skip to content

Department of Computer Science and Technology

MPhil ACS, Part III
Lent term
Course code: 
Digital Electronics, Programming in C
Class limit: 


This course provides a practical introduction to aspects of hardware security, in particular the reverse engineering of embedded microcontroller devices that implement a cryptographic application.

The particular target on which the practical exercises center this year will (likely) be the evaluation kit of an authentication chip embedded in consumer electronics accessories, such as ink-jet printer tanks or batteries, which implements a challenge-response protocol based on elliptic-curve public-key cryptography.


  1. Lecture 1: Introduction to Hardware Security (Skorobogatov)
    Exercise 1: ARM Cortex programming, debugging, decompiling, logic analysis (Kuhn)
  2. Lecture 2 + Exercise 2: PCB reverse engineering (Skorobogatov)
  3. Lecture 3: Public-key cryptography (Kuhn)
    Exercise 3: firmware readout and protocol logging (Skorobogatov+Kuhn)
  4. Lecture 4: Elliptic-curve cryptography (Kuhn)
    Exercise 4: decompilation – communications (Kuhn+Skorobogatov)
  5. Lecture 5: Feedback on exercises (Skorobogatov+Kuhn)
    Exercise 5: decompilation – elliptic-curve cryptography (Kuhn+You)
  6. Exercise 6: re-implementation of single-wire interface or elliptic-curve layer
  7. Reading class 1: side-channel analysis (Kuhn+You)
  8. Reading class 2: VLSI reverse engineering, fault attacks (Skorobogatov)

In addition to these eight weekly 2-hour meetings, there will also be an optional weekly 1-hour exercise help session.

Each exercise is due after two weeks.


On completion of this module, students should:

  • have gained hands-on experience in some of the tools and methods involved in reverse-engineering a digital product,
  • better understand the problem of hardening a product design against reverse engineering and tampering,
  • be familiar with a range of hardware-level attack techniques and countermeasures.


The course includes three reading sessions in which several papers are discussed. Each student is expected to give a 20–30 minute presentation covering 1–3 papers in one of these reading sessions and prepare an essay on the topics covered.

Practical work

This module has a large practical element.

NOTE: If the module is run remotely due to COVID-19 restrictions, changes to the practical work will be required 


60% exercises: each exercise handed in will be marked and the scores of the four exercises with the highest mark will each contribute 15% to the overall mark of the course.

20% reading-class presentation.

20% reading-class essay.

Recommended reading

Hankerson/Menezes/Vanstone: Guide to Elliptic Curve Cryptography. Springer 2004.

Mangard/Oswald/Popp: Power Analysis Attacks: Revealing the Secrets of Smart Cards power analysis attacks. Springer 2007.

Further Information

Due to COVID-19, the method of teaching for this module will be adjusted to cater for physical distancing and students who are working remotely. We will confirm precisely how the module will be taught closer to the start of term.