Description
The globalization of the semiconductor supply chain has led to the introduction of the fabless manufacturing model. As such, semiconductor companies have started outsourcing their IP design to multiple (potentially untrusted) entities with the intention of reducing cost and time. However, this has resulted in the introduction of new security challenges such as IP piracy. In the case of IP piracy, an IP designer in a third-party design house may illegally pirate the IP without the knowledge and consent of the designer. To address this issue, a number of design-for-trust techniques such as logic locking, IC camouflaging, and split manufacturing methods have been developed. Some of the tools developed to address this issue are the ObfusGEM simulator and Network Flow Attack for Split Manufacturing.
Related Tools
- SOFTDEEP
- Functional Corruptibility-Guided SAT-Based Attack on Sequential Logic Encryption
- HW2VEC
- Faciometric Hardware Security Tool
- SeqL: Scan-Chain Locking and a Broad Security Evaluation
- SIGNED: Secure Lightweight Watermarking Framework
- DANA: Universal Dataflow Analysis for Gate-Level Netlist Reverse Engineering
- KHC-Stego Tool: Key-Triggered Hash-Chaining Driven Steganography Tool
- Crypto-Steganography Tool
- Network Flow Attack For Split Manufacturing
- ObfusGEM
Publications
Sengupta, Anirban
Cryptography driven IP steganography for DSP Hardware Accelerators Book Forthcoming
Forthcoming, ISBN: 978-1-83953-306-8.
@book{Sengupta2021Cryptography,
title = {Cryptography driven IP steganography for DSP Hardware Accelerators},
author = {Anirban Sengupta},
isbn = {978-1-83953-306-8},
year = {2021},
date = {2021-01-01},
keywords = {},
pubstate = {forthcoming},
tppubtype = {book}
}
Sengupta, Anirban
Key-triggered Hash-chaining based Encoded Hardware Steganography for Securing DSP Hardware Accelerators Book Forthcoming
Forthcoming, ISBN: 978-1-83953-306-8.
@book{Sengupta2021Key-triggered,
title = {Key-triggered Hash-chaining based Encoded Hardware Steganography for Securing DSP Hardware Accelerators},
author = {Anirban Sengupta},
isbn = {978-1-83953-306-8},
year = {2021},
date = {2021-01-01},
keywords = {},
pubstate = {forthcoming},
tppubtype = {book}
}
Rathor, Mahendra; Sengupta, Anirban
IP Core Steganography Using Switch Based Key-Driven Hash-Chaining and Encoding for Securing DSP Kernels Used in CE Systems Journal Article
In: IEEE Transactions on Consumer Electronics, vol. 66, no. 3, pp. 251-260, 2020, ISSN: 1558-4127.
@article{9129810,
title = {IP Core Steganography Using Switch Based Key-Driven Hash-Chaining and Encoding for Securing DSP Kernels Used in CE Systems},
author = {Mahendra Rathor and Anirban Sengupta},
doi = {10.1109/TCE.2020.3006050},
issn = {1558-4127},
year = {2020},
date = {2020-08-01},
journal = {IEEE Transactions on Consumer Electronics},
volume = {66},
number = {3},
pages = {251-260},
abstract = {Intellectual property (IP) core of digital signal processing (DSP) kernels act as hardware accelerators in consumer electronics (CE) systems. However due to rising threats of cloning and counterfeiting to an IP core, security remains an important subject of research for these hardware accelerators. This paper presents a novel key-driven hash-chaining based hardware steganography for securing such IP cores used in CE systems. The proposed approach is capable to implant secret invisible stego-marks in design using hash-chaining process that incorporates switches, strong large stego-keys, multiple encoding algorithms and hash blocks. The methodology proposed provides massive security against IP cloning and counterfeiting while incurring nominal design overhead (<; 0.3 %). The results of the proposed approach on comparison with state of the art indicated significantly stronger digital evidence (lower probability of co-incidence), stronger key size (in bits) and lower design cost using proposed stego-marks. Further, from an attacker's perspective, the proposed steganography increases an attacker's effort manifold during decoding the valid stego-key value (for generating/extracting original secret stego-mark), compared to existing approaches.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Intellectual property (IP) core of digital signal processing (DSP) kernels act as hardware accelerators in consumer electronics (CE) systems. However due to rising threats of cloning and counterfeiting to an IP core, security remains an important subject of research for these hardware accelerators. This paper presents a novel key-driven hash-chaining based hardware steganography for securing such IP cores used in CE systems. The proposed approach is capable to implant secret invisible stego-marks in design using hash-chaining process that incorporates switches, strong large stego-keys, multiple encoding algorithms and hash blocks. The methodology proposed provides massive security against IP cloning and counterfeiting while incurring nominal design overhead (<; 0.3 %). The results of the proposed approach on comparison with state of the art indicated significantly stronger digital evidence (lower probability of co-incidence), stronger key size (in bits) and lower design cost using proposed stego-marks. Further, from an attacker's perspective, the proposed steganography increases an attacker's effort manifold during decoding the valid stego-key value (for generating/extracting original secret stego-mark), compared to existing approaches.
