Researchers have shown that it is possible to compromise the functioning of a cryptographic chip without changing its physical layout.
Based on altering the distribution of dopants in a few components on the chip during fabrication, this method represents a big challenge for cyber-security as it is nearly impossible to detect with any currently practical detection scheme.
Progress in the design and fabrication of processor chips is mainly aimed at making them faster and smaller. There is another important requirement, however – ensuring that they function as intended. In particular, the cryptographic functions of new chips must provide the level of security with which they were designed. If they fail in this task, even use of sophisticated security software, physical isolation, and well vetted operators cannot ensure the security of a system.
Such structural attacks on the functions of a chip are called hardware Trojans, and are capable of rendering ineffective the security protecting our most critical computer systems and data. Both industry and governments have put a great deal of not very public effort into the problem of hardware Trojans. The most reliable tests to find hardware Trojans will be applied to the finished product. So how are they tested and what are the implications of the new research?
Functional testing is the sort of testing with which most people are familiar. The function of a chip is tested by applying patterns of test inputs to the input pins of the chip. The outputs are monitored, and compared with the outputs expected from the original specifications and definition of the chip.
Extremely sophisticated devices for functional testing abound in the world of IC design and fabrication. Unfortunately, such testing is usually not very effective for finding hardware Trojans. It is impossible in any practical sense to test all patterns of activation of all components in the chip, so the test patterns are usually designed to test all the known gates on the chip. While such patterns catch most accidental design flaws and fabrication defects, they are likely to fail to activate malicious logic elements added to the original design.
The most direct approach to find hardware Trojans is to disassemble the chip layer by layer, and compare it with the correct structural design. If there is a visible difference (possibly detected with scanning electron microscopy rather than a camera) between the layers of the chip as designed and the layers of the actual chip, there is a problem that needs to be diagnosed. This is essentially the procedure that would be undertaken to reverse-engineer a chip.
While reverse-engineering a chip sounds like a good way to detect hardware alterations, the problem is considerably more slippery when the goal is to find hardware Trojans. When reverse-engineering is the goal, you start with your competitor’s chip, and try to decipher and duplicate the chip. While various techniques can be applied to the chip to complicate this process, you are never in any doubt that the original chip works properly.
If a production chip is suspected of harboring hardware Trojans, however, the structure revealed in the disassembly process must be compared with some reference design. The ideal reference is a “golden chip”, meaning a chip known to accurately reflect the goals of the desired chip functionality with no additions, subtractions, or alterations. We’ll talk about where such a chip might come from later.
The Latest Bing News on:
- ‘It’s a Trojan horse.’ Donald Trump Jr., Rubio rally Miami Hispanics as race tightenson October 11, 2020 at 9:27 pm
A day after a massive caravan of Donald Trump supporters rolled across Miami-Dade County, Trump’s eldest son brought the president’s campaign back to Miami for a “Fighters Against Socialism” bus-tour ...
- HW Security Better, But Attack Surface Is Growingon October 9, 2020 at 6:21 am
We need to look at hardware, software, OS, application, cloud, and so on. And that creates a hierarchy of security. SE: In the past, it was only really the federal government that was seriously ...
- Dell Escapes FCA Suit Over Cybersecurity Vulnerabilityon October 8, 2020 at 8:12 pm
A Washington, D.C., federal judge dismissed a suit on Thursday accusing Dell of selling computer systems to the government that contained a cybersecurity vulnerability, saying it wasn't clear those ...
- An Analog Charge Pump Fabrication-Time Attack Compromises A Processoron October 8, 2020 at 5:00 pm
We will all be used to malicious software, computers and operating systems compromised by viruses, worms, or Trojans ... software is an assumption that the hardware is inviolate, the computer ...
- Lattice to Highlight Need for Hardware Security and Dynamic Trust in End-to-End Supply Chain at Linley Fall Processor Conference 2020on October 8, 2020 at 1:44 pm
“Supporting PFR-compliant system designs and establishing dynamic trust for system components can address a host of security concerns, including data theft, data corruption, Trojan or malware ...
- Lattice to Highlight Need for Hardware Security and Dynamic Trust in End-to-End Supply Chain at Linley Fall Processor Conference 2020on October 8, 2020 at 1:00 pm
"Supporting PFR-compliant system designs and establishing dynamic trust for system components can address a host of security concerns, including data theft, data corruption, Trojan or malware ...
- Protecting Chiplet Architectures With Hardware Securityon October 8, 2020 at 12:11 am
Compared to their monolithic counterparts, SiPs composed of chiplets, potentially from multiple sources, are at a higher risk of attack from hardware-based trojans clandestinely embedded in silicon.
- HP Expands Bug Bounty Program to Validate Office-Class Ink and Toner Cartridge Securityon October 1, 2020 at 5:09 am
“Security features need to go beyond the hardware and include the cartridge ... visit Is Your Printer The New Trojan Horse from Moor Insights & Strategies and HP Office Cartridge Security ...
- Researcher vaccinating integrated circuits interconnected with attack-immune architectureon September 18, 2020 at 7:13 am
Sai Manoj Pudukotai Dinakarrao, Assistant Professor, Electrical and Computer Engineering, is developing a technique to detect and defend against hardware Trojans (HT) in integrated circuits (ICs ...
The Latest Google Headlines on:
The Latest Bing News on:
- New AVR-IOT Board Connects To Googleon October 7, 2020 at 5:01 pm
You’ll find the ATmega4808 as the main controller, an ATWINC1510 WiFi controller (a castellated module reminiscent of the ESP8266), the ATECC608A cryptographic co-processor, MCP73871 LiPo ...
- Before the Web: The 1980s Dream of a Free and Borderless Virtual Worldon October 7, 2020 at 7:37 am
"Chip said there's this guy out in Santa Cruz ... This debate sparked May's interest in cryptography and cryptocurrency and would lead him to co-found the cypherpunks. Salin had an objection ...
- Fear Of Potato Chips: Samy Kamkar’s Side-Channel Attack Roundupon October 3, 2020 at 5:00 pm
Samy related a story of security researchers who managed to exfiltrate a normal conversation from a sealed, soundproof room simply by pointing a DSLR camera through a window at a potato chip bag ...
- STMicroelectronics Raises Performance and Value for Smart, Connected Devices with Even Faster STM32H7 Microcontrollerson September 29, 2020 at 8:20 am
The security features, including enhanced cryptographic accelerators, advanced off-chip memory protection, and secure key provisioning are all critical capabilities in achieving legislative ...
- Arm Cortex-M7 at 550MHz from STon September 29, 2020 at 6:57 am
STMicroelectronics has revealed microcontrollers built around Arm’s Cortex-M7 core and operate at 550MHz, “the fastest core speed in the market among MCUs that integrate flash storage on-chip to run .
- Passing NIST CAVP validation, Macronix ArmorFlash takes memory security to a new levelon September 17, 2020 at 3:56 am
Asymmetric cryptography enables a higher level of data ... mainstream controllers and processors from leading automotive chip suppliers. With a wide operating temperature range between -40 degree ...
- Single photons from a silicon chipon September 16, 2020 at 1:38 am
Today already, quantum cryptography can guarantee absolutely secure data transfer ... “This basically makes it possible to integrate such sources with other optical components on a chip.” Among other ...
- Single photons from a silicon chipon September 15, 2020 at 8:12 am
Today already, quantum cryptography can guarantee absolutely ... to integrate such sources with other optical components on a chip." Among other things, it would be of interest to couple the ...