Trojan Detection using IC Fingerprinting
20 May 2007-pp 296-310
TL;DR: These results show that Trojans that are 3-4 orders of magnitude smaller than the main circuit can be detected by signal processing techniques and provide a starting point to address this important problem.
Abstract: Hardware manufacturers are increasingly outsourcing their IC fabrication work overseas due to their much lower cost structure. This poses a significant security risk for ICs used for critical military and business applications. Attackers can exploit this loss of control to substitute Trojan ICs for genuine ones or insert a Trojan circuit into the design or mask used for fabrication. We show that a technique borrowed from side-channel cryptanalysis can be used to mitigate this problem. Our approach uses noise modeling to construct a set of fingerprints/or an IC family utilizing side- channel information such as power, temperature, and electromagnetic (EM) profiles. The set of fingerprints can be developed using a few ICs from a batch and only these ICs would have to be invasively tested to ensure that they were all authentic. The remaining ICs are verified using statistical tests against the fingerprints. We describe the theoretical framework and present preliminary experimental results to show that this approach is viable by presenting results obtained by using power simulations performed on representative circuits with several different Trojan circuitry. These results show that Trojans that are 3-4 orders of magnitude smaller than the main circuit can be detected by signal processing techniques. While scaling our technique to detect even smaller Trojans in complex ICs with tens or hundreds of millions of transistors would require certain modifications to the IC design process, our results provide a starting point to address this important problem.
Citations
More filters
TL;DR: A classification of hardware Trojans and a survey of published techniques for Trojan detection are presented.
Abstract: Editor's note:Today's integrated circuits are vulnerable to hardware Trojans, which are malicious alterations to the circuit, either during design or fabrication. This article presents a classification of hardware Trojans and a survey of published techniques for Trojan detection.
1,227 citations
Cites background from "Trojan Detection using IC Fingerpri..."
...Except for the work by Agrawal et al.,13 where the authors had access to test chips and did noninvasive measurements, all methods were based on noninvasive simulations....
[...]
...Agrawal et al. were the first to use side-channel information to detect Trojan contributions to circuit power consumption.13 To obtain the power signature of Trojan-free (i.e., genuine) 13January/February 2010 ICs, random patterns are applied and power measurement is performed....
[...]
...D. Agrawal et al., ‘‘Trojan Detection Using IC Fingerprinting,’’ Proc....
[...]
...Agrawal et al.(13) Transient power Counter: 16-bit...
[...]
...were the first to use side-channel information to detect Trojan contributions to circuit power consumption.(13) To obtain the power signature of Trojan-free (i....
[...]
09 Jun 2008
TL;DR: A new behavior-oriented category method is proposed to divide trojans into two categories: explicit payload trojan and implicit payloadtrojan, which makes it possible to construct trojan models and then lower the cost of testing.
Abstract: Trusted IC design is a recently emerged topic since fabrication factories are moving worldwide in order to reduce cost. In order to get a low-cost but effective hardware trojan detection method to complement traditional testing methods, a new behavior-oriented category method is proposed to divide trojans into two categories: explicit payload trojan and implicit payload trojan. This categorization method makes it possible to construct trojan models and then lower the cost of testing. Path delays of nominal chips are collected to construct a series of fingerprints, each one representing one aspect of the total characteristics of a genuine design. Chips are validated by comparing their delay parameters to the fingerprints. The comparison of path delays makes small trojan circuits significant from a delay point of view. The experimentpsilas results show that the detection rate on explicit payload trojans is 100%, while this method should be developed further if used to detect implicit payload trojans.
611 citations
Cites background or methods from "Trojan Detection using IC Fingerpri..."
...The basic procedure of our Trojan detection method is similar to that in [1]....
[...]
...Although the destructive reverseengineering to check the integrity and genuineness of manufactured chips is a useful method to deal with any types of Trojan circuits, it can’t guarantee those untested to be Trojan free [1]....
[...]
...In [6], the author proposed the concept that manufacturing process could be unsafe but unable to give efficient methods to solve it except for the destructive way....
[...]
15 Jul 2014
TL;DR: The threat of hardware Trojan attacks is analyzed; attack models, types, and scenarios are presented; different forms of protection approaches are discussed; and emerging attack modes, defenses, and future research pathways are described.
Abstract: Security of a computer system has been traditionally related to the security of the software or the information being processed. The underlying hardware used for information processing has been considered trusted. The emergence of hardware Trojan attacks violates this root of trust. These attacks, in the form of malicious modifications of electronic hardware at different stages of its life cycle, pose major security concerns in the electronics industry. An adversary can mount such an attack with an objective to cause operational failure or to leak secret information from inside a chip-e.g., the key in a cryptographic chip, during field operation. Global economic trend that encourages increased reliance on untrusted entities in the hardware design and fabrication process is rapidly enhancing the vulnerability to such attacks. In this paper, we analyze the threat of hardware Trojan attacks; present attack models, types, and scenarios; discuss different forms of protection approaches, both proactive and reactive; and describe emerging attack modes, defenses, and future research pathways.
588 citations
Cites background or methods from "Trojan Detection using IC Fingerpri..."
...The IC fingerprinting technique [4] uses signal processing techniques such as the Karhunen–Loeve...
[...]
...The act of monitoring consumes power, even if the change in power consumption is minimal; indeed that would be the goal of an adversary [4]....
[...]
...Post-silicon, the design can be verified either through destructive depackaging and reverse engineering of the IC [3], or by comparing its functionality or circuit characteristics with a golden version of the IC [4], [7], [8]....
[...]
...(b) Side-channel transient current signal from a Trojan can be separated and identified from the statistical distribution of process noise using Karhunen–Loeve expansion [4]....
