Search for: All records

Sensitive data contained and processed in integrated circuits (ICs), such as secret keys and encrypted firmware, can be extracted with focused ion beam (FIB) based probing attacks. Due to the unprotected structure on the back-side of the die, the threat of back-side probing attacks is particularly grim. In this study, we develop a quantitative model for back-side probing attacks and apply it to three latest technology nodes 7, 10 and 14 nm with 3, 5, 8 and 10 FIB aspect ratios. The probed opening is modeled to have shape of conical frustum, which allows FIB beam diameter, in range of 10nm to 33.3nm, to produce the opening with diameter in range of 22nm to 57.3nm. We also propose a novel back-side shield design structure with an estimated 16% area overhead that terminates the die operations as a result of probing to prevent malicious data extraction. Proposed back-side countermeasure increases the complexity of the attack performed on protected die. 

Security-critical applications on integrated circuits (ICs) are threatened by probing attacks that extract sensitive information assisted with focused ion beam (FIB) based circuit edit. Existing countermeasures, such as active shield, analog shield, and t-private circuit, have proven to be inefficient and provide limited resistance against probing attacks without taking FIB capabilities into consideration. In this paper, we propose a FIB-aware anti-probing physical design flow, which considers FIB capabilities and utilizes computer-aided design (CAD) tools, to automatically reduce the probing attack vulnerability of an IC’s security-critical nets with minimal extra design effort. The floor-planning and routing of the design are constrained by incorporating three new steps in the conventional physical design flow, so that security-critical nets are protected by internal shield nets with low overhead. Results show that the proposed technique can reduce the vulnerable area exposed to probing on security-critical nets by 100% with all critical nets fully protected for both advanced encryption standard (AES) and data encryption standard (DES) modules. The timing, area, and power overheads are less than 3% per module, which would be negligible in a system-on-chip (SoC) design. 

Hardware Trojan insertion and intellectual property (IP) theft are two major concerns when dealing with untrusted foundries. Most existing mitigation techniques are limited in protecting against both vulnerabilities. Split manufacturing is designed to stop IP piracy and IC cloning, but it fails at preventing untargeted hardware Trojan insertion and incurs significant overheads when high level of security is demanded. Built-in self-authentication (BISA) is a low cost technique for preventing and detecting hardware Trojan insertion, but is vulnerable to IP piracy, IC cloning or redesign attacks, especially on original circuitry. In this paper, we propose an obfuscated built-in self-authentication (OBISA) technique that combines and optimizes both techniques so that they complement and improve security against both vulnerabilities, while at the same time minimizing design overheads to the extent that the proposed method does not incur prohibitive cost for designs of industrial-level sophistication. Our evaluation on AES and DES cores shows that the proposed technique can reach security levels more than two times higher, satisfy all existing layout-based security metrics, while reducing overheads from hundreds of percents to less than 13% in power, less than 5% in delay, and zero percent in area, as compared to best reported performance in existing techniques. 

Probing attacks against integrated circuits (IC) have become a serious concern, especially for security-critical applications. With the help of modern circuit editing tools, an attacker could remove layers of materials and expose wires carrying sensitive on-chip assets, such as cryptographic keys and proprietary firmware for probing. Most existing protection methods use active shield which provides tamper-evident covers at the top-most metal layers to the circuity below. However, they lack formal proofs of their effectiveness as some active shields have already been circumvented by hackers. In this paper, we investigate the problem of protection against front-side probing attacks and present a framework to assess a design’s vulnerabilities against probing attacks. Metrics are developed to evaluate the resilience of designs to bypass attack and reroute attack which are two common techniques used to compromise an anti-probing mechanism. Exemplary assets from an SoC layout are used to evaluate the proposed flow. Results show that long net and high layer wires are vulnerable to probing attack equipped with high aspect ratio FIB. Meanwhile, nets that occupy small area on the chip are probably compromised through rerouting shield wires. On the other hand, multi-layer internal orthogonal shield performs the best among common shield structures. 

Microprobing attacks against integrated circuit used in security-critical systems have become a serious concern. With the help of advanced circuit editing technology, an attacker can remove layers of materials and expose wires carrying security critical information for probing. Active shields constitute the most widely used approach to deter microprobing attacks. However, a number of vulnerabilities have been found in existing active shield designs; in particular, their weakness to tilted bypass attacks has yet to be addressed. In this paper, we provide a comprehensive investigation on tilted bypass attacks with a mathematical model to investigate how best an attacker can exploit geometric weakness of shield designs in three dimensions, as well as shield design techniques informed with such observations. We also include a numerical analysis with realistic parameters to validate theoretical predictions. 

Security-critical applications on integrated circuits (ICs) are threatened by microprobing attacks that extract sensitive information through focused ion beam (FIB) based milling. Existing countermeasures, such as active shield, analog shield and t-private circuit, have proven to be inefficient and provide limited resistance. In this paper, we propose a FIB-aware anti-probing physical design flow to reduce the vulnerability of security-critical nets in a design. Results show that our proposed technique can reduce the vulnerable exposed area on critical nets to probing attack by 90% in AES and DES modules with only 5% area overhead.