Creative Winners in Hardware Trojan Contest

[Eugen Leitl]

http://spectrum.ieee.org/semiconductors/design/creative-winners-in-hardware-trojan-contest/0

Creative Winners in Hardware Trojan Contest

Simple attacks and creative defenses

Photo: Polytechnic Institute of New York University

BY Mark Anderson // January 2010

5 January 2010bIn November, engineering students from five top universities
gathered at the Polytechnic Institute of NYU, in Brooklyn, N.Y., for the
Embedded Systems Challenge. The aim was to test new attacks and defenses
against an underappreciated breed of Trojan horsebembedded malware built into
integrated circuits.

The winning teambs results, set to appear in journals and at conference
proceedings in 2010, reveal how vulnerable many systems are to "chip attacks"
The contest also demonstrated the high degree of technical sophistication
required for these attacks, making it more likely that attackers will pursue
specialized applications, such as sensitive military equipment or
high-security financial computers. Attacking Dadbs new Windows 7 PC probably
isnbt worth the extreme investment of time and moneybespecially when cheaper
and quicker phishing and software-based malware attacks still work all too
well.

"Itbs something that people arenbt really much aware of," says contest judge
Jim Howard, director and chief engineer of information assurance at Camden,
N.J.bbased L-3 Communications, which designs application-specific integrated
circuits for high-security applications, such as military communications
systems. "The majority of application-specific integrated circuits are
manufactured outside the United States....People could be putting flaws in
these chips that they can activate.

Howard imagines that "people are probably trying to do this kind of stuff" in
chips destined for military systems. It seems militaries around the world are
also imagining the possibilities, including Pakistan, whose defense ministers
refused American efforts to help secure the countrybs nuclear arsenal out of
fear that U.S. contractors might insert a software or hardware Trojan horse
that could later disable the weapons.

The contest centered around blueprints for a simple cryptography chip built
on a field-programmable gate array (FPGA) that had just one input and one
output. "Secret" text went in, while encrypted text emerged from the chipbs
output terminal. First, teams had to harden their own chip design against
other teamsb anticipated Trojan horses. Then, when the teams received the
blueprints for their opponentsb hardened chips, they had to devise attacks on
their opponentsb chip designs that would output either the cipher key or the
unencrypted secret text. As a result, each face-off in the competition
consisted of an integrated circuit that contained both a defending teambs
add-on circuits as well as the corresponding opposing teambs Trojan horse
circuitry.

The first-place team in this yearbs Embedded Systems Challenge used one of
the most deceptively simple attacks imaginable, Howard says. Led by NYU-Poly
graduate student Jeyavijayan Rajendran, the team devised attacks that, when
activated, simply connected the input wire to the output wire and bypassed
the encryption circuitry altogether.

bItbs the most obvious approach," says Rajendranbs faculty advisor, Ramesh
Karri, associate professor of electrical and computer engineering at
NYU-Poly. But itbs not foolproof. Bypassing all the encryption logic means
that the output signal appears suspiciously soon after the input. So "if
somebodybs taking a fingerprint of the [chipbs] delay, then this may not even
work. It depends on the defense, too."

Karri, who organized this yearbs contest along with NYU-Poly computer science
graduate student Kurt Rosenfeld, says that they intentionally weighted the
competition to favor a strong defense.

Photo: Polytechnic Institute of New York University

bSince defending is much harder than attacking usually, we tilted the scoring
in favor of defenders," Rosenfeld says. Every successful defense of a chip
against an attack earned a team two points  while a failed defense didnbt
affect a teambs score at all. On the other hand, a successful attack on a
chip earned a team one point, while a thwarted attack took one point away
from the attacking team.

Such a playing field led to the surprise second-place finish of Vanderbilt
University. Electrical engineering graduate student Trey Reecebthe only
Vanderbilt team memberbmounted no attacks at all. But the fact that his chip
design caught four out of the five attacks against it still netted him the
silver medal.

Reece says his line of defense depended on an oscillator in the chipbs
circuitry that consisted of three NAND gates. "I also tossed in another 10
gates just to disguise what I was doing,b he says.

When activated during the competitionbs testing phase, Reecebs oscillator
coursed with a harmonically shifting current, giving off a distinct output
pattern. Any tampering with the internal logic in the cryptography engine
would result in a different output pattern and thus detection of the Trojan
horse. The only team that defeated Reecebs chip was NYU-Polybwhich used the
simple input-connected-to-output approach.

The third-place team, from Yale, avoided oscillators as its defense mechanism
because in any bulk-chip fabrication process, faculty advisor Yiorgos Makris
says, oscillators would yield a lot of false alarms due simply to the varying
material properties of different silicon wafers.

Instead, he says, his teambconsisting of grad students Yier Jin and Nathan
Kuppbopted for a sly scheme that hid its chip in plain sight. Rather than
giving their opponents high-level blueprints for their chip, the Yale team
buried their chip's details deep in the the design description, making it
much more difficult for an adversary to understand. Moreover, they embedded
additional registers in the design to give them a view to the inner workings
of the chip that might reveal an attack. (This strategy, Makris says, would
be equivalent in a software competition to handing over .exe files as opposed
to source code.)

Yalebs strategy was so successful, in fact, that no team attacked its chip.
Howard says that obfuscating onebs design and intent is certainly an
important strategy in real-world chip design techniques.

"I thought what they did was very creative," Howard says. But because the
competition awarded successful defenses against actual attacks and no one
attacked, "they also outsmarted themselves," he says.  About the Author

Mark Anderson writes about science and technology from Northampton, Mass. In
the January 2010 issue of IEEE Spectrum, he described Intrinsitybs
Hummingbird a hot-rodded smartphone chip with the power of a PC processor.