Séminaire sécurité des systèmes électroniques embarqués

Accueil     Présentation     Archives

Georg Becker

Stealthy Dopant-Level Hardware Trojans

In recent years, hardware Trojans have drawn the attention of governments and the scientific community. Initially, the primary attacker model of concern had been a malicious foundry that could alter the design, i.e., introduce hardware Trojans which could interfere with the (security or safety sensitive) functionality of a chip. Even though hardware Trojans have drawn considerable attention by the scientific community, little is known about how they might look, especially those that are particularly designed to avoid detection.

In this talk we present an extremely stealthy approach to insert hardware Trojans during manufacturing that was introduced at CHES 2013. The key idea of the Trojans is not to add any additional transistors to the design but instead only modify a few gates at the dopant level. These small changes are very difficult to detect using optical inspection. How useful such Trojans can be from an attackers perspective is shown at the hand of two case studies, a side-channel resistant SBox and the digital post-processing of a true random number generator. At CHES 2014 Sugawara et.al. presented results on optical reverse-engineering of these Trojans. The implication of these results on the dopant level hardware Trojans will be discussed, as well as some open question in the area of hardware Trojan.

This is joint work with Francesco Regazzoni, Christof Paar and Wayne Burleson.