Academia.eduAcademia.edu

Outline

Title
Abstract
Introduction
Low Power Design
Design Partitioning
Secure Jtag Communication Protocol
Test Access Port (Tap) Design
Challenge/Response Protocols
Discussion
Conclusion
References
All Topics
Computer Science

Hardware Attack Mitigation Techniques Analysis

Profile image of Samer MoeinSamer Moein

2017, International Journal on Cryptography and Information Security

https://doi.org/10.5121/IJCIS.2017.7102
visibility

description

20 pages

link

1 file

Abstract

The goal of a hardware attack is to physically access a digital system to obtain secret information or modify the system behavior. These attacks can be classified as covert or overt based on the awareness of the attack. Each hardware attack has capabilities as well as objectives. Some employ hardware trojans, which are inserted during, manufacture, while others monitor system emissions. Once a hardware attack has been identified, mitigation techniques should be employed to protect the system. There are now a wide variety of techniques, which can be used against hardware attacks. In this paper, a comprehensive survey of hardware attack mitigation techniques is presented. These techniques are matched to the hardware attacks and attack criteria they can counter, which helps security personnel choose appropriate mitigation techniques to protect their systems against hardware attacks. An example is presented to illustrate the choice of appropriate countermeasures.

Related papers

Physical Security Devices for Computer Subsystems: A Survey of Attacks and Defenses 2008 (Updated from the CHES 2000 version
Steve Weingart

2008

As the value of data on computing systems increases and operating systems become more secure, physical attacks on computing systems to steal or modify assets become more likely. This technology requires constant review and improvement, just as other competitive technologies need review to stay at the leading edge. This paper describes known physical attacks, ranging from simple attacks that require little skill or resource, to complex attacks that require trained, technical people and considerable resources. Physical security methods to deter or prevent these attacks are presented. The intent is to match protection methods with the attack methods in terms of complexity and cost. In this way cost effective protection can be produced across a wide range of systems and needs. Specific technical mechanisms now in use are shown, as well as mechanisms proposed for future use. Common design problems and solutions are discussed with consideration for manufacturing.

View PDFchevron_right
Hardware Security, Vulnerabilities, and Attacks: A Comprehensive Taxonomy
Paolo Prinetto

2020

Information Systems, increasingly present in a world that goes towards complete digitalisation, can be seen as complex systems at the base of which is the hardware. When dealing with the security of these systems to stop possible intrusions and malicious uses, the analysis must necessarily include the possible vulnerabilities that can be found at the hardware level, since their exploitation can make all defences implemented at web or software level ineffective. In this paper, we propose a meaningful and comprehensive taxonomy for the vulnerabilities affecting the hardware and the attacks that exploit them to compromise the system, also giving a definition of Hardware Security, in order to clarify a concept often confused with other domains, even in the literature.

View PDFchevron_right
Improving Hardware Security by Using Hidden Information of Computer System 1
Ilya Levin

An important direction of improving security of computer systems is detection of Trojan horse hardware. A Trojan horse is a malicious altering of hardware specification or implementation in such a way that its functionality is altered under a set of conditions defined by the attacker. The paper presents a technique for designing secure systems that can detect an active Trojan that distorts or manipulates their proper operation. The technique is based on utilizing specific information about the system's behavior, which is known to the designer of the system and/or is hidden in the functional specification of the system. A case study of the proposed technique conducted on an arithmetic unit of a microprocessor is provided. The study indicated a high level of Trojan detection with a small hardware overhead.

View PDFchevron_right
Hardware Trojan Model For Attack And Detection Techniques
Ahmed Aliyu

Today's integrated circuits (ICs) are vulnerable to hardware Trojans, which are malicious alterations to the circuit, either during design or fabrication. The interventions of human in production of Hardware resources have given room for possible modification of hardware components, so as to achieve some malicious aims. This modification help with possible loop holes in the hardware component for later attack. Due to the increase in popularity aim of attacks using embedded Trojan horse programs into chips, attacker are more likely to suppress them with malicious program, also notwithstanding the increase in disintegration of the design and manufacturing process of our microelectronic products (ICs), we should not only concern about inclusion of unplanned, undesirable hardware features (" bugs "), rather about inclusion of planned malicious hardware features: " Trojan Horses, " which act as spies or guerrillas. This paper presents a Model of the fundamental attacks and possible detection techniques of Hardware Trojan. The result of the research has shown a great significance in education and for further researches.

