ABSTRACT
A finite state machine (FSM) is responsible for controlling the overall functionality of most digital systems and, therefore, the security of the whole system can be compromised if there are vulnerabilities in the FSM. These vulnerabilities can be created by improper designs or by the synthesis tool which introduces additional don't-care states and transitions during the optimization and synthesis process. An attacker can utilize these vulnerabilities to perform fault injection attacks or insert malicious hardware modifications (Trojan) to gain unauthorized access to some specific states. To our knowledge, no systematic approaches have been proposed to analyze these vulnerabilities in FSM. In this paper, we develop a framework named Analyzing Vulnerabilities in FSM (AVFSM) which extracts the state transition graph (including the don't-care states and transitions) from a gate-level netlist using a novel Automatic Test Pattern Generation (ATPG) based approach and quantifies the vulnerabilities of the design to fault injection and hardware Trojan insertion. We demonstrate the applicability of the AVFSM framework by analyzing the vulnerabilities in the FSM of AES and RSA encryption module. We also propose a low-cost mitigation technique to make FSM more secure against these attacks.
- P. C. Kocher, "Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems" in Lecture Notes in Computer Science, 1996. Google ScholarDigital Library
- P. C. Kocher, et al., "Differential Power Analysis" in CRYPTO, 1999. Google ScholarDigital Library
- D. Hely et al., "Scan design and secure chip {secure IC testing}," in in Proc. 10th IEEE IOLTS, Jul. 2004. Google ScholarDigital Library
- E. Biham and A. Shamir, "Differential fault analysis of secret key cryptosystems," CRYPTO, 1997. Google ScholarDigital Library
- R. Karri et al., "Trustworthy Hardware: Identifying and Classifying Hardware Trojans", Computer, 2010. Google ScholarDigital Library
- B. Sunar et al., "Sequential circuit design for embedded cryptographic applications resilient to adversarial faults," IEEE Transactions on Computers, 2007. Google ScholarDigital Library
- Z. Wang et al., "Robust FSMs for cryptographic devices resilient to strong fault injection attacks," in On-Line Testing Symposium (IOLTS), 2010. Google ScholarDigital Library
- C. Dunbar and G. Qu., "Designing Trusted Embedded Systems from Finite State Machines," in ACM Trans. Embed. Comput. Syst., 2014. Google ScholarDigital Library
- H. Salmani and M. Tehranipoor, "Analyzing circuit vulnerability to hardware Trojan insertion at the behavioral level," in Defect and Fault Tolerance in VLSI and Nanotechnology Systems (DFT), 2013.Google Scholar
- T. Schneider and A. Moradi, "Leakage Assessment Methodology - a clear roadmap for side-channel evaluations," in CHES 2015.Google Scholar
- B. Yuce et al., "TVVF: Estimating the vulnerability of hardware cryptosystems against timing violation attacks," in Hardware Oriented Security and Trust (HOST), 2015.Google Scholar
- http://opencores.org/.Google Scholar
- L. Yuan et al., "An fsm reengineering approach to sequential circuit synthesis by state splitting," Computer-Aided Design of Integrated Circuits and Systems, IEEE Transactions on, 2008. Google ScholarDigital Library
- Y. Shi et al., "A highly efficient method for extracting fsms from flattened gate-level netlist," in Circuits and Systems (ISCAS), 2010.Google Scholar
- L. Zussa et al., "Investigation of timing constraints violation as a fault injection means", in DCIS 2012.Google Scholar
- AVFSM: a framework for identifying and mitigating vulnerabilities in FSMs
Recommendations
Cache Attacks on Intel SGX
EuroSec'17: Proceedings of the 10th European Workshop on Systems SecurityFor the first time, we practically demonstrate that Intel SGX enclaves are vulnerable against cache-timing attacks. As a case study, we present an access-driven cache-timing attack on AES when running inside an Intel SGX enclave. Using Neve and Seifert'...
Detecting Insider Theft of Trade Secrets
Trusted insiders who misuse their privileges to gather and steal sensitive information represent a potent threat to businesses. Applying access controls to protect sensitive information can reduce the threat but has significant limitations. Even if ...
Comments