HARDWARE SECURITY THROUGH DESIGN OBFUSCATION by RAJAT SUBHRA CHAKRABORTY Submitted in partial fulfillment of the requirements For the degree of Doctor of Philosophy Thesis Adviser: Dr. Swarup Bhunia Department of Electrical Engineering and Computer Science CASE WESTERN RESERVE UNIVERSITY May, 2010 CASE WESTERN RESERVE UNIVERSITY SCHOOL OF GRADUATE STUDIES We hereby approve the thesis/dissertation of _____________________________________________________ candidate for the ______________________degree *. (signed)_______________________________________________ (chair of the committee) ________________________________________________ ________________________________________________ ________________________________________________ ________________________________________________ ________________________________________________ (date) _______________________ *We also certify that written approval has been obtained for any proprietary material contained therein. ii To my family and friends. iii TABLE OF CONTENTS Page LIST OF TABLES :::::::::::::::::::::::::::::::: viii LIST OF FIGURES ::::::::::::::::::::::::::::::: x 1 Introduction :::::::::::::::::::::::::::::::::: 1 1.1 Background ::::::::::::::::::::::::::::::: 1 1.2 Security Threats :::::::::::::::::::::::::::: 2 1.3 Outline of Proposed Research ::::::::::::::::::::: 4 1.4 Major Contribution of the Proposed Research :::::::::::: 6 1.5 Organization of the Thesis ::::::::::::::::::::::: 7 2 Obfuscation-Based Secure SoC Design ::::::::::::::::::: 8 2.1 Introduction ::::::::::::::::::::::::::::::: 8 2.2 Related Work :::::::::::::::::::::::::::::: 10 2.3 Analysis of Netlist Obfuscation :::::::::::::::::::: 12 2.3.1 Hardware IP Piracy: the Hacker's Perspective :::::::: 13 2.3.2 Obfuscation Metric ::::::::::::::::::::::: 15 2.4 System-level Obfuscation Methodology :::::::::::::::: 17 2.4.1 State Transition Function Modification :::::::::::: 18 2.4.2 Embedding Authentication Features ::::::::::::: 19 2.4.3 Choice of Optimal Set of Nodes for Modification ::::::: 21 2.4.4 The HARPOON Design Methodology ::::::::::: 22 2.5 Results :::::::::::::::::::::::::::::::::: 26 2.5.1 Simulation Setup :::::::::::::::::::::::: 26 2.5.2 Results for ISCAS-89 Benchmark Circuits :::::::::: 26 2.5.3 Results for the AES Encryption/Decryption Unit :::::: 32 2.5.4 Mode control through unreachable states ::::::::::: 33 iv Page 2.6 Summary :::::::::::::::::::::::::::::::: 36 3 RTL Hardware IP Protection through Obfuscation ::::::::::::: 37 3.1 Introduction ::::::::::::::::::::::::::::::: 37 3.2 Obfuscation Methodology ::::::::::::::::::::::: 38 3.2.1 STG Modification Approach :::::::::::::::::: 39 3.2.2 CDFG Modification Approach ::::::::::::::::: 42 3.2.3 Comparison between the Two Approaches :::::::::: 47 3.2.4 Obfuscation-based Secure SoC Design Flow ::::::::: 48 3.3 Measure of Obfuscation Level ::::::::::::::::::::: 48 3.3.1 Manual Attacks by Visual Inspection ::::::::::::: 48 3.3.2 Simulation-based Attacks ::::::::::::::::::: 49 3.3.3 Structural Analysis based Attack ::::::::::::::: 49 3.3.4 Quantitative Comparison of the Two Proposed Approaches : 54 3.4 Results :::::::::::::::::::::::::::::::::: 54 3.4.1 Design Flow Automation :::::::::::::::::::: 54 3.4.2 Simulation Verification ::::::::::::::::::::: 56 3.4.3 Effect of Key Length :::::::::::::::::::::: 59 3.5 Discussions ::::::::::::::::::::::::::::::: 61 3.5.1 Using Unreachable States during Initialization :::::::: 62 3.5.2 Application of Obfuscation to Memory :::::::::::: 63 3.6 Summary :::::::::::::::::::::::::::::::: 65 4 Obfuscation based Protection against Hardware Trojan :::::::::: 67 4.1 Introduction ::::::::::::::::::::::::::::::: 67 4.2 Background ::::::::::::::::::::::::::::::: 69 4.2.1 Hardware Trojan: Models and Examples ::::::::::: 69 4.2.2 Obfuscation for Hardware IP Protection ::::::::::: 72 4.3 Methodology :::::::::::::::::::::::::::::: 74 4.3.1 Effect of obfuscation on Trojan Insertion ::::::::::: 76 v Page 4.3.2 Effect of obfuscation on Trojan potency :::::::::::: 77 4.3.3 Effect of obfuscation on Trojan detectability ::::::::: 78 4.3.4 Effect of obfuscation on circuit structure ::::::::::: 81 4.3.5 Determination of unreachable states :::::::::::::: 82 4.3.6 Test generation for Trojan detection ::::::::::::: 82 4.3.7 Determination of effectiveness ::::::::::::::::: 83 4.4 Integrated Framework for Obfuscation :::::::::::::::: 84 4.5 Results :::::::::::::::::::::::::::::::::: 86 4.6 Discussions ::::::::::::::::::::::::::::::: 91 4.6.1 Protection against malicious CAD tools :::::::::::: 91 4.6.2 Improving protection and design overhead :::::::::: 93 4.6.3 Application to other Trojan models :::::::::::::: 94 4.7 Summary :::::::::::::::::::::::::::::::: 97 5 A Statistical Approach for Hardware Trojan Detection :::::::::: 98 5.1 Introduction ::::::::::::::::::::::::::::::: 98 5.2 Statistical Approach for Trojan Detection :::::::::::::: 99 5.2.1 Mathematical Analysis ::::::::::::::::::::: 100 5.2.2 Test Generation ::::::::::::::::::::::::: 103 5.2.3 Coverage Estimation :::::::::::::::::::::: 103 5.2.4 Choice of Trojan Sample Size ::::::::::::::::: 104 5.2.5 Choice of N::::::::::::::::::::::::::: 105 5.2.6 Improving Trojan Detection Coverage ::::::::::::: 105 5.3 Results :::::::::::::::::::::::::::::::::: 107 5.3.1 Simulation setup :::::::::::::::::::::::: 107 5.3.2 Comparison with Random and ATPG Patterns ::::::: 108 5.3.3 Effect of Number of Trigger Points (q) :::::::::::: 110 5.3.4 Effect of Trigger Threshold (θ) ::::::::::::::::: 111 5.3.5 Sequential Trojan Detection :::::::::::::::::: 111 vi Page 5.3.6 Application to Side-channel Analysis ::::::::::::: 113 5.4 Summary :::::::::::::::::::::::::::::::: 113 6 A Key-based Secure Scan Design Approach ::::::::::::::::: 115 6.1 Introduction ::::::::::::::::::::::::::::::: 115 6.2 Previous Work ::::::::::::::::::::::::::::: 117 6.3 Proposed Methodology ::::::::::::::::::::::::: 119 6.3.1 Probability of Breaking the Key :::::::::::::::: 121 6.3.2 Overhead Analysis ::::::::::::::::::::::: 122 6.3.3 Functionality :::::::::::::::::::::::::: 122 6.3.4 Testing the Proposed Scheme ::::::::::::::::: 123 6.4 Results :::::::::::::::::::::::::::::::::: 124 6.5 Improvement of Robustness against Attacks ::::::::::::: 127 6.6 Summary :::::::::::::::::::::::::::::::: 129 7 Embedded Software Security through Key-based Obfuscation ::::::: 131 7.1 Introduction ::::::::::::::::::::::::::::::: 