View PDFchevron_right
A study of hardware architecture based attacks to bypass operating system security
Vaibhav Lokhande

Security and Privacy, 2019

Malware target a vulnerability, bug or loophole in software to exploit the system, escalate privileges, extract inaccessible data, or execute code for malicious purpose. We can assert that over the period of time, both hardware and software have evolved and so are their vulnerabilities. But most of the vulnerabilities identified or researched are software oriented. On similar lines, there can be vulnerabilities in the hardware architecture that can be exploited, hidden from upper layer securities like operating system (OS) reference monitor, antivirus, etc. It is difficult to trace the vulnerabilities in the hardware primarily due to complex architecture and difficulties to observe the effects of operations performed across the system. Just like the software, the hardware architecture can also be exploited to develop malware and to gain access to sensitive data. This paper discusses the attacks that exploit the operations performed at the hardware level. We have discussed the different exploits that use the hardware architecture to extract data, their limitations and the future of hardware architecture based exploits. At the end, the data extraction process is validated through our implementation of one of the hardware architecture based exploits. We question about the impact on system security if the hardware architecture is exploited. K E Y W O R D S architectural vulnerability, hardware attacks, micro-architectural attacks, side channel 1 INTRODUCTION All the operations on a computer, at the lowest level, are hardware dependent. Over the course of time computers have evolved from simple computing machines to very complex machines, thanks to the evolution of software and the hardware that drives it. As the hardware and software have evolved, so are the vulnerabilities associated with them. It is commonly observed that software vulnerabilities are detected frequently and patched, but same is not the case with hardware vulnerabilities. Vulnerabilities in hardware architecture are not much researched as extensively as software, apart from its developers, in the cyber security domain. This leads to many hardware-based attacks such as • Rowhammer, 1,2 an attack that exploits bit flipping in DRAM due to continuous access, which bypasses the memory isolation and breaks security boundaries. • Exploitation of the instruction cache. 3 • Side channel attacks that can extract data using a nontraditional way of communication. 4-6

View PDFchevron_right
Hardware Security in Case of Scan Based Attack on Crypto Hardware
Prof Usha Mehta

International Journal of VLSI Design & Communication Systems, 2018

The latest innovation technology in computing devices has given a rise of compact, speedy and economical products which also embeds cryptography hardware on-chip. This device generally holds secret key and confidential information, more attention has been given to attacks on hardware which guards such secure information. The attacker may leak secret information from symmetric crypto-hardware (AES, DES etc.) using side-channel analysis, fault injection or exploiting existing test infrastructure. This paper examines various DFT based attack implementation method applied to cryptographic hardware. The paper contains an extensive analysis of attacks based on various parameters. The countermeasures are classified and analyzed in details.

View PDFchevron_right
Exploiting Hardware Vulnerabilities to Attack Embedded System Devices: a Survey of Potent Microarchitectural Attacks
Apostolos Fournaris

Electronics

Cyber-Physical system devices nowadays constitute a mixture of Information Technology (IT) and Operational Technology (OT) systems that are meant to operate harmonically under a security critical framework. As security IT countermeasures are gradually been installed in many embedded system nodes, thus securing them from many well-know cyber attacks there is a lurking danger that is still overlooked. Apart from the software vulnerabilities that typical malicious programs use, there are some very interesting hardware vulnerabilities that can be exploited in order to mount devastating software or hardware attacks (typically undetected by software countermeasures) capable of fully compromising any embedded system device. Real-time microarchitecture attacks such as the cache side-channel attacks are such case but also the newly discovered Rowhammer fault injection attack that can be mounted even remotely to gain full access to a device DRAM (Dynamic Random Access Memory). Under the light of the above dangers that are focused on the device hardware structure, in this paper, an overview of this attack field is provided including attacks, threat directives and countermeasures. The goal of this paper is not to exhaustively overview attacks and countermeasures but rather to survey the various, possible, existing attack directions and highlight the security risks that they can pose to security critical embedded systems as well as indicate their strength on compromising the Quality of Service (QoS) such systems are designed to provide.

