-
Privacy Leakages in Approximate Adders
Authors:
Shahrzad Keshavarz,
Daniel Holcomb
Abstract:
Approximate computing has recently emerged as a promising method to meet the low power requirements of digital designs. The erroneous outputs produced in approximate computing can be partially a function of each chip's process variation. We show that, in such schemes, the erroneous outputs produced on each chip instance can reveal the identity of the chip that performed the computation, possibly j…
▽ More
Approximate computing has recently emerged as a promising method to meet the low power requirements of digital designs. The erroneous outputs produced in approximate computing can be partially a function of each chip's process variation. We show that, in such schemes, the erroneous outputs produced on each chip instance can reveal the identity of the chip that performed the computation, possibly jeopardizing user privacy. In this work, we perform simulation experiments on 32-bit Ripple Carry Adders, Carry Lookahead Adders, and Han-Carlson Adders running at over-scaled operating points. Our results show that identification is possible, we contrast the identifiability of each type of adder, and we quantify how success of identification varies with the extent of over-scaling and noise. Our results are the first to show that approximate digital computations may compromise privacy. Designers of future approximate computing systems should be aware of the possible privacy leakages and decide whether mitigation is warranted in their application.
△ Less
Submitted 24 February, 2018;
originally announced February 2018.
-
SAT-based Reverse Engineering of Gate-Level Schematics using Fault Injection and Probing
Authors:
Shahrzad Keshavarz,
Falk Schellenberg,
Bastian Richter,
Christof Paar,
Daniel Holcomb
Abstract:
Gate camouflaging is a known security enhancement technique that tries to thwart reverse engineering by hiding the functions of gates or the connections between them. A number of works on SAT-based attacks have shown that it is often possible to reverse engineer a circuit function by combining a camouflaged circuit model and the ability to have oracle access to the obfuscated combinational circuit…
▽ More
Gate camouflaging is a known security enhancement technique that tries to thwart reverse engineering by hiding the functions of gates or the connections between them. A number of works on SAT-based attacks have shown that it is often possible to reverse engineer a circuit function by combining a camouflaged circuit model and the ability to have oracle access to the obfuscated combinational circuit. Especially in small circuits it is easy to reverse engineer the circuit function in this way, but SAT-based reverse engineering techniques provide no guarantees of recovering a circuit that is gate-by-gate equivalent to the original design. In this work we show that an attacker who does not know gate functions or connections of an aggressively camouflaged circuit cannot learn the correct gate-level schematic even if able to control inputs and probe all combinational nodes of the circuit. We then present a stronger attack that extends SAT-based reverse engineering with fault analysis to allow an attacker to recover the correct gate-level schematic. We analyze our reverse engineering approach on an S-Box circuit.
△ Less
Submitted 24 February, 2018;
originally announced February 2018.
-
Threshold-based Obfuscated Keys with Quantifiable Security against Invasive Readout
Authors:
Shahrzad Keshavarz,
Daniel Holcomb
Abstract:
Advances in reverse engineering make it challenging to deploy any on-chip information in a way that is hidden from a determined attacker. A variety of techniques have been proposed for design obfuscation including look-alike cells in which functionality is determined by hard to observe mechanisms including dummy vias or transistor threshold voltages. Threshold-based obfuscation is especially promi…
▽ More
Advances in reverse engineering make it challenging to deploy any on-chip information in a way that is hidden from a determined attacker. A variety of techniques have been proposed for design obfuscation including look-alike cells in which functionality is determined by hard to observe mechanisms including dummy vias or transistor threshold voltages. Threshold-based obfuscation is especially promising because threshold voltages cannot be observed optically and require more sophisticated measurements by the attacker. In this work, we demonstrate the effectiveness of a methodology that applies threshold-defined behavior to memory cells, in combination with error correcting codes to achieve a high degree of protection against invasive reverse engineering. The combination of error correction and small threshold manipulations is significant because it makes the attacker's job harder without compromising the reliability of the obfuscated key. We present analysis to quantify key reliability of our approach, and its resistance to reverse engineering attacks that seek to extract the key through imperfect measurement of transistor threshold voltages. The security analysis and cost metrics we provide allow designers to make a quantifiable tradeoff between cost and security. We find that the combination of small threshold offsets and stronger error correcting codes are advantageous when security is the primary objective.
△ Less
Submitted 25 October, 2017; v1 submitted 23 August, 2017;
originally announced August 2017.
-
Design Automation for Obfuscated Circuits with Multiple Viable Functions
Authors:
Shahrzad Keshavarz,
Christof Paar,
Daniel Holcomb
Abstract:
Gate camouflaging is a technique for obfuscating the function of a circuit against reverse engineering attacks. However, if an adversary has pre-existing knowledge about the set of functions that are viable for an application, random camouflaging of gates will not obfuscate the function well. In this case, the adversary can target their search, and only needs to decide whether each of the viable f…
▽ More
Gate camouflaging is a technique for obfuscating the function of a circuit against reverse engineering attacks. However, if an adversary has pre-existing knowledge about the set of functions that are viable for an application, random camouflaging of gates will not obfuscate the function well. In this case, the adversary can target their search, and only needs to decide whether each of the viable functions could be implemented by the circuit.
In this work, we propose a method for using camouflaged cells to obfuscate a design that has a known set of viable functions. The circuit produced by this method ensures that an adversary will not be able to rule out any viable functions unless she is able to uncover the gate functions of the camouflaged cells. Our method comprises iterated synthesis within an overall optimization loop to combine the viable functions, followed by technology map** to deploy camouflaged cells while maintaining the plausibility of all viable functions. We evaluate our technique on cryptographic S-box functions and show that, relative to a baseline approach, it achieves up to 38\% area reduction in PRESENT-style S-Boxes and 48\% in DES S-boxes.
△ Less
Submitted 1 March, 2017;
originally announced March 2017.