Skip to main content

Exploring and Preventing Cryptographic Hardware Backdoors: Protecting the Internet of Things against Next-Generation Attacks

Periodic Reporting for period 2 - EPoCH (Exploring and Preventing Cryptographic Hardware Backdoors: Protecting the Internet of Things against Next-Generation Attacks)

Reporting period: 2018-04-01 to 2019-09-30

Our IT landscape is rapidly evolving towards the Internet of Things. The IoT comes with a dramatically increased threat potential, as attacks can endanger human life and can lead to a massive loss of privacy of (European) citizens. A particular dangerous class of attacks manipulates the cryptographic algorithms in the underlying hardware. Backdoors in the cryptography of IoT devices can lead to system-wide loss of security. The recent discussion about the dependency on foreign-made telecommunication equipment shows the political and societal ramifikations of this problem space.

EPoCH has the ambitious goal to comprehensively understand and counter low-level backdoor attacks. The required research has two main objectives: (1) The development of an encompassing understanding of how hardware manipulations of cryptographic functions can actually be performed, and what the consequences are for the system security. (2) The development of hardware countermeasures that provide systematic protection against malicious manipulations. In contrast to detection-based methods which dominate the literature, our approach will be pro-active. We will develop solutions for instances of important problems, including hardware reverse
engineering and hiding. Little is known about the limits of and optimum approaches to both problems in specific settings.

Beyond prevention of hardware Trojans, the research has applications in IP protection, detection of patent infringement..
One research effort has been concerened with the general research question of reverse engineering of unknown ICs. Understanding of hardware reverse engineering (HRE) has major real-world relevance, including understanding of the threat of hardware manipulations, which is the main focus of EPoCH, but also detection of IP infringements and competitive analysis. Despite the importance for security and business, there is surprisingly little research on HRE. We have been tackling this problem broadly with two major research approaches. First, we have developed an innovative methodology to study human analysist during HRE. This work is based on a heavily interdisciplinary collaboration between the PI's technical group and cognitive psychologists. Second, we have designed and implemented the first open-source software that assists HRE, coined HAL. HAL is available on GitHUB. Another research effort has been dedicated to understand the threat potential posed by malicious hardware manipulations. we investigated several innovative attack vectors for Trojan injection that have not been reported in the literature before. They have been based on low-level manipulations of hardware circuits. We have also begun work in the area of hardware obfuscation. Here, our main efforts have been dedicated to an understanding of the role that configurable logic can play for design obfuscation.
The first goal is to drastically improve the state of the art with respect to hardware reverse engineering (HRE). Little is known about the complexity and methods that determined adversaries such as foreigen intelligence services employ. Particular important results that we expect are an understanding of how human analysist approach HRE and the development of open-source tools that partially automate HRE. Our second objective is a much better understanding of the threat potential posed by hardware Trojans that target cryptographic algorithms. Even though there exist results in the theory community, very little is known about the threat that such manipulations pose in real-world settings. The third goal is an majorly improved understanding of topic of hardware obfuscation. Currently, there is a deep lack of understanding in the scientific community and industry about the possibilities and limits of obfuscation. This is in contrast to the wide-spread use of hardware obfuscation in practice, possibly employing methods that are often sub-optimum of even barely effective.