On the Difficulty of FSM-based Hardware Obfuscation CHES 2018, - - PowerPoint PPT Presentation

on the difficulty of fsm based hardware obfuscation
SMART_READER_LITE
LIVE PREVIEW

On the Difficulty of FSM-based Hardware Obfuscation CHES 2018, - - PowerPoint PPT Presentation

Aug 01, 2023 643 likes •1.02k views

On the Difficulty of FSM-based Hardware Obfuscation CHES 2018, September 10, 2018 Marc Fyrbiak 1 , Sebastian Wallat 2 , Jonathan Dchelotte 3 , Nils Albartus 1 , Sinan Bcker 1 Russell Tessier 2 , Christof Paar 1,2 1 Ruhr-Universitt Bochum 2

slide-1
SLIDE 1

On the Difficulty of FSM-based Hardware Obfuscation

CHES 2018, September 10, 2018

Marc Fyrbiak1, Sebastian Wallat2, Jonathan Déchelotte3, Nils Albartus1, Sinan Böcker1 Russell Tessier2, Christof Paar1,2

1Ruhr-Universität Bochum 2University of Massachusetts Amherst 3University of Bordeaux

slide-2
SLIDE 2

Motivation

  • IP cores transparent to numerous stakeholders
  • Problem for IP owner(s): piracy

2/19 On the Difficulty of FSM-based Hardware Obfuscation | CHES 2018 | Amsterdam | September 10, 2018

slide-3
SLIDE 3

Motivation

  • IP cores transparent to numerous stakeholders
  • Problem for IP owner(s): piracy
  • Solution: IP theft protection and obfuscation

2/19 On the Difficulty of FSM-based Hardware Obfuscation | CHES 2018 | Amsterdam | September 10, 2018

slide-4
SLIDE 4

Motivation

  • IP cores transparent to numerous stakeholders
  • Problem for IP owner(s): piracy
  • Solution: IP theft protection and obfuscation
  • State-of-the-Art: FSM obfuscation assumed to provide strong

protection

  • HARPOON
  • Dynamic State Deflection
  • Active Hardware Metering
  • Interlocking Obfuscation

S0 S1

1 1

2/19 On the Difficulty of FSM-based Hardware Obfuscation | CHES 2018 | Amsterdam | September 10, 2018

slide-5
SLIDE 5

Motivation

  • IP cores transparent to numerous stakeholders
  • Problem for IP owner(s): piracy
  • Solution: IP theft protection and obfuscation
  • State-of-the-Art: FSM obfuscation assumed to provide strong

protection

  • HARPOON
  • Dynamic State Deflection
  • Active Hardware Metering
  • Interlocking Obfuscation

Our Research Question: How secure are these schemes?

S0 S1

1 1

2/19 On the Difficulty of FSM-based Hardware Obfuscation | CHES 2018 | Amsterdam | September 10, 2018

slide-6
SLIDE 6

Adversary Model

Assumptions:

  • Access to flattened gate-level netlist equipped with FSM obfuscation
  • No information about module hierarchies, synthesis options, and names

Goal:

  • Deobfuscate design to commit IP infringement

3/19 On the Difficulty of FSM-based Hardware Obfuscation | CHES 2018 | Amsterdam | September 10, 2018

slide-7
SLIDE 7

FSM Obfuscation - Dynamic State Deflection

  • Obfuscation FSM and blackhole

FSM are added to original FSM

  • Enabling key only known to honest

parties

4/19 On the Difficulty of FSM-based Hardware Obfuscation | CHES 2018 | Amsterdam | September 10, 2018

slide-8
SLIDE 8

FSM Obfuscation - Dynamic State Deflection

  • Obfuscation FSM and blackhole

FSM are added to original FSM

  • Enabling key only known to honest

parties

  • How challenging is FSM reverse engineering and how secure is this scheme?

4/19 On the Difficulty of FSM-based Hardware Obfuscation | CHES 2018 | Amsterdam | September 10, 2018

slide-9
SLIDE 9

Agenda

1 Automated FSM Reverse Engineering 2 Case Study: Deobfuscation of Dynamic State Deflection 3 Hardware Nanomites 4 Conclusion

5/19 On the Difficulty of FSM-based Hardware Obfuscation | CHES 2018 | Amsterdam | September 10, 2018

slide-10
SLIDE 10

Problem I: Determine FSM Gates in Gate-level Netlist

  • Ideas build upon previous work by Shi et al. and Meade et al.