View PDFchevron_right
Counter Attacking Electromagnetic attacks for securing Embedded Systems.pdf
Sastry Kodanda Rama Jammalamadaka
View PDFchevron_right
Hardware security threats and countermeasures: a study of obfuscation, camouflaging and PUFs
Mohammad Alhawari

International Journal of Multimedia Intelligence and Security, 2019

Hardware security threats have gained a tremendous attention where extensive research efforts have been expended toward developing effective countermeasures. These threats can be categorised into five main attacks which are: reverse engineering, side-channel analysis, intellectual property (IP) cores piracy/IC overbuilding, counterfeiting, and hardware Trojans. This paper investigates the most efficient state-of-the-art techniques that are used to thwart main hardware attacks. Reported work in the literature proposed various countermeasures, where obfuscation, camouflaging, and physically unclonable functions (PUFs) are considered the most powerful and effective methods. In obfuscation technique, the chip will be locked and it will not function properly unless the correct secret key is supplied. This paper addresses also camouflaging countermeasure which is a layout-based technique that is used to protect IP cores. Additionally, this paper provides a detailed study on silicon PUFs, where they can be classified into weak and strong PUFs. In this paper, various PUF architectures will be discussed along with the design constraints.

View PDFchevron_right
A hardware security solution against scan-based attacks
Rashid Rashidzadeh

2016 IEEE International Symposium on Circuits and Systems (ISCAS), 2016

to the best of my knowledge, my thesis does not infringe upon anyone's copyright, nor violate any proprietary rights. Any ideas, techniques, quotations, and material appertaining to other people included in my thesis, published or otherwise, are fully acknowledged in accordance with standard referencing practices. Furthermore, to the extent that I have included copyrighted material that surpasses the bounds of fair dealing within the meaning of the Canada Copyright Act, I certify that I have obtained a written permission from the copyright owner(s) to include such material(s) in my thesis and have included copies of such copyright clearances in my appendix. I certify that I have obtained written permission from the copyright owner(s) to include the above published materials in my thesis. I certify that the above material describes work completed during my registration as graduate student at the University of Windsor. I declare that this is a true copy of my thesis, including any final revisions, as approved by my thesis committee and the Graduate Studies office, and that this thesis has not been submitted for a higher degree to any other University or Institution. v ABSTRACT Scan based Design for Test (DfT) schemes have been widely used to achieve high fault coverage for integrated circuits. The scan technique provides full access to the internal nodes of the deviceunder-test to control them or observe their response to input test vectors. While such comprehensive access is highly desirable for testing, it is not acceptable for secure chips as it is subject to exploitation by various attacks. In this work, new methods are presented to protect the security of critical information against scan-based attacks. In the proposed methods, access to the circuit containing secret information via the scan chain has been severely limited in order to reduce the risk of a security breach. To ensure the testability of the circuit, a built-in self-test which utilizes an LFSR as the test pattern generator (TPG) is proposed. The proposed schemes can be used as a countermeasure against side channel attacks with a low area overhead as compared to the existing solutions in literature. vi DEDICATION I would like to dedicate this thesis to my family my late grandfather Ainshi Lal Mehta and late grandmother Lajwanti Mehta. Your blessings and the values you taught me made this possible. I miss you a lot and still remember the good old days. In addition to this, I would like to dedicate my work to my parents and my cousin brother. Special thanks to my parents, Mr. Sanjay Mehta and Mrs. Sonia Mehta, for always supporting me to pursue my master's degree and my loving, sweet younger sister, Manya Mehta, who is very good and her constant motivation helped me to achieve my master's degree. No matter how far I go in my life, this would not have been possible without all of you. I would also like to thank my cousin brother, Dr. Bhuvanender Vashist (Sonu Bhaiya), for always motivating me to continue my studies and making me realize the importance of a degree from abroad. This would never have been possible had you not given me your emotional support. You have always stood as my shield against all problems I have faced and provided the best and the right guidance. I thank God for having you in my life and will love you forever. Last but not the least, I would like to thank God for the person that I am today and making this master's degree possible. vii ACKNOWLEDGEMENTS I would like to thank my supervisor, Dr. Rashid Rashidzadeh, and advisor, Dr. Majid Ahmadi, their unbounded support, motivation, constructive comments, and motivation throughout my master's degree helped address even the most basic of questions. Without their support, I could not have completed this degree. The constructive feedback which they provided helped polish my work. I would also like to thank my other committee members, Dr.