Zuzak, Michael; Srivastava, Ankur
ObfusGEM: Enhancing Processor Design Obfuscation Through Security-Aware On-Chip Memory and Data Path Design Proceedings Article
In: International Symposium on Memory Systems (MEMSYS), 2020.
@inproceedings{Zuzak2020,
title = {ObfusGEM: Enhancing Processor Design Obfuscation Through Security-Aware On-Chip Memory and Data Path Design},
author = {Michael Zuzak and Ankur Srivastava},
year = {2020},
date = {2020-01-01},
booktitle = {International Symposium on Memory Systems (MEMSYS)},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Sengupta, Anirban; Rathor, Mahendra
Structural Obfuscation and Crypto-Steganography-Based Secured JPEG Compression Hardware for Medical Imaging Systems Journal Article
In: IEEE Access, vol. 8, pp. 6543-6565, 2020, ISSN: 2169-3536.
@article{Sengupta2020Structural,
title = {Structural Obfuscation and Crypto-Steganography-Based Secured JPEG Compression Hardware for Medical Imaging Systems},
author = {Anirban Sengupta and Mahendra Rathor},
doi = {10.1109/ACCESS.2019.2963711},
issn = {2169-3536},
year = {2020},
date = {2020-01-01},
journal = {IEEE Access},
volume = {8},
pages = {6543-6565},
abstract = {In modern healthcare technology involving diagnosis through medical imaging systems, compression and data transmission play a pivotal role. Medical imaging systems play an indispensable role in several medical applications where camera/scanners generate compressed images about a patient's internal organ and may further transmit it over the internet for remote diagnosis. However, tampered or corrupted compressed medical images may result in wrong diagnosis of diseases leading to fatal consequences. This paper aims to secure the underlying JPEG compression processor used in medical imaging systems that generates the compressed medical images for diagnosis. The proposed work targets to secure the JPEG compression processor against well-acknowledged threats such as counterfeiting/cloning and Trojan insertion using double line of defense through integration of robust structural obfuscation and hardware steganography. The second line of defense incorporates stego-key based hardware steganography that augments the following: non-linear bit manipulation using S-box (confusion property), diffusion property, alphabetic encryption, alphabet substitution, byte concatenation mode, bit-encoding (converting into stego-constraints) and embedding constraints. The results of the proposed approach achieve robust security in terms of significant strength of obfuscation, strong stego-key size (775 bits for JPEG compression processor and 610 bits for JPEG DCT core) and probability of coincidence of 9.89e-8, at nominal design cost.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
In modern healthcare technology involving diagnosis through medical imaging systems, compression and data transmission play a pivotal role. Medical imaging systems play an indispensable role in several medical applications where camera/scanners generate compressed images about a patient's internal organ and may further transmit it over the internet for remote diagnosis. However, tampered or corrupted compressed medical images may result in wrong diagnosis of diseases leading to fatal consequences. This paper aims to secure the underlying JPEG compression processor used in medical imaging systems that generates the compressed medical images for diagnosis. The proposed work targets to secure the JPEG compression processor against well-acknowledged threats such as counterfeiting/cloning and Trojan insertion using double line of defense through integration of robust structural obfuscation and hardware steganography. The second line of defense incorporates stego-key based hardware steganography that augments the following: non-linear bit manipulation using S-box (confusion property), diffusion property, alphabetic encryption, alphabet substitution, byte concatenation mode, bit-encoding (converting into stego-constraints) and embedding constraints. The results of the proposed approach achieve robust security in terms of significant strength of obfuscation, strong stego-key size (775 bits for JPEG compression processor and 610 bits for JPEG DCT core) and probability of coincidence of 9.89e-8, at nominal design cost.
Rathor, Mahendra; Sengupta, Anirban
Design Flow of Secured N-Point DFT Application Specific Processor Using Obfuscation and Steganography Journal Article
In: IEEE Letters of the Computer Society, vol. 3, no. 1, pp. 13-16, 2020, ISSN: 2573-9689.
