0:01

Welcome back to Hardware Security.

Â This time I'll go through the hardware Trojans, and trusted integrate circuits.

Â From this title, you know that we're going to cover both hardware Trojans and

Â trusted integrate circuits.

Â For hardware Trojan, we're going to give the definition of hardware Trojans and

Â we're going to study the taxonomy of hardware Trojans.

Â 0:22

It is very important to do such study, because instead of study dozens or

Â hundreds of different hardware Trojans we can focus on

Â several different categories and within each different, each category we can

Â study the similarities between different hardware Trojans.

Â We can capture their physical characteristics.

Â And we develop benchmarks to do the testing.

Â And more importance, we can, we can do, we can develop on how to work for

Â the detection mechanisms.

Â 0:52

For trusted integrated circuits,

Â we're going to give the definition of trusted integrated circuits.

Â We're going to talk about how to build trust in integrated circuits design.

Â In particular, we're going to talk about how to prevent hardware Trojan insertion.

Â 1:12

Start from the traditional digital logical design to crypto algorithms.

Â And in some extent included the heart, the digital watermarking and

Â fingerprints techniques, we have discuss, discussed earlier.

Â 1:43

So, from this very simple definition,

Â we can see two characteristics of a hardware Trojan.

Â First, a hardware Trojan must have malicious goals.

Â And the most common malicious goes for Hardware trojan includes, trying to

Â change the circuit's functionality, trying to control the system,

Â or trying to steal sensitive information such as secret key from the system.

Â Also, some of the hardware trojans.

Â They are trying to reduce the circuit's reliability, and by doing this

Â a system will start malfunctioning before it's lifetime expires.

Â 2:29

So this basically tells us for example, the, the traditional designs,

Â we have a lot of don't cares and we have discussed earlier, so we can

Â introduce a lot of back doors as security vulnerabilities during the design.

Â These are not intentionally introduced into the system, so

Â they are not considered at hardware Trojans.

Â 2:51

And also we talk about a scan chan which is the testing,

Â which is part of the testing circuitry.

Â These I intentionally added to the system but they're not added for

Â malicious purpose.

Â So scan chan are not hardware Trojan as well.

Â 3:08

Trusted integrated circuits on the other hand.

Â Is a system or is a integrated circuit,

Â that does exactly what is asked to do, no more and no less.

Â It is a very simple definition, but it is really very hard to,

Â to assess the trustworthiness of an integrated circuit from this definition.

Â 3:44

second, if a system has hardware Trojan inside it.

Â This system cannot be trusted either, because this system does something more,

Â and these things are malicious hardware Trojans.

Â 3:58

So, from this definition, we want to ask it,

Â the question, so, does such trusted integrated circuits really exist?

Â 4:07

As we have seen, the traditional digital logical design.

Â When we specify the systems, normally we have a lot of don't cares.

Â Even if you fully specify the system during the design design process,

Â you may introduce some internal don't care conditions such as the satisfy ability

Â don't cares or the other ability don't cares we have discussed earlier.

Â So with these don't cares, and the system is going to give some values for

Â the don't care conditions, and those are not specified so whenever they have

Â a need to values, they will be considered as more to the system spec.

Â 4:54

So, this brings us to in some sense,

Â my definition of trusted Integrated Sys, Ci, Circuit.

Â So first of all, it must satisfy this condition, no less.

Â So, for all of the required functionalities, all the required

Â specifications, the, the system or the circuit has to satisfy those.

Â And second, instead of no more, we define this trusted IC to be,

Â it doesn't do any malicious more.

Â So in some sense, if we know all the, all the possible attacks or

Â all the possible vulnerabilities or all the possible bad intentions that the,

Â that the attacker can put into the system, if you can verify none of

Â these things exist in the system, then the IC can be considered as trusted.

Â 5:45

So consider Alice asks Bob to design a circuit that computes a function f of x so

Â Alice, she can use this circuit to authenticate the username,

Â password pair of x and f of x.

Â Where x is the username f of x is the password.

