Trojans Flashcards
Hardware Trojan
A malicious, intentional addition or modification to the existing circuit
elements
Using Hardware Trojans to
- Change the functionality (e.g., deactivating authentication or
encryption) - Reduce the reliability (e.g., accelerate aging)
- Leak valuable information (e.g., bypassing the side-channel
protections, providing backdoors, etc
Hardware trojan Targets
Vulnerability of chips to add/delete/alterations of
circuit structure or through modification of
manufacturing process steps that causes
reliability issues in ICs in applications such as:
- Defense/military application
- Aerospace applications
- Civilian security-critical security
- Financial applications
- Transportation applications
General Structure of a Hardware Trojan
Trigger Logic is responsible for activation mechanism - Payload Logic is responsible to the effect - A hardware Trojan causes a malfunction by modifying signal S to S´ - Activated only under very rare conditions - Trojans are stealthy: it evades detection under conventional postmanufacturing test/validation process.
Insertion Phase- Specification phase:
Definition of system’s
characteristics
m For example, a Trojan changes the hardware’s timing
requirements
Insertion Phase- Design Phase
Design gets implemented for the target
technology
- Trojans might be in any of the components that aid the
design (third-party IP blocks and standard cells).
- For example, a standard cell library can be tampered
with Trojans
- Insertion during design»_space; HDL level Trojans
- Combinational and Sequential Trojans
insertion phase- Fabrication Phase
Creation of mask set
and use wafer to create mask
- Changing dopant concentration to increase the aging
(Time Bombs)
- Modifying dopant polarity
- Modifying the layout=chip functionality
m Insertion during fabrication»_space; Layout Trojans
Insertion Phase : Testing phase
Modifying automatic test pattern generators»_space; reduce chance
that trojan gets detected
Insertion Phase - Assembly
Assemble components on a PCB
- For example, adding unshielded wire»_space; electromagnetic
coupling»_space; side-channel leakage
Abstraction Level- System level:
Trojan can a be triggered by system component,
e.g. by specific ASCII input from keyboard
Abstraction Level - RTL level:
Manipulating RTL design, e.g., half rounds of
cryptographic implementation
Abstraction Level- Gate level
Trojan consisting of basic gates (AND, XOR, OR) that
monitor the chip’s inner signals
Abstraction Level - Transistor level:
insert, remove, change functionality, size»_space; delay and
reliability changes
Abstraction Level - Physical level:
change, insert, remove wires»_space; add/remove
connections, change timing
Activation Mechanisms
Always on
Triggered
- Internally triggered: time-based or physicalcondition-based; e.g. counter, temperature
threshold
- Externally triggered: triggered by user-input or
component-output
Payload
Change functionality
- e.g., a Trojan might cause an
error detection module to accept inputs that
normally should be rejected
Downgrade performance (power, delay) - e.g., insert more buffers to drain battery more quickly
Leak information
- covert and overt channels, all kinds of side-channels,
unused ports, e.g. leak cryptographic key
Denial-of-Service
- exhaust resources, destroy device, disable
device/functionality, alter configuratio
Location
Random logic
- insertion into synthesized logic portion of the IC
- very hard to detect
Processing unit
- insertion into logic units that are part of a processor
- e.g., change instruction order
Crypto accelerator
- e.g., leak sensitive information, compromise security, replace
keys
Memory units
- alter content stored in memory
I/O ports
- control over communication
Power supply
- alter voltage, e.g., to cause failures
Clock grid
- e.g., glitches, fault attacks, halt clock
Trojans in Cryptographic Engines
A Trojan that attempts to leak a secret key from inside a
cryptographic IC through power side-channels using a
technique called malicious off-chip leakage enabled by side
channels (MOLES)
- Another possibility: The payload could be a mechanism that
presents dummy keys, predefined by the attacker
Trojans in General-Purpose Processors
- An attacker at the fabrication facility can implement a
backdoor, which can be exploited in the field by a software adversary. - The attacker at an untrusted fabrication facility could
implement a backdoor which disables the secure booting
mechanism under certain rare conditions or when
presented with a unique rare input condition in the hands
of an end-user adversary
Hardware Trojan Designs
HDL level Trojans»_space; Insertion during design
-Combinational and Sequential Trojans
Layout Trojans»_space; Insertion during fabrication
- Changing dopant concentration to increase the aging (Time Bombs)
- Modifying dopant polarity
- Modifying the layout=chip functionality
HDL Level - Combinational Trigger
Activation depends on the occurrence of a particular
condition at certain nodes of the circuit (here A = 0
and B=0)
HDL Level - Sequential Trigger
- Activation depends on the occurrence of a specific
sequence of are logic values at internal nodes (timebomb) - Synchronous k-bit counter which activates when the
count reaches 2k−1
HDL Level - Asynchronous Trigger
Sequential Trojan independent of the system Clock:
- the count is increased not by the clock, but by a rising
transition at the output of an AND gate with inputs
p and q
HDL Level - Hybrid Trigger
- Combination of combinational and sequential Trojans: counts
of both a synchronous and an asynchronous counter
simultaneously determine the Trojan trigger condition - More complex state machines of different types and sizes can
be used to generate the trigger condition based on a
sequence of rare events
HDL Level - Analog Trigger
An analog trigger mechanism where the inserted capacitance
is charged through the resistor if the condition q1= 1, q2= 1
is satisfied, and discharged otherwise, causing the logic
threshold to be crossed after a large number of cycles.
Analog payload
- A bridging fault is introduced using an inserted resistor
- The delay of the path is affected by increasing the
capacitive load.
Analog trigger
Using the dedicated temperature sensors on the chip to
trigger the payload!
Layout Level - Stealthy Dopant-Level Trojan
- Changing the dopant of NMOS and PMOS transistors - Example: Changing the dopant of an Inverter to give out always “1” or “0” independent of its input - Successful implementation on Intel Ivy Bridge’s RNG and establishing hidden side channels for AES
Layout Level - Diffusion Programmable
Device (DPD)
Changing the dopant of
SRAM cells to manipulate
the LUT output to
constant values
Pre-Silicon Trojan Detection Methods
Code-Coverage analysis
-Completeness of functional verification, identify suspicious signals, validate
trustworthiness of third-party-IP
- e.g., remove unused circuit paths
Formal verification
- e.g., formal proof provided by 3rd party vendor, integrator validates proof
Logic testing using simulation
-Apply different input patterns to activate the trojan
Functional analysis using simulation
- Apply random input patterns
- Try to find “nearly-unused logic”
Destructive Post-Silicon Trojan Detection
Use reverse-engineering to depackage the IC and get
images of each layer of the chip
r»_space; Reconstruct the design and do validation
- Using Scanning Electron Microscope with a golden chip
- Comparing optical images of different chips with layout reveal “the”
additional wires and transistors
- Advantage: - Can find inactive trojans
- Disadvantage: - Expensive and time consuming
- Hardware gets unusable
- Need golden chip