@article{Rathor2020Design,
title = {Design Flow of Secured N-Point DFT Application Specific Processor Using Obfuscation and Steganography},
author = {Mahendra Rathor and Anirban Sengupta},
doi = {10.1109/LOCS.2020.2973586},
issn = {2573-9689},
year = {2020},
date = {2020-01-01},
journal = {IEEE Letters of the Computer Society},
volume = {3},
number = {1},
pages = {13-16},
abstract = {An N-point Discrete Fourier Transform (DFT) has wide application such as speech signal amplitude/phase/frequency spectrum analysis and solving complex numerical problems etc. However a N-point DFT Application Specific Processor (ASP) can be prone to several hardware threats such as reverse engineering, counterfeiting, cloning and fraudulent ownership. This letter proposes a novel design flow of secured N-point DFT application specific processor using high-level transformation based structural obfuscation and crypto-steganography. The proposed design methodology integrates both obfuscation and steganography to yield a robust secured N-point DFT application specific processor design that is capable of achieving 75.28 percent obfuscation at gate-level structure and 99.5 percent enhanced in security w.r.t key-size than recent hardware steganography approach.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
An N-point Discrete Fourier Transform (DFT) has wide application such as speech signal amplitude/phase/frequency spectrum analysis and solving complex numerical problems etc. However a N-point DFT Application Specific Processor (ASP) can be prone to several hardware threats such as reverse engineering, counterfeiting, cloning and fraudulent ownership. This letter proposes a novel design flow of secured N-point DFT application specific processor using high-level transformation based structural obfuscation and crypto-steganography. The proposed design methodology integrates both obfuscation and steganography to yield a robust secured N-point DFT application specific processor design that is capable of achieving 75.28 percent obfuscation at gate-level structure and 99.5 percent enhanced in security w.r.t key-size than recent hardware steganography approach.
Sengupta, Anirban; Rathor, Mahendra
Crypto-Based Dual-Phase Hardware Steganography for Securing IP cores Journal Article
In: IEEE Letters of the Computer Society, vol. 2, no. 4, pp. 32-35, 2019, ISSN: 2573-9689.
@article{Sengupta2019Crypto,
title = {Crypto-Based Dual-Phase Hardware Steganography for Securing IP cores},
author = {Anirban Sengupta and Mahendra Rathor},
doi = {10.1109/LOCS.2019.2942289},
issn = {2573-9689},
year = {2019},
date = {2019-12-01},
journal = {IEEE Letters of the Computer Society},
volume = {2},
number = {4},
pages = {32-35},
abstract = {In an untrustworthy foundry, an intellectual property (IP) core is susceptible to piracy. Moreover, an adversary can deceitfully claim the ownership of a pirated IP core. In such cases of ownership conflict, the true ownership of an IP core should be provable. This letter presents a novel approach of securing IP cores against piracy/ false claim of ownership using crypto-based dual phase hardware steganography. By detecting the embedded robust stego-mark in the design, the ownership can be awarded to the genuine IP owner. The paper presents a novel security algorithm that leverages crypto-modules and security properties to generate stego-constraints and embeds them into a hardware IP design during two distinct phases of behavioural synthesis. Because of using large size stego-keys and embedding steganography at two distinct phases, the proposed approach achieves robust security and high reliability than existing recent approaches.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
In an untrustworthy foundry, an intellectual property (IP) core is susceptible to piracy. Moreover, an adversary can deceitfully claim the ownership of a pirated IP core. In such cases of ownership conflict, the true ownership of an IP core should be provable. This letter presents a novel approach of securing IP cores against piracy/ false claim of ownership using crypto-based dual phase hardware steganography. By detecting the embedded robust stego-mark in the design, the ownership can be awarded to the genuine IP owner. The paper presents a novel security algorithm that leverages crypto-modules and security properties to generate stego-constraints and embeds them into a hardware IP design during two distinct phases of behavioural synthesis. Because of using large size stego-keys and embedding steganography at two distinct phases, the proposed approach achieves robust security and high reliability than existing recent approaches.
Sengupta, Anirban; Rathor, Mahendra
IP Core Steganography for Protecting DSP Kernels Used in CE Systems Journal Article
In: IEEE Transactions on Consumer Electronics, vol. 65, no. 4, pp. 506-515, 2019, ISSN: 1558-4127.
