Biblio

Logic encryption is a method to improve hardware security by inserting key gates on carefully selected signals in a logic design. Various logic encryption schemes have been proposed in the past decade. Many attack methods to thwart these logic locking schemes have also emerged. The satisfiability (SAT) attack can recover correct keys for many logic obfuscation methods. Recently proposed sensitivity analysis attack can decrypt stripped functionality based logic encryption schemes. This article presents a new encryption scheme named SRTLock, which is resilient against both attacks. SRTLock method first generates 0-injection circuits and encrypts the functionality of these nodes with the key inputs. In the next step, these values are used to control the sensitivity of the functionally stripped output for specific input patterns. The resultant locked circuit is resilient against the SAT and sensitivity analysis attacks. Experimental results demonstrating this on several attacks using standard benchmark circuits are presented.

An ideal lattice is defined over a ring learning with errors (Ring-LWE) problem. Polynomial multiplication over the ring is the most computational and time-consuming block in lattice-based cryptography. This paper presents the first hardware design of the polynomial multiplication for LAC, one of the Round-2 candidates of the NIST PQC Standardization Process, which has byte-level modulus p=251. The proposed architecture supports polynomial multiplications for different degree n (n=512/1024/2048). For designing the scheme, we used the Vivado HLS compiler, a high-level synthesis based hardware design methodology, which is able to optimize software algorithms into actual hardware products. The design of the scheme takes 274/280/291 FFs and 204/217/208 LUTs on the Xilinx Artix-7 family FPGA, requested by NIST PQC competition for hardware implementation. Multiplication core uses only 1/1/2 pieces of 18Kb BRAMs, 1/1/1 DSPs, and 90/94/95 slices on the board. Our timing result achieved in an alternative degree n with 5.052/4.3985/5.133ns.

In this paper we report on the results of selected horizontal SCA attacks against two open-source designs that implement hardware accelerators for elliptic curve cryptography. Both designs use the complete addition formula to make the point addition and point doubling operations indistinguishable. One of the designs uses in addition means to randomize the operation sequence as a countermeasure. We used the comparison to the mean and an automated SPA to attack both designs. Despite all these countermeasures, we were able to extract the keys processed with a correctness of 100%.

The core operation of public-key cryptosystem e.g. elliptic curve cryptography (ECC) is the modular multiplication. It is the heavy computational block and the most costly cryptographic operation. Area-Efficient hardware architecture of 256-bit modified interleaved modular multiplication (IMM) is represented in this research. The novelty of this work is the device area minimization with keeping computational time as minimum as possible i.e., 2.09 μs for ECC with Koblitz Curve. In this research, IMM is implemented using a fewer number of resources such as 421 slices, 514 FF pairs, 522 registers, 1770 LUTs, and 1463 LUT-FF pairs. This hardware implementation provides a maximum frequency of 122.883 MHz and area-time (AT) product 0.879 and throughput rate 122.49 Mbps on Virtex-7 FPGA technology which is better than the other related recent works. The proposed design saves approximately 61.75% to 93.16% slice LUTs, 95.76% to 133.69% LUT-FF pairs, and 103.8% to 168.65% occupied slices on the Virtex-7 FPGA for the 256-bit prime field. This proposed hardware implementation design also keeps less AT product which is the most crucial parameter for ECC operation. To our best knowledge, this design provides better performance than the recently available designs for IMM for ECC operation.

The center-piece of this work is a software measurement physical unclonable function (PUF). It measures processor chip ALU silicon biometrics in a manner similar to all PUFs. Additionally, it composes the silicon measurement with the data-dependent delay of a particular program instruction in a way that is difficult to decompose through a mathematical model. This approach ensures that each software instruction is measured if computed. The SW-PUF measurements bind the execution of software to a specific processor with a corresponding certificate. This makes the SW-PUF a promising candidate for applications requiring Trusted Computing. For instance, it could measure the integrity of an execution path by generating a signature that is unique to the specific program execution path and the processor chip. We present an area and energy-efficient scheme based on the SW-PUF to provide a more robust root of trust for measurement than the existing trusted platform module (TPM). To explore the feasibility of the proposed design, the SW-PUF has been implemented in HSPICE using 45 nm technology and evaluated on the FPGA platform.

