research-article

A Touch of Evil: High-Assurance Cryptographic Hardware from Untrusted Components

Authors:
Vasilios Mavroudis

University College London, London, United Kingdom

University College London, London, United Kingdom
View Profile

,
Andrea Cerulli

University College London, London, United Kingdom

University College London, London, United Kingdom
View Profile

,
Petr Svenda

Masaryk University, Brno, Czech Rep

Masaryk University, Brno, Czech Rep
View Profile

,
Dan Cvrcek

EnigmaBridge, Cambridge, United Kingdom

EnigmaBridge, Cambridge, United Kingdom
View Profile

,
Dusan Klinec

EnigmaBridge, Cambridge, United Kingdom

EnigmaBridge, Cambridge, United Kingdom
View Profile

,
George Danezis

University College London, London, United Kingdom

University College London, London, United Kingdom
View Profile

CCS '17: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications SecurityOctober 2017Pages 1583–1600https://doi.org/10.1145/3133956.3133961

Published:30 October 2017Publication History

CCS '17: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security

Pages 1583–1600

ABSTRACT

The semiconductor industry is fully globalized and integrated circuits (ICs) are commonly defined, designed and fabricated in different premises across the world. This reduces production costs, but also exposes ICs to supply chain attacks, where insiders introduce malicious circuitry into the final products. Additionally, despite extensive post-fabrication testing, it is not uncommon for ICs with subtle fabrication errors to make it into production systems. While many systems may be able to tolerate a few byzantine components, this is not the case for cryptographic hardware, storing and computing on confidential data. For this reason, many error and backdoor detection techniques have been proposed over the years. So far all attempts have been either quickly circumvented, or come with unrealistically high manufacturing costs and complexity.

This paper proposes Myst, a practical high-assurance architecture, that uses commercial off-the-shelf (COTS) hardware, and provides strong security guarantees, even in the presence of multiple malicious or faulty components. The key idea is to combine protective-redundancy with modern threshold cryptographic techniques to build a system tolerant to hardware trojans and errors. To evaluate our design, we build a Hardware Security Module that provides the highest level of assurance possible with COTS components. Specifically, we employ more than a hundred COTS secure cryptocoprocessors, verified to FIPS140-2 Level 4 tamper-resistance standards, and use them to realize high-confidentiality random number generation, key derivation, public key decryption and signing. Our experiments show a reasonable computational overhead (less than 1% for both Decryption and Signing) and an exponential increase in backdoor-tolerance as more ICs are added.

