Overview on Hardware Security Electronic Design Contest 2017
- Slides: 36
Overview on Hardware Security Electronic Design Contest - 2017
Outline Overview of modern cryptography Modern hardware design practices Example of Hardware Attacks Introduction to Side Channel Analysis Differential fault analysis of ciphers Cache attacks on ciphers Power analysis of cipher implementations Testability of cryptographic hardware Overview of Hardware Trojans
3 Hardware Security Definition: implement security protection mechanisms in hardware E. g. , design trusted hardware, as opposed to (in addition to) trusted software CS 660 - Advanced Information Assurance - UMass. Amherst
4 Trusted or Trustworthy A component of a system is trusted means that the security of the system depends on it failure of component can break the security policy determined by its role in the system A component is trustworthy means that the component deserves to be trusted e. g. , it is implemented correctly determined by intrinsic properties of the component Trusted or trustworthy computation? CS 660 - Advanced Information Assurance - UMass. Amherst
5 Why Hardware Security Software security: software protect software! Vulnerable to attacks Is the antivirus/hardware untouched? Easy infiltration Fast spread Hardware security: hardware protect software Attacks need physical access Software infiltration much more difficult CS 660 - Advanced Information Assurance - UMass. Amherst
Overview of Modern Cryptography
Introduction Cryptography: protect information from illegal access. In the last three decades, cryptography has grown beyond designing ciphers to encompass also other activities like design of signature schemes for signing digital contracts. The design of cryptographic protocols for securely proving one’s identity has been an important aspect of cryptography of the modern age. Yet the construction of encryption schemes remains, and is likely to remain, a central enterprise of cryptography
Cryptography: Some Technical Details The aim of the cryptographer is to find methods to secure and authenticate messages. Secret key cryptosystem model
Cryptography: Some Technical Details Example of Cryptographic Algorithm: Block Ciphers (Example: AES) RSA Elliptic Curve Cryptosystems BC 3
Modern Hardware Design Practices
Introduction Design of cryptographic algorithms in dedicated hardware provides significant opportunities for speed up due to their parallelism. Field Programmable Gate Arrays (FPGAs) are reconfigurable platforms to build hardware. Advantage: Hardware: in extracting parallelism, and achieving better performance Software: in terms of programmability.
FPGA Architecture FPGAs are reconfigurable devices offering parallelism and flexibility, on one hand, while being low cost and easy to use on the other. Moreover, they have much shorter design cycle times compared to ASICs. The reconfigurability aspect of FPGAs also makes them suited for cryptographic applications. FPGAs do not require sophisticated equipment for production, they can be programmed in house. This is a distinct advantage for cryptography as no third party is involved, thus increasing trust in the hardware circuit
FPGA Architecture FPGA island-style architecture FPGA Logic Block
FPGA Architecture The FPGA design flow
Mapping an Algorithm to Hardware Important Components of an Architecture
Enhancing the Performance of a Hardware Design Performance of a hardware design is often stated through: Critical path, by limiting the clock frequency. Resource consumed (customize the design for the target architecture to ensure that the resource used is minimized)
Example of Hardware Attacks • Side Channel Analysis • Differential fault analysis of ciphers • Cache attacks on chippers • Power analysis of chipper implementations
Side Channel Analysis Examples of such side channels are timing, power, electromagnetic radiations, visual, acoustics, cache, testability features of hardware devices and there may be many more. A very closely related class of attacks is called as fault attacks, where the device under the induction of faults, perform wrong computations. The adversary uses the correct ciphertexts and the faulty ciphertexts and obtains the keys.
Side Channel Analysis Side Channel Attacks
Side Channel Analysis Examples of such side channels are timing, power, electromagnetic radiations, visual, acoustics, cache, testability features of hardware devices and there may be many more. A very closely related class of attacks is called as fault attacks, where the device under the induction of faults, perform wrong computations. The adversary uses the correct ciphertexts and the faulty ciphertexts and obtains the keys.
Side Channel Analysis There are several forms of popular side channels attacks on hardware and embedded systems are: Timing Attacks Power Attacks Fault Attacks Design for Testability attacks Cache Attacks
Differential Fault Analysis of Cipher The first fault attack was applied to the RSA cryptosytem. Biham and Shamir proposed a new fault based attacking technique which is wildly known as Differential Fault Analysis (DFA) DFA attack is a very powerful attack model which can threaten a large class of ciphers. As the faults are induced during the encryption process, the fault propagation patterns give some relations between the input and output difference if certain Sboxes.
Differential Fault Analysis of Cipher Three steps of DFA.
Differential Fault Analysis of Cipher The faults can be of varying nature but can be categorized as follows: Bit model Single byte Multiple byte
Cache attacks on chippers Memory Hierarchy Structure
Cache attacks on chippers Example of cache attacks: 1. Trace-driven cache attacks 1. Trace-driven attacks on AES 2. Trace-driven attacks based on included cache miss 2. Access-driven cache attacks 1. Access-driven attacks on Block chipper 2. Asynchronous access-driven attacks
Power analysis of chipper implementations A successful power attack on a cryptographic device requires proper understanding of the power characteristic of the device. However, the central requirement of a power attack is the capability to obtain an accurate power trace.
Power analysis of chipper implementations (a) Laboratory Setup for Power Analysis (b) Components of a Power Attack Setup
Testability of Cryptographic Hardware
Introduction Scan chains are the most popular testing technique due to their high fault coverage and least hardware overhead. Scan chains are used to access intermediate values stored in the flip-flops, thereby, ascertaining the secret information, often known as key. These attack techniques exploit the fact that most of modern day ICs are designed for testability.
Introduction Example of Scan Attacks Scan Chain Based Attacks on Cryptographic Implementations Scan Chain Based Attack on Stream Ciphers
Overview on Hardware Trojan
Introduction Hardware Trojan attacks relate to malicious modifications of an IC during design or fabrication in an untrusted design house or foundry, which involve untrusted people, design tools, or components. This modifications can give rise to undesired functional behavior of an IC, or provide convert channels or backdoor through which sensitive information can be leaked. General structure of a hardware Trojan in design
Introduction Hardware Trojan attacks by different parties at different stages of IC life cycle
Trojan Taxonomy Trojan taxonomy based on trigger and payload mechanisms
Thank you
- Electronic mail security in network security
- Private secruity
- Counterfeit electronic components an overview
- External computer hardware
- An electronic is the electronic exchange of money or scrip
- Electronic news gathering and electronic field production
- Asvs assessment
- Android security overview
- Cyber security ppt 2017
- Sonitrol verified electronic security
- Secure electronic payment
- Electronic mail security
- Electronic mail security
- E commerce security policy
- System design
- System design overview
- Hardware acquisition in system analysis and design
- Bozkr
- Hardware interface design
- Hardware design examples
- Osi security architecture model
- Guide to network security
- Wireless security in cryptography and network security
- Visa international security model in information security
- Nstissc security model
- Seven touchpoints for software security
- Security guide to network security fundamentals
- Security guide to network security fundamentals
- Electronic design automation course
- System-level design
- Electronic system level design
- Howard county young authors contest
- Yankee clipper contest club
- Tlups
- 2018 virginia tech high school programming contest
- Virginia tech high school programming contest
- Teknis lomba spelling bee