-
ExTru: A Lightweight, Fast, and Secure Expirable Trust for the Internet of Things
Authors:
Hadi Mardani Kamali,
Kimia Zamiri Azar,
Shervin Roshanisefat,
Ashkan Vakil,
Avesta Sasan
Abstract:
The resource-constrained nature of the Internet of Things (IoT) devices, poses a challenge in designing a secure, reliable, and particularly high-performance communication for this family of devices. Although side-channel resistant ciphers (either block cipher or stream cipher) are the well-suited solution to establish a guaranteed secure communication, the energy-intensive nature of these ciphers…
▽ More
The resource-constrained nature of the Internet of Things (IoT) devices, poses a challenge in designing a secure, reliable, and particularly high-performance communication for this family of devices. Although side-channel resistant ciphers (either block cipher or stream cipher) are the well-suited solution to establish a guaranteed secure communication, the energy-intensive nature of these ciphers makes them undesirable for particularly lightweight IoT solutions. In this paper, we introduce ExTru, a novel encrypted communication protocol based on stream ciphers that adds a configurable switching & toggling network (CSTN) to not only boost the performance of the communication in lightweight IoT devices, it also consumes far less energy compared with the conventional side-channel resistant ciphers. Although the overall structure of the proposed scheme is leaky against physical attacks, such as side-channel or new scan-based Boolean satisfiability (SAT) attack or algebraic attack, we introduce a dynamic encryption mechanism that removes this vulnerability. We demonstrate how each communicated message in the proposed scheme reduces the level of trust. Accordingly, since a specific number of messages, N, could break the communication and extract the key, by using the dynamic encryption mechanism, ExTru can re-initiate the level of trust periodically after T messages where T<N, to protect the communication against side-channel and scan-based attacks (e.g. SAT attack). Furthermore, we demonstrate that by properly configuring the value of T, ExTru not only increases the strength of security from per "device" to per "message", it also significantly improves energy consumption as well as throughput in comparison with an architecture that only uses a conventional side-channel resistant block/stream cipher.
△ Less
Submitted 13 April, 2020;
originally announced April 2020.
-
DFSSD: Deep Faults and Shallow State Duality, A Provably Strong Obfuscation Solution for Circuits with Restricted Access to Scan Chain
Authors:
Shervin Roshanisefat,
Hadi Mardani Kamali,
Kimia Zamiri Azar,
Sai Manoj Pudukotai Dinakarrao,
Naghmeh Karimi,
Houman Homayoun,
Avesta Sasan
Abstract:
In this paper, we introduce DFSSD, a novel logic locking solution for sequential and FSM circuits with a restricted (locked) access to the scan chain. DFSSD combines two techniques for obfuscation: (1) Deep Faults, and (2) Shallow State Duality. Both techniques are specifically designed to resist against sequential SAT attacks based on bounded model checking. The shallow state duality prevents a s…
▽ More
In this paper, we introduce DFSSD, a novel logic locking solution for sequential and FSM circuits with a restricted (locked) access to the scan chain. DFSSD combines two techniques for obfuscation: (1) Deep Faults, and (2) Shallow State Duality. Both techniques are specifically designed to resist against sequential SAT attacks based on bounded model checking. The shallow state duality prevents a sequential SAT attack from taking a shortcut for early termination without running an exhaustive unbounded model checker to assess if the attack could be terminated. The deep fault, on the other hand, provides a designer with a technique for building deep, yet key recoverable faults that could not be discovered by sequential SAT (and bounded model checker based) attacks in a reasonable time.
△ Less
Submitted 18 February, 2020;
originally announced February 2020.
-
SAT-hard Cyclic Logic Obfuscation for Protecting the IP in the Manufacturing Supply Chain
Authors:
Shervin Roshanisefat,
Hadi Mardani Kamali,
Houman Homayoun,
Avesta Sasan
Abstract:
State-of-the-art attacks against cyclic logic obfuscation use satisfiability solvers that are equipped with a set of cycle avoidance clauses. These cycle avoidance clauses are generated in a pre-processing step and define various key combinations that could open or close cycles without making the circuit oscillating or stateful. In this paper, we show that this pre-processing step has to generate…
▽ More
State-of-the-art attacks against cyclic logic obfuscation use satisfiability solvers that are equipped with a set of cycle avoidance clauses. These cycle avoidance clauses are generated in a pre-processing step and define various key combinations that could open or close cycles without making the circuit oscillating or stateful. In this paper, we show that this pre-processing step has to generate cycle avoidance conditions on all cycles in a netlist, otherwise, a missing cycle could trap the solver in an infinite loop or make it exit with an incorrect key. Then, we propose several techniques by which the number of cycles is exponentially increased as a function of the number of inserted feedbacks. We further illustrate that when the number of feedbacks is increased, the pre-processing step of the attack faces an exponential increase in complexity and runtime, preventing the correct composition of cycle avoidance clauses in a reasonable time. On the other hand, if the pre-processing is not concluded, the attack formulated by the satisfiability solver will either get stuck or exit with an incorrect key. Hence, when the cyclic obfuscation under the conditions proposed in this paper is implemented, it would impose an exponentially difficult problem for the satisfiability solver based attacks.
