1st Edition

Hardware Security Design, Threats, and Safeguards

    590 Pages 93 B/W Illustrations
    by Chapman & Hall

    Beginning with an introduction to cryptography, Hardware Security: Design, Threats, and Safeguards explains the underlying mathematical principles needed to design complex cryptographic algorithms. It then presents efficient cryptographic algorithm implementation methods, along with state-of-the-art research and strategies for the design of very large scale integrated (VLSI) circuits and symmetric cryptosystems, complete with examples of Advanced Encryption Standard (AES) ciphers, asymmetric ciphers, and elliptic curve cryptography (ECC).

    Gain a Comprehensive Understanding of Hardware Security—from Fundamentals to Practical Applications

    Since most implementations of standard cryptographic algorithms leak information that can be exploited by adversaries to gather knowledge about secret encryption keys, Hardware Security: Design, Threats, and Safeguards:

    • Details algorithmic- and circuit-level countermeasures for attacks based on power, timing, fault, cache, and scan chain analysis
    • Describes hardware intellectual property piracy and protection techniques at different levels of abstraction based on watermarking
    • Discusses hardware obfuscation and physically unclonable functions (PUFs), as well as Trojan modeling, taxonomy, detection, and prevention

    Design for Security and Meet Real-Time Requirements

    If you consider security as critical a metric for integrated circuits (ICs) as power, area, and performance, you’ll embrace the design-for-security methodology of Hardware Security: Design, Threats, and Safeguards.

    Part I

    Mathematical Background

    Introduction

    Modular Arithmetic

    Groups, Rings, and Fields

    Greatest Common Divisors and Multiplicative Inverse

    Subgroups, Subrings, and Extensions

    Groups, Rings, and Field Isomorphisms

    Polynomials and Fields

    Construction of Galois Field

    Extensions of Fields

    Cyclic Groups of Group Elements

    Efficient Galois Fields

    Mapping between Binary and Composite Fields

    Conclusions

    Overview of Modern Cryptography

    Introduction

    Cryptography: Some Technical Details

    Block Ciphers

    Rijndael in Composite Field

    Elliptic Curves

    Scalar Multiplications: LSB First and MSB First Approaches

    Montgomery’s Algorithm for Scalar Multiplication Inversions

    Conclusions

    Modern Hardware Design Practices

    Introduction

    Components of a Hardware Architecture: Mapping an Algorithm to Hardware

    Case Study: Binary gcd Processor

    Enhancing the Performance of a Hardware Design

    Modelling of the Computational Elements of the gcd Processor

    Experimental Results

    Conclusions

    Hardware Design of the Advanced Encryption Standard (AES)

    Introduction

    Algorithmic and Architectural Optimizations for AES Design

    Circuit for the AES S-Box

    Implementation of the Mix Column Transformation

    An Example Reconfigurable Design for the Rijndael Cryptosystem

    Experimental Results

    Single Chip Encryptor/Decryptor

    Conclusions

    Efficient Design of Finite Field Arithmetic on FPGAs

    Introduction

    Finite Field Multiplier

    Finite Field Multipliers for High Performance Applications

    Karatsuba Multiplication

    Karatsuba Multipliers for Elliptic Curves

    Designing for the FPGA Architecture

    Analyzing Karatsuba Multipliers on FPGA Platforms

    Performance Evaluation

    High Performance Finite Field Inversion Architecture for FPGAs

    Itoh-Tsujii Inversion Algorithm

    The Quad ITA Algorithm

    Experimental Results

    Generalization of the ITA for 2n Circuit

    Hardware Architecture for 2n Circuit-Based ITA

    Area and Delay Estimations for the 2n ITA

    Obtaining the Optimal Performing ITA Architecture

    Validation of Theoretical Estimations

    Conclusions

    High Speed Implementation of Elliptic Curve Scalar Multiplication on FPGAs

    Introduction

    The Elliptic Curve Cryptoprocessor

    Point Arithmetic on the ECCP

    The Finite State Machine (FSM)

    Performance Evaluation

    Further Acceleration Techniques of the ECC Processor

    Pipelining Strategies for the Scalar Multiplier

    Scheduling of the Montgomery Algorithm

    Finding the Right Pipeline

    Detailed Architecture of the ECM

    Implementation Results

    Conclusion

    Introduction to Side Channel Analysis

    Introduction

    What Are Side Channels?

