CAREER: Towards Provably-Secure Design of Integrated Circuits

职业：迈向可证明安全的集成电路设计

• 批准号: 1652842
• 负责人: Jeyavijayan Rajendran
• 金额: $ 50万
• 依托单位: University of Texas at Dallas
• 依托单位国家: 美国
• 项目类别: Continuing Grant
• 财政年份: 2017
• 资助国家: 美国
• 起止时间: 2017-05-01 至 2018-03-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1652842&HistoricalAwards=false
• 关键词: CAREER; Towards; Provably; Secure; Design

The production of computer chips has universally moved offshore in recent years, reducing design complexity and fabrication cost. But these benefits come at the expense of security: An attack anywhere along the supply chain can insert malicious components into an integrated circuit, pirate its design or counterfeit it. These attacks, which are exceedingly difficult to detect, jeopardize the computer industry, undermine national security, and put critical infrastructure in danger. More than a decade of research in hardware security has resulted in a plethora of solutions for these problems, but many of these solutions address specific attack models and, hence, are not universally applicable. This project breaks this barrier by developing hardware design approaches that are both provably secure and applicable across the entire hardware industry for differing businesses and threat models. To engage and teach the next generation of cybersecurity experts, the project uses puzzle-, challenge-, and competition-based educational and outreach activities at the high-school, undergraduate, and graduate levels. The project has three components. First, the research develops a secure synthesis approach to prevent piracy and reverse engineering using provably-secure camouflaging and logic encryption, where the attacker is provided with only partial knowledge of the design to obfuscate the design intent. Second, the research analyzes the security implications of untrusted test facilities by demonstrating an attack to compromise secrets through test data. It develops a provably-secure test pattern generation technique for testing chips with secrets. Third, this project designs chips such that any (malicious) alterations and counterfeits are provably-detected by existing techniques.

近年来，计算机芯片的生产已普遍转移，从而降低了设计的复杂性和制造成本。但是这些好处是以牺牲安全为代价的：供应链的任何地方的攻击都可以将恶意组件插入集成电路，海盗设计或伪造。这些攻击极难发现，危害计算机行业，破坏国家安全，并将关键基础设施置于危险之中。硬件安全性的十多年来研究为这些问题提供了大量解决方案，但是许多解决方案涉及特定的攻击模型，因此并不普遍适用。该项目通过开发硬件设计方法破坏了这一障碍，这些方法在整个硬件行业中都非常安全且适用于不同的业务和威胁模型。为了吸引和教授下一代网络安全专家，该项目在高中，本科生和研究生水平上使用基于拼图，挑战和基于竞赛的教育和外展活动。该项目有三个组成部分。首先，该研究开发了一种安全的合成方法，可以使用可证明的伪装和逻辑加密来防止盗版和逆向工程，在该方法中，攻击者仅提供对设计的部分知识，以使设计意图混淆。其次，该研究通过证明通过测试数据妥协秘密的攻击来分析不受信任的测试设施的安全含义。它开发了一种可证明安全的测试模式生成技术，用于用秘密测试芯片。第三，该项目设计芯片，以便通过现有技术证明任何（恶意）更改和伪造。

项目成果

Boolean Circuit Camouflage: Cryptographic Models, Limitations, Provable Results and a Random Oracle Realization

布尔电路伪装：密码模型、局限性、可证明的结果和随机预言实现

• DOI: 10.1145/3139324.3139331
• 发表时间: 2017
• 期刊: Proceedings of the 2017 Workshop on Attacks and Solutions in Hardware Security
• 作者: Di Crescenzo, Giovanni;Rajendran, Jeyavijayan;Karri, Ramesh;Memon, Nasir
• 通讯作者: Memon, Nasir