Visible to the public How Not to Protect Your IP – An Industry-Wide Break of IEEE 1735 Implementations

TitleHow Not to Protect Your IP – An Industry-Wide Break of IEEE 1735 Implementations
Publication TypeConference Paper
Year of Publication2022
AuthorsSpeith, Julian, Schweins, Florian, Ender, Maik, Fyrbiak, Marc, May, Alexander, Paar, Christof
Conference Name2022 IEEE Symposium on Security and Privacy (SP)
Date Publishedmay
Keywordscomposability, Hardware, hardware ip protection, IEEE Standard 1735-2014, IEEE standards, key extraction, Lattices, Metrics, privacy, pubcrawl, Public key, Resiliency, reverse engineering, Software, software protection, White Box Security, White-Box RSA
AbstractModern hardware systems are composed of a variety of third-party Intellectual Property (IP) cores to implement their overall functionality. Since hardware design is a globalized process involving various (untrusted) stakeholders, a secure management of the valuable IP between authors and users is inevitable to protect them from unauthorized access and modification. To this end, the widely adopted IEEE standard 1735-2014 was created to ensure confidentiality and integrity. In this paper, we outline structural weaknesses in IEEE 1735 that cannot be fixed with cryptographic solutions (given the contemporary hardware design process) and thus render the standard inherently insecure. We practically demonstrate the weaknesses by recovering the private keys of IEEE 1735 implementations from major Electronic Design Automation (EDA) tool vendors, namely Intel, Xilinx, Cadence, Siemens, Microsemi, and Lattice, while results on a seventh case study are withheld. As a consequence, we can decrypt, modify, and re-encrypt all allegedly protected IP cores designed for the respective tools, thus leading to an industry-wide break. As part of this analysis, we are the first to publicly disclose three RSA-based white-box schemes that are used in real-world products and present cryptanalytical attacks for all of them, finally resulting in key recovery.
DOI10.1109/SP46214.2022.9833605
Citation Keyspeith_how_2022