Secure Chip Research Articles

Dedicated Security Chips in the Age of Secure Enclaves

Secure enclave architectures have become prevalent in modern CPUs. Enclaves provide a flexible way to implement various hardware-assisted security services. But special-purpose security chips can still have advantages. Interestingly, dedicated security chips can also assist enclaves and improve their security.

Architecture Design of Application Specific Power Chip Security for Power Terminal in Smart Grid

Power terminal based on chip is the development demand of smart grid. Aiming at the problems faced by the current power terminal based on chip, an architecture design scheme, which includes power security subsystem (PSS) and application special power system (ASPS) is proposed in this paper for power terminal in smart grid. Then, concrete subsystem architectures of the PSS and ASPS are designed and described. The PSS provides data encryption and decryption, identity authentication and other security services while ASPS can improve the efficiency of data parallel execution and processing efficiency of power terminal. Therefore, the proposed architecture design can solve the problem of security and efficiency better for power terminal in smart grid.

Practical Silicon-backside-protection Method for Abnormally Detection

Nowadays, security ICs such as cryptographic modules, TPMs (Trust Platform Modules), connected car ICs, and smart card protection methods have been enhanced due to the introduction of a variety of new attack methods. Additionally, their protection mechanisms are continuously being developed and evaluated. For these reasons, attacking or hacking security chips is now more difficult than it ever has been. Nevertheless, IC failure analysis tools are being greatly improved, with many developers using them. Additionally, in using these tools, many cases involve analyzing the integrated circuit. By exploiting this analysis, attackers can perform invasive attacks [1] or hack the IC from the backside more easily than ever before. However, due to the structure of an IC, making a circuit on the back side of the silicon is more difficult than doing so on the front side. In order to resolve this issue, this paper proposes a practical silicon-backside-protection method that can protect the IC from backside attacks while minimizing its size and increasing its coverage. The proposed method uses capacitance located between the metal-layer which is unused for routing, and uses it for a passive shield (dummy shield) area.

Securing Cryptographic Chips against Scan-Based Attacks in Wireless Sensor Network Applications.

Wireless sensor networks (WSN) have deeply influenced the working and living styles of human beings. Information security and privacy for WSN is particularly crucial. Cryptographic algorithms are extensively exploited in WSN applications to ensure the security. They are usually implemented in specific chips to achieve high data throughout with less computational resources. Cryptographic hardware should be rigidly tested to guarantee the correctness of encryption operation. Scan design improves significantly the test quality of chips and thus is widely used in semiconductor industry. Nevertheless, scan design provides a backdoor for attackers to deduce the cipher key of a cryptographic core. To protect the security of the cryptographic system we first present a secure scan architecture, in which an automatic test control circuitry is inserted to isolate the cipher key in test mode and clear the sensitive information at mode switching. Then, the weaknesses of this architecture are analyzed and an enhanced scheme using concept of test authorization is proposed. If the correct authorization key is applied within the specific time, the normal test can be performed. Otherwise, only secure scan test can be performed. The enhanced scan scheme ensures the security of cryptographic chips while remaining the advantages of scan design.

Enhancing Sensor Network Security with Improved Internal Hardware Design.

With the rapid development of the Internet-of-Things (IoT), sensors are being widely applied in industry and human life. Sensor networks based on IoT have strong Information transmission and processing capabilities. The security of sensor networks is progressively crucial. Cryptographic algorithms are widely used in sensor networks to guarantee security. Hardware implementations are preferred, since software implementations offer lower throughout and require more computational resources. Cryptographic chips should be tested in a manufacturing process and in the field to ensure their quality. As a widely used design-for-testability (DFT) technique, scan design can enhance the testability of the chips by improving the controllability and observability of the internal flip-flops. However, it may become a backdoor to leaking sensitive information related to the cipher key, and thus, threaten the security of a cryptographic chip. In this paper, a secure scan test architecture was proposed to resist scan-based noninvasive attacks on cryptographic chips with boundary scan design. Firstly, the proposed DFT architecture provides the scan chain reset mechanism by gating a mode-switching detection signal into reset input of scan cells. The contents of scan chains will be erased when the working mode is switched between test mode and functional mode, and thus, it can deter mode-switching based noninvasive attacks. Secondly, loading the secret key into scan chains of cryptographic chips is prohibited in the test mode. As a result, the test-mode-only scan attack can also be thwarted. On the other hand, shift operation under functional mode is disabled to overcome scan attack in the functional mode. The proposed secure scheme ensures the security of cryptographic chips for sensor networks with extremely low area penalty.