△ Less
Submitted 22 January, 2020;
originally announced January 2020.
-
COMA: Communication and Obfuscation Management Architecture
Authors:
Kimia Zamiri Azar,
Farnoud Farahmand,
Hadi Mardani Kamali,
Shervin Roshanisefat,
Houman Homayoun,
William Diehl,
Kris Gaj,
Avesta Sasan
Abstract:
In this paper, we introduce a novel Communication and Obfuscation Management Architecture (COMA) to handle the storage of the obfuscation key and to secure the communication to/from untrusted yet obfuscated circuits. COMA addresses three challenges related to the obfuscated circuits: First, it removes the need for the storage of the obfuscation unlock key at the untrusted chip. Second, it implemen…
▽ More
In this paper, we introduce a novel Communication and Obfuscation Management Architecture (COMA) to handle the storage of the obfuscation key and to secure the communication to/from untrusted yet obfuscated circuits. COMA addresses three challenges related to the obfuscated circuits: First, it removes the need for the storage of the obfuscation unlock key at the untrusted chip. Second, it implements a mechanism by which the key sent for unlocking an obfuscated circuit changes after each activation (even for the same device), transforming the key into a dynamically changing license. Third, it protects the communication to/from the COMA protected device and additionally introduces two novel mechanisms for the exchange of data to/from COMA protected architectures: (1) a highly secure but slow double encryption, which is used for exchange of key and sensitive data (2) a high-performance and low-energy yet leaky encryption, secured by means of frequent key renewal. We demonstrate that compared to state-of-the-art key management architectures, COMA reduces the area overhead by 14%, while allowing additional features including unique chip authentication, enabling activation as a service (for IoT devices), reducing the side channel threats on key management architecture, and providing two new means of secure communication to/from an untrusted chip.
△ Less
Submitted 1 September, 2019;
originally announced September 2019.
-
Benchmarking the Capabilities and Limitations of SAT Solvers in Defeating Obfuscation Schemes
Authors:
Shervin Roshanisefat,
Harshith K. Thirumala,
Kris Gaj,
Houman Homayoun,
Avesta Sasan
Abstract:
In this paper, we investigate the strength of six different SAT solvers in attacking various obfuscation schemes. Our investigation revealed that Glucose and Lingeling SAT solvers are generally suited for attacking small-to-midsize obfuscated circuits, while the MapleGlucose, if the system is not memory bound, is best suited for attacking mid-to-difficult obfuscation methods. Our experimental resu…
▽ More
In this paper, we investigate the strength of six different SAT solvers in attacking various obfuscation schemes. Our investigation revealed that Glucose and Lingeling SAT solvers are generally suited for attacking small-to-midsize obfuscated circuits, while the MapleGlucose, if the system is not memory bound, is best suited for attacking mid-to-difficult obfuscation methods. Our experimental result indicates that when dealing with extremely large circuits and very difficult obfuscation problems, the SAT solver may be memory bound, and Lingeling, for having the most memory efficient implementation, is the best-suited solver for such problems. Additionally, our investigation revealed that SAT solver execution times may vary widely across different SAT solvers. Hence, when testing the hardness of an obfuscation method, although the increase in difficulty could be verified by one SAT solver, the pace of increase in difficulty is dependent on the choice of a SAT solver.
△ Less
Submitted 30 April, 2018;
originally announced May 2018.
-
SRCLock: SAT-Resistant Cyclic Logic Locking for Protecting the Hardware
Authors:
Shervin Roshanisefat,
Hadi Mardani Kamali,
Avesta Sasan
Abstract:
In this paper, we claim that cyclic obfuscation, when properly implemented, poses exponential complexity on SAT or CycSAT attack. The CycSAT, in order to generate the necessary cycle avoidance clauses, uses a pre-processing step. We show that this pre-processing step has to compose its cycle avoidance condition on all cycles in a netlist, otherwise, a missing cycle could trap the SAT solver in an…
▽ More
In this paper, we claim that cyclic obfuscation, when properly implemented, poses exponential complexity on SAT or CycSAT attack. The CycSAT, in order to generate the necessary cycle avoidance clauses, uses a pre-processing step. We show that this pre-processing step has to compose its cycle avoidance condition on all cycles in a netlist, otherwise, a missing cycle could trap the SAT solver in an infinite loop or force it to return an incorrect key. Then, we propose several techniques by which the number of cycles is exponentially increased with respect to the number of inserted feedbacks. We further illustrate that when the number of feedbacks is increased, the pre-processing step of CycSAT faces an exponential increase in complexity and runtime, preventing the correct composition of loop avoidance clauses in a reasonable time before invoking the SAT solver. On the other hand, if the pre-processing is not completed properly, the SAT solver will get stuck or return incorrect key. Hence, when the cyclic obfuscation in accordance to the conditions proposed in this paper is implemented, it would impose an exponential complexity with respect to the number of inserted feedback, even when the CycSAT solution is used.
△ Less
Submitted 24 April, 2018;
originally announced April 2018.