Breaking and entering through the silicon

Helfmeier, Clemens; Nedospasov, Dmitry; Tarnovsky, Christopher; Krissler, Jan Starbug; Boit, Christian; Seifert, Jean-Pierre

doi:10.1145/2508859.2516717

Cited by 98 publications

(46 citation statements)

References 23 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Undeniably, one of the fundamental security challenges for vendors is the providing a protection scheme against advanced semi-and fully-invasive attacks from the IC backside. While fully-invasive techniques, such as FIB microprobing [36], are taken seriously by the chip manufactures, not enough attention has been paid to optical semi-invasive attacks in the past.…”

Section: Discussionmentioning

confidence: 99%

On the Physical Security of Physically Unclonable Functions

Tajik

2019

T-Labs Series in Telecommunication Services

View full text Add to dashboard Cite

Section: Discussionmentioning

confidence: 99%

On the Physical Security of Physically Unclonable Functions

Tajik

2019

T-Labs Series in Telecommunication Services

View full text Add to dashboard Cite

“…The hardware RoT orthodoxy is a secret key embedded in the hardware [87], for instance, a key stored in the non-volatile memories of the IC. Unfortunately, the vulnerability of such legacy key storage methods to semi-and fully-invasive attacks, has been reported in the literature [47,58,112,115]. It has been demonstrated that even in the presence of sophisticated countermeasures, it is hard to stop an adversary attempting to circumvent these security measures and gain access to the memories.…”

Section: Hardware Root Of Trustmentioning

confidence: 99%

“…While the PUF manufacturers have been contributing to improve the design, and consequently, the security of the PUFs, adversaries are simultaneously developing non-invasive and semi-invasive attacks against these primitives [46,47,95,109]. For instance, it has been shown that an Arbiter…”

Section: Physically Unclonable Functionsmentioning

confidence: 99%

On the Learnability of Physically Unclonable Functions

Ganji¹

2018

T-Labs Series in Telecommunication Services

View full text Add to dashboard Cite

Along with the expansion of the application of integrated circuits (ICs), the risk of security vulnerabilities of them has been rising dramatically. Diverse type of successful attacks against ICs have been launched by adversaries taking advantage of those vulnerabilities to expose confidential information, e.g., intellectual property (IP), and customer data. As a remedy for the shortcomings of traditional security measures taken to protect ICs, PUFs appear to be promising candidates that are intended to offer instance-specific functionality. While cryptographic mechanisms enjoying this privilege have been emerging, the vulnerability of PUFs to different types of attacks have been demonstrated. Among these attacks, a great deal of attention has been paid to machine learning (ML) attacks, aiming at modeling the challengeresponse behavior of PUFs. So far the success of ML attacks has relied on trial and error, and consequently, ad hoc attacks and their corresponding countermeasures have been developed.This thesis aims to address this issue by providing the mathematical proofs of the vulnerability of various PUF families, including Arbiter, XOR Arbiter, ring-oscillator, and bistable ring PUFs, to ML attacks. To achieve this goal, for the assessment of these PUFs a generic framework is developed that include two main approaches. First, with regard to the inherent physical characteristics of the PUFs mentioned above, fit-for-purpose mathematical representations of them are established, which adequately reflect the physical behavior of those primitives. To this end, notions and formalizations, being already familiar to the ML theory world, are reintroduced in order to give a better understanding of why, how, and to what extent ML attacks against PUFs can be feasible in practice. Second, polynomial time ML algorithms are explored, which can learn the PUFs under the appropriate representation. More importantly, in contrast to previous ML approaches, not only the accuracy of the model mimicking the behavior of the PUF but also the delivery of such a model is ensured by our framework.Besides off-the-shelf ML algorithms, we apply a set of algorithms originated in property testing field of study that can support the evaluation of the security of PUFs. They serve as a "toolbox", from which PUF designers and manufacturers can choose the indicators being relevant to their requirements. Last but not least, on the basis of learning theory concepts, this thesis explicitly states that the PUF families studied here cannot be considered as an ultimate solution to the problem of insecure ICs. Furthermore, we believe that this thesis can provide an insight into not only the academic research but also the design and manufacturing of PUFs. xi

show abstract

“…For instance, one can cut off the trigger signal from alerting the CPU of an attack [19]. A practical FIB attack has been demonstrated by probing the backside of an IC [20].…”

Section: A Invasive Attacksmentioning

confidence: 99%

Shielding and securing integrated circuits with sensors

Shahrjerdi

Rajendran

Garg

et al. 2014

2014 IEEE/ACM International Conference on Computer-Aided Design (ICCAD)

View full text Add to dashboard Cite

An integrated circuit (IC) Supply Chain Hardware Integrity for Electronics Defense (SHIELD) is envisioned to enable advanced supply chain hardware authentication and tracing capabilities. The suggested SHIELD is expected to be a ultralower power, minuscule electronic component that is physically attached to the host IC. This paper focuses on two important adversarial acts on SHIELD: physical reverse engineering and physical side-channel analysis. These attacks can be launched through mechanical or optical means and they can reveal and/or modify the confidential on-chip data or enable reverse-engineering of the design. For detection of these attacks and subsequent erasing of the sensitive data, sensors, erasure devices, and the relevant control circuitry need to be added to the SHIELD. We describe the device-level operation of the optical (photodetectors) and mechanical (nano-or micro-electromechanical switches) sensors and how they can be integrated within an IC to detect physical attacks. The operation of these micro/nano-scale sensors is unreliable due to environmental, operational, and structural fluctuations and noise. We outline system-level approaches to design a reliable countermeasure against physical attacks using unreliable sensors.

show abstract

Breaking and entering through the silicon

Cited by 98 publications

References 23 publications

On the Physical Security of Physically Unclonable Functions

On the Physical Security of Physically Unclonable Functions

On the Learnability of Physically Unclonable Functions

Shielding and securing integrated circuits with sensors

Contact Info

Product

Resources

About