Pub Date : 2022-01-01Epub Date: 2022-08-20DOI: 10.1007/s13389-022-00294-x
Susanne Engels, Max Hoffmann, Christof Paar
With continuously shrinking feature sizes of integrated circuits, the vast majority of semiconductor companies have become fabless, outsourcing to foundries across the globe. This exposes the design industry to a number of threats, including piracy via IP-theft or unauthorized overproduction and subsequent reselling on the black market. One alleged solution for this problem is logic locking, where the genuine functionality of a chip is "locked" using a key only known to the designer. Solely with a correct key, the design works as intended. Since unlocking is handled by the designer only after production, an adversary in the supply chain should not be able to unlock overproduced chips. In this work, we focus on logic locking against the threat of overproduction. First, we survey existing locking schemes and characterize them by their handling of keys, before extracting similarities and differences in the employed attacker models. We then compare said models to the real-world capabilities of the primary adversary in overproduction-a malicious foundry. This comparison allows us to identify pitfalls in existing models and derive a more realistic attacker model. Then, we discuss how existing schemes hold up against the new attacker model. Our discussion highlights that several attacks beyond the usually employed SAT-based approaches are viable. Crucially, these attacks stem from the underlying structure of current logic locking approaches, which has never changed since its introduction in 2008. We conclude that logic locking, while being a promising approach, needs a fundamental rethinking to achieve real-world protection against overproduction.
{"title":"A critical view on the real-world security of logic locking.","authors":"Susanne Engels, Max Hoffmann, Christof Paar","doi":"10.1007/s13389-022-00294-x","DOIUrl":"https://doi.org/10.1007/s13389-022-00294-x","url":null,"abstract":"<p><p>With continuously shrinking feature sizes of integrated circuits, the vast majority of semiconductor companies have become <i>fabless</i>, outsourcing to foundries across the globe. This exposes the design industry to a number of threats, including piracy via IP-theft or unauthorized overproduction and subsequent reselling on the black market. One alleged solution for this problem is <i>logic locking</i>, where the genuine functionality of a chip is \"locked\" using a key only known to the designer. Solely with a correct key, the design works as intended. Since unlocking is handled by the designer only after production, an adversary in the supply chain should not be able to unlock overproduced chips. In this work, we focus on logic locking against the threat of overproduction. First, we survey existing locking schemes and characterize them by their handling of keys, before extracting similarities and differences in the employed attacker models. We then compare said models to the real-world capabilities of the primary adversary in overproduction-a malicious foundry. This comparison allows us to identify pitfalls in existing models and derive a more realistic attacker model. Then, we discuss how existing schemes hold up against the new attacker model. Our discussion highlights that several attacks beyond the usually employed SAT-based approaches are viable. Crucially, these attacks stem from the underlying structure of current logic locking approaches, which has never changed since its introduction in 2008. We conclude that logic locking, while being a promising approach, needs a fundamental rethinking to achieve real-world protection against overproduction.</p>","PeriodicalId":48508,"journal":{"name":"Journal of Cryptographic Engineering","volume":"12 3","pages":"229-244"},"PeriodicalIF":1.9,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9464179/pdf/","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"40358123","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2021-12-04DOI: 10.1007/s13389-021-00279-2
A. Wiemers, Johannes Mittmann
{"title":"Improving recent side-channel attacks against the DES key schedule","authors":"A. Wiemers, Johannes Mittmann","doi":"10.1007/s13389-021-00279-2","DOIUrl":"https://doi.org/10.1007/s13389-021-00279-2","url":null,"abstract":"","PeriodicalId":48508,"journal":{"name":"Journal of Cryptographic Engineering","volume":"13 1","pages":"1-17"},"PeriodicalIF":1.9,"publicationDate":"2021-12-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"43803399","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2021-11-25DOI: 10.1007/s13389-021-00276-5
Dušan Božilov, Miroslav Knezevic, V. Nikov
{"title":"Optimized threshold implementations: securing cryptographic accelerators for low-energy and low-latency applications","authors":"Dušan Božilov, Miroslav Knezevic, V. Nikov","doi":"10.1007/s13389-021-00276-5","DOIUrl":"https://doi.org/10.1007/s13389-021-00276-5","url":null,"abstract":"","PeriodicalId":48508,"journal":{"name":"Journal of Cryptographic Engineering","volume":"12 1","pages":"15 - 51"},"PeriodicalIF":1.9,"publicationDate":"2021-11-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"46673530","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2021-11-24DOI: 10.1007/s13389-021-00274-7
J. Winderickx, An Braeken, Dave Singelée, N. Mentens
{"title":"In-depth energy analysis of security algorithms and protocols for the Internet of Things","authors":"J. Winderickx, An Braeken, Dave Singelée, N. Mentens","doi":"10.1007/s13389-021-00274-7","DOIUrl":"https://doi.org/10.1007/s13389-021-00274-7","url":null,"abstract":"","PeriodicalId":48508,"journal":{"name":"Journal of Cryptographic Engineering","volume":"12 1","pages":"137 - 149"},"PeriodicalIF":1.9,"publicationDate":"2021-11-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"43029428","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Practical side-channel attacks on recent devices may be challenging due to the poor quality of acquired signals. It can originate from different factors, such as the growing architecture complexity, especially in System-on-Chips, creating unpredictable and concurrent operation of multiple signal sources in the device. This work makes use of mixture distributions to formalize this complexity, allowing us to explain the benefit of using a technique like Scatter, where different samples of the traces are aggregated into the same distribution. Some observations of the conditional mixture distributions are made in order to model the leakage in such context. From this, we infer local coherency of information held in the distribution as a general expression of the leakage in mixture distributions. This leads us to introduce how spatial analysis tools, such as Moran’s Index, can be used to significantly improve non-profiled attacks compared to other techniques from the state-of-the-art. Exploitation of this technique is experimentally shown very promising, as demonstrated by its application on two AES implementations including masking and shuffling countermeasures.