References

Mehmet Adalier. 2015. Efficient and Secure Elliptic Curve Cryptography Imple- mentation of Curve P-256. (2015).Google Scholar
Sally Adee. 2008. The hunt for the kill switch. IEEE Spectrum 45, 5 (2008), 34--39. Google ScholarDigital Library
Dakshi Agrawal, Selcuk Baktir, Deniz Karakoyunlu, Pankaj Rohatgi, and Berk Sunar. 2007. Trojan detection using IC fingerprinting. In Security and Privacy, 2007. SP'07. IEEE Symposium on. IEEE, 296--310. Google ScholarDigital Library
Yousra Alkabani and Farinaz Koushanfar. 2008. N-variant IC design: methodology and applications. In Proceedings of the 45th Design Automation Conference, DAC 2008, Anaheim, CA, USA, June 8-13, 2008. 546--551. https://doi.org/10.1145/1391469. 1391606Google ScholarDigital Library
Jacob Appelbaum, Judith Horchert, and Christian Stöcker. 2013. Shopping for spy gear: Catalog advertises NSA toolbox. Der Spiegel 29 (2013).Google Scholar
Giuseppe Ateniese, Aggelos Kiayias, Bernardo Magri, Yiannis Tselekounis, and Daniele Venturi. 2016. Secure Outsourcing of Circuit Manufacturing. Cryptology ePrint Archive, Report 2016/527. (2016). http://eprint.iacr.org/2016/527.Google Scholar
Michael Backes, Markus Dürmuth, and Dominique Unruh. 2008. Compromising reflections-or-how to read LCD monitors around the corner. In Security and Privacy, 2008. SP 2008. IEEE Symposium on. IEEE, 158--169. Google ScholarDigital Library
Chongxi Bao, Yang Xie, and Ankur Srivastava. 2015. A security-aware design scheme for better hardware Trojan detection sensitivity. In IEEE International Symposium on Hardware Oriented Security and Trust, HOST 2015, Washington, DC, USA, 5-7 May, 2015. 52--55. https://doi.org/10.1109/HST.2015.7140236Google ScholarCross Ref
Mark Beaumont, Bradley Hopkins, and Tristan Newby. 2012. Safer path: Security architecture using fragmented execution and replication for protection against trojaned hardware. In Proceedings of the Conference on Design, Automation and Test in Europe. EDA Consortium, 1000--1005. Google ScholarCross Ref
Mark Beaumont, Bradley Hopkins, and Tristan Newby. 2013. Hardware trojan resistant computation using heterogeneous COTS processors. In Proceedings of the Thirty-Sixth Australasian Computer Science Conference-Volume 135. Australian Computer Society, Inc., 97--106.Google ScholarDigital Library
Georg T Becker, Francesco Regazzoni, Christof Paar, and Wayne P Burleson. 2013. Stealthy dopant-level hardware trojans. In International Workshop on Cryptographic Hardware and Embedded Systems. Springer, 197--214.Google ScholarDigital Library
Georg T. Becker, Francesco Regazzoni, Christof Paar, and Wayne P. Burleson. 2014. Stealthy dopant-level hardware Trojans: extended version. J. Cryptographic Engineering 4, 1 (2014), 19--31. https://doi.org/10.1007/s13389-013-0068-0 Google ScholarCross Ref
Mihir Bellare, Chanathip Namprempre, David Pointcheval, and Michael Semanko. 2003. The One-More-RSA-Inversion Problems and the Security of Chaum's Blind Signature Scheme. J. Cryptology 16, 3 (2003), 185--215. Google ScholarCross Ref
Mihir Bellare and Gregory Neven. 2006. Multi-signatures in the plain public-Key model and a general forking lemma. 390--399.Google Scholar
Mihir Bellare and Phillip Rogaway. 1993. Random Oracles are Practical: A Para- digm for Designing Efficient Protocols. In CCS '93, Proceedings of the 1st ACM Conference on Computer and Communications Security, Fairfax, Virginia, USA, November 3-5, 1993. 62--73.Google ScholarDigital Library
Daniel J Bernstein, Yun-An Chang, Chen-Mou Cheng, Li-Ping Chou, Nadia Heninger, Tanja Lange, and Nicko Van Someren. 2013. Factoring RSA keys from certified smart cards: Coppersmith in the wild. In International Conference on the Theory and Application of Cryptology and Information Security. Springer, 341--360.Google ScholarCross Ref
