基于多级协同混淆的硬件IP核安全防护设计

传统硬件混淆从物理级、逻辑级、行为级等进行单层次混淆,没有发挥多级协同优势,存在安全隐患。该文通过对物理版图、电路逻辑和状态跳变行为的关系研究,提出多级协同混淆的硬件IP核防护方法。该方案首先在自下而上协同混淆中,采用虚拟孔设计版图级伪装门的方式进行物理-逻辑级混淆,采用过孔型物理不可克隆函数(PUF)控制状态跳变的方式实现物理-行为级混淆;然后,在自上而下协同混淆中,利用密钥控制密钥门进行行为-逻辑级混淆,利用并行-支路混淆线的方法完成行为-物理级混淆;最后提出混淆电路在网表的替换机制,设计物理-逻辑-行为的3级协同混淆,实现多级协同混淆的IP核安全防护。ISCAS-89基准电路测试结果表明,在TSMC 65 nm工艺下,多级协同混淆IP核在较大规模测试电路中的面积开销占比平均为11.7%,功耗开销占比平均为5.1%,正确密钥和错误密钥下的寄存器翻转差异低于10%,所提混淆方案可有效抵御暴力攻击、逆向工程、SAT等攻击。     

基于多级协同混淆的硬件IP核安全防护设计

传统硬件混淆从物理级、逻辑级、行为级等进行单层次混淆,没有发挥多级协同优势,存在安全隐患.该文通过对物理版图、电路逻辑和状态跳变行为的关系研究,提出多级协同混淆的硬件IP核防护方法.该方案首先在自下而上协同混淆中,采用虚拟孔设计版图级伪装门的方式进行物理-逻辑级混淆,采用过孔型物理不可克隆函数(PUF)控制状态跳变的方式实现物理-行为级混淆;然后,在自上而下协同混淆中,利用密钥控制密钥门进行行为-逻辑级混淆,利用并行-支路混淆线的方法完成行为-物理级混淆;最后提出混淆电路在网表的替换机制,设计物理-逻辑-行为的3级协同混淆,实现多级协同混淆的IP核安全防护.ISCAS-89基准电路测试结果表明,在TSMC 65 nm工艺下,多级协同混淆IP核在较大规模测试电路中的面积开销占比平均为11.7％,功耗开销占比平均为5.1％,正确密钥和错误密钥下的寄存器翻转差异低于10％,所提混淆方案可有效抵御暴力攻击、逆向工程、SAT等攻击.     

基于状态映射的AES算法硬件混淆设计

代码混淆利用系统自身逻辑来保护内部重要信息和关键算法,常用于软件代码的安全防护,确保开发者和用户的利益。如何在硬件电路上实现混淆、保护硬件IP核的知识产权,也是亟待解决的问题。该文通过对硬件混淆和AES算法的研究,提出一种基于状态映射的AES算法硬件混淆方案。该方案首先利用冗余和黑洞两种状态相结合的状态映射方式,实现有限状态机的混淆;然后,采用比特翻转的方法,实现组合逻辑电路的混淆;最后,在SMIC 65 nm CMOS工艺下设计基于状态映射的AES算法硬件混淆电路,并采用Toggle、数据相关性和代码覆盖率等评价硬件混淆的效率和有效性。实验结果表明,基于状态映射的AES算法硬件混淆电路面积和功耗分别增加9%和16%,代码覆盖率达到93%以上。     

基于序列密码的强PUF抗机器学习攻击方法

物理不可克隆函数(Physical Unclonable Function, PUF)在信息安全领域具有极其重要的应用前景,然而也存在其自身安全受机器学习攻击等方面的不足。该文通过对PUF电路和密码算法的研究,提出一种基于序列密码的强PUF抗机器学习攻击方法。首先,通过构造滚动密钥生成器产生随机密钥,并与输入激励进行混淆;然后,将混淆后的激励通过串并转换电路作用于强PUF,产生输出响应;最后,利用Python软件仿真和FPGA硬件实现,并分析其安全性和统计特性。实验结果表明,当建模所用激励响应对(Challenge Response Pairs, CRPs)高达106组时,基于逻辑回归、人工神经网络和支持向量机的攻击预测率接近50%的理想值。此外,该方法通用性强、硬件开销小,且不影响PUF的随机性、唯一性以及可靠性。     

基于序列密码的强PUF抗机器学习攻击方法

物理不可克隆函数(Physical Unclonable Function,PUF)在信息安全领域具有极其重要的应用前景,然而也存在其自身安全受机器学习攻击等方面的不足.该文通过对PUF电路和密码算法的研究,提出一种基于序列密码的强PUF抗机器学习攻击方法.首先,通过构造滚动密钥生成器产生随机密钥,并与输入激励进行混淆;然后,将混淆后的激励通过串并转换电路作用于强PUF,产生输出响应;最后,利用Python软件仿真和FPGA硬件实现,并分析其安全性和统计特性.实验结果表明,当建模所用激励响应对(Challenge Response Pairs,CRPs)高达106组时,基于逻辑回归、人工神经网络和支持向量机的攻击预测率接近50％的理想值.此外,该方法通用性强、硬件开销小,且不影响PUF的随机性、唯一性以及可靠性.     