View PDFchevron_right

References (73)

  1. S. Moein and F. Gebali. Quantifying overt hardware attacks: Using ART schema. In Computer Science and its Application, Lecture Notes in Electrical Engineering, vol. 330, Springer, pp. 511-516, 2015.
  2. S. Moein, F. Gebali, and I. Traore. Analysis of covert hardware attacks. In J. Convergence, vol. 5, no. 3, pp. 26-30, 2014.
  3. M. Banga and M. Hsiao. A region based approach for the identification of hardware trojans. In Proc. IEEE Int. Workshop on Hardware-Oriented Security and Trust, pp. 40-47, 2008.
  4. M. Tehranipoor and F. Koushanfar. A survey of hardware trojan taxonomy and detection. In IEEE Design and Test of Computers, vol. 27, no. 1, pp. 10-25, 2010.
  5. M. Rostami, F. Koushanfar, and R. Karri. A primer on hardware security: models, methods, and metrics. In Proceedings of the IEEE, Vol. 102, Issue. 8, pp. 1283-1295, 2014.
  6. S. Moein, S. Khan, T. A. Gulliver, F. Gebali, and M. W. El-Kharashi. An attribute based classification of hardware trojans. in Proc. Int. Conf. on Computer Eng. and Sys., pp. 351-356, 2015.
  7. R. S. Chakraborty, F. Wolff, S. Paul, C. Papachristou, and S. Bhunia. MERO: A statistical approach for hardware trojan detection. In Cryptographic Hardware and Embedded Systems, Lecture Notes in Computer Science, vol. 5747, Springer-Verlag, pp. 396-410, 2009.
  8. S. Saha, R. S. Chakraborty, S. S. Nuthakki, Anshul, and D. Mukhopadhyay. Improved test pattern generation for hardware trojan detection using genetic algorithm and boolean satisfiability. In Cryptographic Hardware and Embedded Systems, Lecture Notes in Computer Science, vol. 9293, Springer, pp. 577-596, 2015.
  9. S. Moein, J. Subramnian, T. A. Gulliver, and F. Gebali, and M. W. El-Kharashi, Classification of hardware trojan detection techniques. In Proc. Int. Conf. on Computer Engineering and Sys., pp. 357- 362, 2015.
  10. S. Adee. The hunt for the kill switch. In IEEE Spectrum, vol. 45, no. 5, pp. 34-39, 2008.
  11. K. M. Goertzel and B. A. Hamilton. Integrated circuit security threats and hardware assurance countermeasures. In Crosstalk -Real Time Inform. Assurance, pp. 33-38. 2013.
  12. S. Moein and F. Gebali. Quantifying covert hardware attacks: Using ART schema. In Proc. Adv. in Inform. Science and Computer Eng., pp. 85-90, 2015.
  13. S. Moein and F. Gebali. A formal methodology for quantifying overt hardware attacks. In Proc. Adv. in Inform. Science and Computer Eng., pp. 63-69, 2015.
  14. J. Loughry and D. Umphress. Information Leakage from Optical Emanations. In ACM Trans. Inform. and Sys. Security, vol. 5, no. 3, pp. 262-289, 2002.
  15. D. Genkin, A. Shamir, and E. Tromer. RSA key extraction via low-bandwidth acoustic cryptanal-ysis. In Advances in Cryptology, Lecture Notes in Computer Science, vol. 8616, Springer, pp. 444-461, 2014.
  16. S. Chari, C. S. Jutla, J. R. Rao and P. Rohatgi. Towards sound approaches to counteract power- analysis attacks. In Advances in Cryptology, Lecture Notes in Computer Science, vol. 1666, Springer- Verlag, pp. 398-412, 1999.
  17. L. Goubin and J. Patarin. DES and differential power analysis the "duplication" method. In Cryptographic Hardware and Embedded Systems, Lecture Notes in Computer Science, vol. 1717, Springer-Verlag, pp. 158-172, 1999.
