2,672 research outputs found
Digital IP Protection Using Threshold Voltage Control
This paper proposes a method to completely hide the functionality of a
digital standard cell. This is accomplished by a differential threshold logic
gate (TLG). A TLG with inputs implements a subset of Boolean functions of
variables that are linear threshold functions. The output of such a gate is
one if and only if an integer weighted linear arithmetic sum of the inputs
equals or exceeds a given integer threshold. We present a novel architecture of
a TLG that not only allows a single TLG to implement a large number of complex
logic functions, which would require multiple levels of logic when implemented
using conventional logic primitives, but also allows the selection of that
subset of functions by assignment of the transistor threshold voltages to the
input transistors. To obfuscate the functionality of the TLG, weights of some
inputs are set to zero by setting their device threshold to be a high .
The threshold voltage of the remaining transistors is set to low to
increase their transconductance. The function of a TLG is not determined by the
cell itself but rather the signals that are connected to its inputs. This makes
it possible to hide the support set of the function by essentially removing
some variable from the support set of the function by selective assignment of
high and low to the input transistors. We describe how a standard cell
library of TLGs can be mixed with conventional standard cells to realize
complex logic circuits, whose function can never be discovered by reverse
engineering. A 32-bit Wallace tree multiplier and a 28-bit 4-tap filter were
synthesized on an ST 65nm process, placed and routed, then simulated including
extracted parastics with and without obfuscation. Both obfuscated designs had
much lower area (25%) and much lower dynamic power (30%) than their
nonobfuscated CMOS counterparts, operating at the same frequency
Achieving Obfuscation Through Self-Modifying Code: A Theoretical Model
With the extreme amount of data and software available on networks, the protection of online information is one of the most important tasks of this technological age. There is no such thing as safe computing, and it is inevitable that security breaches will occur. Thus, security professionals and practices focus on two areas: security, preventing a breach from occurring, and resiliency, minimizing the damages once a breach has occurred. One of the most important practices for adding resiliency to source code is through obfuscation, a method of re-writing the code to a form that is virtually unreadable. This makes the code incredibly hard to decipher by attackers, protecting intellectual property and reducing the amount of information gained by the malicious actor. Achieving obfuscation through the use of self-modifying code, code that mutates during runtime, is a complicated but impressive undertaking that creates an incredibly robust obfuscating system. While there is a great amount of research that is still ongoing, the preliminary results of this subject suggest that the application of self-modifying code to obfuscation may yield self-maintaining software capable of healing itself following an attack
Chaotic Compilation for Encrypted Computing: Obfuscation but Not in Name
An `obfuscation' for encrypted computing is quantified exactly here, leading
to an argument that security against polynomial-time attacks has been achieved
for user data via the deliberately `chaotic' compilation required for security
properties in that environment. Encrypted computing is the emerging science and
technology of processors that take encrypted inputs to encrypted outputs via
encrypted intermediate values (at nearly conventional speeds). The aim is to
make user data in general-purpose computing secure against the operator and
operating system as potential adversaries. A stumbling block has always been
that memory addresses are data and good encryption means the encrypted value
varies randomly, and that makes hitting any target in memory problematic
without address decryption, yet decryption anywhere on the memory path would
open up many easily exploitable vulnerabilities. This paper `solves (chaotic)
compilation' for processors without address decryption, covering all of ANSI C
while satisfying the required security properties and opening up the field for
the standard software tool-chain and infrastructure. That produces the argument
referred to above, which may also hold without encryption.Comment: 31 pages. Version update adds "Chaotic" in title and throughout
paper, and recasts abstract and Intro and other sections of the text for
better access by cryptologists. To the same end it introduces the polynomial
time defense argument explicitly in the final section, having now set that
denouement out in the abstract and intr
- …