Presentation is loading. Please wait.

Presentation is loading. Please wait.

Securing the core root of trust (research in secure hardware design and test) Ramesh Karri ECE Department.

Published byBuck Harrington Modified over 8 years ago

Similar presentations

Presentation on theme: "Securing the core root of trust (research in secure hardware design and test) Ramesh Karri ECE Department."— Presentation transcript:

1 Securing the core root of trust (research in secure hardware design and test) Ramesh Karri (rkarri@duke.poly.edu) ECE Department

2 Who can attack your system?  Hobby (class I)  Obsession (class II)  Job (class III) D. Abraham, G. Dolan, G. Double, and J. Stevens. Transaction Security System. IBM Systems Journal 30(2): 206-229, 1991.

3 How can your system be compromised?  Application software  Protocols  Operating system software

4 Is the problem worth my time? Source: http://www.uscc.gov/annual_report/2008/annual_report_full_09.pdf,, page 168http://www.uscc.gov/annual_report/2008/annual_report_full_09.pdf US-China economic and security review commission hearing on China's proliferation practices and the development of its cyber and space warfare capabilities, testimony of Col. Gary McAlum.

5 How can your system be protected?  Fix applications  Fix protocols  Fix operating systems

6 “the core root of trust” is secure This assumes that…

7 “the core root of trust” is secure But…

8 Outline 1.threat models 2.defenses 3.conclusions

9 Threat models for hardware  Side channels  Power dissipation  Timing variation  Test infrastructure  Faults  interactions between side channels  Cloning  Overbuilding  Reverse Engineering  Trojans

10 An example: test infrastructure side channel

11 Data Encryption Standard (DES) LiLi RiRi Round Key K i + L i+1 R i+1 r Expansion + S-box Permutation a b c d

12 DES layout

13  scan chain  test data input, TDI  test data output, TDO  test clock, TCK  test mode select, TMS  test reset chain all flip flops in a design test infrastructure

14 identify critical registers attack step 1

15 apply selected inputs attack step 2  3 plain texts  2 clock cycles in normal mode (plaintext reaches R,L)  198 clock cycles in test mode (R0, L0 scanned out)  1 clock cycle in normal mode (plaintext reaches R, L)  198 clock cycles in test mode (R1, L1 scanned out)  399×3=1197 clock cycles

16 Can leak secrets from DES, AES etc >80 % of all ASICs use scan chains for test/debug Readback/test infrastructure in FPGAs Load configuration stream Read-out bitstream for debug

17 test normal Secure normal Insecure Power off A fix: secure scan

18 test normal Secure normal Insecure Power off Secure scan Standards compliant 3 rd Prize, 2008-2009 IEEE TTTC PhD dissertation contest

19 Hardware threat models  Side channels  Power dissipation  Timing variation  Test infrastructure  Faults  interactions between side channels  Cloning  Overbuilding  Reverse Engineering  Trojans

20 T D D F U U U Background: IC design process D: Design, F: Fabrication T: Test, U: User

21 Rev. engineering T D D F U U U Reverse engineering D: Design, F: Fabrication T: Test, U: User

22 3500 counterfeit Cisco networking components recovered estimated retail value ~ $3.5 million

23 cloning T D D F U U U Cloning D: Design, F: Fabrication T: Test, U: User

24 Trojans T D D F U U U Hardware Trojans D: Design, F: Fabrication T: Test, U: User

25 The kill switch ? IEEE Spectrum, 2008

26 Only 2% of ~$3.5 billion of DoD ICs manufactured in trusted foundries !!!

27 Taxonomy of trojans

28 Leak AES key 40 registrations, 10 finalists, 3 winners, 2 honorable mentions http://isis.poly.edu/csaw/embedded Trojan challenge

29

30 Trojans in the development cycle

31 Trojans at different abstractions

32 Location of the inserted trojans

33 Where are the trojans inserted? 2 1 3 4

34 Next steps  develop defenses  investigate effectiveness  developing benchmarks  metrics?

35 Physically unclonable functions Uses physical structure of a device to give a unique response Used as device IDs The ring oscillator frequency varies with process variations.

36 A trojan defense

37 PUF gives unique ID to hardware Can we give a unique ID to a design?

38 A preliminary defense

39 Next steps  develop defenses  investigate effectiveness  developing benchmarks  metrics?

40 Questions? rkarri@duke.poly.edu, 917 363 9703rkarri@duke.poly.edu

Download ppt "Securing the core root of trust (research in secure hardware design and test) Ramesh Karri ECE Department."

Similar presentations

BOUNDARY SCAN.