  18. M.-L. Akkar and C. Giraud. An implementation of DES and AES, secure against some attacks. In Cryptographic Hardware and Embedded Systems, Lecture Notes in Computer Science, vol. 2162, Springer-Verlag, pp. 309-318, 2001.
  19. J. D. Golic´ and C. Tymen. Multiplicative masking and power analysis of AES. In Cryptographic Hardware and Embedded Systems, Lecture Notes in Computer Science, vol. 2523, Springer-Verlag, pp. 198-212, 2003.
  20. J. Friedman. Tempest: A signal problem. In NSA Cryptologic Spectrum. [Online]. Available: https://www.nsa.gov/public_info/_files/cryptologic_spectrum/tempest.pdf
  21. J.-J. Quisquater and D. Samyde. Electromagnetic analysis (EMA): Measures and counter-measures for smart cards. In Smart Card Programming and Security, Lecture Notes in Computer Science, vol. 2140, Springer-Verlag, pp. 200-210, 2001.
  22. R. Anderson and M. Kuhn. Tamper resistance -a cautionary note. In Proc. USENIX workshop on Elec. Commerce, pp. 1-11, 1996.
  23. M. Tehranipoor and C. Wang. Introduction to Hardware Security and Trust (Eds.). Springer, 2012.
  24. W. Cilio, M. Linder, C. Porter, J. Di, S. Smith, and D. Thompson. Side-channel attack mitigation using dual-spacer dual-rail delay-insensitive logic (D3L). In Proc. IEEE SoutheastCon, pp. 471-474, 2010.
  25. S. Skorobogatov. Data remanence in flash memory devices. In Cryptographic Hardware and Embedded Systems, Lecture Notes in Computer Science, vol. 3659, Springer-Verlag, pp. 339-353. 2005.
  26. H. Bar-El. Introduction to side channel attacks. White Paper, Discretix Tech. Ltd. [online]. Avail- able: http://gauss.ececs.uc.edu/Courses/c653/lectures/SideC/intro.pdf
  27. Y. Zhou and D. Feng. Side-channel attacks: Ten years after its publication and the impacts on cryptographic module security testing. IACR Cryptology ePrint Archive, 2005.
  28. G. E. Suh and S. Devadas. Physical unclonable functions for device authentication and secret key generation. In Proc. of ACM Design Automation Conf., pp. 9-14, 2007.
  29. C. J. Clark. Anti-tamper JTAG TAP design enables DRM to JTAG registers and P1687 on-chip instruments. In Proc. Int. Workshop on Hardware-Oriented Security and Trust, pp. 19-24, 2010.
  30. K. Rosenfeld and R. Karri. Attacks and defenses for JTAG. In IEEE Des. Test, vol. PP, no. 99, pp. 1- 18, 2013.
  31. IBM. (2008) CCA basic services reference and guide for the IBM 4758 PCI and IBM 4764 PCI-X cryptographic coprocessors. [Online]. Available: http://www-03.ibm.com/security/ cryptocards/pdfs/bs330.pdf
  32. E. Biham and A. Shamir. Differential fault analysis of secret key cryptosystems. In Advances in Cryptology, Lecture Notes in Computer Science, vol. 1294, Springer-Verlag, pp. 513-525, 1997.
  33. A. Barenghi, L. Breveglieri, I. Koren, and D. Naccache. Fault injection attacks on cryptographic devices: Theory, practice, and countermeasures. Proc. IEEE, vol. 100, no. 11, pp. 3056-3076, 2012.
  34. S.W. Moore. Multithreaded Processor Design. Kluwer, 1996.
  35. O. Kommerling and M. G. Kuhn. Design principles for tamper-resistant smartcard processors. In Proc. of the USENIX Workshop on Smartcard Tech., pp. 9-20, 1999.
  36. L. Changlong, Z. Yiqiang, S. Yafeng, and G. Xingbo. A system-on-chip bus architecture for hardware trojan protection in security chips. In Int. Conf. of Electron Devices and Solid-State Circuits, pp. 1-2, 2011.
