A security-aware design scheme for better hardware Trojan detection sensitivity

Bao, Chongxi; Xie, Yang; Srivastava, Ankur

doi:10.1109/hst.2015.7140236

Cited by 8 publications

(2 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The most common ones attempt to either detect malicious circuitry, or prevent insertions. In particular, detection techniques aim to determine whether any HTs exist in a given circuit and feature a wide range of methods such as side-channel analysis [3,79,95,97], logic testing [26], and trust verification [8,68,90,102]. On the other hand, prevention techniques aim to either impede the introduction of HTs, or make HT easier to detect, such approaches are Split manufacturing [28,69,94] which tries to minimize the circuit/design exposure to the adversary, logic obfuscation [25] and runtime monitoring [47,88] Moreover, there is also a smaller body of work which attempts to tackle the even harder problem of inferring additional information about the HT such as its triggers, payload, and exact location [95,97].…”

Section: Related Workmentioning

confidence: 99%

“…Understandably, design houses have much better control over the IC fabrication and the supply chain, and this allows them to take full advantage of our architecture. In particular, they can combine existing detection [8,26,68] and prevention techniques [25,28,69,94] with our proposed design, to reduce the likelihood of compromises for individual components. On the other hand, COTS vendors have less control as they have limited visibility in the fabrication process and the supply chain.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

A Touch of Evil: High-Assurance Cryptographic Hardware from Untrusted Components

Mavroudis¹,

Cerulli²,

Švenda³

et al. 2017

Preprint

View full text Add to dashboard Cite

The semiconductor industry is fully globalized and integrated circuits (ICs) are commonly defined, designed and fabricated in different premises across the world. This reduces production costs, but also exposes ICs to supply chain attacks, where insiders introduce malicious circuitry into the final products. Additionally, despite extensive post-fabrication testing, it is not uncommon for ICs with subtle fabrication errors to make it into production systems. While many systems may be able to tolerate a few byzantine components, this is not the case for cryptographic hardware, storing and computing on confidential data. For this reason, many error and backdoor detection techniques have been proposed over the years. So far all attempts have been either quickly circumvented, or come with unrealistically high manufacturing costs and complexity.This paper proposes Myst, a practical high-assurance architecture, that uses commercial off-the-shelf (COTS) hardware, and provides strong security guarantees, even in the presence of multiple malicious or faulty components. The key idea is to combine protective-redundancy with modern threshold cryptographic techniques to build a system tolerant to hardware trojans and errors. To evaluate our design, we build a Hardware Security Module that provides the highest level of assurance possible with COTS components. Specifically, we employ more than a hundred COTS secure cryptocoprocessors, verified to FIPS140-2 Level 4 tamper-resistance standards, and use them to realize high-confidentiality random number generation, key derivation, public key decryption and signing. Our experiments show a reasonable computational overhead (less than 1% for both Decryption and Signing) and an exponential increase in backdoor-tolerance as more ICs are added.

show abstract