Silicon Demonstration Of Hardware Trojan Design And Detection In Wireless Cryptographic Ics

Keywords

hardware Trojan detection; side-channel fingerprinting; wireless cryptographic integrated circuit (IC)

Abstract

Using silicon measurements from 40 chips fabricated in Taiwan Semiconductor Manufacturing Company's (TSMC's) 0.35-mu text{m} technology, we demonstrate the operation of two hardware Trojans, which leak the secret key of a wireless cryptographic integrated circuit (IC) consisting of an Advanced Encryption Standard (AES) core and an ultrawideband (UWB) transmitter (TX). With their impact carefully hidden in the transmission specification margins allowed for process variations, these hardware Trojans cannot be detected by production testing methods of either the digital or the analog part of the IC and do not violate the transmission protocol or any system-level specifications. Nevertheless, the informed adversary, who knows what to look for in the transmission power waveform, is capable of retrieving the 128-bit AES key, which is leaked with every 128-bit ciphertext block sent by the UWB TX. Moreover, through physical measurements and MATLAB simulations, we show that the attack facilitated by these hardware Trojans is robust to test equipment and communication channel noise. Finally, we experimentally evaluate the effectiveness of a popular hardware Trojan detection method, namely, statistical side-channel fingerprinting via trained one-class classifiers, in detecting the hardware Trojans introduced in our fabricated IC population.

Publication Date

4-1-2017

Publication Title

IEEE Transactions on Very Large Scale Integration (VLSI) Systems

Volume

25

Issue

4

Number of Pages

1506-1519

Document Type

Article

Personal Identifier

scopus

DOI Link

https://doi.org/10.1109/TVLSI.2016.2633348

Socpus ID

85007087179 (Scopus)

Source API URL

https://api.elsevier.com/content/abstract/scopus_id/85007087179

This document is currently not available here.

Share

COinS