This paper proposes a novel technique for hardware obfuscation termed dynamic functional obfuscation. Hardware obfuscation refers to a set of countermeasures used against IC counterfeiting and illegal overproduction. Traditionally, obfuscation encrypts semiconductor circuits using key inputs which must be set to a correct value to operate the circuit correctly. By keeping the key values secret during the manufacturing process, any attempt by unauthorized parties to overproduce chips or pirate designs is thwarted. The proposed dynamic technique differs from existing fixed obfuscation schemes as the obfuscating signals change over time. This results in inconsistent circuit behavior upon input of incorrect key, where the chip operates correctly sometimes and fails sometimes. The advantage of dynamic obfuscation is that it results in stronger obfuscation by increasing the time complexity of deciphering the correct key using brute-force attack, even with shorter keys. Moreover, the dynamic nature of these circuits also makes them resistant to reverse engineering and SAT solver-based attacks. To achieve dynamic obfuscation, ideas from hardware Trojan literature and sequentially triggered counters are utilized. A demonstration of obfuscation on sequential circuits implementing fast Fourier transform (FFT) algorithm and Ethernet IP shows low overall area and power overheads of less than 1%. Security in terms of time to attack for the FFT circuit (for a key size of 30 bits and a system operating at 100 MHz) is increased to 1 021,055 years using dynamic obfuscation compared with only 5.36 s using fixed obfuscation schemes. For the Ethernet IP core, time to attack of dynamic obfuscation with a key size of 32 bits is 1 046,423, 135 years compared with 21.47s with fixed obfuscation. It is also shown that for a key size of K bits, the lower bound for time to attack using brute-force is proportional to K2K and K22K for the proposed design using one and two random number generators, respectively.
|Original language||English (US)|
|Number of pages||15|
|Journal||IEEE Transactions on Information Forensics and Security|
|State||Published - Jan 2018|
Bibliographical noteFunding Information:
Manuscript received January 31, 2017; revised May 21, 2017 and July 26, 2017; accepted July 27, 2017. Date of publication August 11, 2017; date of current version November 20, 2017. This work was supported in part by the National Science Foundation under Grant CNS-1441639 and in part by the Semiconductor Research Corporation under Contract 2014-TS-2560. The associate editor coordinating the review of this manuscript and approving it for publication was Prof. Chip-Hong Chang. (Corresponding author: Keshab K. Parhi.) The authors with the Department of Electrical and Computer Engineering, University of Minnesota, Minneapolis, MN 55455 USA (e-mail: email@example.com; firstname.lastname@example.org; email@example.com).
- Functional obfuscation
- dynamic obfuscation
- fixed obfuscation
- hardware Trojans
- hardware security
- logic encryption
- reverse engineering
- time-varying obfuscation