Hardware Trojans in Wireless Cryptographic Integrated Circuits

Опубликовано 17 августа 2016, 22:04

I will be discussing our research activities in the area of hardware Trojans in wireless cryptographic integrated circuits. In this class of circuits, the likely objective of hardware Trojans is to leak secret data (i.e. the encryption key) through the wireless channel. Using a simple mixed-signal system-on-chip designed for this study and consisting of a DES encryption core and a UWB transmitter, I will demonstrate three key findings: i) Simple malicious modifications to the digital part of a wireless cryptographic chip suffice to leak information, without altering the far more sensitive analog part. I will demonstrate two hardware Trojan examples, which leak the encryption key by manipulating the transmission amplitude or frequency. ii) Such hardware Trojans do not change the functionality of the digital part or the performances of the analog part and their impact on the wireless transmission parameters can be hidden within the fabrication process variations. Hence, neither traditional manufacturing testing nor recently proposed hardware Trojan detection methods will expose them. iii) For the attacker to be able to discern the leaked information from the legitimate signal, effective hardware Trojans have to impose some structure to the transmission parameters. While this structure is not known to the defender, statistical analysis of these parameters (i.e. transmission power) could reveal its existence and, thereby, expose the hardware Trojan. Time permitting I will also discuss the effectiveness of similar statistical methods using power and delay measurements in detecting hardware Trojans in traditional digital logic.