A Survey of Prototype Side-channel Attacks Based on Machine Learning Algorithms for Cryptographic Chips

Cryptographic chips have been widely used in the field of digital security. With the continuous development of side-channel attacks, the security of cryptographic chips has attracted more and more attention. This paper mainly reviews the most distinguishing template attacks in current side-channel attacks, introduces the basic steps of template attack implementation, analyzes and discusses the existing template attacks, and finally focuses on the research progress of template attacks, especially the current the research status of template attacks based on machine learning and deep learning algorithms lays the foundation for further research.

A PCA and Mahalanobis distance‐based detection method for logical hardware Trojan

SummaryDue to wide application of FPGA devices, which are easy to be attacked by HTs, it has been risen up more concern on chip security. In order to ensure the efficiency of detection, side‐channel analysis is used to detect HTs. However, existing methods for HT detection cannot detect the LHTs with the small size, which takes up lower than 1% area of the whole chip, considering that signal of LHTs is drowned in process deviations. To complete the side‐channel analysis for LHT, we proposed an algorithm that combines PCA and Mahalanobis distance to improve the accuracy of LHTs detection. In addition, performed on FPGA of Xilinx, a sample of LHTs was designed and verified, which took up nearly 0.1% area of the whole chip. The influence of process deviation on the power consumption of FPGA was simulated by Hspice. A set of power‐frequency data of golden FPGA was generated by Matlab as panel data, which was considering the influence. Another two sets of FPGA with and without LHT were generated to test the accuracy of the proposed method. For LHT and golden FPGA, the detection accuracy of proposed method is 99% and 87%, respectively.

Countermeasures in CPU for Timing and Power Side Channel Attack

Security chip is the critical component for information security system. Cryptographic modules for various algorithms and random number generation are usually provided inside the security chip. They are essential elements for achieving the confidentiality, integrity, and availability of the entire system. However, sensitive data in security chips are often assigned to other components through CPU operations, and transfers, so CPU security is also an essential part of the security chip. In order to improve the anti-side channel attack capability of CPU, this paper puts forward several countermeasures, including: unified instruction execution time, random switch of idle component, random switch of data bus, and randomization of program execution time. Some of these countermeasures are anti timing attack, some of which are anti power attack. By adopting multiple protection measures in CPU, it not only reduces the information leakage problem when sensitive information passes through the CPU, but also provides a powerful supplement to enhance the security of the other cryptographic components in the chip.

Secure Scan and Test Using Obfuscation Throughout Supply Chain

Scan-based test is commonly used to increase testability and fault coverage, however, it is also known to be a liability for chip security. Research has shown that intellectual property (IP) or secret keys can be leaked through scan-based attacks, which can be performed by entities within the supply chain. In this paper, we propose a design and test methodology against scan-based attacks throughout the supply chain, which includes a dynamically obfuscated scan (DOS) for protecting IP/integrated circuits (ICs). By perturbing test patterns/responses and protecting the Obfuscation Key, the proposed architecture is proven to be robust against existing noninvasive scan-based attacks, and can protect all scan data from attackers in foundry, assembly, and system development without compromising the testability. Further, a novel test methodology cooperating with the DOS design is also proposed, which shows full pattern application flexibility. Finally, detailed security and experimental analyses have been performed on ITC and industrial benchmarks. Demonstrated by the simulation results, the proposed architecture can be easily plugged into EDA generated scan chains without generating a noticeable impact on conventional IC design, manufacturing, and test flow. The results demonstrate that the proposed methodology can protect chips from existing brute force, differential, and other scan-based attacks that target the Obfuscation Key. Furthermore, the proposed design is of low overhead on area, power consumption, and pattern generation time, and there is no impact on test time.

Course on secure hardware design of silicon chips

This study describes the design and evaluation of a secure chip design module for graduate students and junior engineers with electronics and computer engineering. This course has two broad goals, the first is to teach students how design complex systems on chips using industry standard tools and the second is to educate them on emerging hardware security threats and countermeasures. There are a number of strategies currently been employed to handle the rising complexity of chip design, namely reuse, abstraction and automation. The authors aim to show how to employ these approaches to produce working systems within a time-constrained environment similar to that of IC design companies. One of the unique features of this module is its approach of treating hardware security as an integral part of the chip design process and as one of the design metrics which can be evaluated and optimised, this allows students to better understand the root causes of this issue and to think more constructively about potential countermeasures. The course is designed based on the principles of constructive alignment method and Kolb learning cycle. Detailed syllabus and assessment exercises are included. Feedback results from students' surveys indicate that the module has been positively received.

