method taking into account process dispersion to detect ...€¦ · side channel analysis examples:...
TRANSCRIPT
Method Taking intoAccount ProcessDispersion to DetectHardware Trojan Horseby Side-Channel
X. Ngo, Z. Najm, S. Guilley, S. Bhasin,J.-L.Danger
PROOFS’14, Busan, South Korea
Introduction to HTH and its detectionProposed HTH Detection modelSetup and experimental results
Presentation Outline
Introduction to HTH and its detection
Proposed HTH Detection model
Setup and experimental results
2 27 Sept 14 Presented by J.-L. Danger HTH detection with process dispersion
Introduction to HTH and its detectionProposed HTH Detection modelSetup and experimental results
Hardware Trojan Introduction
Hardware Trojan Horse (HTH) DefinitionI Malicious modifications in Integrated Circuits (ICs).I To extract a secret, alter the behaviour, ...I HTH was born because of outsourcing design and
fabrication process.
3 27 Sept 14 Presented by J.-L. Danger HTH detection with process dispersion
Introduction to HTH and its detectionProposed HTH Detection modelSetup and experimental results
Hardware Trojan Structure
Any HTH is composed of two main componentsI Trigger: is the part of HTH used to activate the malicious
activity.I Payload: is the part of HTH used to realize / execute the
malicious activity.
C CmodifiedAB
Trojan active
PayloadTrigger
4 27 Sept 14 Presented by J.-L. Danger HTH detection with process dispersion
Introduction to HTH and its detectionProposed HTH Detection modelSetup and experimental results
Hardware Trojan Taxonomy
I Classify all type of HTH a
I Help to develop suitable detection techniques for eachHTH type
aTehranipoor et al. [KRRT10]
5 27 Sept 14 Presented by J.-L. Danger HTH detection with process dispersion
Introduction to HTH and its detectionProposed HTH Detection modelSetup and experimental results
Trust in the design
HTH insertion in the fabrication flow of an ASIC. a
aChakraborthy et al. [CNB09]
6 27 Sept 14 Presented by J.-L. Danger HTH detection with process dispersion
Introduction to HTH and its detectionProposed HTH Detection modelSetup and experimental results
Hardware Trojan Detection
Classification of HTH Detection techniquesI Destructive reverse engineering: try to reconstruct
netlist and layout of ICs.I Invasive methods: try to (prophylactically) modify the
design of IC to prevent the HTH or to assist anotherdetection technique.
I Non-Invasive methods: are done by comparing theperformance characteristics of an IC, possibly with aknown good copy also known as the “golden circuit”.
7 27 Sept 14 Presented by J.-L. Danger HTH detection with process dispersion
Introduction to HTH and its detectionProposed HTH Detection modelSetup and experimental results
Invasive Methods
ExamplesI To extend the state space
I in two operating modes: Normal and Transparent mode.aI To consider either Q or QN of D flip-flops.b
I To insert dummy flip-flops into IC logic.c
I To add logic that will make the detection easier by usingside-channel analysis.d
aChakraborty et al. [CB09]bBanga et al. [BH11]cSalmani et al. [STP09]dLin et al. [LKG+09]
8 27 Sept 14 Presented by J.-L. Danger HTH detection with process dispersion
Introduction to HTH and its detectionProposed HTH Detection modelSetup and experimental results
Non-Invasive Methods
Non-Invasive methods can be done either at runtime or duringthe test phase.
Non-invasive methods at runtimeI Use of OS features (Software approach).a
I Real-time security monitors: (DEFENSE.b)aBloom et al. [BNS09]bAbramovivi et al. [AB09]
9 27 Sept 14 Presented by J.-L. Danger HTH detection with process dispersion
Introduction to HTH and its detectionProposed HTH Detection modelSetup and experimental results
Non-Invasive Methods
Non-invasive methods at test phaseLogic Testing:
I Compare the functionality of the design of the circuit withthe implemented circuit.
I To test rare occurrences rather than correctness.a
Side Channel analysis Examples:
I To use power supply transient signal analysis.b
I To magnify the side-channel “sustained vector technique”.c
aChakraborthy et al [CWP+09]bRad et al [RPT08]cBanga et al [BH09]
10 27 Sept 14 Presented by J.-L. Danger HTH detection with process dispersion
Introduction to HTH and its detectionProposed HTH Detection modelSetup and experimental results
Rationale
Side-Channel Detection Method AdvantagesI Non-invasive method.I Can detect almost HTH types, even untriggered.
MotivationI Many Side-channel methods are based on power
measurement or simulation results.I Previous work did not take into account process variation
and HTH placement.
