Integrated Circuit Hardware Security

Integrated Circuit Hardware Security

Source: Yuezhinet

This article was published in the November 2018 issue of IEEE Spectrum Chinese Edition “Technology Review”.

Authors: Liu Leibo, Yang Bohan, Zhu Min

Talking about information security without discussing integrated circuits is like seeking water without a source or wood without roots. To ensure the safety of electronic information systems applied in various fields of national economy and people’s livelihood, we must start with the hardware security of integrated circuits.

The popularity of personal computers provided early growth momentum for the semiconductor industry, and later the development of mobile communication devices allowed people to carry electronic chips with them. With the recent surge of Internet of Things technology, chips made from ordinary silicon sand will soon be as ubiquitous as grains of sand scattered across every corner of the world.

Hardware security chips are a crucial category among numerous chips. They act like plainclothes bodyguards, silently protecting various aspects of modern life. Hardware security chips are everywhere in our lives, from the computing centers providing internet shopping and financial services to mobile payments that are gradually replacing cash; from mobile communication base stations scattered throughout cities to public transport cards; from chip-based bank cards and credit cards to medical electronics and personal health devices, the list goes on. It can be said that hardware security safeguards various fields of national economy and people’s livelihood.

To ensure the security of a chip, the entire supply chain must first be trusted and secure. However, chips are products of social division of labor, requiring the participation and cooperation of hundreds of thousands of companies around the globe; hence, it is necessary to ensure that every step, from initial design and verification to subsequent manufacturing, testing, packaging, and finally logistics and transportation, is secure and controllable through technical means supplemented by administrative measures. From this perspective, self-research does not necessarily mean security.

Modern information security systems provide users with confidentiality, integrity verification, and authentication functions and services. The stability, security, and reliability of these systems become paramount. For designers and engineers, designing and implementing such a hardware security system is a significant challenge. This is because hardware security systems often need to meet both traditional performance metrics and additional security metrics, which often point to contradictory design directions.

Generally speaking, the architecture of secure computing devices is layered. The security of each layer is based on trust in the layer below it. The lowest layer of the system usually consists of a module known as the root of trust. The root of trust is a set of functions that other modules in the system trust. Purely software-based security solutions do not exist because such solutions can generally be bypassed by lower-level attacks. Therefore, the functional modules of the root of trust are often implemented based on underlying hardware. It is clear that pursuing system security without considering hardware security is akin to seeking fish in a tree.

Integrated Circuit Hardware Security

Designing hardware security chips requires involvement in every aspect of integrated circuit design, from transistor design to the selection of standard cell libraries, from system architecture design to cryptographic algorithm implementation, and finally to protocol design. The security of a system depends on its weakest link. Designers need to consider the security of all aspects of the system, while attackers only need to attack one point.

The saying goes, “the higher the road, the higher the devil,” and research on hardware security of integrated circuits develops in competition with attack methods. Early attacks on security systems mainly focused on mathematical analysis and cracking of related cryptographic algorithms. In recent years, many new types of physical attack methods have emerged, among which two very popular categories are side-channel attacks and fault injection attacks. Side-channel attacks exploit side-channel information during the operation of secure cryptographic systems to crack hardware system security, such as instruction operation execution time, instantaneous power consumption, electromagnetic radiation, and photon release information of integrated circuits. Both academia and industry are continuously researching various methods to resist side-channel attacks. Fault injection attacks, on the other hand, are a method of attacking by introducing specific types of errors during circuit operation and analyzing fault propagation to ultimately break the key. Compared to general power attacks that require a large amount of curve sampling, fault attacks can be achieved with only a small amount of erroneous ciphertext.

