Paper 2017/828

Standardizing Bad Cryptographic Practice - A Teardown of the IEEE Standard for Protecting Electronic-design Intellectual Property

Animesh Chhotaray, Adib Nahiyan, Thomas Shrimpton, Domenic J Forte, and Mark Tehranipoor

Abstract

We provide an analysis of IEEE standard P1735, which describes methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP. We find a surprising number of cryptographic mistakes in the standard. In the most egregious cases, these mistakes enable attack vectors that allow us to recover the entire underlying plaintext IP. Some of these attack vectors are well-known, e.g. padding-oracle attacks. Others are new, and are made possible by the need to support the typical uses of the underlying IP; in particular, the need for commercial system-on-chip (SoC) tools to synthesize multiple pieces of IP into a fully specified chip design and to provide syntax errors. We exploit these mistakes in a variety of ways, leveraging a commercial SoC tool as a black-box oracle. In addition to being able to recover entire plaintext IP, we show how to produce standard-compliant ciphertexts of IP that have been modified to include targeted hardware Trojans. For example, IP that correctly implements the AES block cipher on all but one (arbitrary) plaintext that induces the block cipher to return the secret key. We outline a number of other attacks that the standard allows, including on the cryptographic mechanism for IP licensing. Unfortunately, we show that obvious “quick fixes” to the standard (and the tools that support it) do not stop all of our attacks. This suggests that the standard requires a significant overhaul, and that IP-authors using P1735 encryption should consider themselves at risk.

Note: The paper was withdrawn for non-scientific reasons, and the results in this paper are correct. Please see CERT Vulnerability Note VU#739007 for the ramifications of our findings.

Metadata
Available format(s)
-- withdrawn --
Publication info
Published elsewhere. Minor revision. CCS 2017
DOI
10.1145/3133956.3134040
Keywords
Digital rights managementHardware security implementationBest practices for EDA
Contact author(s)
teshrim @ ufl edu
History
2018-07-16: withdrawn
2017-08-31: received
See all versions
Short URL
https://ia.cr/2017/828
License
Creative Commons Attribution
CC BY
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.