Guido Bertoni, Joan Daemen, Michaël Peeters, and Gilles Van Assche. 2009. Keccak sponge function family main document. Submission to NIST (Round 2) 3 (2009), 30.Google Scholar
Swarup Bhunia, Michael S. Hsiao, Mainak Banga, and Seetharam Narasimhan. 2014. Hardware Trojan Attacks: Threat Analysis and Countermeasures. Proc. IEEE 102, 8 (2014), 1229--1247. https://doi.org/10.1109/JPROC.2014.2334493Google Scholar
Swarup Bhunia, Michael S Hsiao, Mainak Banga, and Seetharam Narasimhan. 2014. Hardware Trojan attacks: threat analysis and countermeasures. Proc. IEEE 102, 8 (2014), 1229--1247. Google ScholarCross Ref
George Robert Blakley. 1979. Safeguarding cryptographic keys. Proc. of the National Computer Conference1979 48 (1979), 313--317.Google ScholarCross Ref
Manuel Blum, Paul Feldman, and Silvio Micali. 1988. Non-interactive zero- knowledge and its applications. In Proceedings of the twentieth annual ACM symposium on Theory of computing. ACM, 103--112. Google ScholarDigital Library
Alexandra Boldyreva. 2003. Threshold Signatures, Multisignatures and Blind Signatures Based on the Gap-Diffie-Hellman-Group Signature Scheme. In Public Key Cryptography - PKC 2003. 31--46.Google Scholar
Julia Borghoff, Anne Canteaut, Tim Güneysu, Elif Bilge Kavun, Miroslav Knezevic, Lars R Knudsen, Gregor Leander, Ventzislav Nikov, Christof Paar, Christian Rechberger, et al. 2012. PRINCE--a low-latency block cipher for pervasive computing applications. In International Conference on the Theory and Application of Cryptology and Information Security. Springer, 208--225. Google ScholarDigital Library
Felix Brandt. 2005. Efficient Cryptographic Protocol Design Based on Distributed El Gamal Encryption. In Information Security and Cryptology - ICISC 2005, 8th International Conference, Seoul, Korea, December 1-2, 2005, Revised Selected Papers (Lecture Notes in Computer Science) , Dongho Won and Seungjoo Kim (Eds.), Vol. 3935. Springer, 32--47. https://doi.org/10.1007/11734727_5Google Scholar
Rajat Subhra Chakraborty and Swarup Bhunia. 2009. Security against hardware Trojan through a novel application of design obfuscation. In Proceedings of the 2009 International Conference on Computer-Aided Design. ACM, 113--116. Google ScholarDigital Library
Rajat Subhra Chakraborty, Francis G. Wolff, Somnath Paul, Christos A. Papachris- tou, and Swarup Bhunia. 2009. MERO: A Statistical Approach for Hardware Trojan Detection. In Cryptographic Hardware and Embedded Systems - CHES 2009, 11th International Workshop, Lausanne, Switzerland, September 6--9, 2009, Proceedings. 396--410. https://doi.org/10.1007/978--3--642-04138--9_28Google Scholar
Liming Chen and Algirdas Avizienis. 1978. N-version programming: A fault- tolerance approach to reliability of software operation. In Digest of Papers FTCS-8: Eighth Annual International Conference on Fault Tolerant Computing. 3--9.Google Scholar
Zhang Chen, Pingqiang Zhou, T. Y. Ho, and Y. Jin. 2016. How secure is split manufacturing in preventing hardware trojan?. In 2016 IEEE Asian Hardware-Oriented Security and Trust (AsianHOST). 1--6. https://doi.org/10.1109/AsianHOST. 2016.7835561Google Scholar
European Commission. 2016. Questions & Answers on Trust Services under eIDAS. https://ec.europa.eu/digital-single-market/en/news/questions-answers-trust-services-under-eidas. (February 2016).Google Scholar
Semiconductor Manufacturing International Corporation. 2017. Embedded Non- Volatile Memory for Smart Card & MCU. http://www.smics.com/eng/foundry/technology/tec_envm.php. (May 2017).Google Scholar
Nicolas T Courtois. 2009. The dark side of security by obscurity and cloning Mifare Classic rail and building passes, anywhere, anytime. (2009).Google Scholar
