research-article

Public Access

Standardizing Bad Cryptographic Practice: A Teardown of the IEEE Standard for Protecting Electronic-design Intellectual Property

Authors:

Mark TehranipoorAuthors Info & Claims

CCS '17: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security

Pages 1533 - 1546

https://doi.org/10.1145/3133956.3134040

Published: 30 October 2017 Publication History

PDF eReader

Abstract

We provide an analysis of IEEE standard P1735, which describes methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP. We find a surprising number of cryptographic mistakes in the standard. In the most egregious cases, these mistakes enable attack vectors that allow us to recover the entire underlying plaintext IP. Some of these attack vectors are well-known, e.g. padding-oracle attacks. Others are new, and are made possible by the need to support the typical uses of the underlying IP; in particular, the need for commercial system-on-chip (SoC) tools to synthesize multiple pieces of IP into a fully specified chip design and to provide syntax errors. We exploit these mistakes in a variety of ways, leveraging a commercial SoC tool as a black-box oracle.

In addition to being able to recover entire plaintext IP, we show how to produce standard-compliant ciphertexts of IP that have been modified to include targeted hardware Trojans. For example, IP that correctly implements the AES block cipher on all but one (arbitrary) plaintext that induces the block cipher to return the secret key. We outline a number of other attacks that the standard allows, including on the cryptographic mechanism for IP licensing. Unfortunately, we show that obvious "quick fixes" to the standard (and the tools that support it) do not stop all of our attacks. This suggests that the standard requires a significant overhaul, and that IP-authors using P1735 encryption should consider themselves at risk.

Supplemental Material

MP4 File

Download
2372.29 MB

References

[1]

Nadhem J. Al Fardan and Kenneth G. Paterson 2013. Lucky Thirteen: Breaking the TLS and DTLS Record Protocols Proceedings of the 2013 IEEE Symposium on Security and Privacy (SP '13). IEEE Computer Society, Washington, DC, USA, 526--540. https://doi.org/10.1109/SP.2013.42

Digital Library

Google Scholar

[2]

Martin R. Albrecht, Jean Paul Degabriele, Torben Brandt Hansen, and Kenneth G. Paterson. 2016. A Surfeit of SSH Cipher Suites. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (CCS '16). ACM, New York, NY, USA, 1480--1491. https://doi.org/10.1145/2976749.2978364

Digital Library

Google Scholar

[3]

Martin R. Albrecht, Kenneth G. Paterson, and Gaven J. Watson 2009. Plaintext Recovery Attacks Against SSH. In Proceedings of the 2009 30th IEEE Symposium on Security and Privacy (SP '09). IEEE Computer Society, Washington, DC, USA, 16--26. https://doi.org/10.1109/SP.2009.5

Digital Library

Google Scholar

[4]

Robert Baldwin and Ronald Rivest 1996. The rc5, rc5-cbc, rc5-cbc-pad, and rc5-cts algorithms. bibinfotypeTechnical Report.

Google Scholar

[5]

Mihir Bellare and Chanathip Namprempre 2008. Authenticated Encryption: Relations Among Notions and Analysis of the Generic Composition Paradigm. J. Cryptol., Vol. 21, 4 (sep 2008), 469--491. 0

Digital Library

Google Scholar

[6]

Lin Yuan, Gang Qu, Lahouari Ghout, and Ahmed Bouridane. 2006. VLSI design IP protection: solutions, new challenges, and opportunities Adaptive Hardware and Systems, 2006. AHS 2006. First NASA/ESA Conference on. IEEE, 469--476.

Google Scholar

[7]

YongBin Zhou and DengGuo Feng 2005. Side-Channel Attacks: Ten Years After Its Publication and the Impacts on Cryptographic Module Security Testing. (2005). http://eprint.iacr.org/2005/[email protected] 13083 received 27 Oct 2005.endthebibliography

Google Scholar

Cited By

View all

Hutchings DTaylor AGoeders J(2024)Toward FPGA Intellectual Property Encryption from Netlist to BitstreamACM Transactions on Reconfigurable Technology and Systems10.1145/365664418:1(1-27)Online publication date: 12-Apr-2024
https://dl.acm.org/doi/10.1145/3656644
Rajendran SFarahmandi FTehranipoor M(2024)CAD Tools Pathway in Hardware Security2024 37th International Conference on VLSI Design and 2024 23rd International Conference on Embedded Systems (VLSID)10.1109/VLSID60093.2024.00063(342-347)Online publication date: 6-Jan-2024
https://doi.org/10.1109/VLSID60093.2024.00063
Avoine GFerreira L(2024)Decrypting Without Keys: The Case of the GlobalPlatform SCP02 ProtocolJournal of Cryptology10.1007/s00145-024-09528-z38:1Online publication date: 5-Dec-2024
https://doi.org/10.1007/s00145-024-09528-z
Show More Cited By

Recommendations

DASC standards track IP-based design trends

The common engineering practice of decomposing complex problems into a series of simpler subproblems to arrive at effective solutions is mirrored in the electronics industry by the definition and use of IP blocks. Although such blocks were initially ...
Bad-token: denial of service attacks on WPA3
SIN '19: Proceedings of the 12th International Conference on Security of Information and Networks

WPA3 (Wi-Fi Protected Access 3) is a certification that augments its predecessor WPA2 with protection mechanisms, such as resistance against password dictionary attacks through SAE (Simultaneous Authentication of Equals) handshake, MFP (Management Frame ...
Cryptographic tamper evidence
CCS '03: Proceedings of the 10th ACM conference on Computer and communications security

We propose a new notion of cryptographic tamper evidence. A tamper-evident signature scheme provides an additional procedure Div which detects tampering: given two signatures, Div can determine whether one of them was generated by the forger. ...