The design process of smart Consumer Electronics (CE) devices heavily relies on reusable Intellectual Property (IP) cores of Digital Signal Processor (DSP) and Multimedia Processor (MP). On the other hand, due to strict competition and rivalry between IP vendors, the problem of ownership conflict and IP piracy is surging. Therefore, to design a secured smart CE device, protection of DSP/MP IP core is essential. Embedding a robust IP owner's signature can protect an IP core from ownership abuse and forgery. This paper presents a covert signature embedding process for DSP/MP IP core at Register-transfer level (RTL). The secret marks of the signature are distributed over the entire design such that it provides higher robustness. For example for 8th order FIR filter, it incurs only between 6% and 3% area overhead for maximum and minimum size signature respectively compared to the non-signature FIR RTL design but with significantly enhanced security.

Due to globalization of Integrated Circuit (IC) design flow, Intellectual Property (IP) cores have increasingly become susceptible to various hardware threats such as Trojan insertion, piracy, overbuilding etc. An IP core can be secured against these threats using functional obfuscation based security mechanism. This paper presents a functional obfuscation of digital signal processing (DSP) core for consumer electronics systems using a novel IP core locking block (ILB) logic that leverages the structure of flip-flops and combinational circuits. These ILBs perform the locking of the functionality of a DSP design and actuate the correct functionality only on application of a valid key sequence. In existing approaches so far, executing exhaustive trials are sufficient to extract the valid keys from an obfuscated design. However, proposed work is capable of hindering the extraction of valid keys even on exhaustive trials, unless successfully applied in the first attempt only. In other words, the proposed work drastically reduces the probability of obtaining valid key of a functionally obfuscated design in exhaustive trials. Experimental results indicate that the proposed approach achieves higher security and lower design overhead than previous works.

Security of transient fault secured IP cores against piracy, false claim of ownership can be achieved during high level synthesis, especially when handling DSP or multimedia cores. Though watermarking that involves implanting a vendor defined signature onto the design can be useful, however research has shown its limitations such as less designer control, high overhead due to extreme dependency on signature size, combination and encoding rule. This paper proposes an alternative paradigm called `hardware steganography' where hidden additional designer's constraints are implanted in a fault secured IP core using entropy thresholding. In proposed hardware steganography, concealed information in the form of additional edges having a specific entropy value is embedded in the colored interval graph (CIG). This is a signature free approach and ensures high designer control (more robustness and stronger proof of authorship) as well as lower overhead than watermarking schemes used for DSP based IP cores.

The separation of manufacturing and design processes in the integrated circuit industry to tackle the ever increasing circuit complexity and time to market issues has brought with it some major security challenges. Chief among them is IP piracy by untrusted parties. Hardware obfuscation which locks the functionality and modifies the structure of an IP core to protect it from malicious modifications or piracy has been proposed as a solution. In this paper, we develop an efficient hardware obfuscation method, called Mystic (Mystifying IP Cores), to protect IP cores from reverse engineering, IP overproduction, and IP piracy. The key idea behind Mystic is to add additional state transitions to the original/functional FSM (Finite State Machine) that are taken only when incorrect keys are applied to the circuit. Using the proposed Mystic obfuscation approach, the underlying functionality of the IP core is locked and normal FSM transitions are only available to authorized chip users. The synthesis results of ITC99 circuit benchmarks for ASIC 45nm technology reveal that the Mystic protection method imposes on average 5.14% area overhead, 5.21% delay overhead, and 8.06% power consumption overheads while it exponentially lowers the probability that an unauthorized user will gain access to or derive the chip functionality.