Benjamin Cox and David Evans. 2006. N-Variant Systems: A Secretless Framework for Security through Diversity. In Proceedings of the 15th USENIX Security Symposium, Vancouver, BC, Canada, July 31 - August 4, 2006. https://www.usenix.org/conference/15th-usenix-security-symposium/ n-variant-systems-secretless-framework-security-throughGoogle ScholarDigital Library
George Danezis, Claudia Diaz, and Paul Syverson. 2009. Systems for anonymous communication. Handbook of Financial Cryptography and Security, Cryptography and Network Security Series (2009), 341--389.Google Scholar
Stefan Dziembowski, Sebastian Faust, and François-Xavier Standaert. 2016. Private circuits III: Hardware Trojan-Resilience via testing amplification. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. ACM, 142--153. Google ScholarDigital Library
Don Edenfeld, Andrew B. Kahng, Mike Rodgers, and Yervant Zorian. 2004. 2003 Technology Roadmap for Semiconductors. IEEE Computer 37, 1 (2004), 47--56. https://doi.org/10.1109/MC.2004.1260725Google ScholarDigital Library
Taher ElGamal. 1985. A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE transactions on information theory 31, 4 (1985), 469--472. Google ScholarDigital Library
Amos Fiat and Adi Shamir. 1986. How to prove yourself: Practical solutions to identification and signature problems. In Conference on the Theory and Application of Cryptographic Techniques. Springer, 186--194.Google ScholarDigital Library
Task Force. 2005. High Performance Microchip Supply. (2005).Google Scholar
Bastian Fredriksson. 2016. A case study in smartcard security Analysing Mifare Classic Rev. (2016).Google Scholar
Sean Gallagher. 2014. Photos of an NSA "IJupgrade" factory show Cisco router getting implant. Ars Technica 14 (2014).Google Scholar
Daniel Genkin, Adi Shamir, and Eran Tromer. 2014. RSA key extraction via low-bandwidth acoustic cryptanalysis. In International Cryptology Conference. Springer, 444--461. Google ScholarCross Ref
Rosario Gennaro, Stanislaw Jarecki, Hugo Krawczyk, and Tal Rabin. 2007. Secure Distributed Key Generation for Discrete-Log Based Cryptosystems. J. Cryptology 20, 1 (2007), 51--83. https://doi.org/10.1007/s00145-006-0347--3 Google ScholarDigital Library
Dan Goodin. 2013. "We cannot trust"? Intel and Via's chip-based crypto?, FreeBSD developers say. http://arstechnica.com/security/2013/12/we- cannot-trust-intel-and-vias-chip-based-crypto-freebsd-developers-say/. (December 2013).Google Scholar
Torbjörn Granlund and Peter L Montgomery. 1994. Division by invariant integers using multiplication. In ACM SIGPLAN Notices, Vol. 29. ACM, 61--72.Google ScholarDigital Library
FreeBSD Security Working Group. 2013. FreeBSD Developer Summit: Security Working Group. https://wiki.freebsd.org/201309DevSummit/Security. (December 2013).Google Scholar
Stefan Heck, Sri Kaza, and Dickon Pinner. 2011. Creating value in the semicon- ductor industry. McKinsey & Company (2011).Google Scholar
Matthew Hicks, Murph Finnicum, Samuel T. King, Milo M. K. Martin, and Jonathan M. Smith. 2010. Overcoming an Untrusted Computing Base: Detecting and Removing Malicious Hardware Automatically. In 31st IEEE Symposium on Security and Privacy, S&P 2010, 16-19 May 2010, Berleley/Oakland, California, USA. 159--172. https://doi.org/10.1109/SP.2010.18Google ScholarDigital Library
Frank Imeson, Ariq Emtenan, Siddharth Garg, and Mahesh V Tripunitara. Securing Computer Hardware Using 3D Integrated Circuit (IC) Technology and Split Manufacturing for Obfuscation.Google Scholar
Intel Inc. 2017. About the Intel manageability firmware critical vulnerability. http://www.intel.com/content/www/us/en/architecture-and-technology/intel-amt-vulnerability-announcement.html. (May 2017).Google Scholar