{"title":"Spatial dependency analysis to extract information from side-channel mixtures: extended version","authors":"Aurélien Vasselle, Hugues Thiebeauld, P. Maurine","doi":"10.1145/3474376.3487280","DOIUrl":"https://doi.org/10.1145/3474376.3487280","url":null,"abstract":"Practical side-channel attacks on recent devices may be challenging due to the poor quality of acquired signals. It can originate from different factors, such as the growing architecture complexity, especially in System-on-Chips, creating unpredictable and concurrent operation of multiple signal sources in the device. This work makes use of mixture distributions to formalize this complexity, allowing us to explain the benefit of using a technique like Scatter, where different samples of the traces are aggregated into the same distribution. Some observations of the conditional mixture distributions are made in order to model the leakage in such context. From this, we infer local coherency of information held in the distribution as a general expression of the leakage in mixture distributions. This leads us to introduce how spatial analysis tools, such as Moran’s Index, can be used to significantly improve non-profiled attacks compared to other techniques from the state-of-the-art. Exploitation of this technique is experimentally shown very promising, as demonstrated by its application on two AES implementations including masking and shuffling countermeasures.","PeriodicalId":48508,"journal":{"name":"Journal of Cryptographic Engineering","volume":"1 1","pages":"1-17"},"PeriodicalIF":1.9,"publicationDate":"2021-11-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"48475659","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2021-09-15DOI: 10.1007/s13389-021-00273-8
Mathieu Gross, Nisha Jacob, A. Zankl, G. Sigl
{"title":"Breaking TrustZone memory isolation and secure boot through malicious hardware on a modern FPGA-SoC","authors":"Mathieu Gross, Nisha Jacob, A. Zankl, G. Sigl","doi":"10.1007/s13389-021-00273-8","DOIUrl":"https://doi.org/10.1007/s13389-021-00273-8","url":null,"abstract":"","PeriodicalId":48508,"journal":{"name":"Journal of Cryptographic Engineering","volume":"12 1","pages":"181 - 196"},"PeriodicalIF":1.9,"publicationDate":"2021-09-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"44931232","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2021-08-22DOI: 10.1007/s13389-021-00270-x
Chip-Hong Chang, Daniel E. Holcomb, U. Rührmair, P. Schaumont
{"title":"The ASHES 2019 special issue at JCEN","authors":"Chip-Hong Chang, Daniel E. Holcomb, U. Rührmair, P. Schaumont","doi":"10.1007/s13389-021-00270-x","DOIUrl":"https://doi.org/10.1007/s13389-021-00270-x","url":null,"abstract":"","PeriodicalId":48508,"journal":{"name":"Journal of Cryptographic Engineering","volume":"11 1","pages":"199 - 200"},"PeriodicalIF":1.9,"publicationDate":"2021-08-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1007/s13389-021-00270-x","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"48633854","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2021-08-04DOI: 10.1007/s13389-021-00269-4
Liron David, A. Wool
{"title":"Rank estimation with bounded error via exponential sampling","authors":"Liron David, A. Wool","doi":"10.1007/s13389-021-00269-4","DOIUrl":"https://doi.org/10.1007/s13389-021-00269-4","url":null,"abstract":"","PeriodicalId":48508,"journal":{"name":"Journal of Cryptographic Engineering","volume":"12 1","pages":"151 - 168"},"PeriodicalIF":1.9,"publicationDate":"2021-08-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"48984396","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
扫码关注我们
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号