Securing Computer Hardware Using 3D Integrated Circuit (IC) - - PowerPoint PPT Presentation

securing computer hardware using 3d integrated circuit ic
SMART_READER_LITE
LIVE PREVIEW

Securing Computer Hardware Using 3D Integrated Circuit (IC) - - PowerPoint PPT Presentation

Nov 28, 2023 104 likes •547 views

Introduction Attack Model k -Security Layout Randomization Summary Securing Computer Hardware Using 3D Integrated Circuit (IC) Technology and Split Manufacturing for Obfuscation Frank Imeson ECE, University of Waterloo USENIX Security 13

slide-1
SLIDE 1

Introduction Attack Model k-Security Layout Randomization Summary

Securing Computer Hardware Using 3D Integrated Circuit (IC) Technology and Split Manufacturing for Obfuscation

Frank Imeson

USENIX Security 13

ECE, University of Waterloo

Collaborators: Ariq Emtenan, Siddharth Garg, and Mahesh V. Tripunitara (Waterloo). Frank Imeson, Waterloo ECE 3D Hardware Security 1/26

slide-2
SLIDE 2

Introduction Attack Model k-Security Layout Randomization Summary

Computer Hardware

– Computer Hardware = Digital IC – Physical realization of digital logic – Complex and ubiquitous

Credit: http://www.newsplink.com/2009/05/20/the-silicon-valley-trail/ Frank Imeson, Waterloo ECE 3D Hardware Security 2/26

slide-3
SLIDE 3

Introduction Attack Model k-Security Layout Randomization Summary

Manufacturing Process

case(display_state) UPDATE : begin seg00_reg <= seg00; seg01_reg <= seg01; // update leds if (count00[0]) begin state <= UPDATE; end default : begin

  • ns00 <= 0;

count00 <= 0; display_state <= UPDATE; end endcase

HDL Netlist IC

Credit: www.theverge.com/2011/11/16/2565638/mit-neural-connectivity-silicon-synapse Frank Imeson, Waterloo ECE 3D Hardware Security 3/26

slide-4
SLIDE 4

Introduction Attack Model k-Security Layout Randomization Summary

Threat Model

Netlist ICs External Foundry

News story, May 2012: “Security backdoor found in US military chip made in [foreign country].”

Frank Imeson, Waterloo ECE 3D Hardware Security 4/26

slide-5
SLIDE 5

Introduction Attack Model k-Security Layout Randomization Summary

Attack Types

Examples: Privilege escalation [King et al., LEET’08] Leaking private information [Skorobogatov et al., CHES 2012]

Credit: King et al., LEET’08 Frank Imeson, Waterloo ECE 3D Hardware Security 5/26

slide-6
SLIDE 6

Introduction Attack Model k-Security Layout Randomization Summary

Premise

Successful Attack ⇓ Uniquely identify at least one gate

Credit: Cynthia Sturton, Matthew Hicks, David Wagner, and Samuel T. King. ”Defeating UCI: Building stealthy and malicious hardware.” In Security and Privacy (SP), 2011 IEEE Symposium on, pp. 64-77. IEEE, 2011. Frank Imeson, Waterloo ECE 3D Hardware Security 6/26

slide-7
SLIDE 7

Introduction Attack Model k-Security Layout Randomization Summary

Premise

Successful Attack ⇓ Uniquely identify at least one gate

Credit: Cynthia Sturton, Matthew Hicks, David Wagner, and Samuel T. King. ”Defeating UCI: Building stealthy and malicious hardware.” In Security and Privacy (SP), 2011 IEEE Symposium on, pp. 64-77. IEEE, 2011. Frank Imeson, Waterloo ECE 3D Hardware Security 6/26

