Modern integrated circuits are increasingly complex and often originate from opaque global supply chains, making independent verification of hardware behavior more important than ever. Reverse engineering has therefore become a critical skill—for example, when assessing trustworthiness, detecting malicious modifications, or understanding real-world implementations of cryptographic algorithms.

In this tutorial, we take our first steps in reverse engineering using the open-source HAL framework to analyze gate-level netlists. Together, we explore how to identify functional modules such as registers in order to analyze the hardware implementation of a modern block cipher. To this end, we will identify a malicious sub-circuit leaking the secret key of the cipher using both static and dynamic reverse engineering techniques.

To verify the findings we will run a full simulation using the Verilator to generate a cycle-accurate behavioral model. This also demonstrates the ability of HAL to integrate other reversing tools seamlessly.

Requirements
Some basic understanding of (symmetric) cryptography is helpful, but not strictly required.

The tutorial requires Ubuntu 24.04 (native or as VM) with at least 16 GB of RAM and 40 GB of free disk space. HAL installation instructions will be sent out before the tutorial. A VM will be provided for those not willing to install HAL themselves.

Modern integrated circuits are increasingly complex and often originate from opaque global supply chains, making independent verification of hardware behavior more important than ever. Reverse engineering has therefore become a critical skill—for example, when assessing trustworthiness, detecting malicious modifications, or understanding real-world implementations of cryptographic algorithms.

In this tutorial, we take our first steps in reverse engineering using the open-source HAL framework to analyze gate-level netlists. Together, we explore how to identify functional modules such as registers in order to analyze the hardware implementation of a modern block cipher. To this end, we will identify a malicious sub-circuit leaking the secret key of the cipher using both static and dynamic reverse engineering techniques.

To verify the findings we will run a full simulation using the Verilator to generate a cycle-accurate behavioral model. This also demonstrates the ability of HAL to integrate other reversing tools seamlessly.

Requirements
Some basic understanding of (symmetric) cryptography is helpful, but not strictly required.

The tutorial requires Ubuntu 24.04 (native or as VM) with at least 16 GB of RAM and 40 GB of free disk space. HAL installation instructions will be sent out before the tutorial. A VM will be provided for those not willing to install HAL themselves.