131 7.2 Previous Work ::::::::::::::::::::::::::::: 133 7.3 Methodology :::::::::::::::::::::::::::::: 135 7.3.1 Obfuscation Technique ::::::::::::::::::::: 135 7.3.2 Obfuscation Example :::::::::::::::::::::: 141 7.3.3 Obfuscation Efficiency ::::::::::::::::::::: 144 7.3.4 Computational Overhead of the Obfuscation Technique ::: 147 7.3.5 Automation of the Obfuscation Technique :::::::::: 148 7.4 Results :::::::::::::::::::::::::::::::::: 151 7.4.1 Setup :::::::::::::::::::::::::::::: 151 7.4.2 Effect of Variation of the Modification Radius (rmod) :::: 151 7.4.3 Obfuscation Results :::::::::::::::::::::: 151 7.4.4 Overhead Results :::::::::::::::::::::::: 152 7.5 Discussions ::::::::::::::::::::::::::::::: 153 vii Page 7.5.1 Authentication Capabilities :::::::::::::::::: 153 7.5.2 Application to Obfuscation of Program Binaries ::::::: 154 7.5.3 Application of Software Protection in Protection against Mali- cious Modifications ::::::::::::::::::::::: 155 7.5.4 Intelligent Attack Scenarios :::::::::::::::::: 155 7.5.5 Automatic Generation of Modification Code ::::::::: 156 7.6 Summary :::::::::::::::::::::::::::::::: 156 8 Conclusion ::::::::::::::::::::::::::::::::::: 158 REFERENCES :::::::::::::::::::::::::::::::::: 160 viii LIST OF TABLES Table Page 2.1 Average Number of Failing Patterns for ISCAS-89 Benchmark Circuits for Different Modification Schemes :::::::::::::::::::::: 27 2.2 Number of Failing Patterns for ISCAS-89 Benchmark Circuits ::::: 28 2.3 Design Overheads (%) for Different Area Constraints :::::::::: 30 2.4 Obfuscation Efficiency and Design Overheads (%) for the AES modules (for 5% area constraint) :::::::::::::::::::::::::: 32 2.5 Overall Design Overheads (%) for the AES core ::::::::::::: 34 2.6 Design Overheads (%) at iso-delay for ISCAS-89 Circuits with an Embed- ded FSM Utilizing Unreachable States :::::::::::::::::: 35 3.1 Comparison of De-compilation based and CDFG based Approaches :: 47 3.2 Functional and Semantic Obfuscation Efficiency and Overheads for IP Cores for 10% area overhead target (CDFG Modification based Results at iso-delay) :::::::::::::::::::::::::::::::::: 57 3.3 Overall Design Overheads for Obfuscated IP Cores (STG modification based results at iso-delay) ::::::::::::::::::::::::: 58 3.4 Area Overhead for Multi-length Key Support :::::::::::::: 60 3.5 Comparison of Throughput Scalability with Increasing Key Length :: 61 3.6 Design Overhead for ISCAS-89 Benchmarks Utilizing Unused States :: 62 3.7 Design Overhead for IP Cores Utilizing Unused States ::::::::: 63 4.1 Effect of Obfuscation on Security Against Trojans (100,000 random pat- terns, 20,000 Trojan instances, q = 2, k = 4, θ = 0:2) :::::::::: 88 4.2 Effect of Obfuscation on Security Against Trojans (100,000 random pat- terns, 20,000 Trojan instances, q = 4. k = 4, θ = 0:2) :::::::::: 88 4.3 Design Overhead (at iso-delay) and Run-timey for the Proposed Algorithm 91 5.1 Comparison of Trigger and Trojan coverage among ATPG patterns [68], Random (100K, input weights: 0.5), and MERO patterns for q = 2 and q = 4, N = 1000, θ = 0:2 :::::::::::::::::::::::::: 108 ix Table Page 5.2 Reduction in test length with MERO approach compared to 100K random patterns along