TY - GEN
T1 - Boolean circuit camouflage
T2 - 1st Workshop on Attacks and Solutions in Hardware Security, ASHES 2017
AU - Di Crescenzo, Giovanni
AU - Rajendran, Jeyavijayan
AU - Karri, Ramesh
AU - Memon, Nasir
N1 - Funding Information:
Many thanks to Yevgeniy Dodis for interesting discussions. Part of the first author’s work was supported by the Defense Advanced Research Projects Agency (DARPA) via U.S. Army Research Office (ARO), contract number W911NF-15-C-0233. Part of the second author’s work was supported by the NSF Award # CNS-1652842. The third and fourth authors are part of Center for Cybersecu-rity at NYU and NYU-AD. The third author is funded by ARO Award # W911NF-15-1-0278. The U.S. Government is authorized to reproduce and distribute reprints for Governmental purposes notwithstanding any copyright annotation hereon. Disclaimer: The views and conclusions contained herein are those of the authors and should not be interpreted as necessarily representing the official policies or endorsements, either expressed or implied, of DARPA, ARO, NSF, or the U.S. Government.
Publisher Copyright:
© 2017 Association for Computing Machinery.
PY - 2017/11/3
Y1 - 2017/11/3
N2 - Recent hardware advances, called gate camouflaging, have opened the possibility of protecting integrated circuits against reverseengineering attacks. In this paper, we investigate the possibility of provably boosting the capability of physical camouflaging of a single Boolean gate into physical camouflaging of a larger Boolean circuit.We first propose rigorous definitions, borrowing approaches from modern cryptography and program obfuscation areas, for circuit camouflage. Informally speaking, gate camouflaging is defined as a transformation of a physical gate that appears to mask the gate to an attacker evaluating the circuit containing this gate. Under this assumption, we formally prove two results: a limitation and a construction. Our limitation result says that there are circuits for which, no matter how many gates we camouflaged, an adversary capable of evaluating the circuit will correctly guess all the camouflaged gates. Our construction result says that if pseudo-random functions exist (a common assumptions in cryptography), a small number of camouflaged gates suffices to: (a) leak no additional information about the camouflaged gates to an adversary evaluating the pseudo-random function circuit; and (b) turn these functions into random oracles. These latter results are the first results on circuit camouflaging provable in a cryptographic model (previously, construction were given under no formal model, and were eventually reverse-engineered, or were argued secure under specific classes of attacks). Our results imply a concrete and provable realization of random oracles, which, even if under a hardware-based assumption, is applicable in many scenarios, including public-key infrastructures. Finding special conditions under which provable realizations of random oracles has been an open problem for many years, since a software-only provable implementation of random oracles was proved to be (almost certainly) impossible.
AB - Recent hardware advances, called gate camouflaging, have opened the possibility of protecting integrated circuits against reverseengineering attacks. In this paper, we investigate the possibility of provably boosting the capability of physical camouflaging of a single Boolean gate into physical camouflaging of a larger Boolean circuit.We first propose rigorous definitions, borrowing approaches from modern cryptography and program obfuscation areas, for circuit camouflage. Informally speaking, gate camouflaging is defined as a transformation of a physical gate that appears to mask the gate to an attacker evaluating the circuit containing this gate. Under this assumption, we formally prove two results: a limitation and a construction. Our limitation result says that there are circuits for which, no matter how many gates we camouflaged, an adversary capable of evaluating the circuit will correctly guess all the camouflaged gates. Our construction result says that if pseudo-random functions exist (a common assumptions in cryptography), a small number of camouflaged gates suffices to: (a) leak no additional information about the camouflaged gates to an adversary evaluating the pseudo-random function circuit; and (b) turn these functions into random oracles. These latter results are the first results on circuit camouflaging provable in a cryptographic model (previously, construction were given under no formal model, and were eventually reverse-engineered, or were argued secure under specific classes of attacks). Our results imply a concrete and provable realization of random oracles, which, even if under a hardware-based assumption, is applicable in many scenarios, including public-key infrastructures. Finding special conditions under which provable realizations of random oracles has been an open problem for many years, since a software-only provable implementation of random oracles was proved to be (almost certainly) impossible.
KW - Camouflaging
KW - Cryptography
KW - Hardware security
KW - Intellectual Property
KW - Piracy
KW - Program Obfuscation
UR - http://www.scopus.com/inward/record.url?scp=85037096236&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85037096236&partnerID=8YFLogxK
U2 - 10.1145/3139324.3139331
DO - 10.1145/3139324.3139331
M3 - Conference contribution
AN - SCOPUS:85037096236
T3 - ASHES 2017 - Proceedings of the 2017 Workshop on Attacks and Solutions in Hardware Security, co-located with CCS 2017
SP - 7
EP - 16
BT - ASHES 2017 - Proceedings of the 2017 Workshop on Attacks and Solutions in Hardware Security, co-located with CCS 2017
PB - Association for Computing Machinery, Inc
Y2 - 3 November 2017
ER -