Versions Compared

Version Old Version 7 New Version Current
Changes made by

Sara Faour

Sara Faour

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Info

Title of the paper: A Primer on Hardware Security: Models, Methods, and Metrics

Available at: https://ieeexplore.ieee.org/abstract/document/6860363

...

  • Procuring intellectual property (IP) designs from thirdparty design houses, designing some components inhouse, combining both, and generating the IC layout.

  • A blueprint of the design (e.g., in terms of GDS-II layout format) is then sent to the foundry that develops a costly mask and manufactures the ICs.

  • The ICs are then tested at the manufacturing site and often also at third-party test facilities.

  • Finally, fault-free ICs are packaged and sold.

...

  1. Watermarking:

    1. A designer’s signature is embedded into the design artifact. The designer can later
      reveal the watermark and claim ownership of an IC/IP. Watermarks may include addition of black-hole states to the finite state machine (FSM), addition of secret constraints during high level, logic and physical synthesis, and field-programmable gate array (FPGA) design.

  2. Fingerprinting:

    1. It helps the defender to track the source of piracy by embedding the signature of the buyer (for instance, his public key) along with the watermark of the designer. When challenged, the designer can reveal the watermark to claim the ownership and the buyer’s signature to reveal the source of piracy.

    2. Similar to watermarking, fingerprinting can also be applied during high-level, logic, and physical synthesis.

  3. Obfuscation:

    1. Obfuscation hides the functionality and implementation of a design by inserting additional gates into it. In one type of obfuscation, xor/xnor gates, and memory elements are added. The obfuscated design will function correctly only on applying the correct value to these gates and memory elements.

    2. In another type of obfuscation, the FSM of the design is obfuscated. An FSM can be obfuscated by adding extra states and/or transitions into it.

      1. Some states in the original FSM may be replicated

      2. invalid transitions between states may be added

      3. unused states can be utilized

      4. additional states with no outward transitions, referred to as black hole states, can be
        added

    3. In all these techniques, only a valid key leads to the correct functionality; an invalid key leads the design into invalid states or transitions, and maybe into
      black hole states where the design will be stuck.

  4. Metering:

    1. It is a set of tools, methodologies, and protocols used to track a manufactured IC. In passive metering, part of an IC’s functionality is used for metering. The identified ICs are matched against their record in
      a database. This will reveal unregistered ICs or overbuilt ICs. In active metering, parts of the IC’s functionality can be only accessed, locked, or unlocked by the designer and/or IP rights owners.

    2. The difference between metering and obfuscation is that while metering uses a unique unlock key per IC, obfuscation just locks the IC.

  5. Split Manufacturing:

    1. The layout of the design is split into the front-end-of-line (FEOL) layers and back-end-ofline
      (BEOL) layers. They are then fabricated separately in different foundries.

    2. Postfabrication, the FEOL and BEOL wafers are aligned and integrated together using either electrical, mechanical, or optical alignment techniques.

...

  • Side-channel attacks exploit the leakage of secret information through a physical modality when an application is being executed on a system.

  • Side-channel attacks are powerful and have been able to break most existing important cryptographic algorithms

  • Timing consumption, power consumption, electromagnetic (EM) emanations, photonic emissions, and acoustic noise of the system can be used to extract the secret key.

  • Fault attacks can be launched using lasers, glitches in power supplies and clocks, and X-rays.

  • An attacker can scan out the secret key, when the key storing registers are connected as a scan chain. It has been shown that the power/timing consumption of PUF circuits is directly correlated with the process variation that PUF secrets are based upon. Therefore, PUFs are also shown to be susceptible to side-channel attacks.

Threat Models

A realistic threat model must be developed first, and the defense should then vary depending upon the
capabilities of the attacker in collecting the side-channel measurements.

...

  1. Leakage Reduction: These techniques decrease the dependency between the side-channel traces of IF and the secret information k.

  2. Noise Injection: The SNR of the measurable sidechannel information can be reduced by injecting artificial noise. Therefore, noise injection does not provide a theoretical security but it does increase the required work of an attacker to extract the secret keys.

  3. Key Update: Frequently updating the secret key prevents the accumulation of side-channel information by the adversary. This method uses a predefined sequence of keys (e.g., the output of a pseudorandom
    number generator) plus synchronized timings to ensure that the sequence of keys is consistent for both communicating parties.

  4. Side-Channel-Resistant PUFs: Due to effectiveness of side-channel attacks against PUFs, it is imperative that circuit countermeasures be used in future implementations. These countermeasures mitigate
    the correlation between the secret information and the measurable circuit delay/power consumption.

  5. Secure Scan Chains: In a secure scan approach, mirror key registers are used in sensitive parts of the circuits. These registers block unauthorized access to value of sensitive registers in the test mode of operation. In another approach, scan chains are divided into smaller subchains and access to them for regular users is randomized.

...