11 27 Sept 14 Presented by J.-L. Danger HTH detection with process dispersion
Introduction to HTH and its detectionProposed HTH Detection modelSetup and experimental results
Proposed detection Model
To take advantage of extra “load” due to HTH intrusionI The HTH impact is an increase of currentI This effect comes from greater mean gate load,I Which is mainly due to due to the complexity of the Trigger
blockI Use of EM observation (spatial accuracy)I T ◦C and Vdd should remain constant
12 27 Sept 14 Presented by J.-L. Danger HTH detection with process dispersion
Introduction to HTH and its detectionProposed HTH Detection modelSetup and experimental results
Proposed detection Metrics
σ_1
/2µ
σ_2
P_{false negative} P_{false positive}
Infected circuit
/2−µ
0
Genuine circuit
The metrics is a false negative and false positive probability,whose equation is:
Pfalse negative = Pfalse positive =
∫ 0
−∞
1√2πσ2
· exp−(x − µ
2 )2
2σ2 dx
13 27 Sept 14 Presented by J.-L. Danger HTH detection with process dispersion
Introduction to HTH and its detectionProposed HTH Detection modelSetup and experimental results
Model flaws
The model is impacted by side effectsI T ◦C and Vdd
I Process variationI HTH size and placement
⇒ we proposed to study theses potential flaws on the model,except the T ◦C and Vdd which are kept constant.
14 27 Sept 14 Presented by J.-L. Danger HTH detection with process dispersion
Introduction to HTH and its detectionProposed HTH Detection modelSetup and experimental results
Setup description
HTH structureI Trigger part: 8th computation round and N least
significant bits (LSB) of 128 bits at the output ofAddRoundKey are at “1”.
I Payload part:an XOR gate that will inject a fault in theinner eighth round when HT is activated.
AddRoundKey
MixColumns
AND
Grid
ShiftRows
SubBytes
Cipher Key
Round Key
AddRoundKey
Input Cipher (128 bits)
127
Trojan_active
127
128
128
[126:0]1271
Output Cipher (128 bits)
acti
vat
ion_co
nd[1
] (8
th r
ound)
acti
vat
ion_co
nd[2
]
Payload
Trigger
N
15 27 Sept 14 Presented by J.-L. Danger HTH detection with process dispersion
Introduction to HTH and its detectionProposed HTH Detection modelSetup and experimental results
HTH with Different Sizes
• Trojan 1: HTH with the parameter N = 32, around 0.5 % ofthe original circuit.• Trojan 2: HTH with the parameter N = 64, around 1 % of
the original circuit.• Trojan 3: HTH with the parameter N = 128, around 1.7 %
of the original circuit.
16 27 Sept 14 Presented by J.-L. Danger HTH detection with process dispersion
Introduction to HTH and its detectionProposed HTH Detection modelSetup and experimental results
HTH with different Placement
• Placement 1: Trojan 3 placed within the boundary of AEScrypto-processor.• Placement 2: Trojan 3 placed outside the boundary of
AES crypto-processor in a far-off corner of the FPGA.• Placement 3: Trojan 3 placed outside the boundary of
AES crypto-processor and dispersed over the FPGA.
FPGA Virtex 5 LX30
AES circuit
Placement 3
EM Probe
Placement 1
Placement 2
17 27 Sept 14 Presented by J.-L. Danger HTH detection with process dispersion
Introduction to HTH and its detectionProposed HTH Detection modelSetup and experimental results
Experimental Setup
Test platform setupI 10 FPGA Virtex5LX30 for process variation evaluation.I FF324 Virtex 5 board used to change the device under
test.I Frequency: 24 Mhz.I EM measurement using Langer RFU-5-2 probe.I Traces averaged 1000 times using Agilent 54853A.
18 27 Sept 14 Presented by J.-L. Danger HTH detection with process dispersion
Introduction to HTH and its detectionProposed HTH Detection modelSetup and experimental results
HTH insertionHTHs are inserted after the original circuit was placed androuted to minimize its impact on original circuit.
(a) (b)
Figure : P/R for (a) AES 128 bit without HTH and (b) with HTH 1.7%
19 27 Sept 14 Presented by J.-L. Danger HTH detection with process dispersion
Introduction to HTH and its detectionProposed HTH Detection modelSetup and experimental results
EM Leakage Trace
20 27 Sept 14 Presented by J.-L. Danger HTH detection with process dispersion
Introduction to HTH and its detectionProposed HTH Detection modelSetup and experimental results
Impact of Process Variation on EMMeasurement
I Calculate the golden mean trace over 10 FPGAs.I In green: the difference between the golden circuit traces
with the mean trace.I In red: the difference between the HTH test circuit traces
with the mean trace.
1350 1400 1450 1500 15500
100
200
300
400
500
600
700
800
Samples
Absolu
te o
f diffe
rences
Geniune AESAES & HT 2
21 27 Sept 14 Presented by J.-L. Danger HTH detection with process dispersion
Introduction to HTH and its detectionProposed HTH Detection modelSetup and experimental results
HTH Detection Using Sum of AbsoluteDifferences
I Calculate the EM absolute differences.I Calculate the sum of these differences.
HTH 1 (0.5%) HTH 2 (1%) HTH 3 (1.7%)1st Approach 43% 34% 9%
Table : False negative detection probability.
