Functional Locking Modules for Design Protection of Intellectual Property Cores

International audienceElectronics systems design is increasingly uses Intellectual Property (IP) cores. The means, however, that can renderthe IP core unusable if it has been obtained illegally have not yet been identified. We describe lightweight locking schemes lacking in the state of the art

A Survey of hardware protection of design data for integrated circuits and intellectual properties

International audienceThis paper reviews the current situation regarding design protection in the microelectronics industry. Over the past ten years, the designers of integrated circuits and intellectual properties have faced increasing threats including counterfeiting, reverse-engineering and theft. This is now a critical issue for the microelectronics industry, mainly for fabless designers and intellectual properties designers. Coupled with increasing pressure to decrease the cost and increase the performance of integrated circuits, the design of a secure, efficient, lightweight protection scheme for design data is a serious challenge for the hardware security community. However, several published works propose different ways to protect design data including functional locking, hardware obfuscation, and IC/IP identification. This paper presents a survey of academic research on the protection of design data. It concludes with the need to design an efficient protection scheme based on several properties

Reversible Denial-of-Service by Locking Gates Insertion for IP Cores Design Protection

International audienceNowadays, electronics systems design is a complex process. A design-and-reuse model has been adopted, and the vast majority of designers integrates third party intellectual property (IP) cores in their design in order to reduce time to market. Due to their immaterial form and high market value, IP cores are exposed to threats such as cloning and illegal copying. In order to fight these threats, we propose to achieve functional locking, equivalent to a triggerable and reversible denial-of-service. This is done by inserting locking gates at specific locations in the netlist, allowing to force outputs at a fixed value. We developed a new method based on graph exploration techniques for locking gates insertion. It selects candidate nodes ten thousand times faster than state-of-the-art fault analysis-based logic masking techniques. Methods are then compared on ISCAS'85 combinational benchmarks

Punctured Syndrome Decoding Problem Efficient Side-Channel Attacks Against Classic McEliece

Among the fourth round finalists of the NIST post-quantum cryptography standardization process for public-key encryption algorithms and key encapsulation mechanisms, three rely on hard problems from coding theory. Key encapsulation mechanisms are frequently used in hybrid cryptographic systems: a public-key algorithm for key exchange and a secret key algorithm for communication. A major point is thus the initial key exchange that is performed thanks to a key encapsulation mechanism. In this paper, we analyze side-channel vulnerabilities of the key encapsulation mechanism implemented by the Classic McEliece cryptosystem, whose security is based on the syndrome decoding problem. We use side-channel leakages to reduce the complexity of the syndrome decoding problem by reducing the length of the code considered. The columns punctured from the original code reduce the complexity of a hard problem from coding theory. This approach leads to efficient profiled side-channel attacks that recover the session key with high success rates, even in noisy scenarios

Online Performance Evaluation of Deep Learning Networks for Side-Channel Analysis

Deep learning based side-channel analysis has seen a rise in popularity over the last few years. A lot of work is done to understand the inner workings of the neural networks used to perform the attacks and a lot is still left to do. However, finding a metric suitable for evaluating the capacity of the neural networks is an open problem that is discussed in many articles. We propose an answer to this problem by introducing an online evaluation metric dedicated to the context of side-channel analysis and use it to perform early stopping on existing convolutional neural networks found in the literature. This metric compares the performance of a network on the training set and on the validation set to detect underfitting and overfitting. Consequently, we improve the performance of the networks by finding their best training epoch and thus reduce the number of traces used by 30%. The training time is also reduced for most of the networks considered

Horizontal Correlation Attack on Classic McEliece

As the technical feasibility of a quantum computer becomes more and more likely, post-quantum cryptography algorithms are receiving particular attention in recent years. Among them, code-based cryptosystems were first considered unsuited for hardware and embedded software implementations because of their very large key sizes. However, recent work has shown that such implementations are practical, which also makes them susceptible to physical attacks. In this article, we propose a horizontal correlation attack on the Classic McEliece cryptosystem, more precisely on the matrix-vector multiplication over $\mathbb{F}_2$ that computes the shared key in the encapsulation process. The attack is applicable in the broader context of Niederreiter-like code-based cryptosystems and is independent of the code structure, i.e. it does not need to exploit any particular structure in the parity check matrix. Instead, we take advantage of the constant time property of the matrix-vector multiplication over $\mathbb{F}_2$. We extend the feasibility of the basic attack by leveraging information-set decoding methods and carry it out successfully on the reference embedded software implementation. Interestingly, we highlight that implementation choices, like the word size or the compilation options, play a crucial role in the attack success, and even contradict the theoretical analysis

Méthodes pour la protection de la propriété intellectuelle des concepteurs de composants virtuels

