5-hardware-security-primitives-ip-protection-2.pdf
Document Details
Uploaded by TrustworthyNewYork
Friedrich-Alexander-Universität Erlangen-Nürnberg
Tags
Related
- Embedded Systems Hardware Lecture PDF
- CAO.pdf
- (The Morgan Kaufmann Series in Computer Architecture and Design) David A. Patterson, John L. Hennessy - Computer Organization and Design RISC-V Edition_ The Hardware Software Interface-Morgan Kaufmann-24-101-28-39.pdf
- (The Morgan Kaufmann Series in Computer Architecture and Design) David A. Patterson, John L. Hennessy - Computer Organization and Design RISC-V Edition_ The Hardware Software Interface-Morgan Kaufmann-102-258.pdf
- (The Morgan Kaufmann Series in Computer Architecture and Design) David A. Patterson, John L. Hennessy - Computer Organization and Design RISC-V Edition_ The Hardware Software Interface-Morgan Kaufmann-102-258-pages-3.pdf
- Real-Time Embedded System PDF
Full Transcript
Security in Embedded Hardware Chapter 5: Hardware Design Flow and IP Protection Dr.-Ing. Stefan Wildermann Lehrstuhl für Informatik 12 Hardware Design Flow Gate- Layout Test, Specification...
Security in Embedded Hardware Chapter 5: Hardware Design Flow and IP Protection Dr.-Ing. Stefan Wildermann Lehrstuhl für Informatik 12 Hardware Design Flow Gate- Layout Test, Specification Design Physical Synthesis Level File/Bit- Fabrication Waver Assembly & IC & Design Sources Layout Netlist stream Packaging Soft IP Firm IP Hard IP Design is specified in Hardware Description Language (Verilog, VHDL) at Register-Transfer Level (RTL) Synthesis: Computer-aided design (CAD) tool synthesizes RTL design into gate-level netlist Physical Layout: physically lay out design on target architecture (ASIC or FPGA) by placing cells and routing interconnect, resulting in layout file (ASIC) or bitstream (FPGA) Fabricate the actual hardware. Most design houses are fabless and fabricate products at third-party foundries Test, Assembly & Packaging: Test fabricated chips to ensure its functionality, cut individual dies from waver, and package the chip Security in Embedded Hardware 2 Intellectual Property (IP) Gate- Layout Test, Specification Design Physical Synthesis Level File/Bit- Fabrication Waver Assembly & IC & Design Sources Layout Netlist stream Packaging Soft IP Firm IP Hard IP IP Core: Reusable and modular unit of logic, cell, block, or IC layout designed and owned by an IP vendor Basic building blocks of hardware design Modern SoCs can contain tens to hundreds of IP cores (processors, accelerators, periphery, etc.) Soft IP: RTL design provided in hardware description language Firm IP: Gate-level netlist based on Boolean algebra (gates and standard cells) Hard IP: Technology-mapped and placed-and-routed design provided as black box by IP vendor Security in Embedded Hardware 3 Security and Trust Issues in Supply Chain Gate- Layout Test, Specification Design Physical Synthesis Level File/Bit- Fabrication Waver Assembly & IC & Design Sources Layout Netlist stream Packaging Soft IP Firm IP Hard IP Hardware Trojans: Attacker in design house or foundry can add malicious circuitry or modify the existing design IP Piracy: IP user of attacker in foundry can illegally pirate the IP and deliver it to unauthorized entities without knowledge and consent of the IP vendor IC Overbuilding: Malicious foundry can produce more than the ordered number of ICs and sell them on the black market. Security in Embedded Hardware 4 Hardware Trojans Security in Embedded Hardware 5 Trojan in Syrian Defense System Hardware Trojans: Attacker in design house or foundry can add malicious circuitry or modify the existing design Have been tested in research paper, no reliable information about real cases Known (anecdote?): 2007 Israeli jets bombed a suspected nuclear installation in Syria Syrian radar system failed to warn the military from incoming assault Chips with hidden “backdoor”: Invade communication, read sensors, manipulate https://foreignpolicy.com/2007/10/05/syrian-radar- p0wned-by-israeli-military-hackers/ data, take over control S. Adee. 2008. The hunt for the kill switch. IEEE Spectr. 55 (2016), 426–437. https://spectrum.ieee.org/semiconductors/design/the-hunt-for-the-kill-switch Wildermann | GRK Cybercrime | Ringvorlesung 6 Hardware Trojans Hardware Trojans: Attacker in design house or foundry can add malicious circuitry or modify the existing design 1 Crypto ciphertext plaintext hardware 0 module signal 0 or 1 Trigger Countermeasures: Establish trust in distributed supply chain Test whether timing, power, temperature (side-channel) measurements deviate from a golden model (Invasive physical) reverse engineering of integrated circuit Wildermann | GRK Cybercrime | Ringvorlesung 7 Hardware Trojans Abstraction Activation Insertion Phase Effects Location level mechanism Specification System level Always on Change the Processor functionality Development Triggered Design Memory environment Internally Downgrade performance Register-transfer Time-based Fabrication Physical- I/O level condition Leak based information Power Testing Gate level supply Triggered Denial of Assembly and Transistor level Externally service Clock grid packaging User