Cryptology ePrint Archive: Report 2014/508

Reversing Stealthy Dopant-Level Circuits

Takeshi Sugawara and Daisuke Suzuki and Ryoichi Fujii and Shigeaki Tawa and Ryohei Hori and Mitsuru Shiozaki and Takeshi Fujino

Abstract: A successful detection of the stealthy dopant-level circuit (trojan), proposed by Becker et al. at CHES 2013, is reported. Contrary to an assumption made by Becker et al., dopant types in active region are visible with either scanning electron microscopy (SEM) or focused ion beam (FIB) imaging. The successful measurement is explained by an LSI failure analysis technique called the passive voltage contrast. The experiments are conducted by measuring a dedicated chip. The chip uses the diffusion programmable device: an anti-reverse-engineering technique by the same principle as the stealthy dopant-level trojan. The chip is delayered down to the contact layer, and images are taken with (1) an optical microscope, (2) SEM, and (3) FIB. As a result, the four possible dopant-well combinations, namely (i) p+/n-well, (ii) p+/p-well, (iii) n+/n-well and (iv) n+/p-well are distinguishable in the SEM images. Partial but sufficient detection is also achieved with FIB. Although the stealthy dopant-level circuits are visible, however, they potentially make a detection harder. That is because the contact layer should be measured. We show that imaging the contact layer is at most 16-times expensive than that of a metal layer in terms of the number of images

Category / Keywords: implementation / Stealthy dopant-level trojan, Chip reverse engineering, LSI failure analysis, Passive voltage contrast

Original Publication (in the same form): IACR-CHES-2014

Date: received 27 Jun 2014

Contact author: Sugawara Takeshi at bp MitsubishiElectric co jp

Available format(s): PDF | BibTeX Citation

Version: 20140630:165034 (All versions of this report)

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]