Designing integrated circuits is now an extremely complex task. This is why designers adopt a modular approach, where each functional block is described independently. These functional blocks, called intellectual property (IP) cores, are sold by their designers to system integrators who use them in complex projects. This division led to the rise of cases of illegal copying of IP cores. In order to fight this threat against intellectual property of lP core designers, the objective of this PhD thesis was to develop a secure remote activation scheme for IP cores, allowing the designer to know exactly how many IP cores are currently used. To achieve this, the first two contributions of thesis thesis deal with the modification of combinational logic of an IP core to make it activable. The first method allows to controllably force the outputs to a fixed logic value. The second is an efficient technique to select the nodes to controllably alter, so that the IP core is temporarily unusable. The third contribution of this thesis is a lightweight method of error correction to use with PUF (Physical Undonable Functions) responses, which are an intrinsic identifier of instances of the lP core. Reusing an error-correction protocol used in quantum key ex.change, this method is much more lightweight than error-correctingLa conception de circuits intégrés est aujourd'hui une tâche extrêmement complexe. Cela pousse les concepteurs à adopter une approche modulaire, où chaque bloc fonctionnel est décrit de manière indépendante. Ces blocs fonctionnels, appelés composants virtuels, sont vendus par leurs concepteurs à des intégrateurs système qui les utilisent dans des projets complexes. Cette division a pour conséquence une hausse inquiétante des cas de copie illégale des composants virtuels. Afin de lutter contre cette menace sur la propriété intellectuelle des concepteurs, l'objectif de cette thèse était de mettre au point un système complet d'activation à distance de composants virtuels, permettant au concepteur de savoir exactement combien de composants virtuels sont effectivement utilisés. Pour cela, les deux premières contributions de cette thèse portent sur la modification de la logique combinatoire d'un composant virtuel afin de le rendre activable. La première méthode permet de forcer les sorties à une valeur fixe de manière contrôlée. La seconde est une technique efficace de sélection de nœuds à altérer, encore une fois de manière contrôlée, afin de rendre le composant virtuel temporairement inutilisable. La troisième contribution de cette thèse est une méthode légère de correction d'erreurs à appliquer aux réponses issues des fonctions physiques non-clonables, qui constituent un identifiant intrinsèque des instances du composant virtuel. Réutilisant un protocole de correction d'erreurs issu de l'échange quantique de dés, cette méthode est beaucoup plus légère que les codes correcteurs d'erreurs classiquement utilisés pour cette applicatio

Méthodes pour la protection de la propriété intellectuelle des concepteurs de composants virtuels

La conception de circuits intégrés est aujourd'hui une tâche extrêmement complexe. Cela pousse les concepteurs à adopter une approche modulaire, où chaque bloc fonctionnel est décrit de manière indépendante. Ces blocs fonctionnels, appelés composants virtuels, sont vendus par leurs concepteurs à des intégrateurs système qui les utilisent dans des projets complexes. Cette division a pour conséquence une hausse inquiétante des cas de copie illégale des composants virtuels. Afin de lutter contre cette menace sur la propriété intellectuelle des concepteurs, l'objectif de cette thèse était de mettre au point un système complet d'activation à distance de composants virtuels, permettant au concepteur de savoir exactement combien de composants virtuels sont effectivement utilisés. Pour cela, les deux premières contributions de cette thèse portent sur la modification de la logique combinatoire d'un composant virtuel afin de le rendre activable. La première méthode permet de forcer les sorties à une valeur fixe de manière contrôlée. La seconde est une technique efficace de sélection de nœuds à altérer, encore une fois de manière contrôlée, afin de rendre le composant virtuel temporairement inutilisable. La troisième contribution de cette thèse est une méthode légère de correction d'erreurs à appliquer aux réponses issues des fonctions physiques non-clonables, qui constituent un identifiant intrinsèque des instances du composant virtuel. Réutilisant un protocole de correction d'erreurs issu de l'échange quantique de dés, cette méthode est beaucoup plus légère que les codes correcteurs d'erreurs classiquement utilisés pour cette applicationDesigning integrated circuits is now an extremely complex task. This is why designers adopt a modular approach, where each functional block is described independently. These functional blocks, called intellectual property (IP) cores, are sold by their designers to system integrators who use them in complex projects. This division led to the rise of cases of illegal copying of IP cores. In order to fight this threat against intellectual property of lP core designers, the objective of this PhD thesis was to develop a secure remote activation scheme for IP cores, allowing the designer to know exactly how many IP cores are currently used. To achieve this, the first two contributions of thesis thesis deal with the modification of combinational logic of an IP core to make it activable. The first method allows to controllably force the outputs to a fixed logic value. The second is an efficient technique to select the nodes to controllably alter, so that the IP core is temporarily unusable. The third contribution of this thesis is a lightweight method of error correction to use with PUF (Physical Undonable Functions) responses, which are an intrinsic identifier of instances of the lP core. Reusing an error-correction protocol used in quantum key ex.change, this method is much more lightweight than error-correctin

Key Reconcilication Protocol Application to Error Correction in Silicon PUF Responses

International audienc

Comments on “A PUF-FSM Binding Scheme for FPGA IP Protection and Pay-per-Device Licensing”

International audienceIP protection is a recent field of research. If passive protection schemes, mainly IP watermarking and fingerprinting, have been studied for more than fifteen years, active protection schemes using remote activation/unlocking/metering of IPs are highlighted by several recent works. Like any other new field of research, new concepts appear with sometimes not such good ideas. IP unlocking scheme without cryptography, as recently proposed in this journal, is one of these ideas. Expecting to obtain low overhead and high security this way is very hard. This comment proves this by presenting a short yet deep study