1st Edition
Hardware Security Design, Threats, and Safeguards
Beginning with an introduction to cryptography, Hardware Security: Design, Threats, and Safeguards explains the underlying mathematical principles needed to design complex cryptographic algorithms. It then presents efficient cryptographic algorithm implementation methods, along with state-of-the-art research and strategies for the design of very large scale integrated (VLSI) circuits and symmetric cryptosystems, complete with examples of Advanced Encryption Standard (AES) ciphers, asymmetric ciphers, and elliptic curve cryptography (ECC).
Gain a Comprehensive Understanding of Hardware Security—from Fundamentals to Practical Applications
Since most implementations of standard cryptographic algorithms leak information that can be exploited by adversaries to gather knowledge about secret encryption keys, Hardware Security: Design, Threats, and Safeguards:
- Details algorithmic- and circuit-level countermeasures for attacks based on power, timing, fault, cache, and scan chain analysis
- Describes hardware intellectual property piracy and protection techniques at different levels of abstraction based on watermarking
- Discusses hardware obfuscation and physically unclonable functions (PUFs), as well as Trojan modeling, taxonomy, detection, and prevention
Design for Security and Meet Real-Time Requirements
If you consider security as critical a metric for integrated circuits (ICs) as power, area, and performance, you’ll embrace the design-for-security methodology of Hardware Security: Design, Threats, and Safeguards.
Part I
Mathematical Background
Introduction
Modular Arithmetic
Groups, Rings, and Fields
Greatest Common Divisors and Multiplicative Inverse
Subgroups, Subrings, and Extensions
Groups, Rings, and Field Isomorphisms
Polynomials and Fields
Construction of Galois Field
Extensions of Fields
Cyclic Groups of Group Elements
Efficient Galois Fields
Mapping between Binary and Composite Fields
Conclusions
Overview of Modern Cryptography
Introduction
Cryptography: Some Technical Details
Block Ciphers
Rijndael in Composite Field
Elliptic Curves
Scalar Multiplications: LSB First and MSB First Approaches
Montgomery’s Algorithm for Scalar Multiplication Inversions
Conclusions
Modern Hardware Design Practices
Introduction
Components of a Hardware Architecture: Mapping an Algorithm to Hardware
Case Study: Binary gcd Processor
Enhancing the Performance of a Hardware Design
Modelling of the Computational Elements of the gcd Processor
Experimental Results
Conclusions
Hardware Design of the Advanced Encryption Standard (AES)
Introduction
Algorithmic and Architectural Optimizations for AES Design
Circuit for the AES S-Box
Implementation of the Mix Column Transformation
An Example Reconfigurable Design for the Rijndael Cryptosystem
Experimental Results
Single Chip Encryptor/Decryptor
Conclusions
Efficient Design of Finite Field Arithmetic on FPGAs
Introduction
Finite Field Multiplier
Finite Field Multipliers for High Performance Applications
Karatsuba Multiplication
Karatsuba Multipliers for Elliptic Curves
Designing for the FPGA Architecture
Analyzing Karatsuba Multipliers on FPGA Platforms
Performance Evaluation
High Performance Finite Field Inversion Architecture for FPGAs
Itoh-Tsujii Inversion Algorithm
The Quad ITA Algorithm
Experimental Results
Generalization of the ITA for 2n Circuit
Hardware Architecture for 2n Circuit-Based ITA
Area and Delay Estimations for the 2n ITA
Obtaining the Optimal Performing ITA Architecture
Validation of Theoretical Estimations
Conclusions
High Speed Implementation of Elliptic Curve Scalar Multiplication on FPGAs
Introduction
The Elliptic Curve Cryptoprocessor
Point Arithmetic on the ECCP
The Finite State Machine (FSM)
Performance Evaluation
Further Acceleration Techniques of the ECC Processor
Pipelining Strategies for the Scalar Multiplier
Scheduling of the Montgomery Algorithm
Finding the Right Pipeline
Detailed Architecture of the ECM
Implementation Results
Conclusion
Introduction to Side Channel Analysis
Introduction
What Are Side Channels?