Yier Jin and Yiorgos Makris. 2010. Hardware Trojans in wireless cryptographic ICs. IEEE Design & Test of Computers 27, 1 (2010). Google ScholarDigital Library
Rod Johnson et al. 2005. Introduction to the spring framework. TheServerSide. com 21 (2005), 22.Google Scholar
Samuel T. King, Joseph Tucek, Anthony Cozzie, Chris Grier, Weihang Jiang, and Yuanyuan Zhou. 2008. Designing and Implementing Malicious Hardware. In First USENIX Workshop on Large-Scale Exploits and Emergent Threats, LEET '08, San Francisco, CA, USA, April 15, 2008, Proceedings. http://www.usenix.org/events/ leet08/tech/full_papers/king/king.pdfGoogle ScholarDigital Library
Raghavan Kumar, Philipp Jovanovic, Wayne P Burleson, and Ilia Polian. 2014. Parametric Trojans for Fault-Injection Attacks on Cryptographic Hardware. IACR Cryptology ePrint Archive 2014 (2014), 783.Google Scholar
Sebastian Kutzner, Axel York Poschmann, and Marc Stöttinger. 2013. Hardware trojan design and detection: a practical evaluation. In Proceedings of the Workshop on Embedded Systems Security, WESS 2013, Montreal, Quebec, Canada, September 29 - October 4, 2013. 1:1--1:9. https://doi.org/10.1145/2527317.2527318Google ScholarDigital Library
Steve Lu, Rafail Ostrovsky, Amit Sahai, Hovav Shacham, and Brent Waters. 2013. Sequential Aggregate Signatures, Multisignatures, and Verifiably Encrypted Signatures Without Random Oracles. Journal of cryptology 26, 2 (2013), 340--373. Google ScholarDigital Library
John Markoff. 2009. Old trick threatens the newest weapons. The New York Times 27 (2009).Google Scholar
Silvio Micali, Kazuo Ohta, and Leonid Reyzin. 2001. Accountable-subgroup multisignatures: extended abstract. In CCS 2001, Proceedings of the 8th ACM Conference on Computer and Communications Security. 245--254. Google ScholarDigital Library
Markus Michels and Patrick Horster. 1996. On the Risk of Disruption in Several Multiparty Signature Schemes. In Advances in Cryptology - ASIACRYPT '96, International Conference on the Theory and Applications of Cryptology and Information Security, Kyongju, Korea, November 3-7, 1996, Proceedings. 334--345. Google ScholarCross Ref
Subhasish Mitra, H-S Philip Wong, and Simon Wong. 2015. The Trojan-proof chip. IEEE Spectrum 52, 2 (2015), 46--51. Google ScholarDigital Library
Inez Miyamoto, Thomas H Holzer, and Shahryar Sarkani. 2017. Why a counterfeit risk avoidance strategy fails. Computers & Security (2017).Google Scholar
Antonio Nicolosi, Maxwell N. Krohn, Yevgeniy Dodis, and David Mazières. 2003. Proactive Two-Party Signatures for User Authentication. In Proceedings of the Network and Distributed System Security Symposium, NDSS 2003, San Diego, California, USA.Google Scholar
Kazuo Ohta and Tatsuaki Okamoto. 1991. A Digital Multisignature Scheme Based on the Fiat-Shamir Scheme. In Advances in Cryptology - ASIACRYPT '91. 139--148.Google Scholar
United States. Defense Science Board. Task Force on High Performance Microchip Supply. 2005. Defense science board task force on high performance microchip supply. Office of the Under Secretary of Defense for Acquisition, Technology, and Logistics.Google Scholar
Torben P. Pedersen. 1991. Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing. In Advances in Cryptology - CRYPTO '91, 11th Annual International Cryptology Conference, Santa Barbara, California, USA, August 11-15, 1991, Proceedings. 129--140. https://doi.org/10.1007/3-540-46766-1_9Google ScholarDigital Library
Andrea Pellegrini, Valeria Bertacco, and Todd Austin. 2010. Fault-based attack of RSA authentication. In Proceedings of the conference on Design, automation and test in Europe. European Design and Automation Association, 855--860. Google ScholarCross Ref
