More and more silicon manufacturers are becoming fabless. It means that they make their own design, but the actual manufacturing is done by another company. Unfortunately, they loose control on production. Thus, they face two types of piracy:
- Manufacturers making more components than expected and selling them through illegal distribution channels.
- Pirating intellectual property through stealing some parts of the design. Although not well-known from media, this piracy is serious.
At last USENIX workshop, Dr KOUSHANFAR from Rice University presented a system that may solve this problem. It is the result of more than 6 years of research.
The idea is rather simple. On a selected set of wires of the Integrated Circuit (IC), a basic circuitry is inserted. Thus, the path of an intercepted wire is driven by a bit. Depending on the value of the bit, the wire will go where it should to behave correctly, or go somewhere else generating a bogus chip. This set of bits form a long key, so called common key: CK. In addition every chip generates a public/private key pair using a hardware true random number generator. Then, using a typical secure link protocol, the IC designer can transmit for a given chip (identified by its public key) CK into the chip. The chip stores this key and can be then sold. Of course without the right value of CK, the chip does not work.
The paper discloses difficult attacks: either to reverse engineer the circuit to find the right value of key and create a new mask with the burnt key, either to get access to the private key of the IC designer. Another attack (not described) would be to cheat the true random number generator in order to have the same public/private key pair for batches of ICs.
Unfortunately, the paper did analyze the security only with piracy in mind. There is another important risk: denial of service. If during the life of an IC, an attacker may overwrite the CK of a good chip with a random value, then the attacker can stop any system using this type of chip.
The idea may also be used for controlling the distribution of secure chips. The secure chip should be fully functional only once personalized.
A concept to watch closely…
The corresponding paper is available at here