course: Physical Attacks and Countermeasures

teaching methods:
lecture with tutorials
Moodle, computer based presentation
responsible person:
Priv.-Doz. Dr. Amir Moradi
Priv.-Doz. Dr. Amir Moradi (ETIT), M. Sc. David Knichel (ETIT), M. Sc. Thorben Moos (ETIT), M. Sc. Felix Wegener (ETIT)
offered in:
summer term

dates in summer term

  • start: Monday the 20.04.2020
  • lecture Mondays: from 14:15 to 15.45 o'clock
  • tutorial Mondays: from 16:00 to 16.45 o'clock
  • lab exercise Mondays: from 17:00 to 17.45 o'clock


All statements pertaining to examination modalities (for the summer/winter term of 2020) are given with reservations. Changes due to new requirements from the university will be announced as soon as possible.
Form of exam:written
Registration for exam:FlexNow
Room : ID 04/401


The students

  • understand the kinds of physical attacks, their prerequisites, and their required conditions to work.
  • are capable of evaluating measurement data based on the learned methods in order to assess the security level of an implementation.
  • are aware of the dangers that physical attacks pose for implementations of cryptographic algorithms.
  • know the countermeasure schemes and how to apply them in order to protect a cryptographic design against physical attacks.


Modern cryptographic algorithms provide a reasonable level of security against known mathematical and cryptanalytic attacks. These cryptographic primitives are implemented on different platforms to be used in a security-enabled applications. Such a realization is done by implementing the desired cryptographic algorithm using some program code (in software) or using logic elements/circuits (in hardware). Physical access of the users to the cryptographic devices (e.g., a smartcard used for payment, a contactless card used for authentication, or a smartphone) where a secret key is embedded, led to a new form of attacks called physical attacks. This kind of attacks aims at extracting the secret key used by the cryptographic algorithm from the target implementation. Breaking a system by means of a physical attack does not infer to the weakness of the algorithm, but of the implementation. Therefore, considering such kinds of attacks as a potential risk for the security is a must when designing a cryptographic device and weaknesses in that regard need to be avoided from the start. The goal of this lecture is to give an overview about the known physical attacks and most considerably the schemes developed to counter such kinds of attacks. In the first part of the lecture different kinds of physical attacks are introduced, while in the second part we focus on countermeasures and the methods to make implementations resistant against known physical attacks.



recommended knowledge

understanding the english language, basic knowledge of digital technology, basic knowledge of data security and cryptography, solid programming ability in at least one programming language (e.g. C++), basic knowledge of computer architecture, basic knowledge of signal processing.


IMPORTANT: Because of the current sitation, the lecture will have a fully virtual format. To get access to the videos and material, students have to enroll in the moodle course ( To get the password, please write a mail to David Knichel (

A big part of the lecture is project-based. In addition to the final exam there exist weekly programming projects (i.e., homework) and a final seminar. Each part has to be handled individually and is part of the final grade. For passing this course the students have to achieve at least 50% in the final exam AND 50% in the cumulative final grade. The cumulative final grade is composed of:

Weekly projects (homework): 30%

Final exam: 60%

Final seminar: 20%

This results in a sum of 110%. Hence, 10% of the obtainable points are bonus points (Bonuspunkte). The final seminar will take place on Tuesday, 11th of August 2020 in the upcoming summer term.