Abstract
The general trend in semiconductor industry to separate design from fabrication leads to potential threats from untrusted integrated circuit foundries. In particular, malicious hardware components can be covertly inserted at the foundry to implement hidden backdoors for unauthorized exposure of secret information. This paper proposes a new class of hardware Trojans which intentionally induce physical side-channels to convey secret information. We demonstrate power side-channels engineered to leak information below the effective noise power level of the device. Two concepts of very small implementations of Trojan side-channels (TSC) are introduced and evaluated with respect to their feasibility on Xilinx FPGAs. Their lightweight implementations indicate a high resistance to detection by conventional test and inspection methods. Furthermore, the proposed TSCs come with a physical encryption property, so that even a successful detection of the artificially introduced side-channel will not allow unhindered access to the secret information.
Chapter PDF
Similar content being viewed by others
Keywords
References
High Performance Microchip Supply, Annual Report by the Defense Science Board (2008), http://www.acq.osd.mil/dsb/
McCormack, R.: It’s Like Putting A Band-Aid On A Bullet Hole, Manufacturing & Technology News (2008), http://www.manufacturingnews.com/news/08/0228/art1.html
King, S.T., Tucek, J., Cozzie, A., Grier, C., Jiang, W., Zhou, Y.: Designing and implementing malicious hardware. In: Proceedings of the 1st USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET), pp. 1–8 (2008)
Güneysu, T., Kasper, T., Novotný, M., Paar, C., Rupp, A.: Cryptanalysis with COPACOBANA. IEEE Transactions on Computers 57(11), 1498–1513 (2008)
Chen, Z., Guo, X., Nagesh, R., Reddy, A., Gora, M., Maiti, A.: Hardware Trojan Designs on BASYS FPGA Board. In: Embedded System Challenge Contest in Cyber Security Awareness Week, CSAW (2008)
Kiamilev, F., Hoover, R.: Demonstration of Hardware Trojans. In: DEFCON 16, Las Vegas (2008)
Wang, X., Tehranipoor, M., Plusquellic, J.: Detecting Malicious Inclusions in Secure Hardware: Challenges and Solutions. In: 1st IEEE International Workshop on Hardware-Oriented Security and Trust (HOST), pp. 15–19 (2008)
Soden, J.M., Anderson, R.E., Henderson, C.L.: IC Failure Analysis: Magic, Mystery, and Science. IEEE Design & Test of Computers 14, 59–69 (1997)
Banga, M., Hsiao, M.S.: A Region Based Approach for the Identification of Hardware Trojans. In: 1st IEEE International Workshop on Hardware-Oriented Security and Trust (HOST), pp. 40–47 (2008)
Chakraborty, R., Paul, S., Bhunia, S.: On-Demand Transparency for Improving Hardware Trojan Detectability. In: 1st IEEE International Workshop on Hardware-Oriented Security and Trust (HOST), pp. 48–50 (2008)
Agrawal, D., Baktir, S., Karakoyunlu, D., Rohatgi, P., Sunar, B.: Trojan Detection using IC Fingerprinting. In: IEEE Symposium on Security and Privacy, pp. 296–310 (2007)
Fukunaga, K.: Introduction to Statistical Pattern Recognition, 2nd edn. Computer Science and Scientific Computing Series. Academic Press, London (1990)
Rad, R.M., Wang, X., Tehranipoor, M., Plusquellic, J.: Power supply signal calibration techniques for improving detection resolution to hardware Trojans. In: International Conference on Computer-Aided Design (ICCAD), pp. 632–639 (2008)
Jin, Y., Makris, Y.: Hardware Trojan Detection Using Path Delay Fingerprint. In: 1st IEEE International Workshop on Hardware-Oriented Security and Trust (HOST), pp. 51–57 (2008)
Kocher, P., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)
Kocher, P.: Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)
Shamir, A., Tromer, E.: Acoustic cryptanalysis, online proof of concept, http://people.csail.mit.edu/tromer/acoustic/
Resarch Center for Information Security (RCIS): Side-channel Attack Standard Evaluation Board (SASEBO), http://www.rcis.aist.go.jp/special/SASEBO/index-en.html
Proakis, J.: Digital communications, 4th edn. McGraw-Hill, New York (2000)
Gierlichs, B., Lemke-Rust, K., Paar, C.: Templates vs. Stochastic Methods. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 15–29. Springer, Heidelberg (2006)
Rajski, J., Tyszer, J.: Primitive polynomials over GF(2) of degree up to 660 with uniformly distributed coefficients. Journal of Electronic Testing: theory and applications, 645–657 (2003)
Standaert, F., Oldenzeel, L., Samyde, D., Quisquater, J.: Power analysis of FPGAs: how practical is the attack? In: Y. K. Cheung, P., Constantinides, G.A. (eds.) FPL 2003. LNCS, vol. 2778, pp. 701–711. Springer, Heidelberg (2003)
Ors, S., Oswald, E., Preneel, B.: Power-analysis attacks on an FPGA - first experimental results. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 35–50. Springer, Heidelberg (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Lin, L., Kasper, M., Güneysu, T., Paar, C., Burleson, W. (2009). Trojan Side-Channels: Lightweight Hardware Trojans through Side-Channel Engineering. In: Clavier, C., Gaj, K. (eds) Cryptographic Hardware and Embedded Systems - CHES 2009. CHES 2009. Lecture Notes in Computer Science, vol 5747. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-04138-9_27
Download citation
DOI: https://doi.org/10.1007/978-3-642-04138-9_27
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-04137-2
Online ISBN: 978-3-642-04138-9
eBook Packages: Computer ScienceComputer Science (R0)