Protro: A probabilistic counter based hardware trojan attack on FPGA based macsec enabled ethernet switch

Vidya Govindan, Sandhya Koteshwara, Amitabh Das, Keshab K. Parhi, Rajat Subhra Chakraborty

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Over the past decades, the exponentially high rate of growth in number of connected devices has been accompanied by the discovery of new security loopholes, vulnerabilities and attacks in the network infrastructure. The original ethernet protocol was not designed considering the security aspect of the network architecture. In order to improve the security of the ethernet, many solutions and standards have been proposed. The IEEE 802.1AE Media Access Control Security (MACSec) standard is one of the most recent link layer security protocols which provides encryption and authentication between two network interfaces for secure next-generation deployments. In this paper we present a network packet redirection attack on a MACSec enabled NetFPGA-SUME based ethernet switch, by means of a Hardware Trojan (HT). The HT design is based on a probabilistic counter update mechanism with multiple triggers which eventually affects the way in which a network packet flows through the switch. In particular, an activated HT redirects a packet to an incorrect port, and in turn to a malicious eavesdropper. The proposed HT evades most of the recent hardware trust verification schemes. We present the complete architecture of the proposed MACSec enabled ethernet switch, followed by the design and mode of operation of the HT with promising experimental results.

Original languageEnglish (US)
Title of host publicationSecurity, Privacy, and Applied Cryptography Engineering - 9th International Conference, SPACE 2019, Proceedings
EditorsShivam Bhasin, Avi Mendelson, Mridul Nandi
PublisherSpringer
Pages159-175
Number of pages17
ISBN (Print)9783030358686
DOIs
StatePublished - Jan 1 2019
Event9th International Conference on Security, Privacy, and Applied Cryptography Engineering, SPACE 2019 - Gandhinagar, India
Duration: Dec 3 2019Dec 7 2019

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume11947 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference9th International Conference on Security, Privacy, and Applied Cryptography Engineering, SPACE 2019
CountryIndia
CityGandhinagar
Period12/3/1912/7/19

Keywords

  • AES-GCM
  • AXI4-Stream
  • FPGA
  • Hardware Trojan
  • MACSec
  • NetFPGA
  • Network security

Fingerprint Dive into the research topics of 'Protro: A probabilistic counter based hardware trojan attack on FPGA based macsec enabled ethernet switch'. Together they form a unique fingerprint.

Cite this