slide-8
SLIDE 8

Introduction Attack Model k-Security Layout Randomization Summary

Example A B CIN S COUT 1 2 3 4 5 T M Full Adder Netlist Malicious Gate

Frank Imeson, Waterloo ECE 3D Hardware Security 7/26

slide-9
SLIDE 9

Introduction Attack Model k-Security Layout Randomization Summary

Example A B CIN S COUT 1 2 3 4 5 T M Full Adder Netlist

Frank Imeson, Waterloo ECE 3D Hardware Security 7/26

slide-10
SLIDE 10

Introduction Attack Model k-Security Layout Randomization Summary

Example A B CIN S COUT 1 2 3 4 5 T

1 1 1

M Full Adder Netlist

Frank Imeson, Waterloo ECE 3D Hardware Security 7/26

slide-11
SLIDE 11

Introduction Attack Model k-Security Layout Randomization Summary

Our Solution – Circuit Obfuscation

A B CIN S C OUT 1 2 3 4 5 Full Adder Netlist Obfuscated Netlist X V U W Y

Frank Imeson, Waterloo ECE 3D Hardware Security 8/26

slide-12
SLIDE 12

Introduction Attack Model k-Security Layout Randomization Summary

Our Solution – Circuit Obfuscation

A B CIN S C OUT 1 2 3 4 5 Full Adder Netlist Obfuscated Netlist X V U W Y

Frank Imeson, Waterloo ECE 3D Hardware Security 8/26

slide-13
SLIDE 13

Introduction Attack Model k-Security Layout Randomization Summary

3D IC Technology

Two or more tiers Tiers are connected via bond points Wire only tiers are relatively inexpensive

Substrate Unhidden Wires Bond Points Hidden Wires Transistors/Gates IO Pins Bottom Tier (Obfuscated) Top Tier (Hidden) Frank Imeson, Waterloo ECE 3D Hardware Security 9/26

slide-14
SLIDE 14

Introduction Attack Model k-Security Layout Randomization Summary

3D Xilinx FPGA

6.8 billion transistors 1,954,560 logic cells 21.55 Mbits of SRAM 46,512 Kbits of RAM 1200 user I/O 2.5D

Credit: http://www.electroiq.com/articles/ap/2011/10/xilinx-fpga-boasts-6-8b-transistors.html Frank Imeson, Waterloo ECE 3D Hardware Security 10/26

slide-15
SLIDE 15

Introduction Attack Model k-Security Layout Randomization Summary

Circuit Obfuscation with 3D Technology

Outsourced In House

Fabrication Fabrication

1 3 2 4 5

Hidden Circuit Obfuscated Circuit Stacking A B CIN S C OUT 1 2 3 4 5

1 2 3 4 5 U V X W Y

Hide Wires Place and Route

Frank Imeson, Waterloo ECE 3D Hardware Security 11/26

slide-16
SLIDE 16

Introduction Attack Model k-Security Layout Randomization Summary

Circuit Obfuscation with 3D Technology

Outsourced In House

Fabrication Fabrication

1 3 2 4 5

Hidden Circuit Obfuscated Circuit Stacking A B CIN S C OUT 1 2 3 4 5

1 2 3 4 5 U V X W Y

Hide Wires Place and Route

Frank Imeson, Waterloo ECE 3D Hardware Security 11/26

slide-17
SLIDE 17

Introduction Attack Model k-Security Layout Randomization Summary

Circuit Obfuscation with 3D Technology

Outsourced In House

Fabrication Fabrication

1 3 2 4 5

Hidden Circuit Obfuscated Circuit Stacking A B CIN S C OUT 1 2 3 4 5

1 2 3 4 5 U V X W Y

Hide Wires Place and Route

Frank Imeson, Waterloo ECE 3D Hardware Security 11/26

slide-18
SLIDE 18

Introduction Attack Model k-Security Layout Randomization Summary

Attack Model Summary

A B CIN S C OUT 1 2 3 4 5 Original Netlist Obfuscated Circuit V X U W Y 2 4 5 3 1

