Post on 18-Jan-2016
1
Hardware Security: An Emerging Threat Landscape and Possible Solutions
Siddharth Garg with
M. El-Massad (NYU), F. Imeson (Waterloo), and M. Tripunitara (Waterloo)
Electrical and Computer EngineeringNew York University
Berkeley DREAMS Seminar
2
Cyber-security Landscape
~20 Billion interconnected “devices” (semiconductor ICs) Security threats: firmware, application, network (both
wired and wireless), cloud …. …..but what about the “devices”
3
IC Supply Chain
module adder(x, a, b, cin); input a; input b; input cin;
Millions of LoC
Geographically dispersed design
teams
External “IP”
Source: Global Semicon. Alliance
“Fabless” manufacturing
IC circuitextraction
4
Threat Model: Malicious Foundry
“As for hardware, remotely operated kill switches and hidden backdoors can be written into computer chips….”
- U.S. Department of Defense
More pernicious than a software virus Instantly affects all chips Cannot (or is hard to) patch
5
Hardware Trojan Attacks Types of attacks
Private information leakage (leaking secret keys, etc.) Privilege escalation attacks [King et al., LEET’08]
Premise: targeted attack on a specific gate (or set of gates) Attacker must uniquely identify at least one gate to be
successful
Super-user bit
6
Existing Solutions
Hardware Trojan detection Compare measured IC
“fingerprints” with golden IC
Reactive (not proactive)
[Source: C Ortiz, US DoD]
Trusted foundry programs “Contracts with IBM for secure,
domestic advanced semiconductor fabrication and ASIC services”
[Source: Tehranipoor and Koushanfar]
7
Running Example: Full AdderRe
gula
r Inp
uts
Malicious input (trigger) to avoid detection in post-fab. testing
Malicious gate
8
Hide information (wires) from the view of the attacker
Proposed Solution: Logic Obfuscation
Hidden wire
I/O labels removed
Attackers View
Original NetlistLogic obfuscation (by hiding wires) reduces the
attackers ability to correctly identify gates
[Imeson et al., USENIX Security’13, Best Paper Award]
9
Hiding Wires Using 3D (2.5D) TechnologyTop Tier
(Hidden Tier)
Bottom Tier ( Obfuscated Tier)
Contains only hidden wires and all I/O
Inexpensive to manufacture
Fabricated at secure facility
Contains all gates and “unhidden” wires
Expensive Outsourced for
fabrication
2.5D IC
10
2.5D and 3D ICs
2.5D Xilinx FPGA
FPGA logicInterconnect
NYU 3D Test Chip (Tezzaron 0.13 mm)
[O’Sullivan et al., ISQED’13]
“A multi-layer circuit may be divided in such a way that the function of each layer becomes obscure..….. elements can be scattered among the layers in apparently random fashion”
- Tezzaron Technologies white paper
11
“Split Manufacturing” Flow
“Layout”
12
Attacker Model
ObfuscatedLayout Reconstructed
Net-list
13
How Does the Attacker Proceed Inputs: Graphs G and H
Attacker determines sub-graph isomorphisms
All four subgraphs of G that are isomorphic to H
Is H “4-secure” with respect to G?
14
Formal Notion of Security S(w) = 2 S(v), S(x), S(u) = 2 S(y) = 1 S(H) = 1
k-secure vertex
A vertex is k-secure if there exist at least k subgraph isomorphisms each of which map to a distinct vertex in G.
k-secure graph
is k-secure (with respect to G) if every vertex in is k-secure.
15
Computational Complexity Determining if is k-secure is NP-complete
Relevant from the perspective of the defender
We investigated two approaches: Reduction to subgraph isomorphism + VF2 solver Reduction to SAT + MiniSAT solver
16
Cost-Security Trade-offs Cost Number of hidden wires
Minimizing cost to achieve k-security is NP-Hard
Greedy procedure to explore cost-security trade-off Start with no edges in H. Pick edge to add to H that
maximizes security. Repeat.
