Security An Emerging Threat Landscape and Possible Solutions Siddharth Garg with M El Massad NYU F Imeson Waterloo and M Tripunitara Waterloo Electrical and Computer Engineering ID: 432297
Download Presentation The PPT/PDF document "Hardware" is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
Slide1
Hardware
Security: An Emerging Threat Landscape and Possible Solutions
Siddharth Garg withM. El-Massad (NYU), F. Imeson (Waterloo), and M. Tripunitara (Waterloo)Electrical and Computer EngineeringNew York University
Berkeley DREAMS SeminarSlide2
Cyber-security Landscape
~20 Billion interconnected “devices” (semiconductor ICs)
Security threats: firmware, application, network (both wired and wireless), cloud ….
…..
but what about the “
devices
” Slide3
IC Supply Chain
m
odule
adder(x, a, b, cin
); input a;
input
b;
input cin;
Millions of
LoC
Geographically dispersed design teams
External “IP”
Source: Global
Semicon
. Alliance
“Fabless” manufacturing
IC circuit
extraction Slide4
Threat Model: Malicious Foundry
“As for hardware, remotely operated
kill switches and hidden backdoors can be written into computer chips….”
- U.S. Department of Defense
More pernicious than a software virusInstantly affects all chipsCannot (or is hard to) patchSlide5
Hardware Trojan Attacks
Types of attacksPrivate information leakage (leaking secret keys, etc.)Privilege escalation attacks [King et al., LEET’08]
Premise: targeted attack on a specific gate (or set of gates)Attacker must uniquely identify at least one gate to be successful
Super-user bitSlide6
Existing Solutions
Hardware Trojan detectionCompare measured IC “fingerprints” with golden IC Reactive (not proactive)
[Source: C Ortiz, US DoD]
Trusted foundry programs
“Contracts with IBM for secure, domestic advanced semiconductor fabrication and ASIC services”
[Source:
Tehranipoor
and
Koushanfar
]Slide7
Running Example: Full Adder
Regular Inputs
Malicious input (trigger) to avoid detection in post-fab. testing
Malicious gateSlide8
Hide information (wires) from the view of the attacker
Proposed Solution: Logic Obfuscation
Hidden wire
I/O labels
removed
Attackers View
Original
Netlist
Logic obfuscation (by hiding wires)
reduces
the attackers ability to correctly identify gates
[
Imeson
et al., USENIX Security’13, Best Paper Award]Slide9
Hiding Wires Using 3D (2.5D) Technology
Top Tier
(Hidden Tier)
Bottom Tier ( Obfuscated Tier)
Contains only hidden wires and all I/OInexpensive to manufactureFabricated at
secure facility
Contains
all gates
and “unhidden” wires
Expensive
Outsourced
for fabrication
2.5D ICSlide10
2.5D and 3D ICs
2.5D Xilinx FPGA
FPGA logic
Interconnect
NYU 3D Test Chip
(
Tezzaron
0.13
mm)
[O’Sullivan et al., ISQED’13]
“A multi-layer circuit may be divided in such a way that the function of each layer becomes obscure
..….. elements can be scattered among the layers in apparently random fashion”
- Tezzaron Technologies white paperSlide11
“Split Manufacturing” Flow
“Layout”Slide12
Attacker Model
Obfuscated
Layout
Reconstructed
Net-listSlide13
How Does the Attacker Proceed
Inputs: Graphs G and HAttacker determines sub-graph
isomorphisms
All four
subgraphs
of
G
that are isomorphic to
H
Is
H “4-secure” with respect to G?Slide14
Formal Notion of Security
S(w) = 2
S(v), S(x), S(u) = 2
S(y) = 1
S(H) = 1
k
-secure vertex
A vertex
is k-secure if there exist at least k
subgraph
isomorphisms
each of which map
to a distinct vertex in G.
k
-secure graph
is k-secure (with respect to G) if every vertex in
is k-secure.
Slide15
Computational Complexity
Determining if
is k-secure is NP-completeRelevant from the perspective of the defenderWe investigated two approaches:Reduction to subgraph isomorphism + VF2 solverReduction to SAT + MiniSAT solver
Slide16
Cost-Security Trade-offs
Cost Number of hidden wiresMinimizing cost to achieve
k-security is NP-HardGreedy procedure to explore cost-security trade-offStart with no edges in H.Pick edge to add to H that maximizes security.Repeat.
