Threats associated with the untrusted fabrication of integrated circuits (ICs) are numerous: piracy, overproduction, reverse engineering, hardware trojans, etc. The use of reconfigurable elements (i.e., look-up tables as in FPGAs) is a known obfuscation technique. In the extreme case, when the circuit is entirely implemented as an FPGA, no information is revealed to the adversary but at a high cost in area, power, and performance. In the opposite extreme, when the same circuit is implemented as an ASIC, best-in-class performance is obtained but security is compromised. This paper investigates an intermediate solution between these two. Our results are supported by a custom CAD tool that explores this FPGA-ASIC design space and enables a standard-cell based physical synthesis flow that is flexible and compatible with current design practices. Layouts are presented for obfuscated circuits in a 65nm commercial technology, demonstrating the attained obfuscation both graphically and quantitatively. Furthermore, our security analysis revealed that for truly hiding the circuit's intent (not only portions of its structure), the obfuscated design also has to chiefly resemble an FPGA: only some small amount of logic can be made static for an adversary to remain unaware of what the circuit does.
翻译:与不可信地制造集成电路(ICs)相关的威胁很多:盗版、过度生产、逆向工程、硬件阵列等等。 使用可重新配置的元素(即FPGAs中的查看表)是一种已知的模糊技术。 在极端的情况下,当电路完全作为FPGA使用时,没有向对手透露任何信息,但在65nm商业技术领域、权力和性能方面费用高昂。在相反的极端的情况下,当同一个电路作为ACICE实施时,获得了最佳的等级性能,但安全却受到损害。本文调查了两者之间的中间解决办法。我们的结果得到一个专门CAD工具的支持,该工具探索FPGA-ASIC的设计空间,并使得基于标准的物理合成流动能够灵活和与目前的设计做法相容。在65nm商业技术领域、权力和性能方面,没有向对手透露任何令人困惑的电路段的布局,表明已经达到的混乱状态,但安全性能受损。 此外,我们的安全分析表明,为了真正隐藏电路图的意图,我们只能将电路段的逻辑结构变成一个固定式的平面结构结构。