摘要
硬件木马是集成电路中隐含的恶意设计修改,被激活后可用于发起高效的底层攻击。由此,展示了一种新的利用可满足性无关项的轻量级高隐蔽性硬件木马安全威胁。该木马设计方法将轻量级木马设计隐藏于电路正常工作条件下无法覆盖到的可满足性无关项中,使插入木马后的电路设计与原始设计完全功能等价。攻击者只需利用简单的故障注入攻击手段即可激活木马。基于1024位RSA密码核的实验结果显示,所给出的木马设计能够逃避逻辑综合优化,通过故障注入攻击能够有效恢复RSA密码核的私钥。在此基础上,提出了一种能够有效检测该高隐蔽性木马设计的防御手段。
Hardware Trojans are intended malicious design modifications to integrated circuits,which can be used to launch powerful low-level attacks after being activated.A new security threat of lightweight stealthy hardware Trojans leveraging discrete satisfiability don't care signals was demonstrated.These don't care could not be satisfied under normal operation and thus the circuit design with Trojan is functionally equivalent to the Trojan-free baseline.The attacker could activate the Trojan through simple yet effective fault injection.Experimental results on a 1024-bit RSA cryptographic core show that the proposed hardware Trojan can escape from logic synthesis optimization,and that the RSA private key can be retrieved by simply over-clocking the design.A defense technique that can effectively detect such stealthy Trojan design was provided.
作者
武玲娟
朱嘉诚
唐时博
谭静
胡伟
WU Lingjuan;ZHU Jiacheng;TANG Shibo;TAN Jing;HU Wei(School of Cyber Security,Northwestern Polytechnical University,Xi’an 710072,China;College of Informatics,Huazhong Agricultural University,Wuhan 430070,China)
出处
《网络与信息安全学报》
2021年第2期35-42,共8页
Chinese Journal of Network and Information Security
基金
国家自然科学基金(62074131)
湖北省自然科学基金(2020CFB190)。
关键词
硬件安全
硬件木马
可满足性无关项
故障注入
木马检测
hardware security
hardware Trojan
satisfiability don't care
fault injection
Trojan detection