Reliance on off-site untrusted fabrication facilities has given rise to several threats such as intellectual property (IP) piracy, overbuilding and hardware Trojans. Logic locking is a promising defense technique against such malicious activities that is effected at the silicon layer. Over the past decade, several logic locking defenses and attacks have been presented, thereby, enhancing the state-of-the-art. Nevertheless, there has been little research aiming to demonstrate the applicability of logic locking with large-scale multi-million-gate industrial designs consisting of multiple IP blocks with different security requirements. In this work, we take on this challenge to successfully lock a multi-million-gate system-on-chip (SoC) provided by DARPA by taking it all the way to GDSII layout. We analyze how specific features, constraints, and security requirements of an IP block can be leveraged to lock its functionality in the most appropriate way. We show that the blocks of an SoC can be locked in a customized manner at 0.5%, 15.3%, and 1.5% chip-level overhead in power, performance, and area, respectively.

IP piracy, reverse engineering, and tampering with FPGA based IP is increasing over time. ROPUF based IP obfuscation can provide a feasible solution. In this paper, a novel approach of FPGA IP obfuscation is implemented using Ring Oscillator based Physical Unclonable Function (ROPUF) and random logic gates. This approach provides a lock and key mechanism as well as authentication of FPGA based designs to protect from security threats. Using the Xilinx ISE design tools and ISCAS 89 benchmarks we have designed a secure FPGA based IP protection scheme with an average of 15% area and 10% of power overhead.

Reversible logic is a building block for adiabatic and quantum computing in addition to other applications. Since common functions are non-reversible, one needs to embed them into proper-size reversible functions by adding ancillary inputs and garbage outputs. We explore the Intellectual Property (IP) piracy of reversible circuits. The number of embeddings of regular functions in a reversible function and the percent of leaked ancillary inputs measure the difficulty of recovering the embedded function. To illustrate the key concepts, we study reversible logic circuits designed using reversible logic synthesis tools based on Binary Decision Diagrams and Quantum Multi-valued Decision Diagrams.

The high penetration of third-party intellectual property (3PIP) brings a high risk of malicious inclusions and data leakage in products due to the planted hardware Trojans, and system level security constraints have recently been proposed for MPSoCs protection against hardware Trojans. However, secret communication still can be established in the context of the proposed security constraints, and thus, another type of security constraints is also introduced to fully prevent such malicious inclusions. In addition, fulfilling the security constraints incurs serious overhead of schedule length, and a two-stage performance-constrained task scheduling algorithm is then proposed to maintain most of the security constraints. In the first stage, the schedule length is iteratively reduced by assigning sets of adjacent tasks into the same core after calculating the maximum weight independent set of a graph consisting of all timing critical paths. In the second stage, tasks are assigned to proper IP vendors and scheduled to time periods with a minimization of cores required. The experimental results show that our work reduces the schedule length of a task graph, while only a small number of security constraints are violated.

Finite-state machine (FSM) is widely used as control unit in most digital designs. Many intellectual property protection and obfuscation techniques leverage on the exponential number of possible states and state transitions of large FSM to secure a physical design with the reason that it is challenging to retrieve the FSM design from its downstream design or physical implementation without knowledge of the design. In this paper, we postulate that this assumption may not be sustainable with big data analytics. We demonstrate by applying a data mining technique to analyze sufficiently large amount of data collected from a full scan design to identify its FSM state registers. An impact metric is introduced to discriminate FSM state registers from other registers. A decision tree algorithm is constructed from the scan data for the regression analysis of the dependency of other registers on a chosen register to deduce its impact. The registers with the greater impact are more likely to be the FSM state registers. The proposed scheme is applied on several complex designs from OpenCores. The experiment results show the feasibility of our scheme in correctly identifying most FSM state registers with a high hit rate for a large majority of the designs.

