Researchers have shown that it is possible to compromise the functioning of a cryptographic chip without changing its physical layout.
Based on altering the distribution of dopants in a few components on the chip during fabrication, this method represents a big challenge for cyber-security as it is nearly impossible to detect with any currently practical detection scheme.
Progress in the design and fabrication of processor chips is mainly aimed at making them faster and smaller. There is another important requirement, however – ensuring that they function as intended. In particular, the cryptographic functions of new chips must provide the level of security with which they were designed. If they fail in this task, even use of sophisticated security software, physical isolation, and well vetted operators cannot ensure the security of a system.
Such structural attacks on the functions of a chip are called hardware Trojans, and are capable of rendering ineffective the security protecting our most critical computer systems and data. Both industry and governments have put a great deal of not very public effort into the problem of hardware Trojans. The most reliable tests to find hardware Trojans will be applied to the finished product. So how are they tested and what are the implications of the new research?
Functional Testing
Functional testing is the sort of testing with which most people are familiar. The function of a chip is tested by applying patterns of test inputs to the input pins of the chip. The outputs are monitored, and compared with the outputs expected from the original specifications and definition of the chip.
Extremely sophisticated devices for functional testing abound in the world of IC design and fabrication. Unfortunately, such testing is usually not very effective for finding hardware Trojans. It is impossible in any practical sense to test all patterns of activation of all components in the chip, so the test patterns are usually designed to test all the known gates on the chip. While such patterns catch most accidental design flaws and fabrication defects, they are likely to fail to activate malicious logic elements added to the original design.
Optical Reverse-Engineering
The most direct approach to find hardware Trojans is to disassemble the chip layer by layer, and compare it with the correct structural design. If there is a visible difference (possibly detected with scanning electron microscopy rather than a camera) between the layers of the chip as designed and the layers of the actual chip, there is a problem that needs to be diagnosed. This is essentially the procedure that would be undertaken to reverse-engineer a chip.
While reverse-engineering a chip sounds like a good way to detect hardware alterations, the problem is considerably more slippery when the goal is to find hardware Trojans. When reverse-engineering is the goal, you start with your competitor’s chip, and try to decipher and duplicate the chip. While various techniques can be applied to the chip to complicate this process, you are never in any doubt that the original chip works properly.
If a production chip is suspected of harboring hardware Trojans, however, the structure revealed in the disassembly process must be compared with some reference design. The ideal reference is a “golden chip”, meaning a chip known to accurately reflect the goals of the desired chip functionality with no additions, subtractions, or alterations. We’ll talk about where such a chip might come from later.
The Latest Bing News on:
Hardware Trojans
- New Android Trojan Malware Targets Bank Accounts With Fake Chrome Updateson April 26, 2024 at 9:20 am
Brokewell' malware allows attackers to spy on, steal cookies from, or take control of Android mobile devices for financial gain.
- Android device hijacking facilitated by new Brokewell banking trojanon April 26, 2024 at 6:34 am
BleepingComputer reports that Android devices could have their data compromised and be eventually hijacked in attacks with the novel Brokewell banking trojan.
- WATCH LIVE: USC legend Reggie Bush set to speak after Heisman Trophy reinstatementon April 25, 2024 at 9:48 am
Reggie Bush, the legendary University of Southern California running back who helped guide the Trojans to two National Championships in the mid-2000s, will speak to the media on Thursday for the first ...
- New Brokewell malware takes over Android devices, steals dataon April 25, 2024 at 3:00 am
Security researchers have discovered a new Android banking trojan they named Brokewell that can capture every event on the device, from touches and information displayed to text input and the ...
- Column: Reggie Bush’s deserved Heisman Trophy shouldn’t overshadow his troubled Trojans legacyon April 24, 2024 at 3:11 pm
Reggie Bush and USC should celebrate the return of his Heisman Trophy, but the NCAA findings that still hinder the Trojans can't be forgotten.
- USC hires former Trojans receiver Mike Williams in player development roleon April 24, 2024 at 12:53 pm
On Friday, USC head coach Lincoln Riley hopped on a FaceTime with Williams, the all-time great Trojans wide receiver who had since settled into life 20 years later as a high school football coach ...
