Over the past decades, the exponentially high rate of growth in number of connected devices has been accompanied by the discovery of new security loopholes, vulnerabilities and attacks in the network infrastructure. The original ethernet protocol was not designed considering the security aspect of the network architecture. In order to improve the security of the ethernet, many solutions and standards have been proposed. The IEEE 802.1AE Media Access Control Security (MACSec) standard is one of the most recent link layer security protocols which provides encryption and authentication between two network interfaces for secure next-generation deployments. In this paper we present a network packet redirection attack on a MACSec enabled NetFPGA-SUME based ethernet switch, by means of a Hardware Trojan (HT). The HT design is based on a probabilistic counter update mechanism with multiple triggers which eventually affects the way in which a network packet flows through the switch. In particular, an activated HT redirects a packet to an incorrect port, and in turn to a malicious eavesdropper. The proposed HT evades most of the recent hardware trust verification schemes. We present the complete architecture of the proposed MACSec enabled ethernet switch, followed by the design and mode of operation of the HT with promising experimental results.
|Original language||English (US)|
|Title of host publication||Security, Privacy, and Applied Cryptography Engineering - 9th International Conference, SPACE 2019, Proceedings|
|Editors||Shivam Bhasin, Avi Mendelson, Mridul Nandi|
|Number of pages||17|
|State||Published - 2019|
|Event||9th International Conference on Security, Privacy, and Applied Cryptography Engineering, SPACE 2019 - Gandhinagar, India|
Duration: Dec 3 2019 → Dec 7 2019
|Name||Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)|
|Conference||9th International Conference on Security, Privacy, and Applied Cryptography Engineering, SPACE 2019|
|Period||12/3/19 → 12/7/19|
Bibliographical notePublisher Copyright:
© Springer Nature Switzerland AG 2019.
- Hardware Trojan
- Network security