Differential Power Analysis (DPA) attacks were shown to be effective in recovering the secret key information from a variety cryptographic systems. In response, several design methods, ranging from the cell level to the algorithmic level, have been proposed to defend against DPA attacks. Cell level solutions depend on DPA resistant cell designs which attempt to minimize power variance during transitions while minimizing area and power consumption. In this paper, we discuss how a differential circuit design style is incorporated into a COTS tool set, resulting in a fully automated synthesis system DPA resistant integrated circuits. Based on the Secure Differential Multiplexer Logic (SDMLp), this system can be used to synthesize complete cryptographic processors which provide strong defense against DPA while minimizing area and power overhead. We discuss how both combinational and sequential cells are incorporated in the cell library. We show the effectiveness of the tool chain by using it to automatically synthesize the layouts, from RT level Verilog specifications, of both the DES and AES encryption ICs in 90nm CMOS. In each case, we present experimental data to demonstrate DPA attack resistance and area, power and performance overhead and compare these with circuits synthesized in another differential logic called MDPL as well as standard CMOS synthesis results.

This paper presents a methodology for IP core protection of CE devices from both buyer's and seller's perspective. In the presented methodology, buyer fingerprint is embedded along seller watermark during architectural synthesis phase of IP core design. The buyer fingerprint is inserted during scheduling phase while seller watermark is implanted during register allocation phase of architectural synthesis process. The presented approach provides a robust mechanisms of IP core protection for both buyer and seller at zero area overhead, 1.1 % latency overhead and 0.95 % design cost overhead compared to a similar approach (that provides only protection to IP seller).

Field-programmable gate arrays (FPGAs) are widely applied in various fields for its merit of reconfigurability. The reusable intellectual property (IP) design blocks are usually adopted in the more complex FPGA designs to shorten design cycle. IP infringement hence becomes a concern. In this paper, we propose a new pay-per-use scheme using the lock and key mechanism for the protection of FPGA IP. Physical Unclonable Function (PUF) is adopted to generate a unique ID for each IP instance. An extra Finite State Machine (FSM) is introduced for the secure retrieval of PUF information by the FPGA IP vendor. The lock is implemented on the original FSM. Only when the FPGA developer can provide a correct license, can the FSM be unlocked and start normal operation. The FPGA IP can hence be protected from illegal use or distribution. The scheme is applied on some benchmarks and the experimental results show that it just incurs acceptably low overhead while it can resist typical attacks.

Virtual platforms provide a full hardware/software platform to study device limitations in an early stages of the design flow and to develop software without requiring a physical implementation. This paper describes the development process of a virtual platform for Deep Packet Inspection (DPI) hardware accelerators by using Transaction Level Modeling (TLM). We propose two DPI architectures oriented to System-on-Chip FPGA. The first architecture, CPU-DMA based architecture, is a hybrid CPU/FPGA where the packets are filtered in the software domain. The second architecture, Hardware-IP based architecture, is mainly implemented in the hardware domain. We have created two virtual platforms and performed the simulation, the debugging and the analysis of the hardware/software features, in order to compare results for both architectures.

Logic encryption is a powerful hardware protection technique that uses extra key inputs to lock a circuit from piracy or unauthorized use. The recent discovery of the SAT-based attack with Distinguishing Input Pattern (DIP) generation has rendered all traditional logic encryptions vulnerable, and thus the creation of new encryption methods. However, a critical question for any new encryption method is whether security against the DIP-generation attack means security against all other attacks. In this paper, a new high-level SAT-based attack called SigAttack has been discovered and thoroughly investigated. It is based on extracting a key-revealing signature in the encryption. A majority of all known SAT-resilient encryptions are shown to be vulnerable to SigAttack. By formulating the condition under which SigAttack is effective, the paper also provides guidance for the future logic encryption design.