BOUNDARY SCAN.
Copyright 2001, Agrawal & BushnellVLSI Test: Lecture 31/22alt1 Lecture 31 System Test (Lecture 22alt in the Alternative Sequence) n Definition n Functional.

Copyright 2001, Agrawal & BushnellVLSI Test: Lecture 31/22alt1 Lecture 31 System Test (Lecture 22alt in the Alternative Sequence) n Definition n Functional.
FPGA Configuration. Introduction What is configuration? – Process for loading data into the FPGA Configuration Data Source Configuration Data Source FPGA.

FPGA Configuration. Introduction What is configuration? – Process for loading data into the FPGA Configuration Data Source Configuration Data Source FPGA.
Differential Fault Analysis on AES Variants Kazuo Sakiyama, Yang Li The University of Electro-Communications Nagoya, Japan.

Differential Fault Analysis on AES Variants Kazuo Sakiyama, Yang Li The University of Electro-Communications Nagoya, Japan.
GSM network and its privacy Thomas Stockinger. Overview Why privacy and security? GSM network‘s fundamentals Basic communication Authentication Key generation.

GSM network and its privacy Thomas Stockinger. Overview Why privacy and security? GSM network‘s fundamentals Basic communication Authentication Key generation.
Apr. 20, 2001VLSI Test: Bushnell-Agrawal/Lecture 311 Lecture 31 System Test n Definition n Functional test n Diagnostic test  Fault dictionary  Diagnostic.

Apr. 20, 2001VLSI Test: Bushnell-Agrawal/Lecture 311 Lecture 31 System Test n Definition n Functional test n Diagnostic test  Fault dictionary  Diagnostic.
Trusted Design In FPGAs Steve Trimberger Xilinx Research Labs.

Trusted Design In FPGAs Steve Trimberger Xilinx Research Labs.
Hardware Support for Trustworthy Systems Ted Huffmire ACACES 2012 Fiuggi, Italy.

Hardware Support for Trustworthy Systems Ted Huffmire ACACES 2012 Fiuggi, Italy.
Using Cryptographic ICs For Security and Product Management Misconceptions about security Network and system security Key Management The Business of Security.

Using Cryptographic ICs For Security and Product Management Misconceptions about security Network and system security Key Management The Business of Security.
Lecture 28 IEEE JTAG Boundary Scan Standard

Lecture 28 IEEE JTAG Boundary Scan Standard
CMSC 414 Computer (and Network) Security Lecture 5 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 5 Jonathan Katz.
Preventing Piracy and Reverse Engineering of SRAM FPGAs Bitstream Lilian Bossuet 1,

Preventing Piracy and Reverse Engineering of SRAM FPGAs Bitstream Lilian Bossuet 1,
Cyber Security and Key Management Models Smart Grid Networks The Network System Key Management and Utilization Why Hardware Security Christopher Gorog,

Cyber Security and Key Management Models Smart Grid Networks The Network System Key Management and Utilization Why Hardware Security Christopher Gorog,
Design for Testability

Design for Testability
Real-Time Systems Design JTAG – testing and programming.

Real-Time Systems Design JTAG – testing and programming.
Spring 07, Jan 25 ELEC 7770: Advanced VLSI Design (Agrawal) 1 ELEC 7770 Advanced VLSI Design Spring 2007 VLSI System DFT Vishwani D. Agrawal James J. Danaher.

Spring 07, Jan 25 ELEC 7770: Advanced VLSI Design (Agrawal) 1 ELEC 7770 Advanced VLSI Design Spring 2007 VLSI System DFT Vishwani D. Agrawal James J. Danaher.
Encryption Transaction with 3DES Team W2 Yervant Dermenjian (W21) Taewan Kim (W22) Evan Mengstab(W23) Xiaochun Zhu(W24) Objective: To implement a secure.

Encryption Transaction with 3DES Team W2 Yervant Dermenjian (W21) Taewan Kim (W22) Evan Mengstab(W23) Xiaochun Zhu(W24) Objective: To implement a secure.
Secure Systems Design Ramesh Karri Office Hours: Tues/Wed/Thurs: 12:00- 1:30 in LC 001

Secure Systems Design Ramesh Karri Office Hours: Tues/Wed/Thurs: 12:00- 1:30 in LC 001
TAP (Test Access Port) JTAG course June 2006 Avraham Pinto.

TAP (Test Access Port) JTAG course June 2006 Avraham Pinto.
15-441 Computer Networking Lecture 21: Security and Cryptography Thanks to various folks from 15-441, semester’s past and others.

Computer Networking Lecture 21: Security and Cryptography Thanks to various folks from , semester’s past and others.

Similar presentations

Ads by Google