Transition Logic Output Logic State Memory

6/19 On the Difficulty of FSM-based Hardware Obfuscation | CHES 2018 | Amsterdam | September 10, 2018

slide-11
SLIDE 11

Problem I: Determine FSM Gates in Gate-level Netlist

  • Ideas build upon previous work by Shi et al. and Meade et al.
  • FSM Property I: Register control signals

Transition Logic Output Logic State Memory

6/19 On the Difficulty of FSM-based Hardware Obfuscation | CHES 2018 | Amsterdam | September 10, 2018

slide-12
SLIDE 12

Problem I: Determine FSM Gates in Gate-level Netlist

  • Ideas build upon previous work by Shi et al. and Meade et al.
  • FSM Property II: Strongly connected component

Transition Logic Output Logic State Memory

6/19 On the Difficulty of FSM-based Hardware Obfuscation | CHES 2018 | Amsterdam | September 10, 2018

slide-13
SLIDE 13

Problem I: Determine FSM Gates in Gate-level Netlist

  • Ideas build upon previous work by Shi et al. and Meade et al.
  • FSM Property III: Combinational logic feedback path

Output Logic State Memory Transition Logic

6/19 On the Difficulty of FSM-based Hardware Obfuscation | CHES 2018 | Amsterdam | September 10, 2018

slide-14
SLIDE 14

Problem I: Determine FSM Gates in Gate-level Netlist

  • Ideas build upon previous work by Shi et al. and Meade et al.
  • FSM Property IV: Control behavior

Transition Logic State Memory Output Logic

6/19 On the Difficulty of FSM-based Hardware Obfuscation | CHES 2018 | Amsterdam | September 10, 2018

slide-15
SLIDE 15

Problem II: Determine State Transition Graph from FSM Gates

  • Ideas build upon previous work by Shi et al. and Meade et al.

module FSM (CLK, I , O) ; input CLK, I ;

  • utput O;

wire o_G1 , o_G2 ; XOR G1 ( . IN1 (o_G2) , . IN2 ( I ) , .O(o_G1) ) ; DFF G2 ( .CLK(CLK) , .D(o_G1) , .Q(o_G2) ) ; INV G3 ( . IN (o_G2) , .O(O) ) ; endmodule

7/19 On the Difficulty of FSM-based Hardware Obfuscation | CHES 2018 | Amsterdam | September 10, 2018

slide-16
SLIDE 16

Problem II: Determine State Transition Graph from FSM Gates

  • Ideas build upon previous work by Shi et al. and Meade et al.

module FSM (CLK, I , O) ; input CLK, I ;

  • utput O;

wire o_G1 , o_G2 ; XOR G1 ( . IN1 (o_G2) , . IN2 ( I ) , .O(o_G1) ) ; DFF G2 ( .CLK(CLK) , .D(o_G1) , .Q(o_G2) ) ; INV G3 ( . IN (o_G2) , .O(O) ) ; endmodule G3 G1 G2

O I

7/19 On the Difficulty of FSM-based Hardware Obfuscation | CHES 2018 | Amsterdam | September 10, 2018

slide-17
SLIDE 17

Problem II: Determine State Transition Graph from FSM Gates

  • Ideas build upon previous work by Shi et al. and Meade et al.

module FSM (CLK, I , O) ; input CLK, I ;

  • utput O;

wire o_G1 , o_G2 ; XOR G1 ( . IN1 (o_G2) , . IN2 ( I ) , .O(o_G1) ) ; DFF G2 ( .CLK(CLK) , .D(o_G1) , .Q(o_G2) ) ; INV G3 ( . IN (o_G2) , .O(O) ) ; endmodule G3 G1 G2

O I

S0 1

7/19 On the Difficulty of FSM-based Hardware Obfuscation | CHES 2018 | Amsterdam | September 10, 2018

slide-18
SLIDE 18

Problem II: Determine State Transition Graph from FSM Gates

  • Ideas build upon previous work by Shi et al. and Meade et al.

module FSM (CLK, I , O) ; input CLK, I ;

  • utput O;

wire o_G1 , o_G2 ; XOR G1 ( . IN1 (o_G2) , . IN2 ( I ) , .O(o_G1) ) ; DFF G2 ( .CLK(CLK) , .D(o_G1) , .Q(o_G2) ) ; INV G3 ( . IN (o_G2) , .O(O) ) ; endmodule G3 G1 G2

O I

S0 1

7/19 On the Difficulty of FSM-based Hardware Obfuscation | CHES 2018 | Amsterdam | September 10, 2018

slide-19
SLIDE 19

Problem II: Determine State Transition Graph from FSM Gates

  • Ideas build upon previous work by Shi et al. and Meade et al.

module FSM (CLK, I , O) ; input CLK, I ;

  • utput O;

wire o_G1 , o_G2 ; XOR G1 ( . IN1 (o_G2) , . IN2 ( I ) , .O(o_G1) ) ; DFF G2 ( .CLK(CLK) , .D(o_G1) , .Q(o_G2) ) ; INV G3 ( . IN (o_G2) , .O(O) ) ; endmodule G3 G1 G2