22 27 Sept 14 Presented by J.-L. Danger HTH detection with process dispersion
Introduction to HTH and its detectionProposed HTH Detection modelSetup and experimental results
HTH Detection Using Threshold Technique
I Keep only the interesting points of EM differences.I Re-calculate the sum of absolute differences of the
interesting points.
HT 1 (0.5%) HT 2 (1%) HT 3 (1.7%)2nd approach 24% 0.017% 0.011%
Table : False negative detection probability with the Thresholdtechnique.
23 27 Sept 14 Presented by J.-L. Danger HTH detection with process dispersion
Introduction to HTH and its detectionProposed HTH Detection modelSetup and experimental results
Impact of HTH Placement
I The probe position affects directly to the result.I The most distant HTH is more detectable (more buffers
and lines) but has limited impact
700 750 800 850 900 950 10000
200
400
600
800
1000
1200
1400
1600
Samples
Ab
so
lute
of
diffe
ren
ce
s
Placement 1
Placement 2
Placement 3
24 27 Sept 14 Presented by J.-L. Danger HTH detection with process dispersion
Introduction to HTH and its detectionProposed HTH Detection modelSetup and experimental results
Conclusion
ConclusionI Proof of concept study for HTHs detection by EM
measurement.I Model based on the mean of EM activityI HTH of different sizes: HTH greater than 1% can be
detected with a false negative rate of 0.017%.I Detection taking into account the process variationI HTH placement has a little impact on HTH detection.
25 27 Sept 14 Presented by J.-L. Danger HTH detection with process dispersion
Introduction to HTH and its detectionProposed HTH Detection modelSetup and experimental results
References[AB09] Miron Abramovici and Paul Bradley.
Integrated circuit security: new threats and solutions.In Frederick T. Sheldon, Greg Peterson, Axel W. Krings, Robert K. Abercrombie, and Ali Mili, editors,CSIIRW, page 55. ACM, 2009.
[BH09] Mainak Banga and Michael S. Hsiao.A Novel Sustained Vector Technique for the Detection of Hardware Trojans.In Proceedings of the 2009 22nd International Conference on VLSI Design, VLSID ’09, pages327–332, Washington, DC, USA, 2009. IEEE Computer Society.
[BH11] M. Banga and M. S. Hsiao.ODETTE : A Non-Scan Design-for-Test Methodology for Trojan Detection in ICs.In International Workshop on Hardware-Oriented Security and Trust (HOST), IEEE, pages 18–23,2011.
[BNS09] Gedare Bloom, Bhagirath Narahari, and Rahul Simha.OS Support for Detecting Trojan Circuit Attacks.In Mohammad Tehranipoor and Jim Plusquellic, editors, HOST, pages 100–103. IEEE ComputerSociety, 2009.
[CB09] R. S. Chakraborty and S. Bhunia.Security against hardware trojan through a novel application of design obfuscation.In International Conference on Computer-Aided Design Digest of Technical Papers (ICCAD), IEEE,pages 113–116, 2009.
[CNB09] Rajat Subhra Chakraborty, Seetharam Narasimhan, and Swarup Bhunia.Hardware trojan: Threats and emerging solutions.In IEEE International High Level Design Validation and Test Workshop, HLDVT 2009, San Francisco,CA, USA, 4-6 November 2009, pages 166–171. IEEE, 2009.
26 27 Sept 14 Presented by J.-L. Danger HTH detection with process dispersion
Introduction to HTH and its detectionProposed HTH Detection modelSetup and experimental results
[CWP+09] R. S. Chakraborty, F. G. Wolff, S. Paul, C. A. Papachristou, and S. Bhunia.MERO: A Statistical Approach for Hardware Trojan Detection.In Workshop on Cryptographic Hardware and Embedded Systems (CHES), LNCS, volume 5747,pages 396–410, 2009.
[KRRT10] Ramesh Karri, Jeyavijayan Rajendran, Kurt Rosenfeld, and Mohammad Tehranipoor.Trustworthy Hardware: Identifying and Classifying Hardware Trojans.IEEE Computer, 43(10):39–46, 2010.
[LKG+09] Lang Lin, Markus Kasper, Tim Guneysu, Christof Paar, and Wayne Burleson.Trojan Side-Channels: Lightweight Hardware Trojans through Side-Channel Engineering.In CHES, volume 5747 of Lecture Notes in Computer Science, pages 382–395. Springer, September6–9 2009.Lausanne, Switzerland.
[RPT08] R. Rad, J. Plusquellic, and M. Tehranipoor.Sensitivity analysis to hardware trojans using power supply transient signals.In International Workshop on Hardware-Oriented Security and Trust (HOST), IEEE, pages 3–7, 2008.
[STP09] Hassan Salmani, Mohammad Tehranipoor, and Jim Plusquellic.New design strategy for improving hardware Trojan detection and reducing Trojan activation time.In Hardware-Oriented Security and Trust, 2009. HOST ’09. IEEE International Workshop on, pages66–73, 2009.
27 27 Sept 14 Presented by J.-L. Danger HTH detection with process dispersion