@article{8854311,
title = {IP Core Steganography for Protecting DSP Kernels Used in CE Systems},
author = {Anirban Sengupta and Mahendra Rathor},
doi = {10.1109/TCE.2019.2944882},
issn = {1558-4127},
year = {2019},
date = {2019-11-01},
journal = {IEEE Transactions on Consumer Electronics},
volume = {65},
number = {4},
pages = {506-515},
abstract = {Intellectual Property (IP) core protection of Digital Signal Processing (DSP) kernels is an important subject of research for Consumer Electronics (CE) systems. An IP core may be prone to piracy, forgery and counterfeiting. The need of the hour is developing effective technique that is robust and incurs low overhead to detect IP core infringement. This paper presents a novel `IP core steganography' methodology for DSP kernels that is capable of detecting IP piracy. The proposed methodology is capable of implanting concealed information into the existing IP core design of DSP datapath without using any external signature, to reflect the IP core ownership. The presented `IP core steganography' methodology is non-intuitive in nature indicating that the intended secret information does not attract attention to itself from an adversary's perspective. The implanted information incurs almost no design overhead and yields lower design cost than signature-based IP core protection techniques. Further, in the presented approach the amount of concealed information embedded is fully designer controlled through a `thresholding' parameter, unlike signature-based techniques where signature pattern impacts the robustness and overhead. Results of proposed approach yielded lower cost and stronger proof of authorship compared to a signature-based approach.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Intellectual Property (IP) core protection of Digital Signal Processing (DSP) kernels is an important subject of research for Consumer Electronics (CE) systems. An IP core may be prone to piracy, forgery and counterfeiting. The need of the hour is developing effective technique that is robust and incurs low overhead to detect IP core infringement. This paper presents a novel `IP core steganography' methodology for DSP kernels that is capable of detecting IP piracy. The proposed methodology is capable of implanting concealed information into the existing IP core design of DSP datapath without using any external signature, to reflect the IP core ownership. The presented `IP core steganography' methodology is non-intuitive in nature indicating that the intended secret information does not attract attention to itself from an adversary's perspective. The implanted information incurs almost no design overhead and yields lower design cost than signature-based IP core protection techniques. Further, in the presented approach the amount of concealed information embedded is fully designer controlled through a `thresholding' parameter, unlike signature-based techniques where signature pattern impacts the robustness and overhead. Results of proposed approach yielded lower cost and stronger proof of authorship compared to a signature-based approach.
Wang, Yujie; Chen, Pu; Hu, Jiang; Li, Guofeng; Rajendran, Jeyavijayan
The Cat and Mouse in Split Manufacturing Journal Article
In: IEEE Transactions on Very Large Scale Integration (VLSI) Systems, vol. 26, no. 5, pp. 805-817, 2018, ISSN: 1557-9999.
@article{8259507,
title = {The Cat and Mouse in Split Manufacturing},
author = {Yujie Wang and Pu Chen and Jiang Hu and Guofeng Li and Jeyavijayan Rajendran},
url = {https://ieeexplore.ieee.org/document/8259507},
doi = {10.1109/TVLSI.2017.2787754},
issn = {1557-9999},
year = {2018},
date = {2018-05-01},
journal = {IEEE Transactions on Very Large Scale Integration (VLSI) Systems},
volume = {26},
number = {5},
pages = {805-817},
abstract = {Split manufacturing of integrated circuits eliminates vulnerabilities introduced by an untrusted foundry by manufacturing only a part of the target design at an untrusted high-end foundry and the remaining part at a trusted low-end foundry. Most researchers have focused on attack and defenses for hierarchical designs and/or use a relatively high-end trusted foundry, leading to high cost. We propose an attack and defense for split manufacturing for flattened designs. Our attack uses a network-flow model and outperforms previous attacks. We also develop two defense techniques using placement perturbation-one using physical design information and the other using logical information-while considering overhead. The effectiveness of our techniques is demonstrated on benchmark circuits.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Split manufacturing of integrated circuits eliminates vulnerabilities introduced by an untrusted foundry by manufacturing only a part of the target design at an untrusted high-end foundry and the remaining part at a trusted low-end foundry. Most researchers have focused on attack and defenses for hierarchical designs and/or use a relatively high-end trusted foundry, leading to high cost. We propose an attack and defense for split manufacturing for flattened designs. Our attack uses a network-flow model and outperforms previous attacks. We also develop two defense techniques using placement perturbation-one using physical design information and the other using logical information-while considering overhead. The effectiveness of our techniques is demonstrated on benchmark circuits.