circuit cad tools as a security threat university of michigan † and rice university ‡ june 9,...
TRANSCRIPT
Circuit CAD Toolsas a Security ThreatCircuit CAD Tools
as a Security Threat
University of Michigan† and Rice University‡University of Michigan† and Rice University‡
June 9, 2008
Jarrod A. Roy†, Farinaz Koushanfar‡ and Igor L. Markov†
June 9, 2008
Jarrod A. Roy†, Farinaz Koushanfar‡ and Igor L. Markov†
Trusted Computing
Breaches of hardware security increasingCell-phone tapping of Greek officialsKinko’s key loggerCompromised weapons systemsElectronic voting irregularities
Push for open-source EDAEasy to spoof binaries and libraries
Emerging technology must be tamper-resistantSmart cards, RFIDs, e-cash, …
Demand for trusted computing increasing
Key logger sold by
ThinkGeek
Software vs. Hardware Exploitation
Both target unauthorized control of a system, but …
Software exploits are well-studiedAnti-virus and anti-malware programseffective, quickly updated for new threatsRemoval usually possible
Complete system reinstall as a last resort
Compromised hardware more challengingCan be designed to resist modern detection techniquesRemoval may not be possible
Post-silicon fixes slow, expensiveMay need to completely replace
Anatomy of a Hardware Trojan
Trigger: activates the exploitSpecial input sequenceTime
Payload: performs the intended actionReplace logicDump sensitive dataInject faults
Memory: storage for the exploitTrigger patternsCompromised dataSide channel bufferDetection avoidance
Avoiding Detection
Trojans can be considered design errors
Can standard verification techniques catch them?Bounded Model Checking (BMC)
Simulate circuit for several cycles,check output against golden modelDefeated by: add binary counter andtrigger exploit after several days or weeks
Design for Test (DFT)Test circuit after manufactureUse scan chains and automatictest pattern generation (ATPG)Defeated by: insert before ATPG
– Trojan is now fault-tested!
Injecting Trojan Horses
Designs can be altered at nearly any flow stageBy compromised tools
Logic synthesis tools can add payload logicRouters can introduce shorts, opens
Or the scripts that run themPreprocess VerilogPostprocess gate-level netlist
First step of injection is target detectionPattern-matching in text files, e.g., VerilogPattern-matching distinctive circuitsCombinational equivalence checking
Case Study: Compromising Crypto Circuits
Cryptographic circuits have many unique elements:Large quantities of XOR gates, bit shifts and bit permutationsDistinctive “magic” constants
Changing one constant can disable randomness, for example
Application “Magic” constants or formulas
Linear congruential PRNG
Mersenne twisterMT19937 algorithm
397, 624, 1812433253, 2567483615, 2636928640, 4022730752
MD5 hash0x10325476, 0x67452301,
0x98BADCFE, 0xEFCDAB89
SHA-256 hash
0x1F83D9AB, 0x3C6EF372, 0x510E527F, 0x5BE0CD19, 0x6A09E667, 0x9B05688C, 0xA54FF53A, 0xBB67AE85
xn+1 = 279470273 × xn
mod 0294967291xn+1 = 279470273 × xn
mod 4294967291
Compromising Crypto Circuits
Identifying bit permutationsDES uses at least six distinctive 32-bit permutationsCarefully crafted attack on DES could remove permutations, exposing plaintext
Substitution functionsEasily identified bymagic constants or equivalence checkingAES uses several S-boxes
Compromised with standard fault injection techniques
Countermeasures
Attackers can defeat static testing techniquesLeverage short avg. test time, difficulty of 100% verificationSolution: dynamic verification
The DIVA approach [Weaver & Austin 2001]Add simple circuit to verify in real-time
Small enough to be known correct
On error, begin analysis and recoveryOr shut down completely for data security
Verifier
Error?
Inputsand Outputs
Conclusions
High demand for trusted computingMilitary, medicine, voting, …
Attackers can modify CAD tool flows to inject TrojansAutomatically recognize certain circuit types
Magic numbers, permutations, substitution functions, …
Inject targeted changes/faultsTrivially resistant to modern test techniques
Dynamic verification helpsVerify all outputs of untrusted circuitsWill slow but not necessarily stop attacks
Total solution an open challenge