基于51核的AES算法高速硬件设计与实现

为提高算法的效率,降低密钥运算的复杂度,提升密钥抵抗强力攻击和时间攻击能力,提出一种AES的算法方案。阐述了AES算法原理及片上系统执行AES的工作流程,基于8051软核AES算法IP原理、设计流程以及硬件模块的实现方案,并给出了效率分析及在硬件平台上的验证结果。仿真结果显示,用查表法实现AES,其IP核具有高效性,并可为密码SoC产品的开发体统算法引擎支持。相比较于以往的算法模型,该方案用少量面积换取速度,大幅提高了算法的效率,因此具备良好的应用价值。     

基于动态补偿的椭圆曲线密码低成本抗功耗攻击策略及硬件结构研究

椭圆曲线密码(ECC)芯片的抗功耗攻击能力往往以电路性能、面积或功耗为代价。该文分析了在椭圆曲线密码 点乘运算中密钥猜测正确与错误时的中间数据汉明距离概率分布差异性，提出一种基于动态汉明距离调控的功耗补偿方法，利用模拟退火算法离线寻找最优的映射矩阵，最终形成椭圆曲线密码硬件电路的等概率映射补偿模型，大大降低了中间数据与功耗的相关性。同时，以该模型为指导设计了低成本的同步功耗补偿电路，在CMOS 40 nm工艺下，防护后的ECC128电路面积增加22.8%。基于Sakura-G开发板开展了测试验证，防护电路的功耗仅增加18.8%，最小泄露轨迹数大于104，抗相关功耗分析能力提升了312倍。该策略在与随机化方法防护能力相当的情况下，不损失电路性能且硬件成本小，适用于高速或资源受限的ECC电路。     

基于FPGA的一种改进型三角超越函数CORDIC实现方式

CORDIC算法将复杂的算术运算转化为简单的加法和移位操作,然后逐步逼近结果。这种方法很好地兼顾了精度、速度,非常适合三角超越函数的硬件实现,但同时也带来硬件资源占用增加的问题。如何尽可能减少CORDIC算法带来的硬件资源占用增加,是利用CORDIC算法实现三角超越函数的关键。本文提出一种改进型三角超越函数CORDIC硬件实现方案,该方案中CORDIC算法IP核利用VHDL语言进行编写,IP核在Modelsim6.5g上通过功能仿真,并且在XUPV5-LX110T FPGA开发板上通过硬件测试,实验结果表明改进的方案可以有效减少CORDIC算法带来的硬件资源占用增加。     

利用LDPC编译码构建无线密钥协商协议的研究

基于无线信道特征的密钥生成过程中,为了降低通信双方生成的密钥不一致率常采取的措施是密钥协商。通常的密钥协商过程是在BSC信道下进行密钥协商,但是协商的效率较低。为了提高密钥协商的效率,本文提出一种在等效信道下基于LDPC编译码的协议机制。在此协议机制中,无线信道下采用Mathur[1][2]等人提出的Level-Crossing算法（LCA）提取密钥的过程构成了本协议中的等效信道,该机制对LCA提取后的密钥协商信息进行建模,推导了等效信道的最佳似然比,并据此采用LDPC码简单的加权比特翻转等译码算法[3-5]来有效进行密钥协商。将等效信道下LDPC码加权比特译码算法用于协商过程的性能和BSC信道下协商后的性能进行仿真,在SNR大于6db的前提下,仿真结果表明:1）在相同低门限的条件下,和LCA算法生成的初始密钥相比较,利用LDPC码比特翻转译码等算法在等效信道下和在BSC信道下协商后的密钥不一致率比初始密钥不一致率降低1至2个数量级;2）在等效信道下利用简单加权比特翻转译码算法进行密钥协商后的密钥不一致率比BSC信道下协商后的密钥不一致率降低大约1个数量级。      

基于电磁辐射信号分析的芯片硬件木马检测

集成电路芯片在制造过程中可能被嵌入恶意硬件电路,形成硬件木马.提出一种新的利用芯片电磁旁路泄漏信息的硬件木马无损检测方法.对芯片表面进行区域划分,通过随机选优算法生成硬件木马测试向量集;利用基于负熵指标的投影寻踪技术将芯片高维旁路信号投影到低维子空间,在信息损失尽量小的前提下发现原始数据中的分布特征,从而实现芯片旁路信号特征提取与识别.针对示例性高级加密标准(AES-128)木马电路的检测实验表明,该技术可以有效分辨基准芯片与硬件木马测试芯片之间的电磁信号特征差异,实现硬件木马检测.     