Â So user will enter the username and

Â password, and Alice can use the circuitry to compute f of x.

Â And then try to compare and

Â see whether this user entered one is the valued or not.

Â So now let's see Bob gives Alice this design for a very simple case, 1 of x is

Â x squared, and then we have ten potential users that have IDs from zero to nine.

Â 6:27

So this is a system that Bob designs for Alice.

Â So you have this black box increments a function of f of x.

Â As and Bob says that, because you have ten different users, so

Â I need four bits to encode this different users.

Â For example, user number zero will be have code 000.

Â User number three will have code 0011,

Â which is the binary representation of three.

Â 6:52

And in terms of output bits, so Bob says that since we

Â are doing fx equal to x square, so the largest number he could get is 81.

Â And for me to encode 81, I need seven bits.

Â In this case, 81 would be 1010001.

Â 7:36

So this is a huge twist table here.

Â Start from the middle two columns with with colored in blue.

Â We see the input x goes from 0 to 9.

Â And we will see the required output, x squared going from 0 to 81.

Â Which is the square of 9.

Â And for each particular input, we want the output to be the square of the input.

Â 8:07

And from this very simple truth table, we do see a couple of simple things.

Â For example, the most significant bit of the input happens to

Â be the same as the most significant bit of the output.

Â So, in that sense, we can define Z1 to be exactly the same as X1.

Â 8:47

So in some sense bowing to this design what Bob needs to design is actually

Â only 4, only 4 up with functions, Z2, Z3, Z4, and Z5.

Â So, before we move on to talk about this, so

Â let's see, I will give you a small hint for one of the early quiz questions.

Â 9:15

And both numbers goes from zero to nine.

Â So for in terms of the number of inputs for

Â each out prints X I need four bids as we have discussed earlier.

Â Because with three bids I can only encode from 0 to 7, 8 different objects and

Â here I need 9.

Â 9:40

And for output side, the output in this case x square goes from zero to 81.

Â So we know the largest number will be 81 and

Â as we have discussed earlier I need seven bits to encode 81.

Â So in this case, the output, the number of output bits will be seven.

Â 9:58

So of course, in this case, you can argue that I don't really

Â need seven bits because you see, that the number of, of different outputs will be

Â only ten different subjects or ten different values.

Â So, I could use as few as four bits to represent these ten different values.

Â 10:15

However, the problem of doing that is,

Â with these ten different val ten different values, if you use only four bits,

Â you do not see exactly the values of this output in binary.

Â So that is why we are asking that even Z6 is a constant of zero.

Â We still need to output a bit to represent it.

Â So that says, we have seven bits as outputs.

Â And then finally, in this case, since we have four bits as inputs.

Â With four bits, we know that we have a total of 16,

Â which is to the power for different input combinations.

Â And in this case, we only care the first of ten of them.

Â So the Dava six from 10 to 15, they will be the don't care conditions,

Â which means in this case we have six don't care conditions.

Â 11:10

So what is inside the box of the, of what the, the, Bob's design.

Â So Bob claims that he does exactly FX equal to X squared.

Â And if we open up the box, we can see a circuitry like this.

Â Or, you may see a circuitry like this.

Â 11:27

And just to try to be honest, if you can see the difference between

Â these circuitry, raise your hand of course I'm joking.

Â I, I mean I wish I could see, but I cannot see your hands.

Â So if I show you one more time, you will see what is the difference here

Â is take a look of this part and the functionality of Z2,

Â this is the first design where Z2 is the product of X2 and X3.

Â And this is a secular design, which we have to X1 plus X2 times X3.

Â And signal X2 plus X1 comes from this So.

Â So let's show it again here.

Â 12:07

So, to this, to start, take a look at that.

Â And now I'll show it again.

Â So this is the original one, and then this is the second one.

Â 12:14

So apparently these are two different designs.

Â So, what we can see here is,

Â in addition to their difference, we see that they have the same number of gates.

Â Because I never changed anything except I changed the connection here.

Â The first one connect this way.

Â And the second one connect this way.

