Visible to the public Implementing Trojan-Resilient Hardware from (Mostly) Untrusted Components Designed by Colluding Manufacturers

TitleImplementing Trojan-Resilient Hardware from (Mostly) Untrusted Components Designed by Colluding Manufacturers
Publication TypeConference Paper
Year of Publication2018
AuthorsBronchain, Olivier, Dassy, Louis, Faust, Sebastian, Standaert, Fran\c cois-Xavier
Conference NameProceedings of the 2018 Workshop on Attacks and Solutions in Hardware Security
PublisherACM
Conference LocationNew York, NY, USA
ISBN Number978-1-4503-5996-2
KeywordsHardware Trojans, multi-party computation, pubcrawl, resilience, Resiliency, trojan-resilience
AbstractAt CCS 2016, Dziembowski et al. proved the security of a generic compiler able to transform any circuit into a Trojan-resilient one based on a (necessary) number of trusted gates. Informally, it exploits techniques from the Multi-Party Computation (MPC) literature in order to exponentially reduce the probability of a successful Trojan attack. As a result, its concrete relevance depends on ( i ) the possibility to reach good performances with affordable hardware, and ( ii ) the actual number of trusted gates the solution requires. In this paper, we assess the practicality of the CCS 2016 Trojan-resilient compiler based on a block cipher case study, and optimize its performances in different directions. From the algorithmic viewpoint, we use a recent MPC protocol by Araki et al. (CCS 2016) in order to increase the throughput of our implementations, and we investigate various block ciphers and S-box representations to reduce their communication complexity. From a design viewpoint, we develop an architecture that balances the computation and communication cost of our Trojan-resilient circuits. From an implementation viewpoint, we describe a prototype hardware combining several commercial FPGAs on a dedicated printed circuit board. Thanks to these advances, we exhibit realistic performances for a Trojan-resilient circuit purposed for high-security applications, and confirm that the amount of trusted gates required by the CCS 2016 compiler is well minimized.
DOI10.1145/3266444.3266447
Citation Keybronchain_implementing_2018