In this paper, we investigate a new family of …

In this paper, we investigate a new family of Trojans that do not need any extra logic resources but merely require a change in the dopant polarity of a few transistors. Hence, these Trojans add zero overhead in terms of additional transistors and metal wires. We show that such a change will not be detected by several of the common Trojan testing methods, including optical inspection. A central question that arises is how such minuscule manipulations can result in changes to the target system which are meaningful to an attacker. We address this question using two case studies. First, we show an attack against a design derived from Intel’s RNG design used in the Ivy Bridge processors, and second, a dopant Trojan that allows attacking a side-channel resistant SBox implementation. Since the hardware is usually the root of trust in a system, even small malicious modifications of the hardware can be devastating to system security.

Georg T. Becker, Francesco Regazzoni, Christof Paar,
and Wayne P. Burleson: Stealthy Dopant-Level Hardware Trojans

(View on gamamb.tumblr.com)

You may also like...