Parametric Trojans for Fault-based Attacks on Cryptographic Hardware
Hardware security is a relatively new scientific discipline which focuses on adversarial threats to hardware components of complex systems including manipulation, unauthorized access to confidential data, and intellectual property theft. The presentation will focus on two kinds of such threats: hardware Trojans and fault-based attacks on cryptographic circuits. Hardware Trojans are malicious modifications of the circuit design by an untrusted third-party manufacturer, facilitated by outsourcing to overseas foundries. Fault-based attacks are used for cryptanalysis, that is, extraction of the secret key from a hardware implementation of a cryptosystem by injecting faults during encryption or decryption and comparing the fault-affected output values to the fault-free results.
We propose two extremely stealthy hardware Trojans that facilitate fault-injection attacks in cryptographic blocks. The Trojans modify the electrical characteristics of predetermined transistors in a circuit by altering parameters such as doping concentration and dopant area. These Trojans are activated with very low probability under the presence of a slightly reduced supply voltage (0.001 for 20% Vdd reduction). We demonstrate the effectiveness of the Trojans by utilizing them to inject faults into an ASIC implementation of the recent lightweight block cipher PRINCE. Full circuit-level simulation followed by differential cryptanalysis demonstrates that the secret key can be reconstructed after around 5 fault-injections. On the other hand, the Trojans are extremely hard to detect by known methods, namely functional testing, side-channel analysis, and optical inspection.
Ilia Polian received his PhD from the University of Freiburg (Germany) in 2003 and joined the University of Passau (Germany) as Full Professor and Chair of Computer Engineering in 2010. Professor Polian currently serves as the Dean of Computer Science and Mathematics and is Vice Speaker of the COST Action “Trustworthy Manufacturing and Utilization of Secure Devices” ICT1204 and Vice Chair of the (national) GMM/GI/ITG Working Group on Test Methods and Reliability. He organized several international conferences, including the IEEE European Test Symposium 2007 in Freiburg; the Test and Reliability workshop 2011 in Passau; and a new series of reliability-aware system design and test workshops in India as Vice Program Chair. He has over 100 publications (one best paper award, one best paper award nomination) and is an IEEE Senior Member. His research interests are in reliable and secure micro- and nanoelectronic circuit and systems, including cross-layer defect modeling and test algorithms; fault-based attacks; malicious manipulations and countermeasures; and fault-tolerant quantum computing.