TC: Small: Minimalist Hardware Trojans through Malicious Side-Channels

TC：小型：通过恶意侧通道的极简硬件木马

• 批准号: 0916854
• 负责人: Christof Paar
• 金额: $ 35.07万
• 依托单位: University of Massachusetts Amherst
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2009
• 资助国家: 美国
• 起止时间: 2009-09-15 至 2013-08-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=0916854&HistoricalAwards=false
• 关键词: TC; Small; Minimalist; Hardware; Trojans

In order to provide system security, hardware modules which function as trust anchors are used in an ever increasing number of devices. The majority of laptops and PCs are now equipped with Trusted Platform Modules (TPMs), and a large number of pervasive computing systems such as smart cards, electronic passports or high-speed routers make use of hardware for cryptographic algorithms and key storage. In almost all such applications the security of the entire system hinges on the assumption that the hardware modules are trustworthy. Recently, due to the increasing use of potentially untrusted semiconductor foundries, the threat of maliciously manipulated hardware has been raised, Since hardware manipulations, including hardware Trojans, are difficult to detect and, perhaps more importantly, even harder to repair, they form a very serious threat to system security for today's and future applications.The standard approach to Trojan hardware consists in adding extra logic to a given IC design which weakens the system. The main drawback of this approach, from an attacker's perspective, is that extra function blocks can potentially be detected through a host of techniques, including, e.g., optical inspections at different layers of the design, or power and EM fingerprinting. Our malicious circuit manipulations are orders of magnitude more subtle than previously known Trojans, but can nevertheless totally compromise secure hardware blocks by leaking cryptographic keys. The core idea is to create malicious side-channels, in particular power supply channels, through small modifications of circuit elements, e.g., at the transistor level. We will refer to these covert channels as Trojan side channels (TSC). The core parts of the research are modeling of the assumptions, development of channels and modulations schemes, their realization on the circuit level, and proof-of-concept implementations.In addition to posing a threat to system security, Trojan side-channels can also be used constructively. For instance, they have applications in anti-counterfeiting: illegal copies of ICs with the same functional behavior will not leak the same side-channel ID and can thus easily be detected. Also, TSC could be used for conveying internal status information about a circuit, increasing the testability of a circuits. Moreover, because TSC can be viewed as a form of physically encryption one can imagine other cryptographic protocols and applications using TSC as primitives.

为了提供系统安全性，在越来越多的设备中使用了作为信任锚的功能的硬件模块。 现在，大多数笔记本电脑和PC都配备了受信任的平台模块（TPM），以及大量普遍的计算系统，例如智能卡，电子护照或高速路由器，将硬件用于加密算法和密钥存储。在几乎所有此类应用程序中，整个系统的安全性都取决于硬件模块值得信赖的假设。 Recently, due to the increasing use of potentially untrusted semiconductor foundries, the threat of maliciously manipulated hardware has been raised, Since hardware manipulations, including hardware Trojans, are difficult to detect and, perhaps more importantly, even harder to repair, they form a very serious threat to system security for today's and future applications.The standard approach to Trojan hardware consists in adding extra logic to a given IC design which weakens the system.从攻击者的角度来看，这种方法的主要缺点是，可以通过多种技术检测到额外的功能块，例如，在设计的不同层，电源和EM指纹。 我们的恶意电路操作是比以前已知的特洛伊人更微妙的数量级，但是通过泄漏加密密钥，可以完全损害安全硬件块。核心想法是通过电路元素（例如在晶体管级别上的电路元素的小修改）来创建恶意的侧通道，特别是电源供应渠道。我们将这些秘密通道称为特洛伊木马侧通道（TSC）。研究的核心部分是对假设的建模，渠道和调制方案的开发，在电路级别的实现以及概念验证实现的建模。除了对系统安全构成威胁外，特洛伊木马的侧通道还可以建设性地使用。例如，它们在反爆炸中具有应用：具有相同功能行为的IC的非法副本不会泄漏相同的侧通道ID，因此很容易被检测到。同样，TSC可用于传达有关电路的内部状态信息，从而增加电路的可检验性。此外，由于可以将TSC视为一种物理加密的一种形式，因此可以想象使用TSC作为原始的其他加密协议和应用程序。