{"id":47491775,"url":"https://github.com/danpage/scale","last_synced_at":"2026-04-10T09:00:26.856Z","repository":{"id":180367150,"uuid":"137181205","full_name":"danpage/scale","owner":"danpage","description":"SCALE: Side-Channel Attack Lab. Exercises","archived":false,"fork":false,"pushed_at":"2023-09-20T15:01:30.000Z","size":22,"stargazers_count":43,"open_issues_count":0,"forks_count":14,"subscribers_count":5,"default_branch":"master","last_synced_at":"2025-09-11T10:02:50.141Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"cc-by-sa-4.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/danpage.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2018-06-13T07:47:41.000Z","updated_at":"2025-07-14T09:42:39.000Z","dependencies_parsed_at":null,"dependency_job_id":"fef36b74-4338-4723-ad49-d6f4fd701ddb","html_url":"https://github.com/danpage/scale","commit_stats":null,"previous_names":["danpage/scale"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/danpage/scale","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/danpage%2Fscale","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/danpage%2Fscale/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/danpage%2Fscale/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/danpage%2Fscale/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/danpage","download_url":"https://codeload.github.com/danpage/scale/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/danpage%2Fscale/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31635969,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-10T07:40:12.752Z","status":"ssl_error","status_checked_at":"2026-04-10T07:40:11.664Z","response_time":98,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2026-03-26T20:00:22.222Z","updated_at":"2026-04-10T09:00:26.840Z","avatar_url":"https://github.com/danpage.png","language":null,"funding_links":[],"categories":["Hardware Tools"],"sub_categories":["Side-Channel Analysis"],"readme":"# SCALE: Side-Channel Attack Lab. Exercises\n\n\u003c!--- -------------------------------------------------------------------- ---\u003e\n\n## Concept\n\nAlongside the implementation of cryptography in hardware *and* software, \nattacks on those implementations (plus associated countermeasures) form\na central challenge in\n[cryptographic engineering](http://en.wikipedia.org/wiki/Cryptographic_engineering).\nThis topic is sometimes termed physical security, but, either way, it\ncontrasts sharply with\ntraditional [cryptanalysis](http://en.wikipedia.org/wiki/Cryptanalysis)\nby targeting the concrete implementation (vs. the abstract design, i.e.,\nthe underlying theory) via techniques such as \n[side-channel attack](http://en.wikipedia.org/wiki/Side-channel_attack).\nBeyond the obvious motivation, there are many position statements, e.g.,\nsee [1,2,3], that outline why this challenge is important.  Thus, from \nan educational perspective, the question is how to equip students with \nan appropriate, associated skill set?  \n\nOn one hand, it seems obvious a hands-on approach is preferable: this is\nan applied topic so actually *doing* it (assuming a background in the \nunderlying or related theory), e.g., via \n[Problem-Based Learning (PBL)](http://en.wikipedia.org/wiki/Problem-based_learning),\nwould be most effective.  Indeed, other initiatives have already used a\nsimilar approach, e.g., see [4].\nHowever, on the other hand, our experience is that some practical and/or\nlogistical challenges remain.  In particular, a PBL-based approach will\ndemand some \"problems\" and, potentially, infrastructure for students to \nuse.  This facts act as a driver for the SCALE project: the goal is to \nprovide a suite of material related to side-channel (and fault) attacks \nthat is \n\n- low-cost   (i.e., has few if any barriers to use),\n- accessible (i.e., offers a balanced, configurable difficulty level, between real-world and educationally focused examples),\n- relevant   (e.g., addresses modern challenges with tangible value and impact),\n- coherent   (e.g., well documented and supported), and\n- effective  (i.e., elicits appropriate learning outcomes).\n\n\u003c!--- -------------------------------------------------------------------- ---\u003e\n\n## Quickstart\n\nOver time, SCALE has evolved in different directions; the content is\ntherefore captured by material in several repositories.  Each one is \norganised as a\n[submodules](http://www.git-scm.com/docs/git-submodule):\n\n- The `sw`\n  sub-module houses the\n  [software-oriented material](http://www.github.com/danpage/scale-sw):\n  the goal is to provide a set of high-level,\n  [CTF](http://en.wikipedia.org/wiki/Capture_the_flag#Computer_security)-like\n  exercises that offer controlled, simulated environments in which to \n  learn about various attack techniques.\n   \n- The `hw`\n  sub-module houses the \n  [hardware-oriented material](http://www.github.com/danpage/scale-hw):\n  the goal is to provide a set of  low-level,\n  concrete hardware platforms that are tailored toward learning about\n  [side-channel attacks](http://en.wikipedia.org/wiki/Side-channel_attack)\n  based on\n  [power analysis](http://en.wikipedia.org/wiki/Power_analysis).\n   \n- The `data` \n  sub-module houses the \n  [    data-oriented material](http://www.github.com/danpage/scale-data):\n  the goal is to provide some (pre-acquired) data sets, each relating\n  to one of the platforms in the hardware-oriented material but that \n  can be used without physical access to the associated hardware.\n\nThis means each one is motivated per the above, but differs in terms \nof focus and content.  Since they remain somewhat independent, they\ncan be selectively populated and used:\n\n- Clone the repo.\n\n  ```sh\n  git clone https://github.com/danpage/scale.git ./scale\n  cd ./scale\n  ```\n\n- *Either*\n\n  - populate *all*  content via\n\n    ```sh\n    git submodule update --init --recursive\n    ```\n\n    *or*\n\n  - populate *some* content via  \n\n    ```sh\n    git submodule update --init --recursive sw\n    git submodule update --init --recursive hw\n    git submodule update --init --recursive data\n    ```\n   \n    selectively removing commands to reflect the content you need.\n\nThis ability can be important: the size (and thus download time) of \nthe data-oriented material is significant, for example, and it will \nnot be applicable in all contexts or to all users.  \n\n\u003c!--- -------------------------------------------------------------------- ---\u003e\n\n## References\n\n1. S. Ravi, A. Raghunathan, P.C. Kocher, and S. Hattangady.\n   [Security in embedded systems: design challenges](http://dl.acm.org/citation.cfm?doid=1015047.1015049).\n   ACM Transactions on Embedded Computing Systems (TECS), 3(3), 461--491, 2004.\n\n2. S. Ravi, P.C. Kocher, R.B. Lee, G. McGraw, and A. Raghunathan.\n   [Security as a new dimension in embedded system design](http://dl.acm.org/citation.cfm?id=996771).\n   Design Automation Conference (DAC), 753--760, 2004.\n\n3. W. Burleson, O. Mutlu, and M. Tiwari.\n   [Who is the major threat to tomorrow's security?  You, the hardware designer](http://dl.acm.org/citation.cfm?doid=2897937.2905022).\n   Design Automation Conference (DAC), 16:1--16:5, 2016.\n\n4. F. Bruguier, P. Benoit, L. Torres, and L. Bossuet.\n   [Hardware security: From concept to application](http://ieeexplore.ieee.org/document/7496483/).\n   European Workshop on Microelectronics Education (EWME), 2016.\n\n\u003c!--- -------------------------------------------------------------------- ---\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdanpage%2Fscale","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdanpage%2Fscale","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdanpage%2Fscale/lists"}