Reverse Engineering of Integrated Circuits: Tools and Techniques



Dhavlle, Abhijitt

Journal Title

Journal ISSN

Volume Title



Consumer and defense systems demanded design and manufacturing of electronics with increased performance, compared to their predecessors. As such systems became ubiquitous in a plethora of domains, their application surface increased, thus making them a target for adversaries. Hence, with improved performance the aspect of security demanded even more attention of the designers. The research community is rife with extensive details of attacks that target the confidential design details by exploiting vulnerabilities. The adversary could target the physical design of a semiconductor chip or break a cryptographic algorithm by extracting the secret keys, using attacks that will be discussed in this thesis. This thesis focuses on presenting a brief overview of IC reverse engineering attack and attacks targeting cryptographic systems. Further, the thesis presents my contributions to the defenses for the discussed attacks. The globalization of the Integrated Circuit (IC) supply chain has rendered the advantage of low-cost and high performance ICs in the market for the end users. But this has also made the design vulnerable to over production, IP Piracy, reverse engineering attacks and hardware malware during the manufacturing and post manufacturing process. Logic locking schemes have been proposed in the past to overcome the design trust issues but the new state-of-the-art attacks such as SAT has proven a larger threat. This work highlights the reverse engineering attack and a proposed hardened platform along with its framework. On the other side, the side-channel attacks (SCAs) has been one of the emerging threats. These SCAs function by exploiting the side-channels which invariably leak important data during an application's execution. The information leaked through side-channels are inherent characteristics of the system and is often unintentional. This information can be microarchitectural or physical information such as power consumption, thermal maps, timing of the operation, acoustics, and cache-trace. Intercepting secret information based on the study of power signature is a subdivision of SCAs where power consumption information serves as a covert channel leaking crucial information about the executed operations. Such physical SCAs are known to be a significant threat to cryptosystems such as AES (Advanced Encryption Standard) and can reveal the encryption key efficiently. To overcome such concerns and protect the data integrity, I introduce Power Swapper in this work. The proposed Power Swapper thwarts the attack by randomly choosing one of the multiple modules that perform the intended activity, but have power signature different than a standard implementation and can lead to similar power consumption as one of the other modules that perform a different operation. To achieve this, I introduce carefully crafted swapping of the standby modules that are responsible for the AES operation thus deluding the attacker without hurting the crypto operation. This methodology has been validated for the AES power analysis attack and the key information observed by the attacker is seen to be incorrect, indicating the success of the proposed method.



Hardware security, Hardware attacks, Design automation, Hardware modules, Side channel attack defense, Physical side channel attacks