Logic encryption, a method to lock a circuit from unauthorized use unless the correct key is provided, is the most important technique in hardware IP protection. However, with the discovery of the SAT attack, all traditional logic encryption algorithms are broken. New algorithms after the SAT attack are all vulnerable to structural analysis unless a provable obfuscation is applied to the locked circuit. But there is no provable logic obfuscation available, in spite of some vague resorting to logic resynthesis. In this paper, we formulate and discuss a trilemma in logic encryption among locking robustness, structural security, and encryption efficiency, showing that pre-SAT approaches achieve only structural security and encryption efficiency, and post-SAT approaches achieve only locking robustness and encryption efficiency. There is also a dilemma between query complexity and error number in locking. We first develop a theory and solution to the dilemma in locking between query complexity and error number. Then, we provide a provable obfuscation solution to the dilemma between structural security and locking robustness. We finally present and discuss some results towards the resolution of the trilemma in logic encryption.

Functionally safe control logic design without full duplication is difficult due to the complexity of random control logic. The Reorder buffer (ROB) is a control logic function commonly used in high performance computing systems. In this study, we focus on a safe ROB design used in an industry quality Network-on-Chip (NoC) Advanced eXtensible Interface (AXI) Network Interface (NI) block. We developed and applied area efficient safe design techniques including partial duplication, Error Detection Code (EDC) and invariance checking with formal proofs and showed that we can achieve a desired safe Diagnostic Coverage (DC) requirement with small area and power overheads and no performance degradation.

The continuing decrease in feature size of integrated circuits, and the increase of the complexity and cost of design and fabrication has led to outsourcing the design and fabrication of integrated circuits to third parties across the globe, and in turn has introduced several security vulnerabilities. The adversaries in the supply chain can pirate integrated circuits, overproduce these circuits, perform reverse engineering, and/or insert hardware Trojans in these circuits. Developing countermeasures against such security threats is highly crucial. Accordingly, this paper first develops a learning-based trust verification framework to detect hardware Trojans. To tackle Trojan insertion, IP piracy and overproduction, logic locking schemes and in particular stripped functionality logic locking is discussed and its resiliency against the state-of-the-art attacks is investigated.

A method to increase the resiliency of in-cone logic locking against the SAT attack is described in this paper. Current logic locking techniques provide protection through the addition of circuitry outside of the original logic cone. While the additional circuitry provides provable security against the SAT attack, other attacks, such as the removal attack, limit the efficacy of such techniques. Traditional in-cone logic locking is not prone to removal attacks, but is less secure against the SAT attack. The focus of this paper is, therefore, the analysis of in-cone logic locking to increase the security against the SAT attack, which provides a comparison between in-cone techniques and newly developed methodologies. A novel algorithm is developed that utilizes maximum fanout free cones (MFFC). The application of the algorithm limits the fanout of incorrect key information. The MFFC based algorithm resulted in an average increase of 61.8% in the minimum number of iterations required to complete the SAT attack across 1,000 different variable orderings of the circuit netlist while restricted to a 5% overhead in area.

Hardware Trojan threats caused by malicious designers and untrusted manufacturers have become one of serious issues in modern VLSI systems. In this paper, we show some experimental results to insert hardware Trojans into asynchronous circuits. As a result, the overhead of hardware Trojan insertion in asynchronous circuits may be small for malicious designers who have enough knowledge about the asynchronous circuits. In addition, we also show several Trojan detection methods using deep learning schemes which have been proposed to detect synchronous hardware Trojan in the netlist level. We apply them to asynchronous hardware Trojan circuits and show their results. They have a great potential to detect a hardware Trojan in asynchronous circuits.

Modular exponentiation of large number is widely applied in public-key cryptosystem, also the bottleneck in the computation of public-key algorithm. Modular multiplication is the key calculation in modular exponentiation. An improved Montgomery algorithm is utilized to achieve modular multiplication and converted into systolic array to increase the running frequency. A high efficiency fast modular exponentiation structure is developed to bring the best out of the modular multiplication module and enhance the ability of defending timing attacks and power attacks. For 1024-bit key operands, the design can be run at 170MHz and finish a modular exponentiation in 4,402,374 clock cycles.