Combating Data Leakage Trojans in Commercial and ASIC Applications with Time Division Multiplexing and Random Encoding
Abstract : Globalization of microchip fabrication opens the possibility for an attacker to insert hardware Trojans into a chip during the manufacturing process. While most defensive methods focus on detection or prevention, a recent method, called Randomized Encoding of Combinational Logic for Resistance to Data Leakage (RECORD), uses data randomization to prevent hardware Trojans from leaking meaningful information even when the entire design is known to the attacker. Both RECORD and its sequential variant require significant area and power overhead. In this paper, a Time-Division Multiplexed version of the RECORD design process is proposed which reduces area overhead by 63% and power by 56%. This time-division multiplexing (TDM) concept is further refined to allow commercial off the shelf (COTS) products and IP cores to be safely operated from a separate chip. These new methods tradeoff latency (5.3× for TDM and 3.9× for COTS) and energy use to accomplish area and power savings and achieve greater security than the original RECORD process.
? A method has been proposed to reduce zeros passing problem in this existing cyclic redundancy check and introduce a shifting and XORed based technique with polynomial security codes.
? The design is generic, allowing it to be used quickly and easily on any existing combinational design.
? A technique, called RECORD (Randomized Encoding of COmbinational Logic for Resistance to Data leakage) is proposed which uses Quilt Packaging and data randomization to prevent attackers from interpreting data even when data leakage exists.
? The opportunity exists for malicious parties, or attackers, to re-engineer the original design and to insert malicious hardware known as hardware Trojans.
? This problem extends beyond custom application specified integrated circuit (ASIC) designs and the firms creating them.
? The potential security issue by randomly assembling the outsourced lower tier with differently wired upper tiers, in which the register block is located thus preventing the attacker from knowing the identity of F1–4 or the select signal.
? The TDM and COTS RECORD processes were both implemented in VHDL to confirm functionality and evaluate impacts to area, power, and performance.
? The pipelining go back algorithm is proposed to solve the padding zeros problem, which will introduce an O (log2 n) resource utilization.
• The proposed cyclic redundancy implementation has been proven to be of higher resource utilization in multiple data widths of 8-Bit, 16-Bit, 32-Bit, 64- Bit and 128-Bit.
• In this paper, a Time-Division Multiplexed version of the RECORD design process is proposed which reduces area overhead by 63% and power by 56%.
• The slicing-by-4 and slicing-by8 algorithms are proposed for parallel processing and are suitable for CPUs but not optimal for FPGAs.
• The CRC decoder and encoder for error detection have been tested for different data inputs either for simulation purposes.
? The cost of TDM record, as stated previously, is in performance or latency.
? Split manufacturing provides no protection from reverse engineering once a completed chip is available making it vulnerable when multiple fabrication runs are used.
? The sequential RECORD design process is a modification of RECORD which allows it to be used successfully on sequential designs.
? The two random bits are used as select signals to demultiplex the four values of f and select the correct output.
? The upper tiers can be used for any lower tier design allowing bulk manufacturing of the upper tier for cost savings.
|