David Pointcheval and Jacques Stern. 2000. Security Arguments for Digital Signatures and Blind Signatures. Journal of cryptology 13, 3 (2000), 361--396. Google ScholarDigital Library
Miodrag Potkonjak, Ani Nahapetian, Michael Nelson, and Tammara Massey. 2009. Hardware Trojan horse detection using gate-level characterization. In Proceedings of the 46th Design Automation Conference, DAC 2009, San Francisco, CA, USA, July 26-31, 2009. 688--693. https://doi.org/10.1145/1629911.1630091Google ScholarDigital Library
Jeyavijayan JV Rajendran and Siddharth Garg. 2017. Logic Encryption. In Hardware Protection through Obfuscation. Springer, 71--88. Google ScholarCross Ref
Jeyavijayan JV Rajendran, Ozgur Sinanoglu, and Ramesh Karri. 2013. Is split manufacturing secure?. In Proceedings of the Conference on Design, Automation and Test in Europe. EDA Consortium, 1259--1264.Google ScholarDigital Library
Wolfgang Rankl and Wolfgang Effing. 2004. Smart card handbook. John Wiley & Sons.Google Scholar
RT. 2013. "We cannot trust them anymore": Engineers abandon encryption chips after Snowden leaks. https://www.rt.com/usa/ snowden-leak-rng-randomness-019/. (December 2013).Google Scholar
Bruce Schneier. 2013. Surreptitiously Tampering with Computer Chips. https://www.schneier.com/blog/archives/2013/09/surreptitiously.html. (November 2013).Google Scholar
Claus-Peter Schnorr. 1991. Efficient signature generation by smart cards. Journal of cryptology 4, 3 (1991), 161--174. Google ScholarDigital Library
Hua Hong Semiconductor. 2017. Hua Hong Semiconductor Limited. http://www. huahonggrace.com/html/about.php. (May 2017).Google Scholar
Adi Shamir. 1979. How to share a secret. Commun. ACM 22, 11 (1979), 612--613. Google ScholarDigital Library
Thomas Shrimpton and R Seth Terashima. 2015. A provable-security analysis of Intel's secure key RNG. In Annual International Conference on the Theory and Applications of Cryptographic Techniques. Springer, 77--100. Google ScholarCross Ref
S Skorobogatov. 2012. Hardware assurance and its importance to national security. Available Online: http://www.cl.cam.ac. uk/sps32/secnews.html (2012).Google Scholar
Sergei Skorobogatov and Christopher Woods. 2012. Breakthrough Silicon Scanning Discovers Backdoor in Military Chip. In Cryptographic Hardware and Embedded Systems - CHES 2012 - 14th International Workshop, Leuven, Belgium, September 9-12, 2012. Proceedings. 23--40. https://doi.org/10.1007/978-3-642-33027-8_2Google Scholar
Oliver Soll, Thomas Korak, Michael Muehlberghuber, and Michael Hutter. 2014. EM-based detection of hardware trojans on FPGAs. In Hardware-Oriented Security and Trust (HOST), 2014 IEEE International Symposium on. IEEE, 84--87.Google ScholarCross Ref
StarChip. 2017. Smart CARD ICs. http://www.starchip-ic.com/en/smart-card-chips/. (May 2017).Google Scholar
Douglas R. Stinson and Reto Strobl. 2001. Provably Secure Distributed Schnorr Signatures and a (t, n) Threshold Scheme for Implicit Certificates. In Information Security and Privacy, 6th Australasian Conference, ACISP 2001, Sydney, Australia, July 11-13, 2001, Proceedings (Lecture Notes in Computer Science), Vijay Varadharajan and Yi Mu (Eds.), Vol. 2119. Springer, 417--434. https://doi.org/10.1007/ 3-540-47719-5_33Google Scholar
Lorenzo Strigini. 2005. Fault tolerance against design faults. (2005).Google Scholar
Petr Svenda. 2014. Nuances of the JavaCard API on the cryptographic smart cards--JCAlgTest project. (2014).Google Scholar
Mohammad Tehranipoor and Cliff Wang. 2011. Introduction to hardware security and trust. Springer Science & Business Media.Google Scholar
Taiwan Semiconductor Manufacturing Company Limited TSMC. 2017. Value Chain Aggregator - KM211. http://www.tsmc.com/english/dedicatedFoundry/services/value_chain_aggregator_km211.htm. (May 2017).Google Scholar