Microscopic Analysis of Chips

Nowadays many different types of chips are used virtually everywhere in the real world. Sometimes, it is necessary to ensure that a certain chip meets specific requirements. For this reason, it is essential to examine various properties of chips; one of those can be, e.g., the chip security with respect to its physical structure. This paper provides description of a proven chip decapsulation process (the presented process can be used to obtain bare chips for further analysis) and some additional information concerning analysis of the chips. Finally, a prototype of our application designated for later semiautomatic analysis is also briefly presented.

A White-Box-Cryptography-Based Scheme for the Secure Chip of DCAS Terminal

A White-Box-Cryptography-Based Scheme for the Secure Chip of DCAS Terminal

A hardened network-on-chip design using runtime hardware Trojan mitigation methods

Due to the globalized semiconductor business model, malicious hardware modifications, known as hardware Trojans (HTs), have risen up as a big concern for chip security. HT detection and mitigation methods for general integrated circuits have been investigated in the past decade. However, the majority of the existing efforts are not customized for HTs in Networks-on-Chip (NoCs). To complement the firmware and software level methods for rogue NoCs detection, we propose countermeasures to harden the NoC hardware design against tampering. More specifically, we propose a collaborative dynamic permutation and flit integrity check method to mitigate the potential inside-router HTs inserted by the disloyal member in the NoC design house or the 3rd-party system integration company. Our method improves the number of received packets by up to 70.1% over the other methods if the HT controls the NoC packet destination address. The average link availability of our method is 43.7% higher than that of the exiting methods. Our method increases the effective average latency by up to 63.4%, 68.2%, and 98.9% for the single HT in the destination, header, and tail fields, respectively, over the existing methods.

Secure chip based encrypted search protocol in mobile office environments

Secure chip based encrypted search protocol in mobile office environments

Static Physically Unclonable Functions for Secure Chip Identification With 1.9–5.8% Native Bit Instability at 0.6–1 V and 15 fJ/bit in 65 nm

A novel class of mono-stable static physically unclonable functions (PUFs) for secure key generation and chip identification is proposed. The fundamental concept is demonstrated through a 65 nm prototype that contains two different implementations, as well as several previously proposed PUFs to enable a fair comparison at iso-technology. From a statistical quality viewpoint, the achieved reproducibility and uniqueness are quantified by an intra-PUF Hamming distance (HD) lower than 1 and an inter-PUF HD of 128.35, for a 256-bit PUF output key. The keys generated by the proposed PUF pass all applicable NIST randomness tests. The measured energy per bit is as low as 15 fJ/bit. Native unstable bits are less than 2% at nominal conditions, less than 5% at 0.6–1 V and less than 6% in worst case scenario of 0.6 V voltage and 85 °C temperature, before applying any further post-silicon technique for stability enhancement.

Physical hardware trojan failure analysis and detection method

The semiconductor industry is rapidly developing in the global market, and chip design companies usually purchase the third-party EDA tools in order to shorten the design cycle of IC and reduce manufacturing cost. Therefore, in the IC chip production procedure there exist a lot of insecurity factors, and the hardware security of IC chips becomes the most important issue of the national security defense. Physical hardware trojan will modify the value of register, leak sensitive data and cause device degradation failure. Furthermore, the physical hardware trojans only modify the physical properties of the circuit chip rather than injects the malicious functional circuit. They are hidden more deeply than logical hardware trojans. Therefore, it is far-reaching significance issues for the hardware trojan detection methods and national security to study logic circuit transmission characteristics and the chip degradation failure physical mechanism which are caused by injection physical hardware trojans. In this paper, a metal-oxide-semiconductor field-effect transistor (MOSFET) device with injection dopant hardware trojan is realized by using ATHENA process simulation system to achieve the ion implantation process. The ATLAS simulation devices are tested using hot carrier injection degradation (hot carrier degradation is denoted by HCD) stress model for the degradation failure process which is caused by injecting the hot carrier injection hardware trojan (HCHT) into the MOSFET device. Another normal MOSFET combines with dopant hardware trojan MOSFET or hot carrier injection hardware trojan MOSFET to comprise the same inverter logic circuit by using the ATLAS two-dimensional (2D) device simulation system with SmartSpice instructions mode. The effect on logic circuit output characteristics caused by physical hardware trojan is studied by using Spice simulation to output the DC and AC transient time characteristics. It is also studied how the W/L value of a hardware trojan transistor influences the output characteristics of the logic circuit. We design an experiment to study transient characteristics of the same inverter logic module which consists of different W/L values of a transistor at different temperatures. The experiment is realized by Spice circuit simulation. In this paper, the effects of the variations of the HCD stress intensity and temperature on output characteristic are analyzed for hot carrier injection hardware trojan. The results indicate that the negative effect of hardware trojan on logic circuit DC current output characteristic is more obvious than AC transient time characteristic. Thus, we propose an effective method and a convenient procedure to detect the injection physical hardware trojan in packaged chips. Furthermore, the test process is a feasible operation method of detecting physical hardware trojan.

