IP Core Protection using Voltage-Controlled Side-Channel Receivers - - PowerPoint PPT Presentation

ip core protection using voltage controlled side channel
SMART_READER_LITE
LIVE PREVIEW

IP Core Protection using Voltage-Controlled Side-Channel Receivers - - PowerPoint PPT Presentation

Mar 31, 2024 201 likes •338 views

IP Core Protection using Voltage-Controlled Side-Channel Receivers Peter Samarin 1 , 2 , Kerstin Lemke-Rust 1 , and Christof Paar 2 Bonn-Rhein-Sieg University of Applied Sciences 1 Ruhr-Universitt Bochum 2 Germany Bonn-Rhein-Sieg University of

slide-1
SLIDE 1

IP Core Protection using Voltage-Controlled Side-Channel Receivers

Peter Samarin1,2, Kerstin Lemke-Rust1, and Christof Paar2

Bonn-Rhein-Sieg University of Applied Sciences1 Ruhr-Universität Bochum2 Germany Bonn-Rhein-Sieg University of Applied Sciences

slide-2
SLIDE 2

May 4, 2016

IP Protection on FPGAs

Bitstream

010101001001010101111011101000101110101000010011010100100011011111 010101001010100100010100100101010010010101011110111010001011101010 000100110101001000110111110101010010101001000101001001010100100101 010111101110100010111010100001001101010010001101111101010100101010 010001010010010101001001010101111011101000101110101000010011010100 100011011111010101001010100100010100100101010010010101011110111010 001011101010000100110101001000110111110101010010101001000101001001 010100100101010111101110100010111010100001001101010010001101111101 010100101010010001010010010101001001010101111011101000101110101000 010011010100100011011111010101001010100100010100100101010010010101 011110111010001011101010000100110101001000110111110101010010101001 000101001001010100100101010111101110100010111010100001001101010010 001101111101010100101010010001010010010101001001010101111011101000 101110101000010011010100100011011111010101001010100100010100100101 010010010101011110111010001011101010000100110101001000110111110101 010010101001000101001001010100100101010111101110100010111010100001 001101010010001101111101010100101010010001010010

Netlist

(cell yyy (cellType generic) (view schematic_ (viewType netlist) (interface (port CLEAR (direction INPUT)) (port CLOCK (direction INPUT)) ... ) (contents (instance I_36_1 (viewRef view1 (cellRef dff_4))) (instance (rename I_36_3 "I$3") (viewRef view1 (cellRef addsub_4))) ... (net CLEAR (joined (portRef CLEAR) (portRef aset (instanceRef I_36_1)) (portRef aset (instanceRef I_36_3))))

FPGA

IP

1

IP

3

IP

2

IP

9

IP

7

IP

8

IP

5

IP

6

IP

4

stolen

legally

  • btained

self-developed

How to detect illegally used cores in the field? Challenges

Bitstreams are encrypted IP cores are parts of larger systems

  • P. Samarin, K. Lemke-Rust, C. Paar

IP Core Protection using Voltage-Controlled Side-Channel Receivers 1 / 11

slide-3
SLIDE 3

May 4, 2016

IP Protection using Side-Channels

LFSR Leakage circuit 1 0 1 0 1 0 shift if "1" Sequence generator

Width: 16 Width: 32 Width: 64

Verification Measure the power consumption Correlate the known LFSR sequence to the measurement (Becker et al., 2010)

  • P. Samarin, K. Lemke-Rust, C. Paar

IP Core Protection using Voltage-Controlled Side-Channel Receivers 2 / 11

slide-4
SLIDE 4

May 4, 2016

Our Contribution

Establish an input side channel to individual IP Cores using voltage modulation (Sun et al., 2011) used temperature (several bits/s)

1 2 3 4 5 100 200 300 400

Supply voltage (V) Time (µs)

  • P. Samarin, K. Lemke-Rust, C. Paar

IP Core Protection using Voltage-Controlled Side-Channel Receivers 3 / 11

slide-5
SLIDE 5

May 4, 2016

Voltage-Based Side-Channel Receivers

rst

  • scillation

counter sampled number of

  • scillations

+

  • FPGA

Vcc ring

  • scillator

data valid data previous number of

  • scillations

Manchester coding

  • rising

falling same PLL / DCM

1 Supply voltage control

3 Voltage levels: Vreset, V0, V1 (V2 is not used)

2 Detection of changes in supply voltage

Ring oscillator sampled by a fixed clock Relative threshold to find rising and falling edges Manchester coding