Sean Turner, Russ Housley, Tim Polk, Daniel RL Brown, and Kelvin Yiu. 2009. Elliptic curve cryptography subject public key information. (2009).Google Scholar
Riad S. Wahby, Max Howald, Siddharth Garg, abhi shelat, and Michael Walfish. 2016. Verifiable ASICs. In IEEE Security and Privacy (Oakland) 2016, eprint/2016/1243.Google Scholar
Adam Waksman and Simha Sethumadhavan. 2010. Tamper evident microprocessors. In Security and Privacy (SP), 2010 IEEE Symposium on. IEEE, 173--188. Google ScholarDigital Library
Adam Waksman and Simha Sethumadhavan. 2011. Silencing hardware backdoors. In Security and Privacy (SP), 2011 IEEE Symposium on. IEEE, 49--63. Google ScholarDigital Library
Adam Waksman, Matthew Suozzo, and Simha Sethumadhavan. 2013. FANCI: identification of stealthy malicious logic using boolean functional analysis. In 2013 ACM SIGSAC Conference on Computer and Communications Security, CCS'13, Berlin, Germany, November 4-8, 2013. 697--708. https://doi.org/10.1145/2508859. 2516654Google ScholarDigital Library
Xinmu Wang. 2014. Hardware trojan attacks: Threat analysis and low-cost countermeasures through golden-free detection and secure design. Ph.D. Dissertation. Case Western Reserve University.Google Scholar
Xinmu Wang, Tatini Mal-Sarkar, Aswin Raghav Krishna, Seetharam Narasimhan, and Swarup Bhunia. 2012. Software exploitable hardware Trojans in embedded processor. In 2012 IEEE International Symposium on Defect and Fault Tolerance in VLSI and Nanotechnology Systems, DFT 2012, Austin, TX, USA, October 3-5, 2012. 55--58. https://doi.org/10.1109/DFT.2012.6378199Google ScholarDigital Library
Xinmu Wang, Seetharam Narasimhan, Aswin Krishna, Tatini Mal-Sarkar, and Swarup Bhunia. 2011. Sequential hardware trojan: Side-channel aware design and placement. In Computer Design (ICCD), 2011 IEEE 29th International Conference on. IEEE, 297--300.Google ScholarDigital Library
Yujie Wang, Pu Chen, Jiang Hu, and Jeyavijayan Rajendran. 2016. The cat and mouse in split manufacturing. In Proceedings of the 53rd Annual Design Automation Conference, DAC 2016, Austin, TX, USA, June 5-9, 2016. 165:1--165:6. https://doi.org/10.1145/2897937.2898104Google ScholarDigital Library
S. Wei and M. Potkonjak. 2012. Scalable Hardware Trojan Diagnosis. IEEE Transactions on Very Large Scale Integration (VLSI) Systems 20, 6 (June 2012), 1049--1057. https://doi.org/10.1109/TVLSI.2011.2147341Google ScholarDigital Library
Sheng Wei and Miodrag Potkonjak. 2013. The undetectable and unprovable hardware trojan horse. In Proceedings of the 50th Annual Design Automation Conference. ACM, 144. Google ScholarDigital Library
Sheng Wei and Miodrag Potkonjak. 2014. Self-Consistency and Consistency-Based Detection and Diagnosis of Malicious Circuitry. IEEE Trans. VLSI Syst. 22, 9 (2014), 1845--1853. https://doi.org/10.1109/TVLSI.2013.2280233Google ScholarCross Ref
Kaiyuan Yang, Matthew Hicks, Qing Dong, Todd Austin, and Dennis Sylvester. 2016. A2: Analog malicious hardware. (2016).Google Scholar
Age Yeh. 2012. Trends in the global IC design service market. DIGITIMES research (2012).Google Scholar
Ying C Yeh. 1996. Triple-triple redundant 777 primary flight computer. In Aerospace Applications Conference, 1996. Proceedings., 1996 IEEE , Vol. 1. IEEE, 293--307.Google ScholarCross Ref
Ying C Yeh. 1998. Design considerations in Boeing 777 fly-by-wire computers. In High-Assurance Systems Engineering Symposium, 1998. Proceedings. Third IEEE International. IEEE, 64--72.Google ScholarCross Ref
Jie Zhang, Feng Yuan, Lingxiao Wei, Yannan Liu, and Qiang Xu. 2015. VeriTrust: Verification for Hardware Trust. IEEE Trans. on CAD of Integrated Circuits and Systems 34, 7 (2015), 1148--1161. https://doi.org/10.1109/TCAD.2015.2422836Google ScholarDigital Library