  37. E. Castillo, U. Meyer-Baese, A. Garcia, L. Parilla, and A. Lloris. IPP@HDL: Efficient intellectual property protection scheme for IP cores. IEEE Trans. VLSI Systems, vol. 16, no. 5, pp. 578-591, 2007.
  38. R. S. Chakraborty and S. Bhunia. Security against hardware trojan through a novel application of design obfuscation. In Proc. ACM Int. Conf. on Computer-Aided Design, pp. 113-116, 2009.
  39. R. S. Chakraborty and S. Bhunia. Hardware protection and authentication through netlist level obfuscation. In Proc. IEEE/ACM Int. Conf. on Computer-Aided Design, pp. 674-677, 2008.
  40. J. B. Wendt and M. Potkonjak. Hardware obfuscation using PUF-based logic. In Proc. IEEE/ACM Int. Conf. on Computer-Aided Design, pp. 270-277, 2014.
  41. M. Ni and Z. Gao. Watermarking system for IC design IP protection. In Proc. Int. Conf. on Commun., Circuits and Systems, pp. 1186-1190, 2004.
  42. D. A. Osvik, A. Shamir, and E. Tromer. Cache attacks and countermeasures: The case of AES. In Topics in Cryptology, Lecture Notes in Computer Science, vol. 3860, Springer-Verlag, pp. 1-20, 2006.
  43. E. Brickell, G. Graunke, M. Neve, and J.-P. Seifert. Software mitigations to hedge AES against cache- based software side channel vulnerabilities. In IACR Cryptology ePrint Archive, 2006.
  44. D. Page. Partitioned cache architecture as a side-channel defense mechanism. In IACR Cryptology ePrint Archive, 2005.
  45. Z. Wang and R. B. Lee. New cache designs for thwarting software cache-based side channel attacks. In Proc. Int. ACM Symp. on Computer Architecture, pp. 494-505, 2007.
  46. Z. Wang and R. B. Lee. A novel cache architecture with enhanced performance and security. In Proc. Int. IEEE/ACM Symp. on Microarchitecture, pp. 83-93, 2008.
  47. D. Page. Defending against cache-based side-channel attacks. In Information Security Technical Report, vol. 8, no. 1, pp. 30-44, 2003.
  48. A. E. Caldwell, H.-J. Choi, A. B. Kahng, S. Mantik, M. Potkonjak, G. Qu, and J. L. Wong. Effective iterative techniques for fingerprinting design IP. In IEEE Trans. on Computer-Aided Design of Integrated Circuits and Systems, vol. 23, no. 2, pp. 208-215, 2004.
  49. Y. Alkabani and F. Koushanfar. Active hardware metering for intellectual property protection and security. In Proc. USENIX Security Symp., pp. 291-306, 2007.
  50. S. Moein, F. Gebali, T. A. Gulliver, and M. W. El-Kharashi. Hardware attack risk assessment. In Proc. Int. Conf. on Computer Engineering and Sys., pp. 346-350, 2015.
  51. P. C. Kocher. Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In Advances in Cryptology, Lecture Notes in Computer Science, vol. 1109, Springer-Verlag, pp. 104- 113, 1996.
  52. P. C. Kocher, J. M. Jaffe, and B. C. Jun. Differential power analysis. In Advances in Cryptology, Lecture Notes in Computer Science, vol. 1666, Springer-Verlag, pp. 388-397, 1999.
  53. P. C. Kocher, J. M. Jaffe, B. C. Jun, and P. Rohatgi. Introduction to differential power analysis. J. Cryptographic Eng., vol. 1, no. 1, pp. 5-27, 2011.
  54. P. C. Kocher, J. M. Jaffe, and B. C. Jun. Using unpredictable information to minimize leakage from smartcards and other cryptosystems. US Patent No. 6,327,661, 2001.