  • P. Samarin, K. Lemke-Rust, C. Paar

IP Core Protection using Voltage-Controlled Side-Channel Receivers 4 / 11

slide-6
SLIDE 6

May 4, 2016

IP Protection

FPGA

IP

1

IP

3

IP

2

IP

9

IP

7

IP

8

IP

5

IP

6

IP

4

Embed an SC-receiver into each protected IP core Send commands to protected IP cores

  • P. Samarin, K. Lemke-Rust, C. Paar

IP Core Protection using Voltage-Controlled Side-Channel Receivers 5 / 11

slide-7
SLIDE 7

May 4, 2016

Verification

Protected IP core input en data Original IP core

en

SC receiver FSM

secret codeword

Authentication Normal operation T urn off the core Set output data to zeros zeros FSM 2 2 2 1 3

1 Send a core-dependent secret codeword 2 Send commands, observe the behavior of the chip:

Turn off the core Set output data to zeros Return to normal operation Deselect core

3 If the behavior is unusual then stop, else goto step 2

  • P. Samarin, K. Lemke-Rust, C. Paar

IP Core Protection using Voltage-Controlled Side-Channel Receivers 6 / 11

slide-8
SLIDE 8

May 4, 2016

Experimental Setup

  • P. Samarin, K. Lemke-Rust, C. Paar

IP Core Protection using Voltage-Controlled Side-Channel Receivers 7 / 11

slide-9
SLIDE 9

May 4, 2016

A Proof-of-Concept Implementation

RS-232 128-bits LFSR AES-128 4-bits VGA Monitor PC

Digilent board with a Spartan 3 (XC3S200) FPGA1 50MHz external clock Voltage control by a breadboard circuit Voltage levels Vreset = 0V, V0 = 2.8V, V1 = 3.2V Transmission rate 2.4 KBits/s 32-Bit codewords

1http://store.digilentinc.com/spartan-3-board-retired/

  • P. Samarin, K. Lemke-Rust, C. Paar

IP Core Protection using Voltage-Controlled Side-Channel Receivers 8 / 11

slide-10
SLIDE 10

May 4, 2016

The Price to Pay

Codeword size (bits)

  • N. of slices

32 49 64 70 80 81 128 111 Need to try several codewords (in the worst case all) Cannot measure once and try them all just on the data Cores without clock cannot be protected More recent work on SASEBO-GII board2

Spartan 3 FPGA for control Virtex 5 (XC5VLX50) FPGA for measurements Same breadboard circuit didn’t work (voltage regulator)

2http://satoh.cs.uec.ac.jp/SASEBO/en/board/sasebo-g2.html

  • P. Samarin, K. Lemke-Rust, C. Paar

IP Core Protection using Voltage-Controlled Side-Channel Receivers 9 / 11

slide-11
SLIDE 11

May 4, 2016

Summary and Future Work

Voltage-controlled side-channel receiver on FPGAs

IP protection of individual cores Strong proof of IP ownership

Other applications

Hardware trojans triggered by a codeword Protection against counterfeits

Future work

Testing other FPGAs and boards Adressing voltage regulators Two-way side-channel communication

  • P. Samarin, K. Lemke-Rust, C. Paar

IP Core Protection using Voltage-Controlled Side-Channel Receivers 10 / 11

slide-12
SLIDE 12

May 4, 2016

References

Becker, G., Kasper, M., Moradi, A., and Paar, C. (2010). Side-channel based watermarks for integrated circuits. In Hardware-Oriented Security and Trust (HOST), 2010 IEEE International Symposium

  • n, pages 30–35.

Sun, J., Bittner, R., and Eguro, K. (2011). FPGA side-channel

  • receivers. In Proceedings of the 19th ACM/SIGDA International

Symposium on Field Programmable Gate Arrays, FPGA ’11, pages 267–276, New York, NY, USA. ACM.

  • P. Samarin, K. Lemke-Rust, C. Paar

IP Core Protection using Voltage-Controlled Side-Channel Receivers 11 / 11