Â 12:49

So what Alex can do here is, starting from the first design,

Â he can verify that whether this design does what he wants, she wants.

Â She can plug in, for example, zero, where all the X1, X2, X3, X4 will be zeroes.

Â And I'm plugging all these equations and I figure out that Z1 is equal to 0,

Â Z2 equal to 0, Z3 equal to 0, Z4 equal to 0, because you have a Z4 equal to 0 here.

Â And this, Z5, Z6, Z7, they are all 0s.

Â So with the input of 0, it does out put 0.

Â 13:20

And as another example, if input is one where X4 will be 1 I can see Z7 will be 1,

Â and Z6 will be 0 and Z5 will 0 and everything else will be 0.

Â So that means that if input is 1 output is also 1, which is the square of 1.

Â So Alice can confirm with all these things with 10 different input values.

Â 13:45

So, what is important for Alice to, to prove the trustworthiness of this design.

Â Is, what more the system does.

Â So, what Alice can check is, what happens if I give 10?

Â Which is 1010 into the system.

Â And according to this definition of the outputs signals.

Â The, the system is going to produce 1, 0, 0, 0, 1, 0, 0,

Â which is the decimal 68, which is not the square of 10.

Â And as another, another example, if I enter 11,

Â the output will be the binary representation of number 89.

Â Okay.

Â So this is does, does some more, but doesn't do anything,

Â I mean, suspicious, because this output is not the square of 10.

Â And this output is not the square of 11.

Â In terms of this application, Alice wants to authenticate the user.

Â So if the user enters 10,

Â the output is not 10 squared, so it's not going to be authenticated.

Â 14:46

However, once we move to the second design,

Â we know that the only difference is on the up of signal Z2.

Â And with this new design, we can see that once we have input of 0,

Â 1 here, 1, 0, 1, 0, then the output of Z2 will

Â become 1 is that this is because, because X3 is 1.

Â [SOUND] And X1 is also 1.

Â So 1 plus X2 which is 0 times this 1 give us a 1.

Â And similarly, when the input is 11, this bit will also be 1.

Â And if you remember how we do the conversion from binary to decimal.

Â So this bit position, a 1 means 32.

Â So if it adds 32 to this numbers, 32 plus 68 give me 100.

Â 32 plus 89 give me a 121.

Â So this are not just a magic numbers, but if you take a look at this and

Â then if you think further.

Â So this 100 happens to be the square of 10.

Â This 121 happens to be the square of 11.

Â So, that says in the second design, there's a back door.

Â This back door is, is in embedded intentionally.

Â So in this case what we have here is, both pair of 10 and 100 and 11 and

Â 121 will become valid.

Â So what Alice used this system to build authentication this two entrants will be

Â considered valid and in that case,

Â the second design we can consider this as a, it has a hardware Trojan.

Â It's going to allow user who doesn't have access to have access to the system.

Â 16:24

To summarize today's lecture, what we're going to do next will be

Â hardware Trojans and the trusted IC device.

Â For hardware Trojan, we have learned the two important characteristics of them, so

Â first it must have intentional addition or modification to the system.

Â Second, this addition or

Â modification must have certain malicious purpose and for trusted IC's.

Â We have defined trusted IC as, the system has to do no less, which means it

Â has to meet all the design specifications, also it will not do anything maliciously.

Â 17:02

And from this discussion, we know that, for

Â a system to be trusted, it cannot have Trojan.

Â That is what we call Trojan-free IC's.

Â 17:12

And finally, for us to evaluate what to assess a,

Â the trustworthiness of the system, we have to

Â make sure that the system doesn't have any Trojans, which we call the Trojan-free.

Â So hardware Trojan detection is about how to establish trust, or

Â how to assess the trust or [INAUDIBLE] software system.

Â And on the other hand, when we do hardware Trojan prevention,

Â we are trying to prevent hardware Trojan being inserted into the system.

Â This is in some sense trying to build trust into the system.

Â And these two categories, hardware Trojan detection and hardware prevention,

Â we are going to discuss in more details in the following lectures.

Â