G

W V Y X U

H

Frank Imeson, Waterloo ECE 3D Hardware Security 12/26

slide-19
SLIDE 19

Introduction Attack Model k-Security Layout Randomization Summary

Attack Model Summary

A B CIN S C OUT 1 2 3 4 5 Original Netlist Obfuscated Circuit V X U W Y 2 4 5 3 1

G

W V Y X U

H

Frank Imeson, Waterloo ECE 3D Hardware Security 12/26

slide-20
SLIDE 20

Introduction Attack Model k-Security Layout Randomization Summary

What an Attacker Needs to Do

Input graphs G and H

2 4 5 3 1

G

W V Y X U

H

Frank Imeson, Waterloo ECE 3D Hardware Security 13/26

slide-21
SLIDE 21

Introduction Attack Model k-Security Layout Randomization Summary

What an Attacker Needs to Do

Input graphs G and H Find subgraph isomorphisms

2 4 5 3 1

G

W V Y X U

H

Frank Imeson, Waterloo ECE 3D Hardware Security 13/26

slide-22
SLIDE 22

Introduction Attack Model k-Security Layout Randomization Summary

What an Attacker Needs to Do

Input graphs G and H Find subgraph isomorphisms

4 2 5 3 1

M1

4 2 5 1 3

M2

2 4 5 1 3

M3

2 4 5 3 1

G

W V Y X U

H

2 4 5 3 1

M4

Frank Imeson, Waterloo ECE 3D Hardware Security 13/26

slide-23
SLIDE 23

Introduction Attack Model k-Security Layout Randomization Summary

k-Security

S(w) = 2

W V Y X U

H

2 4 5 3 1

G

A vertex v ∈ H is k-secure if there exist at least k subgraph isomorphisms each of which maps v to a distinct vertex in G. An obfuscated graph (circuit) H is k-secure if every vertex (gate) in H is k-secure.

Frank Imeson, Waterloo ECE 3D Hardware Security 14/26

slide-24
SLIDE 24

Introduction Attack Model k-Security Layout Randomization Summary

k-Security

S(w) = 2 S(v),S(u),S(x) = 2

W V Y X U

H

2 4 5 3 1

G

A vertex v ∈ H is k-secure if there exist at least k subgraph isomorphisms each of which maps v to a distinct vertex in G. An obfuscated graph (circuit) H is k-secure if every vertex (gate) in H is k-secure.

Frank Imeson, Waterloo ECE 3D Hardware Security 14/26

slide-25
SLIDE 25

Introduction Attack Model k-Security Layout Randomization Summary

k-Security

S(w) = 2 S(v),S(u),S(x) = 2 S(y) = 1

W V Y X U

H

2 4 5 3 1

G

A vertex v ∈ H is k-secure if there exist at least k subgraph isomorphisms each of which maps v to a distinct vertex in G. An obfuscated graph (circuit) H is k-secure if every vertex (gate) in H is k-secure.

Frank Imeson, Waterloo ECE 3D Hardware Security 14/26

slide-26
SLIDE 26

Introduction Attack Model k-Security Layout Randomization Summary

k-Security

S(w) = 2 S(v),S(u),S(x) = 2 S(y) = 1 S(H) = 1

W V Y X U

H

2 4 5 3 1

G

A vertex v ∈ H is k-secure if there exist at least k subgraph isomorphisms each of which maps v to a distinct vertex in G. An obfuscated graph (circuit) H is k-secure if every vertex (gate) in H is k-secure.

Frank Imeson, Waterloo ECE 3D Hardware Security 14/26

slide-27
SLIDE 27

Introduction Attack Model k-Security Layout Randomization Summary

Computational Complexity

G, H is k-secure ∈ NP-complete. We investigated two approaches: Reduction to Subgraph Isomorphism and use of VF2 solver Reduction to SAT and use of MiniSAT solver

1e-06 0.0001 0.01 1 100 200 400 600 800 1000 1200 1400

Number of Vertices Avg Time

vf2 sat Frank Imeson, Waterloo ECE 3D Hardware Security 15/26

slide-28
SLIDE 28

Introduction Attack Model k-Security Layout Randomization Summary

Cost vs. Security

Cost = Number of hidden edges Goal: Explore Cost vs. Security trade-off Greedy approach Start with no edges in H.

