283 research outputs found
Stealthy Opaque Predicates in Hardware -- Obfuscating Constant Expressions at Negligible Overhead
Opaque predicates are a well-established fundamental building block for
software obfuscation. Simplified, an opaque predicate implements an expression
that provides constant Boolean output, but appears to have dynamic behavior for
static analysis. Even though there has been extensive research regarding opaque
predicates in software, techniques for opaque predicates in hardware are barely
explored. In this work, we propose a novel technique to instantiate opaque
predicates in hardware, such that they (1) are resource-efficient, and (2) are
challenging to reverse engineer even with dynamic analysis capabilities. We
demonstrate the applicability of opaque predicates in hardware for both,
protection of intellectual property and obfuscation of cryptographic hardware
Trojans. Our results show that we are able to implement stealthy opaque
predicates in hardware with minimal overhead in area and no impact on latency
Generalizations of the Karatsuba Algorithm for Efficient Implementations
In this work we generalize the classical Karatsuba Algorithm (KA) for
polynomial multiplication to (i) polynomials of arbitrary degree and (ii) recursive use. We determine exact complexity expressions for the KA and focus on how to use it with the least number of operations. We develop a rule for the optimum order of steps if the KA is used recursively. We show how the usage of dummy coefficients may improve performance. Finally we provide detailed information on how to use the KA with least cost, and also provide tables that describe the best possible usage of the KA for polynomials up to a degree of 127. Our results are especially useful for efficient implementations of cryptographic and coding schemes over fixed-size fields like
JustSTART: How to Find an RSA Authentication Bypass on Xilinx UltraScale(+) with Fuzzing
Fuzzing is a well-established technique in the software domain to uncover
bugs and vulnerabilities. Yet, applications of fuzzing for security
vulnerabilities in hardware systems are scarce, as principal reasons are
requirements for design information access (HDL source code). Moreover,
observation of internal hardware state during runtime is typically an
ineffective information source, as its documentation is often not publicly
available. In addition, such observation during runtime is also inefficient due
to bandwidth-limited analysis interfaces (JTAG, and minimal introspection of
internal modules). In this work, we investigate fuzzing for 7-Series and
UltraScale(+) FPGA configuration engines, the control plane governing the
(secure) bitstream configuration within the FPGA. Our goal is to examine the
effectiveness of fuzzing to analyze and document the opaque inner workings of
FPGA configuration engines, with a primary emphasis on identifying security
vulnerabilities. Using only the publicly available chip and dispersed
documentation, we first design and implement ConFuzz, an advanced FPGA
configuration engine fuzzing and rapid prototyping framework. Based on our
detailed understanding of the bitstream file format, we then systematically
define 3 novel key fuzzing strategies for Xilinx configuration engines.
Moreover, our strategies are executed through mutational structure-aware
fuzzers and incorporate various novel custom-tailored, FPGA-specific
optimizations. Our evaluation reveals previously undocumented behavior within
the configuration engine, including critical findings such as system crashes
leading to unresponsive states of the FPGA. In addition, our investigations not
only lead to the rediscovery of the starbleed attack but also uncover JustSTART
(CVE-2023-20570), capable of circumventing RSA authentication for Xilinx
UltraScale(+). Note that we also discuss countermeasures
Evil from Within: Machine Learning Backdoors through Hardware Trojans
Backdoors pose a serious threat to machine learning, as they can compromise
the integrity of security-critical systems, such as self-driving cars. While
different defenses have been proposed to address this threat, they all rely on
the assumption that the hardware on which the learning models are executed
during inference is trusted. In this paper, we challenge this assumption and
introduce a backdoor attack that completely resides within a common hardware
accelerator for machine learning. Outside of the accelerator, neither the
learning model nor the software is manipulated, so that current defenses fail.
To make this attack practical, we overcome two challenges: First, as memory on
a hardware accelerator is severely limited, we introduce the concept of a
minimal backdoor that deviates as little as possible from the original model
and is activated by replacing a few model parameters only. Second, we develop a
configurable hardware trojan that can be provisioned with the backdoor and
performs a replacement only when the specific target model is processed. We
demonstrate the practical feasibility of our attack by implanting our hardware
trojan into the Xilinx Vitis AI DPU, a commercial machine-learning accelerator.
We configure the trojan with a minimal backdoor for a traffic-sign recognition
system. The backdoor replaces only 30 (0.069%) model parameters, yet it
reliably manipulates the recognition once the input contains a backdoor
trigger. Our attack expands the hardware circuit of the accelerator by 0.24%
and induces no run-time overhead, rendering a detection hardly possible. Given
the complex and highly distributed manufacturing process of current hardware,
our work points to a new threat in machine learning that is inaccessible to
current security mechanisms and calls for hardware to be manufactured only in
fully trusted environments
- …