Types of Side Channel Attacks
Kocher’s Seminal Works
Power Attacks
Fault Attacks
Cache Attacks
Scan Chain-Based Attacks
Conclusions
Differential Fault Analysis of Ciphers
Introduction to Differential Fault Analysis
DFA and Associated Fault Models
Differential Fault Attacks on AES: Early Efforts
State of the Art DFAs on AES
Multiple Byte DFA of AES-128
Extension of the DFA to Other Variants of AES
DFA of AES Targeting the Key-Schedule
CED for AES
Conclusions
Cache Attacks on Ciphers
Memory Hierarchy and Cache Memory
Timing Attacks due to CPU Architecture
Trace-Driven Cache Attacks
Access-Driven Cache Attacks
Time-Driven Cache Attacks
Countermeasures for Timing Attacks
Conclusion
Power Analysis of Cipher Implementations
Power Attack Set up and Power Traces
Power Models
Differential Power Analysis using Difference of Mean
PKDPA: An Improvement of the DoM Technique
Correlation Power Attack
Metrics to Evaluate a Side Channel Analysis
CPA on Real Power Traces of AES-128
Popular Countermeasures against Power Analysis: Masking
Conclusions
Testability of Cryptographic Hardware
Introduction
Scan Chain-Based Attacks on Cryptographic Implementations
Scan Attack on Trivium
Testability of Cryptographic Designs
Conclusion
Bibliography
Part II
Hardware Intellectual Property Protection through Obfuscation
Introduction
Related Work
Functional Obfuscation through State Transition Graph Modification
Extension of STG Modification for RTL Designs
Obfuscation through Control and Data Flow Graph (CDFG) Modification
Measure of Obfuscation Level
Results
Discussions
Conclusions
Overview of Hardware Trojans
Introduction
Trojan Taxonomy and Examples
Multi-Level Attack
Effect of Hardware Trojan on Circuit Reliability
Hardware Trojan Insertion by Direct Modification of FPGA Configuration Bitstream
Conclusion
Logic Testing-Based Hardware Trojan Detection
Introduction
Statistical Approach for Trojan Detection
Results
Summary
Side-Channel Analysis Techniques for Hardware Trojans Detection
Introduction
Motivation for the Proposed Approaches
Multiple-Parameter Analysis-Based Trojan Detection
Results
Integration with Logic-Testing Approach
Design Techniques for Hardware Trojan Threat Mitigation
Introduction
Obfuscation-Based Trojan Detection/Protection
Integrated Framework for Obfuscation
Results
A FPGA-Based Design Technique for Trojan Isolation
A Design Infrastructure Approach to Prevent Circuit Malfunction
Physically Unclonable Functions: A Root-of-Trust for Hardware Security
Introduction
Physically Unclonable Function (PUF)
Classification of PUFs
Realization of Silicon PUFs
PUF Performance Metrics for Quality Evaluation
Secure PUF: What Makes a PUF Secure?
Applications of PUF as a Root-of-Trust
Attacks Model: How PUF Security Could Be Compromised
Looking Forward: What Lies Ahead for PUFs?
Genetic Programming-Based Model Building Attack on PUFs
Introduction
Background: Genetic Programming and RO-PUFs
Methodology
Results
Bibliography
Biography
Dr. Debdeep Mukhopadhyay is an associate professor at the Indian Institute of Technology (IIT) Kharagpur, West Bengal, where he has been instrumental in setting up a side channel analysis laboratory. Previously, he worked as an assistant professor at the IIT Kharagpur and Madras. His research interests include VLSI of cryptographic algorithms and side channel analysis. A popular invited speaker, he has authored around 100 international conference and journal papers, co-authored a textbook on cryptography and network security, reviewed and served on program committees for several international conferences, and collaborated with several organizations including ISRO, DIT, ITI, DRDO, and NTT-Labs Japan. He has been the recipient of the prestigious INSA Young Scientist Award and the INAE Young Engineer Award.
Dr. Rajat Subhra Chakraborty is an assistant professor at the Indian Institute of Technology Kharagpur, West Bengal. Previously, he worked as a CAD software engineer at National Semiconductor, Bangalore, Karnataka, India and a co-op at Advanced Micro Devices, Sunnyvale, California, USA. His research interests include design methodology for hardware IPIIC protection, hardware Trojan detection/prevention through design and testing, attacks on hardware implementation of cryptographic algorithms, and reversible watermarking for digital content protection. He has authored over 25 conference and journal publications and presented at numerous events including the 2011 IEEE VLSI Design Conference, where he delivered a tutorial on hardware security.
"… an excellent job introducing the field of hardware security. It is a good source for upper undergraduates, postgraduates, and practitioners. The book does not need to be read cover to cover, and a select subset of chapters can form an undergraduate or graduate course in hardware security. … an excellent reference and can help graduate students move quickly to the frontiers of research. With its 432 references, the book helps direct readers who want to explore a specific topic in more detail."
—Computing Reviews, April 2015