Prospectus

nl en

Cryptographic Engineering

Course
2024-2025

Admission requirements

Assumed prior knowledge

This course aims at students who want to gain a deep understanding of the engineering aspects of cryptography, namely on the design of cryptographic hardware and software, and on implementation attacks and countermeasures. We expect that students already have some background knowledge in security (e.g. have taken the Security course at the Bachelor level) and digital design (e.g. have taken the Fundamentals of Digital Systems Design course at the Bachelor level). We expect that students also have experience and skills in scientific writing, presenting, and collaborative research project management.

Description

One part of this course will concentrate on the implementation aspects of cryptographic algorithms and protocols. Design constraints on resource utilization, energy consumption and performance will be taken into account in the design of cryptographic hardware and software.

Another part of the course explains how attacks can be mounted that specifically target weaknesses in the implementation of the cryptographic algorithms. Countermeasures against these implementation attacks and their effect on the resource utilization, the energy consumption and the performance will also be covered in the course.

Course objectives

After this course, you will have knowledge about the design of cryptographic hardware and software, and you will be able to make basic implementations yourself, taking into account the different constraints on hardware and (embedded) software. You will learn about implementation attacks and countermeasures, and you will have hands-on experience with mounting an attack and implementing countermeasures.

After this course, you will be able to:

  • Explain a chosen concept related to the course topics (cryptographic hardware and software, implementation attacks and countermeasures)

  • Summarize the latest research results on a chosen concept related to the course topics based on at least two representative articles

  • Compare the representative articles based on self-chosen relevant metrics

  • Validate the Chipwhisperer side-channel and fault analysis board and the existing labs/tutorials

  • Create a new experiment with the Chipwhisperer board that is not identical to the experiments reported in the existing labs/tutorials (e.g. different cryptographic algorithm, different implementation of the cryptographic algorithm, different analysis method)

  • Perform a presentation of the results of the assignments with a good structure, grammar and spelling, with attractive slides, within the allotted time

  • Write a report on the results of the assignments with a good structure, grammar and spelling.

Timetable

The most recent timetable can be found at the Computer Science (MSc) student website.

In MyTimetable, you can find all course and programme schedules, allowing you to create your personal timetable. Activities for which you have enrolled via MyStudyMap will automatically appear in your timetable.

Additionally, you can easily link MyTimetable to a calendar app on your phone, and schedule changes will be automatically updated in your calendar. You can also choose to receive email notifications about schedule changes. You can enable notifications in Settings after logging in.

Questions? Watch the video, read the instructions, or contact the ISSC helpdesk.

Note: Joint Degree students from Leiden/Delft need to combine information from both the Leiden and Delft MyTimetables to see a complete schedule. This video explains how to do it.

Mode of instruction

Lectures, peer presentation classes, workshops, self-study and group work

Course load

Total hours of study: 168 hrs. (= 6 EC). Of those (ca.):

  • 12 hrs of lectures

  • 8 hrs of peer presentations

  • 42 hrs of research literature analysis

  • 106 hrs of project work

Assessment method

The assessment is based on two assignments.
Final grade = 30% grade Assignment 1 + 70% grade Assignment 2

Assignment 1

Task: Make a critical analysis and comparison of at least 2 research papers on a selected topic. Write a report (50% of the grade for Assignment 1) and give a presentation (50% of the grade for Assignment 1) on your findings. Work in a group of 2-3 students. The papers/topics are proposed by the lecturers and shared in Brightspace.

Guidelines for the report: The report you write should be around 4 pages. It should start with an introduction to the topic and it should end with a conclusion. It is not enough to summarize what is written in the papers that you analyze. You should compare those papers based on relevant metrics that you derive from the papers, and you should give a critical reflection on the content of the papers.

The assessment will be based on the quality of:

  • Introduction and conclusion

  • Exposition of the research papers analysed

  • Exposition and justification of the considered metrics

  • Structure, grammar & spelling

  • Answers to questions (assessed in presentation only)

  • Use of allotted time (assessed in presentation only)

  • Attractiveness of the slides (assessed in presentation only)

This assignment is not re-takeable; grade in case of non-completed assignment: 0.

Assignment 2

Task: Execute a side-channel or fault analysis attack on a program that is running on a Chipwhisperer board. Write a report and give a presentation on your findings. Work in a group of 2-3 students. Projects are defined by students jointly with lecturers.

Additional guidelines:
An experiment consists of

  • a certain algorithm under attack,

  • a specific implementation of that algorithm,

  • and an analysis of the measured power traces or timing (in case of a side-channel attack) or an analysis of the faulty output values (in case of a fault injection attack).

We expect you to either

  • improve one of the implementations covered in the available Chipwhisperer tutorials/labs and/or

  • evaluate implementations that were not covered in the practical sessions (no need to implement from scratch, a lot of implementations are published online) and/or

  • apply an analysis approach not covered in the practical sessions to implementations covered in the practical sessions.

There is no upper or lower bound for the number of pages in the report, but we suggest to have around 4 pages.

The assessment will be based on:

  • 50% project work

    • difficulty of the project
    • practical approach
    • achieved results

  • 30% presentation

    • introduction and motivation of the topic
    • structure of the presentation
    • practical demonstration

  • 20% report

    • description of the project work and results
    • critical analysis of the results
    • writing quality

There will be one resit opportunity for this assignment. Grade in case of non-completed assignment: 0.

For both assignments, all group members should actively participate in all project work components, including participating in presentations and writing reports.

We expect academic integrity from all students and all deliverables in the course, including, but not limited to, submitting own work only (and not produced by Generative AI techniques or copied from other people’s work), acknowledging sources of all quotes and figures, etc.

Reading list

There is no textbook. Recommended readings (research papers, etc.) will be announced on Brightspace.

Registration

As a student, you are responsible for enrolling on time through MyStudyMap.

In this short video, you can see step-by-step how to enrol for courses in MyStudyMap.
Extensive information about the operation of MyStudyMap can be found here.

There are two enrolment periods per year:

  • Enrolment for the fall opens in July

  • Enrolment for the spring opens in December

See this page for more information about deadlines and enrolling for courses and exams.

Note:

  • It is mandatory to enrol for all activities of a course that you are going to follow.

  • Your enrolment is only complete when you submit your course planning in the ‘Ready for enrolment’ tab by clicking ‘Send’.

  • Not being enrolled for an exam/resit means that you are not allowed to participate in the exam/resit.

Contact

  • Contact the lecturer via email.

Remarks

Software
Starting from the 2024/2025 academic year, the Faculty of Science will use the software distribution platform Academic Software. Through this platform, you can access the software needed for specific courses in your studies. For some software, your laptop must meet certain system requirements, which will be specified with the software. It is important to install the software before the start of the course. More information about the laptop requirements can be found on the student website.