17
Experimental Results: Cost vs. Security
Experiments on the C432 benchmark circuit, a 27-channel interrupt controller.
Max.
Avg.Min.
Gate type that appears fewest times
18
Layout Randomization Gates are placed to minimize average wirelength
Proximal gates on obfuscated (bottom) tier more likely to be connected on hidden (top) tier
Solution: secure layout randomization
[Rajendran et al., DATE’13]
OTS Layout
Tool
OTS Routing
Tool
Layout tool does not know about connectivity on the hidden tier and cannot optimize for it
19
Layout Randomization Results
Layout randomization effectively defeats proximity attacks 1.7x-2.1x delay overhead
Original 2D Layout Obfuscated Tier Layout Hidden Tier Layout
Original 2DObfuscated Hidden
20
Case Study: DES Circuit
Symmetric key based encryption/decryption
35,000 gate implementation from OpenCores library
Attack on LSB of 14th round reveals secret key
16-secure circuit by removing only 13% of wires
[Boneh et al., Eurocrypt’97]
21
Footprint of “Exhaustive” Attack
Implemented a 64-secure DES circuit
LSB of 14th round actually 255-secure
420x area overhead to attack all possible options
22
Raising the Bar on the Attacker
23
IC Supply Chain
module adder(x, a, b, cin); input a; input b; input cin;
Millions of LoC
Geographically dispersed design
teams
External “IP”
Source: Global Semicon. Alliance
“Fabless” manufacturing
IC circuitextraction
24
IC Circuit ExtractionDe-packaging And DelayeringPackaged IC
Imaging(SEM)
Schematic!
“…project we just finished; analyzing a digital ASIC with….. embedded encryption hardware…12K gates of digital logic…”
“Now we understood the encryption, had the keys, and had full chip simulations running….”
[Source: Torrance and James, CHES’09]
25
Potential Solution: IC Camouflaging Dummy contacts to
camouflage Boolean functionality [US6791191]
Attacker cannot determine functionality even after circuit extraction {XOR, NAND, NOR}
But, camouflaging comes at a cost (area/power/delay)
26
Defender Vs. Attacker
27
IC Camouflaging: Trade-off Camouflaging has a per-gate cost
Claim [R+,CCS’13]: If a small number of judiciously selected gates is camouflaged, => attacker needs >1000s of years to decamouflage
[R+,CCS’13] seemingly resolve cost-security trade-off
[R+,CCS’13] Rajendran, J., et al. "Security analysis of integrated circuit camouflaging,“ CCS 2013. (Best Student Paper Award)
28
Which Gates…? Mindset from [R+,CCS’13]
“Justification”“Sensitization’
Observation: Efficient attack strategy if gates can be simultaneously justified and sensitized
29
Non-Resolvable Gates
Claim [R+,CCS’13]: If gates cannot be simultaneously sensitized and justified, attacker must resort to brute-force attack Exponential complexity in # of camouflaged gates
30
The Example, Revisited
Each input eliminates a subset of solutions (or completions)
Set of inputs sufficient to eliminate all but the right completion(s)→ discriminating set
31
Discriminating Set of Inputs
32
IC Decamouflaging Attack
Our Work [E+, NDSS’15]: in practice, both the query cost and computational cost of an attack are low: IC decamouflaging in minutes
33
Attack Oracles
34
Practical Computational Procedure
1001
1111
0010
.
.
.
.
.
.
.
.
Am I done yet?
Add counterexample input
co-NP-complete
SAT Solver
UNSAT
Done!
SAT
What are the gate identities?
SAT Solver
NP-
com
plet
e
0001
“counterexample”
0001
Given a set of inputs…..
35
Our Attack: Empirical Results
36
Impact of Increasing # Camouflaged Gates
37
Takeaway Cautionary note to IC designers
Appealing claims on secure IC camouflaging with low cost must be examined carefully
Mindset rooted in foundations is helpful