them towards carrying out real-world attacks on hardware. There will be three in total, focused on providing students with an opportunity to put theory into practice.

Acknowledgements

This course is based upon MIT's 6.5950 course. Much thanks to Mengjia Yan and her course staff for their hard work on starting this!

Schedule

Week 1

Thursday, January 18 — Lecture: Cache Side-Channels

Week 2

Tuesday, January 23 — Lecture: Cache Side-Channels cont.

Thursday, January 25 — Paper Discussion

Week 3

Tuesday, January 30 — Paper Discussion

Thursday, February 1 — Paper Discussion

Week 4

Tuesday, February 6 — Lecture: "Transient Execution Attacks

Thursday, February 8 — Paper Discussion

Week 5

Tuesday, February 13

Well-being day. No Class.

Thursday, February 15 — Paper Discussion

Week 6

Tuesday, February 20 — Lecture: Side-Channel Defenses

Thursday, February 22 — Paper Discussion

Week 7

Tuesday, February 27 — Paper Discussion

Thursday, February 29 — Paper Discussion

Week 8

Tuesday, March 5 — Lecture: Hardware Security Modules

Thursday, March 7 — Paper Discussion

Week 9

Tuesday, March 12

Spring Break. No Class.

Thursday, March 14

Spring Break. No Class.

Week 10

Tuesday, March 19 — Lecture: Rowhammer

Thursday, March 21 — Paper Discussion

Week 11

Tuesday, March 26 — Paper Discussion

Thursday, March 28

Well-being Day. No Class.

Week 12

Tuesday, April 2 — Lecture: Trusted Execution Environments

Thursday, April 4 — Paper Discussion

Week 13

Tuesday, April 9 — Paper Discussion

Thursday, April 11 — Lecture: Memory Safety

Week 14

Tuesday, April 16 — Paper Discussion

Thursday, April 18 — Lecture: Fuzzing

Week 15

Tuesday, April 23 — Paper Discussion

Thursday, April 25 — Paper Discussion

Week 16

Tuesday, April 30

— Guest Lecture