O I

S0 1 S1

1

7/19 On the Difficulty of FSM-based Hardware Obfuscation | CHES 2018 | Amsterdam | September 10, 2018

slide-20
SLIDE 20

Problem II: Determine State Transition Graph from FSM Gates

  • Ideas build upon previous work by Shi et al. and Meade et al.

module FSM (CLK, I , O) ; input CLK, I ;

  • utput O;

wire o_G1 , o_G2 ; XOR G1 ( . IN1 (o_G2) , . IN2 ( I ) , .O(o_G1) ) ; DFF G2 ( .CLK(CLK) , .D(o_G1) , .Q(o_G2) ) ; INV G3 ( . IN (o_G2) , .O(O) ) ; endmodule G3 G1 G2

O I

S0 1 S1

1

7/19 On the Difficulty of FSM-based Hardware Obfuscation | CHES 2018 | Amsterdam | September 10, 2018

slide-21
SLIDE 21

Problem II: Determine State Transition Graph from FSM Gates

  • Ideas build upon previous work by Shi et al. and Meade et al.

module FSM (CLK, I , O) ; input CLK, I ;

  • utput O;

wire o_G1 , o_G2 ; XOR G1 ( . IN1 (o_G2) , . IN2 ( I ) , .O(o_G1) ) ; DFF G2 ( .CLK(CLK) , .D(o_G1) , .Q(o_G2) ) ; INV G3 ( . IN (o_G2) , .O(O) ) ; endmodule G3 G1 G2

O I

S0 1 S1

1 1

7/19 On the Difficulty of FSM-based Hardware Obfuscation | CHES 2018 | Amsterdam | September 10, 2018

slide-22
SLIDE 22

Automated FSM Reverse Engineering

Boolean Function Analysis Topological Analysis

FSM Candidates

Gate

  • level

Netlist

FSMs

8/19 On the Difficulty of FSM-based Hardware Obfuscation | CHES 2018 | Amsterdam | September 10, 2018

slide-23
SLIDE 23

Automated FSM Reverse Engineering

Boolean Function Analysis Topological Analysis

FSM Candidates

Gate

  • level

Netlist

FSMs

  • Boolean Function Analysis: O(|S| · 2|I|)
  • |S| = Number of FSM states

|I| = Number of FSM inputs

8/19 On the Difficulty of FSM-based Hardware Obfuscation | CHES 2018 | Amsterdam | September 10, 2018

slide-24
SLIDE 24

Agenda

1 Automated FSM Reverse Engineering 2 Case Study: Deobfuscation of Dynamic State Deflection 3 Hardware Nanomites 4 Conclusion

9/19 On the Difficulty of FSM-based Hardware Obfuscation | CHES 2018 | Amsterdam | September 10, 2018

slide-25
SLIDE 25

Reminder: Dynamic State Deflection

  • Obfuscation FSM and blackhole

FSM are added to original FSM

  • Enabling key only known to honest

parties

  • Case Study: AES + DSD
  • 12-bit enabling key
  • 14 obfuscation states
  • 5 blackhole states per original one

10/19 On the Difficulty of FSM-based Hardware Obfuscation | CHES 2018 | Amsterdam | September 10, 2018

slide-26
SLIDE 26

Case Study: AES + DSD (Topological Analysis)

  • Candidate: 8 FFs, 21 inputs, influence/dependence 0.625

_______________________________________________________________________ [+] FF1 influences and depends

  • n: FF1 , FF2 , FF3 , FF4 , FF5 , FF6

[+] FF2 influences and depends

  • n: FF1 , FF2 , FF3 , FF4 , FF5 , FF6

[+] FF3 influences and depends

  • n: FF1 , FF2 , FF3 , FF4 , FF5 , FF6

[+] FF4 influences and depends

  • n: FF1 , FF2 , FF3 , FF4 , FF5 , FF6

[+] FF5 influences and depends

  • n: FF1 , FF2 , FF3 , FF4 , FF5 , FF6

[+] FF6 influences and depends

  • n: FF1 , FF2 , FF3 , FF4 , FF5 , FF6

[+] FF7 influences and depends

  • n: FF7 , FF8

[+] FF8 influences and depends

  • n: FF7 , FF8

_______________________________________________________________________

11/19 On the Difficulty of FSM-based Hardware Obfuscation | CHES 2018 | Amsterdam | September 10, 2018

slide-27
SLIDE 27

Case Study: AES + DSD (Topological Analysis)