- Matt Leinart Reacts to Reggie Bush's Heisman Trophy Reinstatement Using One Wordon April 24, 2024 at 12:39 pm
It's a big day for Bush and USC family. Right after the 2005 Heisman Trophy received the award back, Leinart facetimed Bush and shared a screenshot and one-word reaction on X (formerly known as ...
- Johnny Manziel credited with huge role in restoring precious hardware to Reggie Bush's trophy cabineton April 24, 2024 at 10:14 am
In a recent post on X (formerly Twitter), former NFL quarterback and Heisman Trophy winner Johnny Manziel made a staunch plea for the NCAA to reverse a controversial decision it ma ...
- New Android Trojan 'SoumniBot' Evades Detection with Clever Trickson April 18, 2024 at 9:35 pm
New Android malware "SoumniBot" targets users in South Korea by exploiting unique evasion tactics. Find out how it slips through security cracks.
- Sneaky Android Malware Evades Detection – Is Your Phone Safe?on April 18, 2024 at 10:32 am
Another day, another trojan is on the loose, targeting Android users. This time, the ‘SoumniBot’ was found, and some pretty clever tricks were used to avoid detection. Currently, it’s mainly targeting ...
The Latest Google Headlines on:
Hardware Trojans
[google_news title=”” keyword=”Hardware Trojans” num_posts=”10″ blurb_length=”0″ show_thumb=”left”]
The Latest Bing News on:
Cryptographic chip
- AI drives cloud growth and cloud growth drives earnings upside — for someon April 26, 2024 at 12:31 pm
In the first big tech earnings week of the quarter, a mixed bag — but cloud is driving upside at a lot of companies, and AI in turns is driving that cloud (and hardware) growth: Juniper’s adjusted ...
- Besides keeping data safe, this emerging tech could be a key trust builder for businesseson April 26, 2024 at 7:48 am
Nigel Smart and his colleagues at Zama aim to do something about that—and ultimately, help businesses build trust. Smart is chief academic officer of the Paris-based cryptography startup, which ...
- Chip Giants Finalize Specs Baking Security Into Siliconon April 26, 2024 at 5:23 am
A consortium of top chip makers finalized the first version of Caliptra, a specification to add zero-trust security features directly inside silicon. The Caliptra 1.0 specification has hardware and ...
- Future of Technology: SK Broadband Succeeds in Real-Time Transmission of Drone 4K Videoon April 26, 2024 at 4:05 am
SK Broadband recently announced its industry-first success in real-time transmission of Drone 4K Video utilizing quantum security technology. The company has secured a solution that can safely ...
- Embedded world 2024: SDVs and AI in automotiveon April 25, 2024 at 12:14 pm
At embedded world 2024, chipmakers deliver new platforms and technologies to advance SDVs and AI in automotive.
- Researcher Strips ROM For Binary Codeon April 25, 2024 at 6:41 am
Research shows that attackers can physically extract secrets embedded into read-only memory on a shoestring budget. The equipment involves a polishing wheel, a jig ...
- SEALSQ’s IoMT Solutions Provide the Highest Security Standards in Medical and Healthcare, Essential for Safeguarding Sensitive Patient Dataon April 24, 2024 at 7:12 am
SEALSQ’s semiconductor technology provides secure, reliable, and intuitive functionality for a wide array of medical applications. SEALSQ Corp (NASDAQ: LAES) ("SEALSQ" or "Company"), a company that ...
- SEALSQ Expands Protection of Luxury and Valuable Assets with Patented Advanced Digital Certification and NFT Technologyon April 23, 2024 at 8:00 am
Notably, SEALSQ’s VaultIC155 NFC secure element can be integrated into luxury items, enabling secure authentication when accessed by an NFC device. Furthermore, the technology grants brands the ...
- Why You Still Shouldn't Trust Zero Truston April 18, 2024 at 5:45 am
The reality is that the majority of current implementations of zero trust still have notable gaps due to the inevitable involvement of fallible human operators.
- IOActive finds hackers have compromised some game controllerson April 17, 2024 at 1:30 pm
Are you looking to showcase your brand in front of the gaming industry’s top leaders? Learn more about GamesBeat Summit sponsorship opportunities here. The makers of official licensed game ...
The Latest Google Headlines on:
Cryptographic chip
[google_news title=”” keyword=”cryptographic chip” num_posts=”10″ blurb_length=”0″ show_thumb=”left”]
