Sayandeep Saha

Improved Test Pattern Generation for Hardware Trojan Detection using Genetic Algorithm and Boolean Satisfiability

Test generation for Hardware Trojan Horses (HTH) detection is extremely challenging, as Trojans are designed to be triggered by very rare logic conditions at internal nodes of the circuit. In this paper, we propose a Genetic Algorithm (GA) based Automatic Test Pattern Generation (ATPG) technique, enhanced by automated solution to an associated Boolean Satisfiability problem. The main insight is that given a specific internal trigger condition, it is not possible to attack an arbitrary node (payload) of the circuit, as the effect of the induced logic malfunction by the HTH might not get propagated to the output. Based on this observation, a fault simulation based framework has been proposed, which enumerates the feasible payload nodes for a specific triggering condition. Subsequently, a compact set of test vectors is selected based on their ability to detect the logic malfunction at the feasible payload nodes, thus increasing their effectiveness. Test vectors generated by the proposed scheme were found to achieve higher detection coverage over large population of HTH in ISCAS benchmark circuits, compared to a previously proposed logic testing based Trojan detection technique.

Composite PUF: A new design paradigm for Physically Unclonable Functions on FPGA

Physically Unclonable Function (PUF) designs proposed in the recent literature vary widely in diverse characteristics such as hardware resource requirement, reliability, entropy, and robustness against mathematical cloning. Most of the standalone PUF designs suffer from either poor performance profile or unacceptable resource-overhead. We present a novel PUF design paradigm, termed as PUF Composition, that utilizes smaller PUFs as design building blocks to define a “Composite PUF” having larger challenge-space and superior performance profile at reasonable resource-overhead. A formal framework for PUF composition based on a probabilistic model has also been developed to enable the Composite PUF designer to have a-priori estimate of the relative qualities of several composite PUF options, without actually implementing them physically. The notion of PUF composition, and the probabilistic model developed for delay-PUFs, have both been validated using Ring Oscillator PUF (ROPUF) and Arbiter PUF (APUF) on Xilinx Spartan-3 Field Programmable Gate Array (FPGA).

Testability Based Metric for Hardware Trojan Vulnerability Assessment

Current approaches for Hardware Trojan detection have varying degrees of computational and/or design overheads. In this paper, we develop a CAD methodology for a-priori estimation of Trojan vulnerability of a given circuit at the early stages of the design flow. We develop a security metric to estimate the testability of a circuit for HTHs, thus assessing its relative vulnerability. Our methodology overcomes several shortcomings of previously proposed testability metrics in the context of their applicability to the HTH detection problem in particular. We utilize the proposed metric to estimate the Trojan vulnerability of gate-level ISCAS benchmark circuits. The metric values show excellent correlation with the testability results obtained from previously proposed Trojan targeted ATPG techniques.

ExpFault: An Automated Framework for Exploitable Fault Characterization in Block Ciphers

Malicious exploitation of faults for extracting secrets is one of the most practical and potent threats to modern cryptographic primitives. Interestingly, not every possible fault for a cryptosystem is maliciously exploitable, and evaluation of the exploitability of a fault is nontrivial. In order to devise precise defense mechanisms against such rogue faults, a comprehensive knowledge is required about the exploitable part of the fault space of a cryptosystem. Unfortunately, the fault space is diversified and of formidable size even while a single cryptoprimitive is considered and traditional manual fault analysis techniques may often fall short to practically cover such a fault space within reasonable time. An automation for analyzing individual fault instances for their exploitability is thus inevitable. Such an automation is supposed to work as the core engine for analyzing the fault spaces of cryptographic primitives. In this paper, we propose an automation for evaluating the exploitability status of fault instances from block ciphers, mainly in the context of Differential Fault Analysis (DFA) attacks. The proposed framework is generic and scalable, which are perhaps the two most important features for covering diversified fault spaces of formidable size originating from different ciphers. As a proof-of-concept, we reconstruct some known attack examples on AES and PRESENT using the framework and finally analyze a recently proposed cipher GIFT [BPP+17] for the first time. It is found that the secret key of GIFT can be uniquely determined with 1 nibble fault instance injected at the beginning of the 25th round with a reasonable computational complexity of 214.

Automation of Fault Analysis

In the previous chapters, the reader has been acquainted with a number of different fault attack methodologies, including differential fault analysis (DFA), fault sensitivity analysis (FSA) and differential fault intensity analysis (DFIA). It is now amply clear that fault analysis attacks typically follow a common strategy of identifying an efficient key distinguisher, resulting from the diffusion of faults, followed by systematic elimination of wrong key candidates. This approach has been adapted for analyzing different ciphers till date, with certain cipher-specific optimizations requiring significant manual effort. An alternative approach, called Algebraic Fault Analysis (AFA), which combines so-called algebraic cryptanalysis with standard differential fault analysis, is recently gaining popularity. As a generic automated framework for fault analysis, AFA is found to have a lot of the potential. We dedicate this chapter for the study of AFA in detail, mainly in the context of lightweight block ciphers, for which it has been widely studied.