Momin, Charles
[UCL]
Bronchain, Olivier
[UCL]
Standaert, François-Xavier
[UCL]
Hardware Trojans are an important threat to the security of integrated circuits. They assume a malicious manufacturer able to infect implementations with hard-to-detect circuit modifications that can compromise their security. Hardware Trojans are sometimes classified as digital (if they are triggered and send their payload as regular outputs on a communication interface) or physical (if they are triggered and send their payload via a physical side-channel such as an EM signal). Typical examples of digital hardware Trojans are cheat codes, which are triggered under some rare input conditions, and time bombs, which are triggered when a counter internal to the implementation reaches some value. In this paper, we investigate a class of physical hardware Trojans that can trigger malicious circuitry thanks to a standard communication interface (as a digital hardware Trojan), by exploiting a timing side-channel. We denote these physical hardware Trojans as Time-Modulated, since they exploit the rhythm at which computations are performed, and provide two exemplary instances of such Trojans. The first one is clock-based: it exploits a recent idea of hardware Trojan using a side-channel by Ender et al. at ASIACRYPT 2017, and can inject an exploitable fault that applies to any AES implementation. The second one is interface-based: it exploits the delays between multiple message blocks as proposed by Shield et al. at AISC 2015. We extend this work to describe denial-of-service and key recovery attacks against a Trojan resilient implementation designed following a recent proposal by Dziembowski et al. at CCS 2016. Despite the latter did only claim security against arbitrary digital hardware Trojans, our results show that limited additional (physical) capabilities allow an adversary to circumvent these formal security guarantees.
Bibliographic reference |
Momin, Charles ; Bronchain, Olivier ; Standaert, François-Xavier. Time-Modulated Hardware Trojans: Clock-Based and Interface-Based Examples.40th WIC Symposium on Information Theory in the Benelux (Ghent (Belgium), du 28/05/2019 au 29/05/2019). In: Proceedings of the 40th WIC Symposium on Information Theory in the Benelux, 2019 |
Permanent URL |
http://hdl.handle.net/2078.1/226276 |