Engineering:Hardware obfuscation

From HandWiki

Hardware obfuscation is a technique by which the description or the structure of electronic hardware is modified to intentionally conceal its functionality, which makes it significantly more difficult to reverse-engineer. In other words, hardware obfuscation modifies the design in such a away that the resulting architecture becomes un-obvious to an adversary.[1] Hardware Obfuscation can be of two types depending on the hardware platform targeted: (a) DSP Core Hardware Obfuscation - this type of obfuscation performs certain high level transformation on the data flow graph representation of DSP core to convert it into an unknown form that reflects an un-obvious architecture at RTL or gate level. This type of obfuscation is also called 'Structural Obfuscation'. Another type of DSP Core Obfuscation method is called 'Functional Obfuscation' - It uses a combination of AES and IP core locking blocks (ILBs) to lock the functionality of the DSP core using key-bits. Without application of correct key sequence, the DSP core produces either wrong output or no output at all [2](b) Combinational/Sequential Hardware Obfuscation - this type of obfuscation performs changes to the gate level structure of the circuit itself. [3][4]

In essence, it is different from digital watermarking (where the ownership is concealed in the digital content itself), or from hardware intellectual property (IP) watermarking [5] where the ownership information is embedded and concealed in the description of a circuit. It is also different from cryptography-based hardware IP protection techniques common in the design flow of Field Programmable Gate Array.[6][7]

The importance of hardware watermarking has increased in the recent years due to widespread adoption of hardware IP based design practices for modern integrated circuits (ICs) such as system on chips (SoCs). Major security issues associated with hardware IPs include: (a) hardware intellectual property infringement during SoC design; (b) reverse engineering the manufactured ICs or the IC design database (in fabrication facilities) to produce counterfeit or clone ICs; and (c) malicious modifications of an IP through the insertion of hardware Trojan to cause in-field functional failure. Hardware obfuscation aims at minimizing these threats at IP or chip level by making it difficult for an adversary to comprehend the actual functionality of a design.

Hardware obfuscation techniques can be classified into two main categories: (a) the "passive" techniques, which do not directly affect the functionality of the electronic system, and (b) the "active" techniques, which directly alter the functionality of the system. Often the active hardware obfuscation techniques are "key-based", such that normal functionality of the obfuscated design can only be enabled by the successful application of a single pre-determined key or a sequence of secret keys at the input; otherwise the circuit operates in a mode, which exhibits incorrect functionality. This can be done by embedding a well-hidden finite state machine (FSM) in the circuit to control the functional modes based on application of key. The technique of key-based, active hardware obfuscation is similar in principle to private-key cryptographic approaches for information protection, since the "key sequence" for the obfuscated design plays a similar role as the cryptographic key. The technique can be applied at different levels of hardware description, namely gate-level or register transfer level (RTL) design and hence can be used to protect soft, firm and hard IP cores.[8] Obfuscation can also help to effectively hide security features in an IC and thus enable protection of ICs from counterfeiting and cloning in fabrication facilities.[9]

In contrast, the passive techniques modify the circuit description in a soft form (e.g. syntactic changes), such that it becomes difficult for a human reader to understand the functionality of the circuit. These approaches typically employ either string-substitution (including variable name change, comment removal, etc.),[10] or structural change in the hardware description language (HDL) description of a circuit (including loop unrolling, register renaming, etc.).[11] A major shortcoming of the passive approaches is that they do not modify the black box functionality of a circuit, and hence cannot prevent potential usage of an IP as black-box in a design. Moreover, the actual strength of such passive obfuscation is debatable, since, in general, black-box obfuscation does not exist, at least for software programs computing certain mathematical functions.[12]

Hardware watermarking can be used in conjunction with hardware obfuscation. In an obfuscated design, watermarking can be effective in providing a second line of defense against unlicensed copying efforts.[13]

Historical context

Hardware obfuscation in computing probably has its origins with mainframe CPUs, mainly ones made by IBM during the 1960s and 1970s. IBM, in order to maintain some competitive advantage, implemented secret opcodes that would only be used by the closed source operating system on the mainframe.[citation needed]

See also

References

  1. Anirban Sengupta, Dipanjan Roy, Saraju Mohanty, Peter Corcoran "DSP Design Protection in CE through Algorithmic Transformation Based Structural Obfuscation", IEEE Transactions on Consumer Electronics, Volume 63, Issue 4, November 2017, pp: 467 - 476
  2. Anirban Sengupta, Deepak Kachave, Dipanjan Roy "Low Cost Functional Obfuscation of Reusable IP Cores used in CE Hardware through Robust Locking", IEEE Transactions on Computer Aided Design of Integrated Circuits & Systems (TCAD), 2018
  3. Anirban Sengupta, Dipanjan Roy "Protecting an Intellectual Property Core during Architectural Synthesis using High-Level Transformation Based Obfuscation" IET Electronics Letters, Volume: 53, Issue: 13, June 2017, pp. 849 - 851
  4. M. Yasin, J. Rajendran, O. Sinanoglu, and R. Karri. "On improving the security of logic locking." IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems 35, no. 9 (2016): 1411-1424
  5. E. Castillo, U. Meyer-Baese, A. Garcia, L. Parilla, and A. Lloris: "IPP@HDL: efficient intellectual property protection scheme for IP cores", IEEE Transactions on VLSI, 16(5), 2007.
  6. Xilinx Corporation: "Xilinx IP evaluation", [1] , 2009.
  7. M. Wirthlin and B. McMurtrey: "IP delivery for FPGAs using Applets and JHDL", Design Automation Conference (DAC), 2002.
  8. R.S. Chakraborty and S. Bhunia: "RTL hardware IP protection using key-based control and data flow obfuscation", International Conference on Very Large Scale Integration Design (VLSID), 2010.
  9. J. Roy, F. Koushanfar, and I.L. Markov: "EPIC: ending piracy of integrated circuits," Design, Automation and Test in Europe (DATE), 2008.
  10. Thicket Family of Source Come Obfuscators
  11. M. Brzozowski and V. N. Yarmolik: "Obfuscation as intellectual rights protection in VHDL language", International Conference on Computer Information Systems and Industrial Management Applications (CISIM), 2007.
  12. B. Barak, O. Goldreich, R. Impagliazzo, S. Rudich, A. Sahai, S.P. Vadhan and K. Yang: "On the (im)possibility of obfuscating programs", Cryptology Conference on Advances in Cryptology (CRYPTO), 2001.
  13. R.S. Chakraborty and S. Bhunia: "HARPOON: An Obfuscation-Based SoC Design Methodology for Hardware Protection", IEEE Trans. on CAD of Integrated Circuits and Systems (TCAD), 2009.