Index Terms

A Touch of Evil: High-Assurance Cryptographic Hardware from Untrusted Components

Recommendations

Analysis of data dependence of leakage current in CMOS cryptographic hardware
GLSVLSI '07: Proceedings of the 17th ACM Great Lakes symposium on VLSI

A novel power analysis technique for CMOS cryptographic hardware based on leakage power consumption measurements is presented. Algorithms and models to predict the input vector for maximum and minimum leakage currentallin CMOS gates are reviewed. ...
Read More
Hardware Trojans and Other Threats against Embedded Systems
ASIA CCS '17: Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security

Countless systems ranging from consumer electronics to military equipment are dependent on integrated circuits (ICs). A surprisingly large number of such systems are already security- critical, e.g., automotive electronics, medical devices, or SCADA ...
Read More
Security Threats and Countermeasures in Three-Dimensional Integrated Circuits
GLSVLSI '17: Proceedings of the on Great Lakes Symposium on VLSI 2017

Existing works on Three-dimensional (3D) hardware security focus on leveraging the unique 3D characteristics to address the supply chain attacks that exist in 2D design. However, 3D ICs introduce specific and unexplored challenges as well as new ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
CCS '17: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security
October 2017
2682 pages
ISBN:9781450349468
DOI:10.1145/3133956
General Chair:
Bhavani Thuraisingham
The University of Texas at Dallas, USA
,
Program Chairs:
David Evans
University of Virginia
,
Tal Malkin
Columbia University
,
Dongyan Xu
Purdue University
Copyright © 2017 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 30 October 2017
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
backdoor-tolerance
cryptographic hardware
hardware trojans
secure architecture
Qualifiers
- research-article
Conference

Acceptance Rates
CCS '17 Paper Acceptance Rate151of836submissions,18%Overall Acceptance Rate1,261of6,999submissions,18%
More
Upcoming Conference
CCS '24

Sponsor:

sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 14 - 18, 2024

Salt Lake City , UT , USA
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 14
  Total Citations
  View Citations
- 419
  Total Downloads
- Downloads (Last 12 months)26
- Downloads (Last 6 weeks)1
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

A Touch of Evil: High-Assurance Cryptographic Hardware from Untrusted Components

CCS '17: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security

ABSTRACT

References

Cited By

Index Terms

Recommendations

Analysis of data dependence of leakage current in CMOS cryptographic hardware

Hardware Trojans and Other Threats against Embedded Systems

Security Threats and Countermeasures in Three-Dimensional Integrated Circuits

Comments

Login options

Full Access

Published in

Sponsors

In-Cooperation

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Upcoming Conference

Funding Sources

Other Metrics

Article Metrics

Other Metrics

Cited By

PDF Format

eReader

Digital Edition

Caption

A Touch of Evil: High-Assurance Cryptographic Hardware from Untrusted Components

CCS '17: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security

ABSTRACT

References

Cited By

Index Terms

Recommendations

Analysis of data dependence of leakage current in CMOS cryptographic hardware

Hardware Trojans and Other Threats against Embedded Systems

Security Threats and Countermeasures in Three-Dimensional Integrated Circuits

Comments

Login options

Full Access

Published in

Sponsors

In-Cooperation

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Upcoming Conference

Funding Sources

Article Metrics

Other Metrics

PDF Format

eReader

Digital Edition

Share this Publication link

Share on Social Media