Hardware Security

Start Date: 07/05/2020

Course Type: Common Course

Course Link: https://www.coursera.org/learn/hardware-security

Explore 1600+ online courses from top universities. Join Coursera today to learn data science, programming, business strategy, and more.

About Course

In this course, we will study security and trust from the hardware perspective. Upon completing the course, students will understand the vulnerabilities in current digital system design flow and the physical attacks to these systems. They will learn that security starts from hardware design and be familiar with the tools and skills to build secure and trusted hardware.

Course Syllabus

To learn hardware security, we first need to learn how hardware is designed. This week's lectures give an overview of the basics on digital logic design, which is a semester-long course for freshmen and sophomores in most schools. By no means we can cover all the materials. What we provide here is the minimal set that you need to understand about digital design for you to move on to learn hardware security.

Deep Learning Specialization on Coursera

Course Introduction

Hardware Security This course is the last course in the Firewall and IoT specialization. In the next 6 weeks you will learn how to design and implement a hardware defined architecture (HDA) protecting a device from unauthenticated inbound and return traffic. In particular you will learn how to design and implement a hardware based firewall using the Linux Firewall API. You will also learn how to implement a hardware based IoT security architecture using the Linux Bluetooth standard. You will use the Linux Kit Framework to design and implement the HDA. You will also learn how to use the Linux Firewall API to implement the device isolation policy. You will use the Linux Bluetooth standard to design and implement the device isolation policy. You will also learn how to use the Linux Kit Framework to design and implement the device isolation policy. You will also learn how to use the Linux API to access the device. In week 6 we will apply this knowledge to create a basic Linux based IoT device that can function as a gateway between devices in a network. You will also learn how to use the Linux Kit Framework to access the device. In week 7 we will extend the design to include the use of a microkernel based embedded board that has a firmware upgradeable module (MIP) so that the system can be re-configured at runtime. In week 8 we will explore the use of a mSATA connector for the device. In week 9 we will implement the mSATA connector and its pins. In

Course Tag

Montgomery Modular Multiplication Side-Channel Attack Hardware Design Cryptographic Hardware

Related Wiki Topic

Article Example
Tamper-resistant security module A TRSM is usually also a Hardware security module (HSM).
Hardware security module A hardware security module can be employed in any application that uses digital keys. Typically the keys must be of high-value - meaning there would be a significant, negative impact to the owner of the key if it were compromised.
OpenXPKI An even higher security level can be achieved by protecting the private keys with a hardware security module. OpenXPKI currently supports nCipher's nShield hardware security module.
Hardware security module A hardware security module (HSM) is a physical computing device that safeguards and manages digital keys for strong authentication and provides cryptoprocessing. These modules traditionally come in the form of a plug-in card or an external device that attaches directly to a computer or network server.
FICON Hardware Security Module (HSM) products that support FICON include:
IBM WebSphere DataPower SOA Appliances DataPower Appliances contain many specialized hardware components, including ASIC-based IPS, custom encrypted RAID drives, and (optional) hardware security modules.
Hardware security module The major organization that produces and maintains standards for HSMs on banking market is the Payment Card Industry Security Standards Council.
Hardware security module Some HSM systems are also hardware cryptographic accelerators. They usually cannot beat the performance of hardware-only solutions for symmetric key operations. However, with performance ranges from 1 to 7,000 1024-bit RSA signs per second, HSMs can provide significant CPU offload for asymmetric key operations. Since NIST is recommending the use of 2,048 bit RSA keys from year 2010, performance at longer key sizes is becoming increasingly important. To address this issue, some HSMs now support elliptic curve cryptography (ECC), which delivers stronger encryption with shorter key lengths.
Hardware security module Due to the critical role they play in securing applications and infrastructure, HSMs and/or the cryptographic modules they employ are typically certified to internationally recognized standards such as Common Criteria or FIPS 140 to provide users with independent assurance that the design and implementation of the product and cryptographic algorithms are sound. The highest level of FIPS 140 security certification attainable is Security Level 4 (Overall), to which very few HSMs have been successfully validated.
Hardware security module Many HSM systems have means to securely back up the keys they handle either in a wrapped form via the computer's operating system or externally using a smartcard or some other security token.
Virtual security appliance Security appliances during that time not only had custom ASIC chips and dedicated hardware but also was delivered on hardened operating systems and had pre-install security applications. This capability delivered performance as well as ease of installation and as a result, software vendors began calling pre-installed security applications on general purpose hardware, “Security Appliances”. This model became so appealing that pure software vendors such as Stonesoft or CheckPoint Software began shipping pre-built operating systems with their security applications after a long history of selling software that had to be installed on existing customer hardware and customer operating systems.
Computer security compromised by hardware failure Computer security compromised by hardware failure is a branch of computer security applied to hardware.
Secure cryptoprocessor Hardware Security Modules contain one or more cryptoprocessors. These devices are high grade secure cryptoprocessors used with Enterprise servers. A hardware security module can have multiple levels of physical security with a single-chip cryptoprocessor as its most secure component. The cryptoprocessor does not reveal keys or executable instructions on a bus, except in encrypted form, and zeros keys by attempts at probing or scanning. The crypto chip(s) may also be potted in the hardware security module with other processors and memory chips that store and process encrypted data. Any attempt to remove the potting will cause the keys in the crypto chip to be zeroed. A hardware security module may also be part of a computer (for example an ATM) that operates inside a locked safe to deter theft, substitution, and tampering.
Direct corporate access Secure-IP is a clone of the existing Bacstel-IP channel used for BACS. Files of payments are secured using a smart card or hardware security module (HSM).
Personal identification number There are several main methods of validating PINs. The operations discussed below are usually performed within a hardware security module (HSM).
ATM Controller An ATMC will usually have at least one attached hardware security module to manage the keys relating to PIN validation and encryption of connections.
Cryptomathic Cryptomathic is a software company specializing in the area of cryptography for e-commerce security systems. The company develops secure software solutions for the financial and governmental industries. It focuses especially on developing back-end solutions using hardware security modules.
FreeOTFE Optional two-factor authentication using smart cards and/or hardware security modules (HSMs, also termed security tokens) was introduced in v4.0, using the PKCS#11 (Cryptoki) standard developed by RSA Laboratories.
USB flash drive security Hardware systems may offer additional features, such as the ability to automatically overwrite the contents of the drive if the wrong password is entered more than a certain number of times. This type of functionality cannot be provided by a software system since the encrypted data can simply be copied from the drive. However, this form of hardware security can result in data loss if activated accidentally by legitimate users and strong encryption algorithms essentially make such functionality redundant.
Hardware security module A few of the HSMs available in the market have the ability to execute specially developed modules within the HSM's secure enclosure. Such an ability is useful, for example, in cases where special algorithms or business logic has to be executed in a secured and controlled environment. The modules can be developed in native C language, in .NET, Java, or other programming languages. While providing the benefit of securing application-specific code, these execution engines protect the status of an HSM's FIPS or Common Criteria validation.