  55. J. M. Jaffe, P. C. Kocher, and B. C. Jun. Balanced cryptographic computational method and apparatus for leak minimizational in smartcards and other cryptosystems. U.S. Patent No. 6,510,518, 2003.
  56. G. Taylor, S. Moore, R. Anderson, R. Mullins, and P. Cunningham Improving smart card security using self-timed circuits. In Proc. IEEE Symp. on Asynchronous Circuits and Systems, pp. 211-218, 2002.
  57. Z. C. Yu, S. B. Furber, and L. A. Plana. An investigation into the security of self-timed circuits. In Proc. IEEE Symp. on Asynchronous Circuits and Systems, pp. 206-215, 2003.
  58. F. E. McFadden and R. D. Arnold. Supply chain risk mitigation for IT electronics. In Proc. IEEE Int. Conf. on Tech. for Homeland Security, pp. 49-55, 2010.
  59. R. Maes, D. Schellekens, P. Tuyls, and I. Verbauwhede. Analysis and design of active IC metering schemes. In Proc. Int. Workshop on Hardware-Oriented Security and Trust, pp. 74-81, 2009.
  60. S. Skorobogatov. Low temperature data remanence in static RAM. University of Cambridge Computer Laboratory Technical Report 536, 2002.
  61. S. Skorobogatov. Optically enhanced position-locked power analysis. In Cryptographic Hardware and Embedded Systems, Lecture Notes in Computer Science, vol. 4249, Springer-Verlag, pp. 61-75, 2006.
  62. A. Shamir and E. Tromer.(2004) Acoustic cryptanalysis on nosy people and noisy machines. [online]. Available: http://www.tau.ac.il/~tromer/acoustic/ec04rump/
  63. J. Zhang, D. Gu, Z. Guo and L. Zhang. Differential power cryptanalysis attacks against PRESENT implementation. In Proc. Int. Conf. on Advanced Computer Theory and Engineering, pp. V6-61-V6- 65, 2010.
  64. C. C. Tiu. A new frequency-based side channel attack for embedded systems. Ph.D. Dissertation, University of Waterloo, Waterloo, ON, 2005.
  65. L. Wagner. Failure Analysis of Integrated Circuits: Tools and Techniques (Eds.). Springer, 2012.
  66. S. Skorobogatov. Physical attacks and tamper resistance. In Introduction to Hardware Security and Trust , M. Tehranipoor and C. Wang (Eds.), Springer, New York, NY, pp. 143-174, 2012.
  67. T. S. Messerges, E. A. Dabbish and R. H. Sloan. Examining smart-card security under the threat of power analysis attacks. In IEEE Trans. Computers, vol. 51, pp. 541-552, 2002.
  68. S. Moein, F. Gebali, and T. A. Gulliver. Hardware attacks: An algebraic approach. In J. Cryptographic Engineering, pp. 1-13, 2016.
  69. D. G. Abraham, G. M. Dolan, G. P. Double, J. V. Stevens. Transaction Security System. In IBM Systems Journal, vol. 30, no. 2, pp. 206-229, 1991.
  70. U.S. Department of Commerce. Security requirements for cryptographic modules. [online]. Avail- able: http://csrc.nist.gov/publications/fips/fips140-2/fips1402.pdf
  71. Common Criteria Evaluation and Validation Scheme. [online]. Available: http://www. niap-ccevs.org/
  72. Y. Oren, A.-R. Sadeghi, and C. Wachsmann. On the effectiveness of the remanence decay side- channel to clone memory-based PUFs. In Cryptographic Hardware and Embedded Systems, Lecture Notes in Computer Science, vol. 8086, Springer-Verlag, pp. 107-125, 2013.
  73. S. Skorobogatov. Semi-invasive attacks: A new approach to hardware security analysis. In Technical Report UCAM-CL-TR-630, University of Cambridge, Computer Laboratory, 2005.