    Types of Side Channel Attacks

    Kocher’s Seminal Works

    Power Attacks

    Fault Attacks

    Cache Attacks

    Scan Chain-Based Attacks

    Conclusions

    Differential Fault Analysis of Ciphers

    Introduction to Differential Fault Analysis

    DFA and Associated Fault Models

    Differential Fault Attacks on AES: Early Efforts

    State of the Art DFAs on AES

    Multiple Byte DFA of AES-128

    Extension of the DFA to Other Variants of AES

    DFA of AES Targeting the Key-Schedule

    CED for AES

    Conclusions

    Cache Attacks on Ciphers

    Memory Hierarchy and Cache Memory

    Timing Attacks due to CPU Architecture

    Trace-Driven Cache Attacks

    Access-Driven Cache Attacks

    Time-Driven Cache Attacks

    Countermeasures for Timing Attacks

    Conclusion

    Power Analysis of Cipher Implementations

    Power Attack Set up and Power Traces

    Power Models

    Differential Power Analysis using Difference of Mean

    PKDPA: An Improvement of the DoM Technique

    Correlation Power Attack

    Metrics to Evaluate a Side Channel Analysis

    CPA on Real Power Traces of AES-128

    Popular Countermeasures against Power Analysis: Masking

    Conclusions

    Testability of Cryptographic Hardware

    Introduction

    Scan Chain-Based Attacks on Cryptographic Implementations

    Scan Attack on Trivium

    Testability of Cryptographic Designs

    Conclusion

    Bibliography

    Part II

    Hardware Intellectual Property Protection through Obfuscation

    Introduction

    Related Work

    Functional Obfuscation through State Transition Graph Modification

    Extension of STG Modification for RTL Designs

    Obfuscation through Control and Data Flow Graph (CDFG) Modification

    Measure of Obfuscation Level

    Results

    Discussions

    Conclusions

    Overview of Hardware Trojans

    Introduction

    Trojan Taxonomy and Examples

    Multi-Level Attack

    Effect of Hardware Trojan on Circuit Reliability

    Hardware Trojan Insertion by Direct Modification of FPGA Configuration Bitstream

    Conclusion

    Logic Testing-Based Hardware Trojan Detection

    Introduction

    Statistical Approach for Trojan Detection

    Results

    Summary

    Side-Channel Analysis Techniques for Hardware Trojans Detection

    Introduction

    Motivation for the Proposed Approaches

    Multiple-Parameter Analysis-Based Trojan Detection

    Results

    Integration with Logic-Testing Approach

    Design Techniques for Hardware Trojan Threat Mitigation

    Introduction

    Obfuscation-Based Trojan Detection/Protection

    Integrated Framework for Obfuscation

    Results

    A FPGA-Based Design Technique for Trojan Isolation

    A Design Infrastructure Approach to Prevent Circuit Malfunction

    Physically Unclonable Functions: A Root-of-Trust for Hardware Security

    Introduction

    Physically Unclonable Function (PUF)

    Classification of PUFs

    Realization of Silicon PUFs

    PUF Performance Metrics for Quality Evaluation

    Secure PUF: What Makes a PUF Secure?

    Applications of PUF as a Root-of-Trust

    Attacks Model: How PUF Security Could Be Compromised

    Looking Forward: What Lies Ahead for PUFs?

    Genetic Programming-Based Model Building Attack on PUFs

    Introduction

    Background: Genetic Programming and RO-PUFs

    Methodology

    Results

    Bibliography

    Biography

    Dr. Debdeep Mukhopadhyay is an associate professor at the Indian Institute of Technology (IIT) Kharagpur, West Bengal, where he has been instrumental in setting up a side channel analysis laboratory. Previously, he worked as an assistant professor at the IIT Kharagpur and Madras. His research interests include VLSI of cryptographic algorithms and side channel analysis. A popular invited speaker, he has authored around 100 international conference and journal papers, co-authored a textbook on cryptography and network security, reviewed and served on program committees for several international conferences, and collaborated with several organizations including ISRO, DIT, ITI, DRDO, and NTT-Labs Japan. He has been the recipient of the prestigious INSA Young Scientist Award and the INAE Young Engineer Award.

    Dr. Rajat Subhra Chakraborty is an assistant professor at the Indian Institute of Technology Kharagpur, West Bengal. Previously, he worked as a CAD software engineer at National Semiconductor, Bangalore, Karnataka, India and a co-op at Advanced Micro Devices, Sunnyvale, California, USA. His research interests include design methodology for hardware IPIIC protection, hardware Trojan detection/prevention through design and testing, attacks on hardware implementation of cryptographic algorithms, and reversible watermarking for digital content protection. He has authored over 25 conference and journal publications and presented at numerous events including the 2011 IEEE VLSI Design Conference, where he delivered a tutorial on hardware security.

    "… an excellent job introducing the field of hardware security. It is a good source for upper undergraduates, postgraduates, and practitioners. The book does not need to be read cover to cover, and a select subset of chapters can form an undergraduate or graduate course in hardware security. … an excellent reference and can help graduate students move quickly to the frontiers of research. With its 432 references, the book helps direct readers who want to explore a specific topic in more detail."
    Computing Reviews, April 2015