  • Candidate: 8 FFs, 21 inputs, influence/dependence 0.625

_______________________________________________________________________ [+] FF1 influences and depends

  • n: FF1 , FF2 , FF3 , FF4 , FF5 , FF6

[+] FF2 influences and depends

  • n: FF1 , FF2 , FF3 , FF4 , FF5 , FF6

[+] FF3 influences and depends

  • n: FF1 , FF2 , FF3 , FF4 , FF5 , FF6

[+] FF4 influences and depends

  • n: FF1 , FF2 , FF3 , FF4 , FF5 , FF6

[+] FF5 influences and depends

  • n: FF1 , FF2 , FF3 , FF4 , FF5 , FF6

[+] FF6 influences and depends

  • n: FF1 , FF2 , FF3 , FF4 , FF5 , FF6

[+] FF7 influences and depends

  • n: FF7 , FF8

[+] FF8 influences and depends

  • n: FF7 , FF8

_______________________________________________________________________

11/19 On the Difficulty of FSM-based Hardware Obfuscation | CHES 2018 | Amsterdam | September 10, 2018

slide-28
SLIDE 28

Case Study: AES + DSD (Boolean Function Analysis)

  • Obfuscation FSM
  • Original AES FSM
  • Blackhole FSM

Computational Complexity: 222 steps (6 FFs and 16 inputs) ∼ 5 min

12/19 On the Difficulty of FSM-based Hardware Obfuscation | CHES 2018 | Amsterdam | September 10, 2018

slide-29
SLIDE 29

Summary of Results

  • HARPOON
  • Disclosure of enabling key
  • Initial state patching
  • Watermark manipulation
  • Dynamic State Deflection
  • Disclosure of enabling key
  • State transition function patching
  • Active Hardware Metering
  • Initial state patching
  • Enabling key disclosure
  • Interlocking Obfuscation
  • Initial state patching
  • Design tampering

13/19 On the Difficulty of FSM-based Hardware Obfuscation | CHES 2018 | Amsterdam | September 10, 2018

slide-30
SLIDE 30

Lessons Learned

  • Topological analysis yields FSM gates
  • Separation of obfuscation vs original parts
  • Complexity of Boolean function analysis

14/19 On the Difficulty of FSM-based Hardware Obfuscation | CHES 2018 | Amsterdam | September 10, 2018

slide-31
SLIDE 31

Agenda

1 Automated FSM Reverse Engineering 2 Case Study: Deobfuscation of Dynamic State Deflection 3 Hardware Nanomites 4 Conclusion

15/19 On the Difficulty of FSM-based Hardware Obfuscation | CHES 2018 | Amsterdam | September 10, 2018

slide-32
SLIDE 32

Hardware Nanomites - FSM Obfuscation for FPGAs

  • Idea: prevent (static) topological analysis via reconfiguration

16/19 On the Difficulty of FSM-based Hardware Obfuscation | CHES 2018 | Amsterdam | September 10, 2018

slide-33
SLIDE 33

Hardware Nanomites - FSM Obfuscation for FPGAs

  • Idea: prevent (static) topological analysis via reconfiguration
  • Partial reconfiguration yields: self-modifying hardware and anti-simulation

16/19 On the Difficulty of FSM-based Hardware Obfuscation | CHES 2018 | Amsterdam | September 10, 2018

slide-34
SLIDE 34

Hardware Nanomites - FSM Obfuscation for FPGAs

  • Static Design

Component #LUTs (Logic) #FFs #LUTs (Memory) Microblaze 1553 (0.64 %) 1401 (0.29 %) 198 (0.18 %) DDR Controller 15151 (6.25 %) 17520 (3.61 %) 1379 (1.22 %) HWICAP 312 (0.13 %) 959 (0.20 %) 1 (≥ 0.01 %) AXI SmartConnect 5827 (2.40 %) 8977 (1.85 %) 2017 (1.79 %)

  • Misc. Parts (UART, . . . )

1335 (0.55 %) 1752 (0.36 %) 94 (0.08 %) Complete Static Design 24178 (9.97 %) 30609 (6.31 %) 3689 (3.27 %)

  • Dynamic Physical Block

#LUTs (Logic) #FFs #LUTs (Memory) Partial Bitstream Size 160 (0.07 %) 320 (0.07 %) 80 (0.07 %) 352 kByte

17/19 On the Difficulty of FSM-based Hardware Obfuscation | CHES 2018 | Amsterdam | September 10, 2018

slide-35
SLIDE 35

Conclusion

  • We demonstrated several generic, semi-automated strategies on state-of-the-art FSM
  • bfuscation schemes to bypass their protection
  • We proposed a novel FSM obfuscation primitive for FPGAs

18/19 On the Difficulty of FSM-based Hardware Obfuscation | CHES 2018 | Amsterdam | September 10, 2018

slide-36
SLIDE 36

Thanks for your attention! Any questions?

19/19 On the Difficulty of FSM-based Hardware Obfuscation | CHES 2018 | Amsterdam | September 10, 2018