Interdiction in practice—Hardware Trojan against a high-security USB flash drive

Swierczynski, Pawel; Fyrbiak, Marc; Koppe, Philipp; Moradi, Amir; Paar, Christof

doi:10.1007/s13389-016-0132-7

Cited by 32 publications

(24 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The notion of Trojans is wide-ranging and requires multiple dimensions for classification [65]-it relates to malicious hardware modifications that are (i) working at the system level, register-transfer level (RTL), gate/transistor level, or the physical level; (ii) seeking to leak information from an IC, reduce the IC's performance, or disrupt an IC's working altogether; (iii) are always on, triggered internally, or triggered externally; etc. Trojans are likely introduced by untrustworthy third-party IP, adversarial designers, or through "hacking" of design tools [66], or, arguably even more likely, during distribution and deployment of ICs [67]. 2 Defense schemes can be classified into (i) Trojan detection during design and manufacturing time and (ii) Trojan mitigation at runtime.…”

Section: Trojanmentioning

confidence: 99%

Hardware Security For and Beyond CMOS Technology

Knechtel¹

2020

Proceedings of the 2020 International Symposium on Physical Design

View full text Add to dashboard Cite

As with most aspects of electronic systems and integrated circuits, hardware security has traditionally evolved around the dominant CMOS technology. However, with the rise of various emerging technologies, whose main purpose is to overcome the fundamental limitations for scaling and power consumption of CMOS technology, unique opportunities arise also to advance the notion of hardware security. In this paper, I first provide an overview on hardware security in general. Next, I review selected emerging technologies, namely (i) spintronics, (ii) memristors, (iii) carbon nanotubes and related transistors, (iv) nanowires and related transistors, and (v) 3D and 2.5D integration. I then discuss their application to advance hardware security and also outline related challenges. CCS CONCEPTS• Security and privacy → Security in hardware; • Hardware → Emerging technologies.

show abstract

Section: Trojanmentioning

confidence: 99%

Hardware Security For and Beyond CMOS Technology

Knechtel¹

2020

Proceedings of the 2020 International Symposium on Physical Design

View full text Add to dashboard Cite

show abstract

“…To accomplish this goal, the adversary targets to attach a payload circuit to the existing set-key circuit to permanently write the known key bits of k st into the FFs that process k. Thus, the external self-test falsely confirms the integrity of the FPGA AES IP core. To sum up, the described Trojan can trick an external self-test in cases where the self-test key is known like in [21].…”

Section: Adversary's Goal and Trojan Ideamentioning

confidence: 99%

“…Knowing the entire bitstream file format, the security of cryptographic hardware configuration can be appropriately analyzed. Thus quick-and-easy malicious bitstream manipulation attacks [1,4,[20][21][22], leading to a potential security breach, can be pentested beforehand and accordingly addressed by a security analyst. Defending of FPGA designs is even more crucial since most FPGA bitstream encryption schemes of older FPGA generations are vulnerable to side-channel attacks [10][11][12][13]23] or do not offer any bitstream encryption/authentication at all.…”

Section: Introductionmentioning

confidence: 99%

Insights into the mind of a trojan designer

Ender

Swierczynski

Wallat³

et al. 2019

Proceedings of the 24th Asia and South Pacific Design Automation Conference

Self Cite

View full text Add to dashboard Cite

The threat of inserting hardware Trojans during the design, production, or in-field poses a danger for integrated circuits in real-world applications. A particular critical case of hardware Trojans is the malicious manipulation of third-party FPGA configurations. In addition to attack vectors during the design process, FPGAs can be infiltrated in a non-invasive manner after shipment through alterations of the bitstream. First, we present an improved methodology for bitstream file format reversing. Second, we introduce a novel idea for Trojan insertion. CCS CONCEPTS • Security and privacy → Hardware reverse engineering; Malicious design modifications; Embedded systems security;

show abstract

“…Hence, a reverse engineer can either access the non-volatile memory and dump its content, or wire-tap the communication between FPGA and non-volatile memory upon boot-up, cf. [18] Bitstream Decryption. In order to provide confidentiality of the bitstream, FPGA manufacturers deployed a bitstream encryption scheme for various device series using strong cryptographic primitives.…”

Section: Fpga Bitstream Reverse Engineeringmentioning

confidence: 99%

Hardware reverse engineering: Overview and open challenges

Fyrbiak

Strauß

Kison

et al. 2017

2017 IEEE 2nd International Verification and Security Workshop (IVSW)

Self Cite

View full text Add to dashboard Cite

Hardware reverse engineering is a universal tool for both legitimate and illegitimate purposes. On the one hand, it supports confirmation of IP infringement and detection of circuit malicious manipulations, on the other hand it provides adversaries with crucial information to plagiarize designs, infringe on IP, or implant hardware Trojans into a target circuit. Although reverse engineering is commonplace in practice, the quantification of its complexity is an unsolved problem to date since both technical and human factors have to be accounted for. A sophisticated understanding of this complexity is crucial in order to provide a reasonable threat estimation and to develop sound countermeasures, i.e. obfuscation transformations of the target circuit, to mitigate risks for the modern IC landscape.The contribution of our work is threefold: first, we systematically study the current research branches related to hardware reverse engineering ranging from decapsulation to gate-level netlist analysis. Based on our overview, we formulate several open research questions to scientifically quantify reverse engineering, including technical and human factors. Second, we survey research on problem solving and on the acquisition of expertise and discuss its potential to quantify human factors in reverse engineering. Third, we propose novel directions for future interdisciplinary research encompassing both technical and psychological perspectives that hold the promise to holistically capture the complexity of hardware reverse engineering.

show abstract

Interdiction in practice—Hardware Trojan against a high-security USB flash drive

Cited by 32 publications

References 14 publications

Hardware Security For and Beyond CMOS Technology

Hardware Security For and Beyond CMOS Technology

Insights into the mind of a trojan designer

Hardware reverse engineering: Overview and open challenges

Contact Info

Product

Resources

About