To meet the security, flexibility, high performance, and low power consumption application requirements in application scenarios, the Cryptographic Chip and Hardware Security Research Team at Tsinghua University has proposed key technologies for a new type of dynamically reconfigurable cryptographic chip. Among these, the time-domain and space-domain random reconstruction technology to resist fault attacks and the redundant noise random reconstruction technology to resist power attacks serve the security requirements of cryptographic chips. For different application scenarios, the research team has developed reconfigurable computing unit architecture technology based on entropy diffusion obfuscation component parameters, aggressive, branch pipeline, and token control parallelization technology for cryptographic tasks, as well as cryptographic data flow graph-guided reconfigurable configuration information management technology, thereby serving the high performance, high energy efficiency, and flexibility requirements of cryptographic chips; using these three technologies, reconfigurable chip design technologies suitable for cryptographic chip applications are provided from the three aspects of computing, control, and configuration. In addition, to meet the low power consumption requirements of IoT devices, the research team also proposed a cryptographic computation strength-aware reconfigurable array voltage adaptive technology.

Integrated Circuit Hardware Security

In addition to physical attacks, hardware systems are also threatened by various vulnerabilities.

In early 2018, media reports revealed that mainstream high-performance CPUs generally had several serious security vulnerabilities affecting information security, such as “Meltdown” and “Spectre.” Besides the widespread impact of these vulnerabilities, a significant difference from previous ones is that they are hardware vulnerabilities. Most current solutions focus on mitigating the damage through software patches, and even hardware firmware updates can only patch some vulnerabilities.

In this incident, most software security solutions were powerless, even unable to propose effective schemes to detect whether vulnerabilities had been exploited. The reason is that the hardware speculative execution behavior on which the vulnerabilities depend is completely invisible at the software level.

As of now, the vulnerability incidents continue to evolve, with new vulnerabilities being discovered as research deepens; at the same time, the topic of balancing performance and security has begun to provoke widespread discussion and reflection in the academic and industrial fields of processor architecture and chip design, which is profoundly influential.

The hardware security of CPU chips is the foundation of computing system security. If the hardware security of the CPU cannot be ensured, the security of the software running on it cannot be guaranteed, and the closely related system security and network security cannot even be discussed.

To address this challenge, the research team proposed a “dynamic detection and control technology for CPU hardware security based on high security and high flexibility reconfigurable architecture.” This technology overcomes the inherent shortcomings of traditional practices that conduct security testing before commercial deployment of CPU chips, and instead uses the aforementioned new type of dynamically reconfigurable cryptographic chip key technology to rapidly sample and analyze all important behaviors of the CPU (including instruction execution, internal state changes, data interaction with external storage and network devices, as well as micro-architectural behaviors like speculative execution and cache control) during the power-on and operation process after CPU chip deployment. Whether it is hardware trojans, vulnerabilities, backdoors, or malicious exploitation of front doors, they can be detected in a timely manner and controlled as needed.

In July 2018, the Cryptographic Chip and Hardware Security Research Team at Tsinghua University and Lanqi Technology developed the Jinzhai high-performance CPU chip using the aforementioned technology. This is the world’s first CPU that uses a third-party silicon module to dynamically monitor the hardware security status of the processor core. Lenovo, Great Wall Computer, and H3C have completed the development of high-performance commercial servers based on the Jinzhai CPU, which will be launched for sale soon (models include Lenovo SR651, Great Wall JW920, and H3C R4900).

This technology has been successfully selected as one of the 15 global leading technological achievements at the Fifth World Internet Conference (November 2018). This is the second time that original technological achievements from domestic universities have been selected as global leading technological achievements at this conference (the quantum computer from the University of Science and Technology of China was selected in 2017).

There is no one-size-fits-all hardware security solution; new attack methods and security threats continue to emerge. Looking at today and envisioning the near future, it is foreseeable that the successful development of practical quantum computers will destroy the mathematical foundation of existing public key cryptographic algorithms; rapidly advancing artificial intelligence technology is widely used in attack methods including side-channel analysis and fault injection; the ubiquity of IoT devices and the advent of the big data era pose new challenges for protecting personal privacy. Ensuring the hardware security of integrated circuits is a long and arduous task.

Integrated Circuit Hardware Security

Leave a Comment