TC: Small: Minimalist Hardware Trojans through Malicious Side-Channels
University Of Massachusetts Amherst, Amherst MA
Investigators
Abstract
In order to provide system security, hardware modules which function as trust anchors are used in an ever increasing number of devices. The majority of laptops and PCs are now equipped with Trusted Platform Modules (TPMs), and a large number of pervasive computing systems such as smart cards, electronic passports or high-speed routers make use of hardware for cryptographic algorithms and key storage. In almost all such applications the security of the entire system hinges on the assumption that the hardware modules are trustworthy. Recently, due to the increasing use of potentially untrusted semiconductor foundries, the threat of maliciously manipulated hardware has been raised, Since hardware manipulations, including hardware Trojans, are difficult to detect and, perhaps more importantly, even harder to repair, they form a very serious threat to system security for today's and future applications. The standard approach to Trojan hardware consists in adding extra logic to a given IC design which weakens the system. The main drawback of this approach, from an attacker's perspective, is that extra function blocks can potentially be detected through a host of techniques, including, e.g., optical inspections at different layers of the design, or power and EM fingerprinting. Our malicious circuit manipulations are orders of magnitude more subtle than previously known Trojans, but can nevertheless totally compromise secure hardware blocks by leaking cryptographic keys. The core idea is to create malicious side-channels, in particular power supply channels, through small modifications of circuit elements, e.g., at the transistor level. We will refer to these covert channels as Trojan side channels (TSC). The core parts of the research are modeling of the assumptions, development of channels and modulations schemes, their realization on the circuit level, and proof-of-concept implementations. In addition to posing a threat to system security, Trojan side-channels can also be used constructively. For instance, they have applications in anti-counterfeiting: illegal copies of ICs with the same functional behavior will not leak the same side-channel ID and can thus easily be detected. Also, TSC could be used for conveying internal status information about a circuit, increasing the testability of a circuits. Moreover, because TSC can be viewed as a form of physically encryption one can imagine other cryptographic protocols and applications using TSC as primitives.
View original record on NSF Award Search →