Dynamic Function Verification for System on Chip Security Against Hardware-Based Attacks

As chip designs become increasingly complex, there is a corresponding increased vulnerability to malicious circuitry that could be inserted in the design process. Such hardware Trojans can be designed to avoid pre-deployment detection, and thus to potentially launch attacks that could impede the function of the system or compromise the integrity of the data it contains. Given the near impossibility of exhaustive detection of malicious hardware during pre-deployment verification, techniques that enable post-deployment hardware integrity verification can play a vital role in system security. In this paper, we propose a system architecture for performing online verification in a manner that does not impede normal system hardware function. The proposed approach provides a comprehensive architectural design method aimed at system on chip (SoC) based hardware systems that performs run-time testing, detects run-time attacks by Trojans, mitigates them, quarantines the detected malicious hardware modules, and regenerates the lost system functions with modest cost.

A novel bit scalable leakage model based on genetic algorithm

AbstractWith the growing popularity of smart integrated circuit (IC) cards, the chip security is attracting more and more attention. Researches on the attack and protection of smart IC cards have become increasingly hot. Side‐channel attack is the practical and effective method, which has brought enormous threat. The efficiency of attack depends on the extent of the leakage model, which characterizes the practical applications. In the power analysis attack, the classical leakage model usually exploits the power consumption of single S‐box, which is called divide and conquer. Taking data encryption standard (DES) algorithm, for example, the attack on each S‐box needs to search the key space of 26 in a brute‐force way. In this paper, we propose a novel leakage model, which is more flexible than the classical leakage model. The novel leakage model is based on the power consumption of multiple S‐boxes, and the implementation of this method is combined with genetic algorithm. We can establish leakage model based on the Hamming distance of round output generated by eight S‐boxes in DES algorithm. The experiment verifies the fact that the leakage model of eight S‐boxes can decrease the traces number up to 52% than the classical one based on single S‐box for DES algorithm. It also decreases the traces number up to 32% for SM4 algorithm. All the measurements of power data are acquired from a practical smart IC card. We also conclude that increasing noise, using variable clock, and limiting the lifetime of root key can be the choices of defensive strategy. Copyright © 2015 John Wiley & Sons, Ltd.

Novel Test-Mode-Only Scan Attack and Countermeasure for Compression-Based Scan Architectures

Scan design is a de facto design-for-testability (DfT) technique that enhances access during manufacturing test process. However, it can also be used as a back door to leak secret information from a secure chip. In existing scan attacks, the secret key of a secure chip is retrieved by using both the functional mode and the test mode of the chip. These attacks can be thwarted by applying a reset operation when there is a switch of mode. However, the mode-reset countermeasure can be thwarted by using only the test mode of a secure chip. In this paper, we perform a detailed analysis on the test-mode-only scan attack. We propose attacks on an advanced encryption standard (AES) design with a basic scan architecture as well as on an AES design with an advanced DfT infrastructure that comprises decompressors and compactors. The attack results show that indeed the secure chips are vulnerable to test-mode-only attacks. The secret key can be recovered within 1 s even in the presence of decompressors and compactors. We then propose new countermeasures to thwart these attacks. The proposed countermeasures incur minimal cost while providing high success rate.

Improving hardware Trojan detection by retiming

Hardware Trojan horses (HTHs) are challenging threats to the security of silicon chips. A promising solution is path-delay fingerprinting for HTH detection. This paper presents trust-driven retiming(TDR), a synthesis approach to provide a circuit which can be analyzed more effectively by delay fingerprinting. To this end, TDR tries to reduce the maximum-delay path among all shortest paths crossing each node. We prove that HTH detection probability (HDP) is improved if delay fingerprinting is performed on shorter paths. Experimental results show that TDR can increase the HDP up to more than 90% at the cost of one clock cycle latency and a reasonable area overhead. The HDP tends to 100% if a 2% false alarm rate be acceptable.