Input Physical level Component output R. Karri, J. Rajendran, K. Rosenfeld and M. Tehranipoor. Trustworthy Hardware: Identifying and Classifying Hardware Trojans. In Computer, vol. 43, no. 10, pp. 39-46, Oct. 2010, doi: 10.1109/MC.2010.299. Security in Embedded Hardware 8 IP Encryption Security in Embedded Hardware 9 IP Encryption Goals: Prevent usage without proper license Prevent modifications of the core Encryption of HDL or Netlist Cores Cores delivered to customer in an encrypted form (usable for netlist or HDL cores) EDA tools decrypt the core before usage Problem: Different EDA tools in the design flow IP Data After processing the core, the results must be also encrypted and the next tool has to decrypt the core again For example: The synthesis tool decrypts the VHDL source codes and encrypts the resulting netlist Customers have only access to encrypted data EDA tools must be secured against read-out attacks Security in Embedded Hardware 10 IP Encryption – IEEE standard P1735-2014 IEEE standard P1735-2014 “IEEE Recommended Practice for Encryption and Management of Electronic Design Intellectual Property (IP)” Securing IP through encryption to protect the interests of IP vendors Sharing and reuse of IP cores within electronic design automation (EDA) tools Interoperability among different EDA tools and platforms Limited to soft and firm IP cores Security goal: Confidentiality Rights & Properties IP Vendor EDA Tool Block EDA Tool Session Key Protected IP Data IP Data IP Data Security in Embedded Hardware 11 IP Encryption – Digital Envelope IEEE 1735 defines structure of digital envelope to protect IP Rights & Properties Rights & Properties section Specifies rights granted to IP user, e.g., which information Common Block is visible during simulation and synthesis Tool Block 1 Common rights applying to all supported tools Tool blocks contain Session Key HMAC tool-specific rights encrypted session key for the respective tool being able to decrypt the IP data Tool Block 2 Hash signature computed over the common block and Session Key the tool block by a hash-based message authentication code (HMAC) using the session key … each tool can compute hash and validate integrity Protected IP data encrypted with AES Protected IP Data Security in Embedded Hardware 12 IP Encryption – IP Vendor public key Symmetric key (session key) is EDA tool generated by the IP core vendor IP Source IP vendor vendor 1 IP Cores are encrypted using symmetric methods, e.g., AES symmetric session key Session key is encrypted using the public key of the EDA tool vendor using asymmetric methods, e.g., RSA Rights & Properties Digital envelop is provided to data data Common Block customer key Customer can use the IP Tool Block data in EDA tools covered Session by the right & properties Key section of the envelope Encrypt Encrypt Decryption in EDA tool is done … by (1.) decrypting the session Protected IP key with private key of EDA tool and (2.) decrypting the IP data Source with the decrypted session key Security in Embedded Hardware 13 IP Encryption – EDA Tool public key next private key EDA EDA tool vendor 2 tool vendor 1 Rights & Properties Encrypt Rights & Properties Common Block Decrypt Common Block Tool Block Tool Block Session Session Key Key … … Decrypt IP vendor Encrypt Protected IP Protected IP symmetric key Source Source IP Source Synthesis Bitstream Security in Embedded Hardware 14 IP Encryption – Design Flow Security in Embedded Hardware 15 Where is the EDA tool key stored? Key hard-coded in EDA tool which runs in untrusted environment White-box cryptography focuses on protecting cryptographic algorithms when attacker has full access to execution environment and can observe and manipulate the cryptographic process, e.g., Code obfuscation Redundancy, Masking private key EDA tool vendor Randomize and split keys, values, and computations Attacks exist to recover private keys from tools of major EDA Encrypt tool vendors such as Intel, Xilinx, Cadence, Siemens, Microsemi, Decrypt and Lattice Decrypt IP vendor Encrypt Attackers can decrypt, modify, and re-encrypt all protected symmetric key IP cores IP Bitstrea Synthesis Source m Julian Speith, et al. How Not to Protect Your IP - An Industry-Wide Break of IEEE 1735 Implementations. IEEE Security and Privacy, 2022. Security in Embedded Hardware 16 FPGA Bitstream Encryption Security in Embedded Hardware 17 Field-Programmable Gate Arrays (FPGA) Field-Programmable Gate Array (FPGA) is flexible and Programmable reconfigurable integrated circuit. I/O Blocks Composed of an array of programmable logic blocks, configurable interconnects, and I/O blocks Hardware can be programmed to implement custom hardware functionality post-manufacturing Configurable Logic Blocks (CLBs): Consisting of lookup tables (LUTs), flip-flops, and multiplexers. Allow to implement combinational logic, sequential logic, and simple storage. Interconnects: Programmable routing resources that Configurable Programmable provide paths for connecting the CLBs. Logic Blocks routing I/O Blocks: Connect the internal FPGA logic to external pins. Security in Embedded Hardware 18 FPGA Fundamentals – Look-up Tables X