Comments

Information & Contributors

Information

Published In

CCS '17: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security

October 2017

2682 pages

ISBN:9781450349468

DOI:10.1145/3133956

General Chair:
Bhavani Thuraisingham
The University of Texas at Dallas, USA
,
Program Chairs:
David Evans
University of Virginia
,
Tal Malkin
Columbia University
,
Dongyan Xu
Purdue University

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 30 October 2017

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

NIST
NSF
Cisco Systems Inc.

Conference

CCS '17

Sponsor:

SIGSAC

CCS '17: 2017 ACM SIGSAC Conference on Computer and Communications Security

October 30 - November 3, 2017

Texas, Dallas, USA

Acceptance Rates

CCS '17 Paper Acceptance Rate 151 of 836 submissions, 18%;

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '25

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 13 - 17, 2025

Taipei , Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

17
Total Citations
View Citations
706
Total Downloads

Downloads (Last 12 months)144
Downloads (Last 6 weeks)26

Reflects downloads up to 05 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Hutchings DTaylor AGoeders J(2024)Toward FPGA Intellectual Property Encryption from Netlist to BitstreamACM Transactions on Reconfigurable Technology and Systems10.1145/365664418:1(1-27)Online publication date: 12-Apr-2024
https://dl.acm.org/doi/10.1145/3656644
Rajendran SFarahmandi FTehranipoor M(2024)CAD Tools Pathway in Hardware Security2024 37th International Conference on VLSI Design and 2024 23rd International Conference on Embedded Systems (VLSID)10.1109/VLSID60093.2024.00063(342-347)Online publication date: 6-Jan-2024
https://doi.org/10.1109/VLSID60093.2024.00063
Avoine GFerreira L(2024)Decrypting Without Keys: The Case of the GlobalPlatform SCP02 ProtocolJournal of Cryptology10.1007/s00145-024-09528-z38:1Online publication date: 5-Dec-2024
https://doi.org/10.1007/s00145-024-09528-z
Lee YMcDonald AYang J(2023)Identifying Code Tampering Using A Bytecode Comparison Analysis Tool2023 IEEE/ACIS 21st International Conference on Software Engineering Research, Management and Applications (SERA)10.1109/SERA57763.2023.10197775(69-76)Online publication date: 23-May-2023
https://doi.org/10.1109/SERA57763.2023.10197775
Zamiri Azar KMardani Kamali HFarahmandi FTehranipoor MZamiri Azar KMardani Kamali HFarahmandi FTehranipoor M(2023)Making a Case for Logic LockingUnderstanding Logic Locking10.1007/978-3-031-37989-5_4(63-87)Online publication date: 26-Jun-2023
https://doi.org/10.1007/978-3-031-37989-5_4
Tehranipoor MNalla Anandakumar NFarahmandi FTehranipoor MAnandakumar NFarahmandi F(2023)Logic-Locking Insertion and AssessmentHardware Security Training, Hands-on!10.1007/978-3-031-31034-8_10(183-197)Online publication date: 30-Jun-2023
https://doi.org/10.1007/978-3-031-31034-8_10
Farahmandi FRahman MRajendran STehranipoor MFarahmandi FRahman MRajendran STehranipoor M(2023)Introduction to CAD for Hardware SecurityCAD for Hardware Security10.1007/978-3-031-26896-0_1(1-19)Online publication date: 28-Jan-2023
https://doi.org/10.1007/978-3-031-26896-0_1
Speith JSchweins FEnder MFyrbiak MMay APaar C(2022)How Not to Protect Your IP – An Industry-Wide Break of IEEE 1735 Implementations2022 IEEE Symposium on Security and Privacy (SP)10.1109/SP46214.2022.9833605(1656-1671)Online publication date: May-2022
https://doi.org/10.1109/SP46214.2022.9833605
Tehranipoor MPundir NVashistha NFarahmandi FTehranipoor MPundir NVashistha NFarahmandi F(2022)Embedded WatermarksHardware Security Primitives10.1007/978-3-031-19185-5_11(185-211)Online publication date: 12-Oct-2022
https://doi.org/10.1007/978-3-031-19185-5_11
Rahman MLi HGuo RRahman FFarahmandi FTehranipoor M(2021)LL-ATPG: Logic-Locking Aware Test Using Valet Keys in an Untrusted Environment2021 IEEE International Test Conference (ITC)10.1109/ITC50571.2021.00026(180-189)Online publication date: Oct-2021
https://doi.org/10.1109/ITC50571.2021.00026
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Recommendations

DASC standards track IP-based design trends

Bad-token: denial of service attacks on WPA3

Cryptographic tamper evidence

Comments

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Funding Sources

Conference

Acceptance Rates

Upcoming Conference

Other Metrics

Article Metrics

Other Metrics

Cited By

PDF

eReader

Login options

Full Access

Abstract

Supplemental Material

References

Cited By

Recommendations

DASC standards track IP-based design trends

Bad-token: denial of service attacks on WPA3

Cryptographic tamper evidence

Comments

Information

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Funding Sources

Conference

Acceptance Rates

Upcoming Conference

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

PDF

eReader

Login options

Full Access

Share

Share this Publication link

Share on social media

Affiliations