Teaching: Cryptographic Engineering

Course Introduction

Cryptography provides algorithms that are crucial for the security (e.g., confidentiality, integrity, and authenticity) of our modern communication. However, these algorithms themselves are only one pillar for security; it is also important to implement these algorithms efficiently and securely. This course explains how to achieve high performance even for small embedded devices when implementing cryptographic (i.e., mathematical) algorithms and how to protect an implementation against side-channel attacks that are not looking for weaknesses in the algorithm or the implementation but in the physical properties of the computing platform. The course is accompanied by hands-on tutorials on efficient implementation, side-channel analysis, and countermeasures.

The course has a focus on:

Expected Learning Outcome

The student will be able to:


Slides are based on content by Peter Schwabe, Norman Lahr, and Richard Petri.

Introduction to Cryptography


Introduction to cryptography with a discussion of important terminology and principles.

Further reading: Slides:
  1. Introduction I: Introduction, symmetric schemes. [slides]
  2. Introduction II: Asymmetric schemes, random numbers. [slides]

Implementation and Optimization


Implementation and optimization of cryptographic schemes for embedded devices.

Further reading: Slides:
  1. Optimization Basics: Architectures, vectorization, and bitslicing. [slides]
  2. Symmetric Cryptography: Implementing and optimizing AES. [slides]
  3. Timing Side Channels: Causes and exploitation of side channels. [slides]
  4. Multiprecision Arithemtic I: Addition and multiplication of large integers. [slides]
  5. Multiprecision Arithmetic II: Redundant representation, reduction, and inversion. [slides]
  6. Elliptic Curve Arithmetic: Background on ECC arithmetic. [slides]
  7. Optimizing ECC: Optimization of scalar multiplication. [slides]
  8. Excursus: Dual EC - A Standardized Back Door? [slides]

Side-Channel Analysis


Performing and preventing side-channel based implementation attacks.

Further reading: Slides:
  1. Introduction to SCA: Background and basics of side-channel analysis and fault attacks.[slides]
  2. Power Analysis: Simple, differential, and correlation power analysis. [slides]
  3. SCA Countermeasures: Countermeasures against power attacks. [slides]
  4. Fault Attacks: Introduction to fault attacks and examples of fault attacks on AES, RSA, and DSA. [slides]

More Cryptography


Further topics in applied cryptography, cryptographic engineering, and cryptography in general.

Further reading: Slides:
  1. Excursus: Introduction to Post-Quantum Cryptography. [slides]