2 4 5 3 1 6

G

2 4 5 3 1 6

H

Frank Imeson, Waterloo ECE 3D Hardware Security 16/26

slide-29
SLIDE 29

Introduction Attack Model k-Security Layout Randomization Summary

Cost vs. Security

Cost = Number of hidden edges Goal: Explore Cost vs. Security trade-off Greedy approach Start with no edges in H. Greedily pick an edge to add to H that maximizes security.

2 4 5 3 1 6

G

2 4 5 3 1 6

H

Frank Imeson, Waterloo ECE 3D Hardware Security 16/26

slide-30
SLIDE 30

Introduction Attack Model k-Security Layout Randomization Summary

Cost vs. Security

Cost = Number of hidden edges Goal: Explore Cost vs. Security trade-off Greedy approach Start with no edges in H. Greedily pick an edge to add to H that maximizes security. Repeat.

2 4 5 3 1 6

G

2 4 5 3 1 6

H

Frank Imeson, Waterloo ECE 3D Hardware Security 16/26

slide-31
SLIDE 31

Introduction Attack Model k-Security Layout Randomization Summary

Security vs. Number of Removed Edges

5 10 15 20 25 30 35 40 45 50 40 50 60 70 80 90 100

Security % Hidden Wires (Cost)

greedy rand Figure: Experiments on the c432 circuit, which contains 303 edges. The c432 circuit is a 27-channel interrupt controller.

Frank Imeson, Waterloo ECE 3D Hardware Security 17/26

slide-32
SLIDE 32

Introduction Attack Model k-Security Layout Randomization Summary

Security vs. Number of Removed Edges

5 10 15 20 25 30 35 40 45 50 40 50 60 70 80 90 100

Security % Hidden Wires (Cost)

greedy rand Lower Cost Figure: Experiments on the c432 circuit, which contains 303 edges. The c432 circuit is a 27-channel interrupt controller.

Frank Imeson, Waterloo ECE 3D Hardware Security 17/26

slide-33
SLIDE 33

Introduction Attack Model k-Security Layout Randomization Summary

Layout Randomization

Placement of Wires

1 3 2 4 5

Netlist

Layout Routing

A B CIN S C OUT 1 2 3 4 5

Placement of Gates

Frank Imeson, Waterloo ECE 3D Hardware Security 18/26

slide-34
SLIDE 34

Introduction Attack Model k-Security Layout Randomization Summary

Layout Randomization

1 2 3 4 5 1 2 3 4 5

Hidden Wires Unhidden Wires

1 3 2 4 5

Hidden Netlist Obfuscated Netlist

Layout Routing

Frank Imeson, Waterloo ECE 3D Hardware Security 18/26

slide-35
SLIDE 35

Introduction Attack Model k-Security Layout Randomization Summary

Layout and Routing Results

(a) Unsecure Circuit (b) Obfuscated Tier (c) Hidden Tier

Figure: Layout of c432 without any security (left), and the obfuscated (middle) and hidden tiers of an 8-secure version of c432 circuit. Green and red lines correspond to metal wires.

Frank Imeson, Waterloo ECE 3D Hardware Security 19/26

slide-36
SLIDE 36

Introduction Attack Model k-Security Layout Randomization Summary

Wire Length Distribution

0.2 0.4 0.6 0.8 1 7.9 14.8 21.7 28.6 35.5 42.4 49.3 56.2 63.1 70.0

Ratio Distance (um)

Unsecure Obfuscated Hidden

Figure: Comparison of the wire length distribution for the unsecured,

  • bfuscated and hidden circuits. Also the hidden wire length distribution

passes the χ2 test when compared to a random distribution.