Orthogonal obfuscation based key management for multiple IP protection

With the development of system-on-chip (SoC) chips, more and more design houses are cooperating with each other's. How to achieve benefit sharing and key management for multiple intellectual properties (IPs) has become an emergency problem. This work proposes an orthogonal obfuscation method to protect multiple IPs. The proposed method permits cooperators to control the project using different security keys, protects the patterns with an orthogonal key, and be convenient for the user to manage the key. For reasons of increased security, the proposed method hides the original keys to prevent information leakage. Multi-port Physical Unclonable Function (MPUF) circuit is used as the additional orthogonal key to cluster membership. It protects the IPs from hardware attacks such as brute-force attack, member leakage attack, reverse engineering and so on. The security analyzes results show that the proposed method reduces the key retrieval time by 36.3% over the baseline. The proposed obfuscation methods have been successfully applied to ISCAS′89 benchmark circuits and cryptographic algorithms. Experimental results indicate that the orthogonal obfuscation only increases the area by 3.43% and consumes 2.77% more power than the baseline.     

Security Against Hardware Trojan Attacks Using Key-Based Design Obfuscation

Malicious modification of hardware in untrusted fabrication facilities, referred to as hardware Trojan, has emerged as a major security concern. Comprehensive detection of these Trojans during post-manufacturing test has been shown to be extremely difficult. Hence, it is important to develop design techniques that provide effective countermeasures against hardware Trojans by either preventing Trojan attacks or facilitating detection during test. Obfuscation is a technique that is conventionally employed to prevent piracy of software and hardware intellectual property (IP). In this work, we propose a novel application of key-based circuit structure and functionality obfuscation to achieve protection against hardware Trojans triggered by rare internal circuit conditions. The proposed obfuscation scheme is based on judicious modification of the state transition function, which creates two distinct functional modes: normal and obfuscated. A circuit transitions from the obfuscated to the normal mode only upon application of a specific input sequence, which defines the key. We show that it provides security against Trojan attacks in two ways: (1) it makes some inserted Trojans benign, i.e. they become effective only in the obfuscated mode; and (2) it prevents an adversary from exploiting the true rare events in a circuit to insert hard-to-detect Trojans. The proposed design methodology can thus achieve simultaneous protection from hardware Trojans and hardware IP piracy. Besides protecting ICs against Trojan attacks in foundry, we show that it can also protect against malicious modifications by untrusted computer-aided design (CAD) tools in both SoC and FPGA design flows. Simulation results for a set of benchmark circuits show that the scheme is capable of achieving high levels of security against Trojan attacks at modest area, power and delay overhead.     

SoC interconnection protection through formal verification

The wide adoption of third-party hardware Intellectual Property (IP) cores including those from untrusted vendors have raised security concerns for system designers and end-users. Existing approaches to ensure the trustworthiness of individual IPs rarely consider the entire SoC design, especially the IP interactions through SoC bus. These methods can hardly identify malicious logic (or design flaws) distributed in multiple IPs whereas individual IPs fulfill security properties and can pass the security testing/verification. One possible solution is to treat the SoC as one IP core and try to verify security properties of the entire design. This method, however, suffers from scalability issues due to the large size of SoC designs with multiple IP cores integrated. In this paper, we present a scalable SoC bus verification framework trying to verify the security properties of SoC bus implementation where the bus protocol plays the role of the golden reference. More specifically, finite state machine (FSM) models will be constructed from the bus implementation and the trustworthiness will be verified based on the property set derived from the bus protocol and potential security threats. Along with IP level formal verification solutions, the proposed framework can help ensure the security of large-scale SoCs. Experimental results on ARM AMBA Bus demonstrate that our approach is applicable and scalable to prevent information leakage and denial-of-service (DoS) attack by verifying security properties.     

A cellular automata guided two level obfuscation of Finite-State-Machine for IP protection

