Hardware Obfuscation Using Physically Unclonable Functions Against IC Piracy
thesisposted on 01.02.2019 by Soroush Khaleghi
In order to distinguish essays and pre-prints from academic theses, we have a separate category. These are often much longer text based documents than a paper.
The goal of this thesis is to establish a theoretical foundation and defensive mechanisms against integrated circuit (IC) piracy. IC piracy is defined as the practice of an untrusted manufacturer to produce illegal copies of IC chips, or to steal the intellectual property of the IC design via reverse engineering approaches. IC piracy prevention is especially challenging, as the potential attackers are in the very strong position of chip manufacturers, having accesses to the design details and controls to the final production process. The proposed work aims at the hardware obfuscation based prevention strategy: an “obfuscated” IC design given to the untrusted manufacturer will yield chips that are “locked” (non-functioning), until being “unlocked” (configured correctly) in a trusted facility. The obfuscation strategy mimics that of an encryption process, ensuring that some critical information (analogous to the key) of the design is not revealed to the untrusted manufacturer. During the “unlocking” process (analogous to decryption) in a trusted facility, the key is used to restore the chips to their correct functionality. Currently, many obfuscation approaches exist, yet they mostly present various ad-hoc choices of obfuscation target and are based on heuristic methods. There lacks a theoretically sound and provably secure foundation to address the two main categories of attacks: 1) algorithmic attacks applied on the obfuscated design, that could potentially crack the keys efficiently, and 2) physical attacks applied on the unlocked chips, aiming at reading out the keys directly from the on-chip memory cells. The goal of this work is to achieve an IC piracy prevention paradigm similar to modern cryptography, in their reliance on the secrecy of a key alone, rather than that of the scheme itself, as well as their provable defense strength via imposing prohibitively high attacking cost, measured by computational complexity. This will lay the basic principles for a future “Design-Against-Piracy” paradigm, similar to the widely used “Design-For-Test” practices in IC industry today. The research work in this thesis will deliver an overall strong foundation of hardware security to actively prevent IC piracy with the following guarantees: 1) Any attackers (even in the strongest position of a manufacturer) cannot crack the design or unlock the chips within a reasonable amount of time, and such attacking cost is in full control of the designer; and 2) Any wrong key cannot unlock a chip to function, and even in the extreme cases of a completely leaked key, the security of the original design can be nonetheless protected, as the unique key one chip can neither unlock any other chip, nor be used to reverse engineering to gain information of the original design.