Abstract
Split manufacturing is a method to secure circuits by creating layers of a circuit separately—one layer is manufactured at a trusted foundry and the other at an untrusted foundry. The complete circuit is unknowable without both pieces, thus the circuit cannot be effectively manipulated by, e.g., inserting a hardware Trojan at manufacture time. A prominent example of this approach is the work “Securing Computer Hardware Using 3D Integrated Circuit (IC) Technology and Split Manufacturing for Obfuscation” [1]. In the work, it is claimed that even if an attacker knows the exact layout of a circuit before division, the technique set forth would prevent the attacker from inserting an efficient (i.e., undetectable) hardware Trojan into the circuit unless they possessed knowledge of the trusted layer. This paper is notable because it gives strong theoretical reasons, as opposed to only providing empirical results, to suggest that the proposed method provides security for circuits. In this work, we examine whether this particular split manufacturing approach is effective in protecting redundant circuits, such as implementations of cryptographic ciphers, from the implantation of hardware Trojans. We show that it is indeed possible to insert a Trojan with a much higher success rate, and smaller footprint, than the example discussed in [1], which implies that, at least for this class of circuits, obfuscation provides significantly less security than the authors’ theoretical analysis would suggest. To demonstrate its general applicability, our analysis is carried out not only on a the same type of circuit used as an example in [1] (an implementation of the Data Encryption Standard (DES)) but also an Advanced Encryption Standard (AES) circuit. For both circuits, we demonstrate vast improvement for attacker success using the metrics used in [1]
Similar content being viewed by others
References
Imeson F, Emtenan A, Garg S, Tripunitara M (2013) Securing computer hardware using 3d integrated circuit (\(\{IC\}\)) technology and split manufacturing for obfuscation. In Presented as part of the 22nd \(\{USENIX\}\) Security Symposium (\(\{USENIX\}\) Security 13), pp 495–510
Hasegawa K, Oya M, Yanagisawa M, Togawa N (2016) Hardware trojans classification for gate-level netlists based on machine learning. In On-Line Testing and Robust System Design (IOLTS), 2016 IEEE 22nd International Symposium on, pp 203–206
Tehranipoor M, Koushanfar F (2010) A survey of hardware trojan taxonomy and detection. IEEE design & test of computers 27(1)
Yoshimura M, Bouyashiki T, Hosokawa T (2017) A hardware trojan circuit detection method using activation sequence generations. In Dependable Computing (PRDC), 2017 IEEE 22nd Pacific Rim International Symposium on, pp 221–222
Salmani H (2017) Hardware trojan attacks and countermeasures. In Fundamentals of IP and SoC Security. Springer, pp 247–276
Johnson AP, Patranabis S, Chakraborty RS, Mukhopadhyay D (2016) Remote dynamic clock reconfiguration based attacks on internet of things applications. In Digital System Design (DSD), 2016 Euromicro Conference on, pp 431–438
Malekpour A, Ragel R, Ignjatovic I, Parameswaran S (2017) Trojanguard: Simple and effective hardware trojan mitigation techniques for pipelined mpsocs. In Proceedings of the 54th Annual Design Automation Conference 2017, p 19
Wang MTC (2012) Introduction to Hardware Security and Trust. Springer, 233 Spring Street, New York, NY 10013
U.S. department of commerce bureau of industry and security office of technology evaluation (1999) Defense industrial base assessment: Counterfeit electronics. http://www.bis.doc.gov/defenseindustrialbaseprograms/osies/defmarketresearchrpts/finalcounterfeit_electronics_report.pdf
Committee on Armed Services (1999) United States Senate. Inquiry into counterfeit electronic parts in the department of defense supply chain. http://www.armed-services.senate.gov/Publications/Counterfeit%20Electronic%20Parts.pdf