Related papers

Hardware Trojan Attacks: Threat Analysis and Countermeasures
Seetharam Narasimhan

Proceedings of the IEEE, 2014

| Security of a computer system has been traditionally related to the security of the software or the information being processed. The underlying hardware used for information processing has been considered trusted. The emergence of hardware Trojan attacks violates this root of trust. These attacks, in the form of malicious modifications of electronic hardware at different stages of its life cycle, pose major security concerns in the electronics industry. An adversary can mount such an attack with an objective to cause operational failure or to leak secret information from inside a chipVe.g., the key in a cryptographic chip, during field operation. Global economic trend that encourages increased reliance on untrusted entities in the hardware design and fabrication process is rapidly enhancing the vulnerability to such attacks. In this paper, we analyze the threat of hardware Trojan attacks; present attack models, types, and scenarios; discuss different forms of protection approaches, both proactive and reactive; and describe emerging attack modes, defenses, and future research pathways.

View PDFchevron_right
Hardware-based Cyber Threats
Thiago Alves

Proceedings of the 4th International Conference on Information Systems Security and Privacy

During the last decade, cyber-security experts have been trying to mitigate attacks against computer networks and software. After the internet, the proliferation of thousands of virus, worms and trojans became easier, which then required enhancements for Operating Systems, browsers and anti-virus software in order to keep their users safe. However, what happens when the threat comes from the hardware? The Operating System trusts entirely in the hardware to perform its operations. If the hardware has been taken, it becomes much harder to regain control of the system. This paper describes eight different approaches to hardware attacks against software. It also demonstrates how to perform an attack using a USB device patched to behave like a generic HID Input Device, in order to insert malicious code in the system. 2 HARDWARE MALWARE APPROACHES This section describes eight different approaches to subvert the system through hardware attacks. Although these are just some examples of different attack vectors, they all seem to be out of the scope of most, if not every, protection software available.

View PDFchevron_right
Physical Security Devices for Computer Subsystems: A Survey of Attacks and Defences
Steve Weingart

2000

As the value of data on computing systems increases and operating systems become more secure, physical attacks on computing systems to steal or modify assets become more likely. This technology requires constant review and improvement, just as other competitive technologies need review to stay at the leading edge. This paper describes known physical attacks, ranging from simple attacks that require little skill or resource, to complex attacks that require trained, technical people and considerable resources. Physical security methods to deter or prevent these attacks are presented. The intent is to match protection methods with the attack methods in terms of complexity and cost. In this way cost effective protection can be produced across a wide range of systems and needs. Specific technical mechanisms now in use are shown, as well as mechanisms proposed for future use. Common design problems and solutions are discussed with consideration for manufacturing.

View PDFchevron_right
A Survey on Hardware Security: Current Trends and Challenges
Kasem Khalil

IEEE Access

Hardware security has become a critical concern due to the globalization of the Integrated Circuit (IC) supply chain and the complex network connections of computing-intensive devices. Hardware security is essential in the modern world, as more and more connectivity of the Internet of Things (IoT) has paved the way for improvements in personalized healthcare, communication between home (or office) equipment, and the promise of self-driving cars, airplanes, and smart grid systems. As a result, recently, this field has attracted particular attention from the researcher. A significant amount of research has already been conducted to detect, defend, and create resiliency against hardware attacks. This paper investigates different hardware security approaches in the state-of-the-art literature and outlines their advantages and drawbacks. This paper also provides a comprehensive study of hardware security attacks, and their features, and categorizes different attack types. Finally, it presents the current challenges of the hardware security field and the impact of each one on the IC production supply chain. INDEX TERMS Machine learning, the Internet of Things (IoT), AES, hardware security, privacy, neural networks.

View PDFchevron_right
Physical Security Devices for Computer Subsystems: A Survey of Attacks and Defenses
Steve Weingart

As the value of data on computing systems increases and operating systems become more secure, physical attacks on computing systems to steal or modify assets become more likely. This technology requires constant review and improvement, just as other competitive technologies need review to stay at the leading edge. This paper describes known physical attacks, ranging from simple attacks that require little skill or resource, to complex attacks that require trained, technical people and considerable resources. Physical security methods to deter or prevent these attacks are presented. The intent is to match protection methods with the attack methods in terms of complexity and cost. In this way cost effective protection can be produced across a wide range of systems and needs. Specific technical mechanisms now in use are shown, as well as mechanisms proposed for future use. Common design problems and solutions are discussed with consideration for manufacturing.

View PDFchevron_right

Related topics

  • Computer Science
    • 580 California St., Suite 400
    San Francisco, CA, 94104
    © 2025 Academia. All rights reserved