Slide17
Experimental Results: Cost vs. Security
Experiments on the C432 benchmark circuit, a 27-channel interrupt controller.
Max.
Avg.
Min.
Gate type that appears fewest timesSlide18
Layout Randomization
Gates are placed to minimize average wirelengthProximal gates on obfuscated (bottom) tier more likely to be connected on hidden (top) tier
Solution: secure layout randomization[Rajendran et al., DATE’13]
OTS Layout Tool
OTS Routing Tool
Layout tool
does not know about connectivity on the hidden tier
and cannot optimize for itSlide19
Layout Randomization Results
Layout randomization effectively defeats proximity attacks1.7x-2.1x delay overhead
Original 2D Layout
Obfuscated Tier Layout
Hidden Tier Layout
Original 2D
Obfuscated
HiddenSlide20
Case Study: DES Circuit
Symmetric key based encryption/decryption35,000 gate implementation from OpenCores library
Attack on LSB of 14th round reveals secret key16-secure circuit by removing only 13% of wires
[
Boneh et al., Eurocrypt’97]Slide21
Footprint of “Exhaustive” Attack
Implemented a 64-secure DES circuitLSB of 14th round actually 255-secure420x area overhead to attack all possible optionsSlide22
Raising the Bar on the AttackerSlide23
IC Supply Chain
m
odule
adder(x, a, b, cin
); input a;
input
b;
input cin;
Millions of
LoC
Geographically dispersed design teams
External “IP”
Source: Global
Semicon
. Alliance
“Fabless” manufacturing
IC circuit
extraction Slide24
IC Circuit Extraction
De-packaging
And Delayering
Packaged IC
Imaging
(SEM)
Schematic!
“…project
we just
finished
; analyzing a
digital ASIC with…..
embedded encryption hardware
…
12K gates of digital logic
…”
“Now we
understood the encryption
,
had the
keys, and had
full
chip simulations running
….”
[Source: Torrance and James, CHES’09]Slide25
Potential Solution: IC Camouflaging
Dummy contacts to camouflage Boolean functionality [US6791191]Attacker cannot determine functionality even after circuit extraction{XOR, NAND, NOR}But, camouflaging comes at a cost (area/power/delay)Slide26
Defender Vs. AttackerSlide27
IC Camouflaging: Trade-off
Camouflaging has a per-gate costClaim [R+,CCS’13]: If a small number of judiciously selected gates is camouflaged, => attacker needs >1000s of years to decamouflage
[R+,CCS’13] seemingly resolve cost-security trade-off[R+,CCS’13] Rajendran, J., et al. "Security analysis of integrated circuit camouflaging,“ CCS 2013
. (Best Student Paper Award)Slide28
Which Gates…? Mindset from [R+,CCS’13]
“Justification”
“Sensitization’Observation: Efficient attack strategy if gates can be simultaneously justified and sensitizedSlide29
Non-Resolvable Gates
Claim [R+,CCS’13]: If gates cannot be simultaneously sensitized and justified, attacker must resort to
brute-force attack
Exponential complexity in # of camouflaged gatesSlide30
The Example, Revisited
Each input eliminates a subset of solutions (or completions)Set of inputs sufficient to eliminate all but the right completion(s)→
discriminating setSlide31
Discriminating Set of InputsSlide32
IC Decamouflaging Attack
Our Work [E+, NDSS’15]: in practice, both the query cost and computational cost of an attack are low:
IC
decamouflaging
in minutes Slide33
Attack OraclesSlide34
Practical Computational Procedure
1
0
0
1
1
1
1
1
0
0
1
0
.
.
.
.
.
.
.
.
Am I done yet?
Add counterexample input
co-
NP
-complete
SAT
Solver
UNSAT
Done!
SAT
What are the gate identities?
SAT
Solver
NP
-complete
0
0
0
1
“counterexample”
0
0
01Given a set of inputs….. Slide35
Our Attack: Empirical ResultsSlide36
Impact of Increasing # Camouflaged GatesSlide37
TakeawayCautionary note to IC designers
Appealing claims on secure IC camouflaging with low cost must be examined carefullyMindset rooted in foundations is helpful