Salmani H, Tehranipoor M, Plusquellic J (2009) New design strategy for improving hardware trojan detection and reducing trojan activation time. In Hardware-Oriented Security and Trust, 2009. HOST’09. IEEE International Workshop on, pp 66–73
Samimi MS, Aerabi E, Kazemi Z, Fazeli M, Patooghy A (2016) Hardware enlightening: No where to hide your hardware trojans! In On-Line Testing and Robust System Design (IOLTS), 2016 IEEE 22nd International Symposium on, pp 251–256
Wang Y, Chen P, Hu J, Li G, Rajendran J (2018) The cat and mouse in split manufacturing. IEEE Transactions on Very Large Scale Integration (VLSI) Systems, 26(5):805–817
Rajendran JJ, Sinanoglu O, Karri R (2013) Is split manufacturing secure? In Proceedings of the Conference on Design, Automation and Test in Europe, pp 1259–1264. EDA Consortium
Vaidyanathan K, Das BP, Sumbul E, Liu R, Pileggi L (2014) Building trusted ics using split fabrication. In 2014 IEEE international symposium on hardware-oriented security and trust (HOST), pp 1–6
Vaidyanathan K, Liu R, Sumbul E, Zhu Q, Franchetti F, Pileggi L (2014) Efficient and secure intellectual property (ip) design with split fabrication. In 2014 IEEE international symposium on hardware-oriented security and trust (HOST), pages 13–18
Vaidyanathan K, Das BP, Pileggi L (2014) Detecting reliability attacks during split fabrication using test-only beol stack. In Design Automation Conference (DAC), 2014 51st ACM/EDAC/IEEE, pp 1–6
Xie Y, Bao C, Srivastava A (2015) Security-aware design flow for 2.5 d ic technology. In Proceedings of the 5th International Workshop on Trustworthy Embedded Devices, pp 31–38. ACM
Girija R, Singh H (2017) A new substitution-permutation network cipher using walsh hadamard transform. In Computing and Communication Technologies for Smart Nation (IC3TSN), 2017 International Conference on, pp 168–172. IEEE
Maity G, Bhaumik J, Kundu A (2018) A new spn type architecture to strengthen block cipher against fault attack. IJ Network Security 20(3):455–462
Shirai T, Shibutani K, Akishita T, Moriai S, Iwata T (2007) The 128-bit blockcipher clefia. In International Workshop on Fast Software Encryption, pp 181–195. Springer
Peng J, Tan CH, Wang Q, Gao J, Kan H (2018) More new classes of differentially 4-uniform permutations with good cryptographic properties. IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences 101(6):945–952
Baigneres T, Vaudenay S (2005) Proving the security of aes substitution-permutation network. In International Workshop on Selected Areas in Cryptography, pp 65–81. Springer
Barenghi A, Breveglieri L, Koren I, Naccache D (2012) Fault injection attacks on cryptographic devices: Theory, practice, and countermeasures. Proceedings of the IEEE 100(11):3056–3076
Kim CH, Quisquater J-J (2007) Faults, injection methods, and fault attacks. IEEE Design & Test of Computers 24(6):544–545
Tunstall MJM (2012) Fault Analysis in Cryptography. Springer
Imeson F (2017) circuit\_security. https://github.com/fcimeson/circuit_security
Usselmann R (2009) DES/Triple DES IP Cores. http://opencores.org/project/des
Biham E, Shamir A (1997) Differential fault analysis of secret key cryptosystems. In Annual International Cryptology Conference, pp 513–525. Springer
Daemen J, Rijmen V (1999) Aes proposal: Rijndael
Daemen J, Rijmen V (2001) Specification for the advanced encryption standard (aes). Federal Information Processing Standards Publication, 197
Hsing H (2015) tiny\_aes. https://opencores.org/project/tiny_aes
Li M, Yu B, Lin Y, Xu X, Li W, Pan DZ (2018) A practical split manufacturing framework for trojan prevention via simultaneous wire lifting and cell insertion. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems 38(9):1585–1598
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Weidler, N., Gerdes, R. & Chantem, T. On the Limitations of Obfuscating Redundant Circuits in Frustrating Hardware Trojan Implantation. J Hardw Syst Secur 5, 75–87 (2021). https://doi.org/10.1007/s41635-021-00111-7
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s41635-021-00111-7