[...]
18 Jul 2014
TL;DR: This paper systematizes the current knowledge in this emerging field, including a classification of threat models, state-of-the-art defenses, and evaluation metrics for important hardware-based attacks.
Abstract: The multinational, distributed, and multistep nature of integrated circuit (IC) production supply chain has introduced hardware-based vulnerabilities. Existing literature in hardware security assumes ad hoc threat models, defenses, and metrics for evaluation, making it difficult to analyze and compare alternate solutions. This paper systematizes the current knowledge in this emerging field, including a classification of threat models, state-of-the-art defenses, and evaluation metrics for important hardware-based attacks.
514 citations
Cites methods from "Trojan Detection using IC Fingerpri..."
...This work was supported in part by the U.S. Office of Naval Research (ONR) under Grant R17460 and the National Science Foundation (NSF) under Grants to Rice University (CNS-1059416) and NYU (CNS-1059328 and CCF-1319841), NYU/NYU-AD Center for Research in Information Security Studies and Privacy…...
[...]
...Digital Object Identifier: 10.1109/JPROC.2014.2335155 0018-9219 2014 IEEE....
[...]
15 Jul 2014
TL;DR: This tutorial will provide a review of some of the existing counterfeit detection and avoidance methods, and discuss the challenges ahead for implementing these methods, as well as the development of new Detection and avoidance mechanisms.
Abstract: As the electronic component supply chain grows more complex due to globalization, with parts coming from a diverse set of suppliers, counterfeit electronics have become a major challenge that calls for immediate solutions. Currently, there are a few standards and programs available that address the testing for such counterfeit parts. However, not enough research has yet addressed the detection and avoidance of all counterfeit partsVrecycled, remarked, overproduced, cloned, out-of-spec/defective, and forged documentationVcurrently infiltrating the electronic component supply chain. Even if they work initially, all these parts may have reduced lifetime and pose reliability risks. In this tutorial, we will provide a review of some of the existing counterfeit detection and avoidance methods. We will also discuss the challenges ahead for im- plementing these methods, as well as the development of new detection and avoidance mechanisms.
424 citations
Cites methods from "Trojan Detection using IC Fingerpri..."
...In [57], advanced signal processing techniques based on Karhunen–Loève expansion are used to find a signal subspace from which the process noise is absent in order to identify Trojans that are well hidden within the variations of the signals generated by the process noise....
[...]
References
More filters
TL;DR: An encryption method is presented with the novel property that publicly revealing an encryption key does not thereby reveal the corresponding decryption key.
Abstract: An encryption method is presented with the novel property that publicly revealing an encryption key does not thereby reveal the corresponding decryption key. This has two important consequences: (1) Couriers or other secure means are not needed to transmit keys, since a message can be enciphered using an encryption key publicly revealed by the intented recipient. Only he can decipher the message, since only he knows the corresponding decryption key. (2) A message can be “signed” using a privately held decryption key. Anyone can verify this signature using the corresponding publicly revealed encryption key. Signatures cannot be forged, and a signer cannot later deny the validity of his signature. This has obvious applications in “electronic mail” and “electronic funds transfer” systems. A message is encrypted by representing it as a number M, raising M to a publicly specified power e, and then taking the remainder when the result is divided by the publicly specified product, n, of two large secret primer numbers p and q. Decryption is similar; only a different, secret, power d is used, where e * d ≡ 1(mod (p - 1) * (q - 1)). The security of the system rests in part on the difficulty of factoring the published divisor, n.
14,659 citations
Book•
01 Jan 1972
TL;DR: This completely revised second edition presents an introduction to statistical pattern recognition, which is appropriate as a text for introductory courses in pattern recognition and as a reference book for workers in the field.
Abstract: This completely revised second edition presents an introduction to statistical pattern recognition Pattern recognition in general covers a wide range of problems: it is applied to engineering problems, such as character readers and wave form analysis as well as to brain modeling in biology and psychology Statistical decision and estimation, which are the main subjects of this book, are regarded as fundamental to the study of pattern recognition This book is appropriate as a text for introductory courses in pattern recognition and as a reference book for workers in the field Each chapter contains computer projects as well as exercises
10,526 citations
15 Aug 1999
TL;DR: In this paper, the authors examine specific methods for analyzing power consumption measurements to find secret keys from tamper resistant devices. And they also discuss approaches for building cryptosystems that can operate securely in existing hardware that leaks information.
Abstract: Cryptosystem designers frequently assume that secrets will be manipulated in closed, reliable computing environments. Unfortunately, actual computers and microchips leak information about the operations they process. This paper examines specific methods for analyzing power consumption measurements to find secret keys from tamper resistant devices. We also discuss approaches for building cryptosystems that can operate securely in existing hardware that leaks information.
6,757 citations
18 Aug 1996
TL;DR: By carefully measuring the amount of time required to perform private key operalions, attackers may be able to find fixed Diffie-Hellman exponents, factor RSA keys, and break other cryptosystems.
Abstract: By carefully measuring the amount of time required tm perform private key operalions, attackers may be able to find fixed Diffie-Hellman exponents, factor RSA keys, and break other cryptosystems. Against, a valnerable system, the attack is computationally inexpensive and often requires only known ciphertext. Actual systems are potentially at risk, including cryptographic tokens, network-based cryptosystems, and other applications where attackers can make reasonably accurate timing measurements. Techniques for preventing the attack for RSA and Diffie-Hellman are presented. Some cryptosystems will need to be revised to protect against the attack, and new protocols and algorithms may need to incorporate measures to prevenl timing attacks.
3,989 citations
Proceedings Article•
01 Jan 1996
3,526 citations