Thursday 20 March 2014
Team of researchers from the U.S. as well as Europe has released a paper that shows how integrated circuits that are used in military equipment, computers and other such critical systems can be compromised at the time of the manufacturing process by way of virtually undetectable changes at the level of transistor.
To prove the effectiveness of the mentioned approach, the team described in the paper how the method could be used to alter as well as hit the hardware random number generator on Intel’s Ivy Bridge processors as well as the encryption protections on a smart card without any individual detecting the altered changes.
The research paper put forth is seen as an important lead to the idea of how anyone can insert a hardware Trojan into a microchip without the requirement for any additional transistors, circuitry and other logic resources.
Since 2005, hardware Trojans have received a lot of attention for prospective researches. This need for a research in the area had started when the U.S. Department of Defense announced publicly its concerns over the reliance of the military on integrated circuits that are manufactured abroad.
Individual circuit blocks that are present in a single microchip are usually designed by different parties. For instance, while it may be manufactured by an offshore foundry, it is packaged by a different country and thereafter distributed by another vendor. The paper submitted by the team of researches pointed out that this type of outsourcing and globalisation has led to the security as well as trust issues.
Over the last few years, a lot of attention has been given to finding different ways to detect and defeat hardware Trojans that are deliberately introduced at the time of manufacturing process, especially when chips are used for military and other such highly important applications. Surprisingly, however, little attention has been paid to building and implementing hardware Trojans. Researches conducted in the past have mentioned hardware Trojans to be consisting of small to medium-sized integrated circuits that were added to a chip at the time of what is popularly known as hardware description language layer. This is a part of the manufacturing process.
The latest research paper, in contrast, displays how one hardware Trojan can be introduced even at a later stage of the design process by way of changing the doping on a few transistors on the chip. Doping refers to the process by virtue of which electrical properties of silicon can be modified by introducing tiny impurities boron, phosphorous and gallium into crystal.
By switching the doping on some transistors, certain parts of the integrated circuit do not any longer work as they must. Since the change takes place at the atomic level, it is hard to detect the trojan. This makes it easy for the Trojan to go undetected in most of the detection techniques.
There could be a variety of scenarios in which the integrated circuit can be modified to let it function in whatever fashion.
