skip to main content

Explore Research Products in the NSF-PAR

Title: Obfuscated Built-In Self-Authentication with Secure and Efficient Wire-Lifting
Hardware Trojan insertion and intellectual property (IP) theft are two major concerns when dealing with untrusted foundries. Most existing mitigation techniques are limited in protecting against both vulnerabilities. Split manufacturing is designed to stop IP piracy and IC cloning, but it fails at preventing untargeted hardware Trojan insertion and incurs significant overheads when high level of security is demanded. Built-in self-authentication (BISA) is a low cost technique for preventing and detecting hardware Trojan insertion, but is vulnerable to IP piracy, IC cloning or redesign attacks, especially on original circuitry. In this paper, we propose an obfuscated built-in self-authentication (OBISA) technique that combines and optimizes both techniques so that they complement and improve security against both vulnerabilities, while at the same time minimizing design overheads to the extent that the proposed method does not incur prohibitive cost for designs of industrial-level sophistication. Our evaluation on AES and DES cores shows that the proposed technique can reach security levels more than two times higher, satisfy all existing layout-based security metrics, while reducing overheads from hundreds of percents to less than 13% in power, less than 5% in delay, and zero percent in area, as compared to best reported performance in existing techniques.  more » « less
Award ID(s):
1651701
NSF-PAR ID:
10086534
Author(s) / Creator(s):
; ;
Date Published:
Journal Name:
IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems
ISSN:
0278-0070
Page Range / eLocation ID:
1 to 1
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. ; ; ; ; ; ( , Asian Hardware Oriented Security and Trust Symposium (AsianHOST))
    null (Ed.)
    Various hardware security solutions have been developed recently to help counter hardware level attacks such as hardware Trojan, integrated circuit (IC) counterfeiting and intellectual property (IP) clone/piracy. However, existing solutions often provide specific types of protections. While these solutions achieve great success in preventing even advanced hardware attacks, the compatibility of among these hardware security methods are rarely discussed. The inconsistency hampers with the development of a comprehensive solution for hardware IC and IP from various attacks. In this paper, we develop a security primitive generator to help solve the compatibility issue among different protection techniques. Specifically, we focus on two modern IC/IP protection methods, logic locking and watermarking. A combined locking and watermarking technique is developed based on enhanced finite state machines (FSMs). The security primitive generator will take user-specified constraints and automatically generate an FSM module to perform both logic locking and watermarking. The generated FSM can be integrated into any designs for protection. Our experimental results show that the generator can facilitate circuit protection and provide the flexibility for users to achieve a better tradeoff between security levels and design overheads. 
    more » « less
  2. ; ; ; ( , 2019 ACM Great Lakes Symposium on VLSI, GLSVLSI 2019)
    To reduce the cost of ICs and to meet the market's demand, a considerable portion of manufacturing supply chain, including silicon fabrication, packaging and testing may be pushed offshore. Utilizing a global IC manufacturing supply chain, and inclusion of non-trusted parties in the supply chain has raised concerns over security and trust related challenges including those of overproduction, counterfeiting, IP piracy, and Hardware Trojans to name a few. To reduce the risk of IC manufacturing in an untrusted and globally distributed supply chain, the researchers have proposed various locking and obfuscation mechanisms for hiding the functionality of the ICs during the manufacturing, that requires the activation of the IP after fabrication using the key value(s) that is only known to the IP/IC owner. At the same time, many such proposed obfuscation and locking mechanisms are broken with attacks that exploit the inherent vulnerabilities in such solutions. The past decade of research in this area, has resulted in many such defense and attack solutions. In this paper, we review a decade of research on hardware obfuscation from an attacker perspective, elaborate on attack and defense lessons learned, and discuss future directions that could be exploited for building stronger defenses. 
    more » « less
  3. ; ; ( , ACM Transactions on Design Automation of Electronic Systems)
    null (Ed.)
    Due to the globalization of semiconductor manufacturing and test processes, the system-on-a-chip (SoC) designers no longer design the complete SoC and manufacture chips on their own. This outsourcing of the design and manufacturing of Integrated Circuits (ICs) has resulted in several threats, such as overproduction of ICs, sale of out-of-specification/rejected ICs, and piracy of Intellectual Properties (IPs). Logic locking has emerged as a promising defense strategy against these threats. However, various attacks about the extraction of secret keys have undermined the security of logic locking techniques. Over the years, researchers have proposed different techniques to prevent existing attacks. In this article, we propose a novel attack that can break any logic locking techniques that rely on the stored secret key. This proposed TAAL attack is based on implanting a hardware Trojan in the netlist, which leaks the secret key to an adversary once activated. As an untrusted foundry can extract the netlist of a design from the layout/mask information, it is feasible to implement such a hardware Trojan. All three proposed types of TAAL attacks can be used for extracting secret keys. We have introduced the models for both the combinational and sequential hardware Trojans that evade manufacturing tests. An adversary only needs to choose one hardware Trojan out of a large set of all possible Trojans to launch the TAAL attack. 
    more » « less
  4. ; ( , Proceedings of International Symposium on Quality Electronic Design (ISQED))
    The semiconductor industry must deal with different hardware threats like piracy and overproduction as a result of outsourcing manufacturing. While there are many proposals to lock the circuit using a global protected key only known to the designer, there exist numerous oracle-guided attacks that can examine the locked netlist with the assistance of an activated IC and extract the correct key. In this paper, by adopting a low-overhead structural method, we propose DK Lock, a novel Dual Key locking method that securely protects sequential circuits with two different keys that are applied to one set of key inputs at different times. DK Lock structurally adds an activation phase to the sequential circuit, and a correct key must be applied for several cycles to exit this phase. Once the circuit has been successfully activated, a new functional key must be applied to the same set of inputs to resume normal operation. DK Lock opens up new avenues for hardware IP protection by simultaneously refuting the single static key assumption of the existing attacks and overcoming the state explosion problem of state-of-the-art sequential logic locking methods. Our experiments confirm that DK Lock maintains a high degree of security with reasonable power and area overheads. 
    more » « less
  5. ; ; ; ; ; ( , Proceedings)
    The separation of manufacturing and design processes in the integrated circuit industry to tackle the ever increasing circuit complexity and time to market issues has brought with it some major security challenges. Chief among them is IP piracy by untrusted parties. Hardware obfuscation which locks the functionality and modifies the structure of an IP core to protect it from malicious modifications or piracy has been proposed as a solution. In this paper, we develop an efficient hardware obfuscation method, called Mystic (Mystifying IP Cores), to protect IP cores from reverse engineering, IP over- production, and IP piracy. The key idea behind Mystic is to add additional state transitions to the original/functional FSM (Finite State Machine) that are taken only when incorrect keys are applied to the circuit. Using the proposed Mystic obfuscation approach, the underlying functionality of the IP core is locked and normal FSM transitions are only available to authorized chip users. The synthesis results of ITC99 circuit benchmarks for ASIC 45nm technology reveal that the Mystic protection method imposes on average 5.14% area overhead, 5.21% delay overhead, and 8.06% power consumption overheads while it exponentially lowers the probability that an unauthorized user will gain access to or derive the chip functionality. 
    more » « less
  • Citation Formats
  • MLA
  • APA
  • Chicago
  • BibTeX
  • Save / Share this Record
  • Send to Email