Department of Computer Science and Technology

Course pages 2019–20

Hardware Security

Principal lecturers: Dr Markus Kuhn, Dr Sergei Skorobogatov, Dr Franck Courbon
Additional lecturer: Shih-Chun You
Taken by: MPhil ACS, Part III
Code: P232
Hours: 16 (3 lectures, 3 seminar sessions, 3 practical sessions)
Class limit: 8 students
Prerequisites: Digital Electronics, Programming in C


This course provides a practical introduction to aspects of hardware security, in particular the reverse engineering of embedded microcontroller devices that implement a cryptographic application.

The particular target on which the practical exercises center this year will (likely) be the evaluation kit of an authentication chip embedded in consumer electronics accessories, such as ink-jet printer tanks, which implements a challenge-response protocol based on elliptic-curve public-key cryptography.


  1. Lecture 1: Introduction to Elliptic Curve Cryptography (Kuhn, ~2h)
    Exercise 1: ECSM implementation (Kuhn+You, homework)
  2. Exercise 2: PCB analysis (Skorobogatov, 2h)
  3. Lecture 2 + Reading class 1: side-channel analysis (Kuhn+You, ~2h)
    Exercise 3: side-channel attack (You, homework)
  4. Exercise 4: firmware readout and protocol logging (Skorobogatov, 2h)
  5. Exercise 5: decompilation (Kuhn, ~2h+homework)
  6. Lecture 3: VLSI basics (Skorobogatov+Courbon, ~1.5h)
    Exercise 6: Mask ROM read-out (Skorobogatov+Courbon, ~0.5h+homework)
  7. Reading class 2: VLSI reverse engineering (Courbon, 2h)
  8. Reading class 3: fault injection, trojans (Skorobogatov+Courbon, 2h)

In addition to these eight weekly 2-hour meetings, there will also be an optional weekly 1-hour exercise help session.

Each exercise is due after two weeks.


On completion of this module, students should:

  • have gained hands-on experience in some of the tools and methods involved in reverse-engineering a digital product,
  • better understand the problem of hardening a product design against reverse engineering and tampering,
  • be familiar with a range of hardware-level attack techniques and countermeasures.


The course includes three reading sessions in which several papers are discussed. Each student is expected to give a 20–30 minute presentation covering 2–3 papers in one of these reading sessions. Each student is also expected to submit in advance a 5-page essay summarizing 2–3 papers for one other of these reading sessions.

Practical work

Exercise 1: implementation of an elliptic-curve scalar multiplication (ECSM) operation in a high-level language (e.g., Python, Julia, MATLAB, Perl)

Exercise 2: preparation of a circuit diagram from high-resolution photographs and X-ray images of a target printed circuit board

Exercise 3: implementation of a timing or power-analysis side-channel attack against a security function implemented on a microprocessor test board, using oscilloscope traces provided (e.g., password check, elliptic-curve scalar multiplication).

Exercise 4: extraction of the firmware and recording of a protocol exchange from a microcontroller PCB (same target as in Exercise 2).

Exercise 5: partial decompilation (using Ghidra) of the firmware extracted in Exercise 4, along the execution path taken by the protocol exchange observed in Exercise 4.

Exercise 6: extraction of bootloader firmware from high-resolution photographs of a mask ROM, using image-processing steps to be implemented in a high-level programming language (e.g., Python, Julia, MATLAB)


60% exercises: each exercise handed in will be marked and the scores of the four exercises with the highest mark will each contribute 15% to the overall mark of the course.

20% reading-class presentation.

20% reading-class essay.