Worcester Polytechnic Institute

Sub-Transistor Level Hardware Trojans

On Wednesday, April 16 at 11 am in AK 219:

Sub-Transistor Level Hardware Trojans

Presenter: Christof Paar (Ruhr-Universität Bochum & UMASS Amherst)

Abstract:
Countless systems ranging from consumer electronics to military equipment are dependent on integrated circuits (ICs). A surprisingly large number of such systems are already security critical, e.g., medical devices, automotive electronics, or SCASA systems. If the underlying ICs in such applications are maliciously manipulated through hardware Trojans, the security of the entire system can be compromised. In recent years, hardware Trojans have drawn the attention of governments and industry as well as the scientific community. Initially, the primary attacker model of concern had been that a malicious foundry could alter the design, i.e., introduce hardware Trojans that could interfere with the (security-sensitive) functionality of a chip. Many other attacker models exist too. For instance, the legitimate owner of an IC, e.g., a consumer electronic company abroad, might be in cohort with a foreign intelligence agency and could decide to alter its products in a way that compromises its security. Even though hardware Trojans have drawn considerable attention by the scientific community, little is known about how Trojans might look, especially those that are particularly designed to avoid detection.

In this talk we propose an extremely stealthy approach for realizing hardware Trojans below the gate level, and we evaluate their impact on the security of the target device. Instead of adding additional circuitry to the target design, we insert our hardware Trojans by changing the dopant polarity of existing transistors. Since the modified circuit appears legitimate on all wiring layers (including all metal and polysilicon), our family of Trojans is resistant to many detection techniques, including fine-grain optical inspection and checking against “golden chips”. We demonstrate the effectiveness of our approach by inserting Trojans into the digital post-processing used in Intel’s cryptographically secure random number generator used in the Ivy Bridge processors.

Bio:
Christof Paar started his career at WPI, where he taught from 1995 to 2001. Since then he has the Chair for Embedded Security at the University of Bochum, Germany, and is affilated professor at the University of Massachusetts Amherst. He co-founded, with Cetin Koc, the CHES (Cryptographic Hardware and Embedded Systems) conference. Christof’s research interests include highly efficient software and hardware realizations of cryptography, physical security, penetration of real-world systems, trusted systems and cryptanalytical hardware. He also works on real-world applications of embedded security, e.g., in cars, consumer devices, smart cards and RFID.

Christof has over 150 peer-reviewed publications and is co-author of the textbook Understanding Cryptography (Springer, 2009). He has given invited talks at MIT, Yale, Stanford University, IBM Labs and Intel. He has taught cryptography extensively in industry, including courses at General Dynamics, NASA, Motorola Research, and Philips Research. Christof is Fellow of the IEEE. He co-founded ESCRYPT Inc. – Embedded Security, a leading system provider in industrial security which was acquired by Bosch.

Applied Cryptology Seminar
The seminar features presentations of hot topics within the
interdisciplinary field of cyber-security.

All are welcome!

For current information on the seminar, please visit:
http://v.wpi.edu/seminars/