Frank Imeson, Waterloo ECE 3D Hardware Security 20/26

slide-37
SLIDE 37

Introduction Attack Model k-Security Layout Randomization Summary

Power and Delay Costs

1 1.2 1.4 1.6 1.8 2 2.2 5 10 15 20 25 30 35 40 45 50

Ratio Security Delay Power

Figure: Power and delay ratio calculated from base/unsecured circuit.

Frank Imeson, Waterloo ECE 3D Hardware Security 21/26

slide-38
SLIDE 38

Introduction Attack Model k-Security Layout Randomization Summary

Case Study: DES Circuit

Symmetric key-based encryption/ decryption algorithm. 35,000 gate implementation from OpenCores library. A fault in LSB of 14th round reveals secret key [3].

Plaintext Round 01 Round 14 IP FB Round 16 Ciphertext Round 15

Frank Imeson, Waterloo ECE 3D Hardware Security 22/26

slide-39
SLIDE 39

Introduction Attack Model k-Security Layout Randomization Summary

Case Study: DES Circuit

Symmetric key-based encryption/ decryption algorithm. 35,000 gate implementation from OpenCores library. A fault in LSB of 14th round reveals secret key [3]. 16-secure circuit is obtained by removing only 13% of wires. Further lifting can increase security.

Plaintext Round 01 Round 14 IP FB Round 16 Ciphertext Round 15

Frank Imeson, Waterloo ECE 3D Hardware Security 22/26

slide-40
SLIDE 40

Introduction Attack Model k-Security Layout Randomization Summary

Impact on Attack Footprint

Implemented a 64-secure DES circuit. 14th round LSB is actually 255-secure. 420x area overhead to attack a 255-secure gate.

Modified Target Target Trigger 8:256

t1 t255 t2

FSM Trigger Attacking a non-secure circuit

target1 t1

Attacking a k-secure circuit

target2 t2 target255 t255

Attacking all k possible targets Frank Imeson, Waterloo ECE 3D Hardware Security 23/26

slide-41
SLIDE 41

Introduction Attack Model k-Security Layout Randomization Summary

Raising the Bar on the Attacker

Attack 1 out of k gates

–or–

Attack all k gates

MIPS 00000-00-001 MIPS 00000-00-001

Frank Imeson, Waterloo ECE 3D Hardware Security 24/26

slide-42
SLIDE 42

Introduction Attack Model k-Security Layout Randomization Summary

Related Work and References

Alina Campan and Traian Truta. Data and structural k-anonymity in social networks. Privacy, Security, and Trust in KDD, pages 33–54, 2009. Alex Baumgarten, Michael Steffen, Matthew Clausman, and Joseph Zambreno. A case study in hardware trojan design and implementation. International Journal of Information Security, 10(1):1–14, 2011. Dan Boneh, Richard DeMillo, and Richard Lipton. On the importance of checking cryptographic protocols for faults. In Advances in CryptologyEUROCRYPT97, pages 37–51. Springer, 1997.

  • F. Brglez.

Neutral netlist of ten combinational benchmark circuits and a target translator in fortran. In Special session on ATPG and fault simulation, Proc. IEEE Int. Symp. Circuits and Systems, June 1985, pages 663–698, 1985.

  • Y. Jin, N. Kupp, and Y. Makris.

Experiences in hardware trojan design and implementation. In Hardware-Oriented Security and Trust, 2009. HOST’09. IEEE International Workshop on, pages 50–57. IEEE, 2009.

  • S. h and C. Woods.

Breakthrough silicon scanning discovers backdoor in military chip. Cryptographic Hardware and Embedded Systems–CHES 2012, pages 23–40, 2012. Frank Imeson, Waterloo ECE 3D Hardware Security 25/26

slide-43
SLIDE 43

Introduction Attack Model k-Security Layout Randomization Summary Frank Imeson, Waterloo ECE 3D Hardware Security 26/26