A popular countermeasure against IP piracy is to obfuscate the Finite State Machine (FSM) which is assumed to be the heart of a digital system. Most of the existing FSM obfuscation strategies rely on additionally introduced set of obfuscation mode state-transitions to protect the original state-transitions of the FSM. Although these methods assume that it is difficult to extract the FSM behavior from the flattened gate-level netlist, some recent reverse engineering attacks could successfully break the defense of these schemes. The capability of differentiating obfuscation mode state-transitions from normal mode state-transitions makes these attacks powerful. As a countermeasure against these attacks, we propose a new strategy that offers a key-based obfuscation to each state-transition of the FSM. We use a special class of non-group additive cellular automata (CA), called D1 1 CA, and it's counterpart D11CA_dual to obfuscate each state-transition of the FSM. Each state-transition has its own customized key, which must be configured correctly in order to get correct state-transition behavior from the synthesized FSM. A second layer of protection to the state-transition logic enhances the security of the proposed scheme. An in-depth security analysis of the proposed easily testable key-controlled FSM synthesis scheme demonstrates its ability to thwart the majority of the state-of-the-art attacks, such as FSM reverse engineering, SAT, and circuit unrolling attacks. Thus, the proposed scheme can be used for IP protection of the digital designs. Experimentations on various IWLS′93 benchmark FSM designs show that the average area, power, and delay overheads our proposed multi-bit key-based obfuscated FSM design are 56.43%, 6.87%, and 23.41% while considering the FSMs as standalone circuits. However, experimentation on the Amber23 processor core shows these overheads drastically reduce (reported area, power, and delay overheads values are 0.0025%, 0.44%, and 0%, respectively) while compared with respect to the entire design.     

一种太比特路由器交换核心的研究与设计

硬件可扩展性和高效的性能一直以来是高速交换核心设计中的一对矛盾。文中在总结高速交换核心关键技术之后,提出了一种基于iRGRR算法的高速交换核心,它具有硬件实现简单、可扩展性强、性能优良等特点,大大缓解了上述矛盾。该交换核心能够提供服务质量保证,支持IP分组调度。可应用于太比特路由器中。文中还简要分析了该交换核心的性能,并给出了硬件设计方案。     

Testing analogue and mixed-signal integrated circuits by weighted sum of selected node voltages

System-on-chip (SOC) design based on intellectual property (IP) cores has become a growing trend in integrated circuit (IC) design. Testing of such cores is a challenging problem, especially when these cores are deeply embedded in the system chip. The wrapper of the P1500 standard can facilitate the testing of such cores; however, a full-size wrapper is expensive because the hardware overhead is large. If the requirement for testing I/O pins of IP cores is considered and reduced to a minimum during the core design, SOC designers will need to put much less effort into testing the cores. In this paper, a built-in self-test (BIST) technique, which is applicable to both analogue and mixed-signal integrated circuits and is based on the weighted sum of selected node voltages, is proposed. Besides high fault coverage, the proposed BIST technique needs only one extra testing output pin, and only a single dc stimulus is needed to feed at the primary input of the circuit under test (CUT). Hence, the proposed BIST technique is especially suitable for testing IP cores.     

可光纤集成的相干态量子身份认证系统

报道了可光纤集成相干态量子身份认证实验系统。该系统采用偏振相干态的斯托克斯矢量作为量子信号载体,采用动态偏振控制器作为信号调制器,利用固有的相干态量子噪声保证系统的安全性。自行设计了脉冲激光驱动电路、微弱窄脉冲激光探测电路、信号同步模块,采用Socket网络通信程序在TCP/IP局域网中实现了量子保密通信所需要的经典通信。该相干态量子身份认证系统采用的运行密钥为12位,每个光脉冲包含40000个光子,传输速率达到8kbit/s,合法用户间误码率(BER)小于10-4。每传输一个比特信息,攻击者所能窃取的信息量I(Alice,Eve)<10-14bit。     

Defense-in-depth: A recipe for logic locking to prevail

Logic locking/obfuscation has emerged as an auspicious solution for protecting the semiconductor intellectual property (IP) from the untrusted entities in the design and fabrication process. Logic locking disguises the implementation and functionality of the IP by implanting additional key-gates in the circuit. The right output of the locked chip is produced, once the correct key value is available at the input of the key-gates. The confidentiality of the key is imperative for the security of the locked IP as it stands as the lone barrier against IP infringement. Therefore, the logic locking is considered as a broken scheme once the key value is exposed. The logic locking techniques have shown vulnerability to different classes of attacks, such as Oracle-guided and physical attacks. Although the research community has proposed a number of countermeasures against such attacks, none of them is simultaneously unbreakable against Oracle-guided, Oracle-less, and physical attacks. Under such circumstances, a defense-in-depth mechanism can be considered as a feasible approach in addressing the vulnerabilities of logic locking. Defense-in-depth is a multilayer defense strategy where several independent countermeasures are implemented in the device to provide aggregated protection against different attack vectors.Introducing such a multilayer shielding model in logic locking is the major contribution of this paper. With regard to this, we first identify the core components of logic locking schemes, which need to be protected. Afterwards, we categorize the vulnerabilities of core components according to potential threats for the locking key in logic locking schemes. Furthermore, we propose several defense layers and countermeasures to protect the device from those vulnerabilities. In conclusion, we believe that a logic locking technique with a layered defense mechanism can be a possible solution against IP piracy.