Cryptology ePrint Archive: Report 2020/750

Doppelganger Obfuscation - Exploring the Defensive and Offensive Aspects of Hardware Camouflaging

Max Hoffmann and Christof Paar

Abstract: Hardware obfuscation is widely used in practice to counteract reverse engineering. In recent years, low-level obfuscation via camouflaged gates has been increasingly discussed in the scientific community and industry. In contrast to classical high-level obfuscation, such gates result in recovery of an erroneous netlist. This technology has so far been regarded as a purely defensive tool. We show that low-level obfuscation is in fact a double-edged sword that can also enable stealthy malicious functionalities.

In this work, we present Doppelganger, the first generic design-level obfuscation technique that is based on low-level camouflaging. Doppelganger obstructs central control modules of digital designs, e.g., FSMs or bus controllers, resulting in two different design functionalities: an apparent one that is recovered during reverse engineering and the actual one that is executed during operation. Notably, both functionalities are under the designer's control.

In two case studies, we apply Doppelganger to a universal cryptographic coprocessor. First, we show the defensive capabilities by presenting the reverse engineer with a different mode of operation than the one that is actually executed at an area overhead of less than 0.6%. Then, for the first time, we demonstrate the considerable threat potential through low-level obfuscation. We show how an invisible, remotely exploitable key-leakage Trojan can be injected into the same cryptographic coprocessor just through obfuscation at an area overhead of mere 0.01%.

Category / Keywords: Hardware Obfuscation, Camouflaging, Hardware Trojans

Date: received 19 Jun 2020

Contact author: max hoffmann at rub de

Available format(s): PDF | BibTeX Citation

Version: 20200621:173544 (All versions of this report)

Short URL: ia.cr/2020/750


[ Cryptology ePrint archive ]