International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Doppelganger Obfuscation — Exploring theDefensive and Offensive Aspects of Hardware Camouflaging

Authors:
Max Hoffmann , Ruhr University Bochum, Horst Görtz Institute for IT Security, Germany; Max Planck Institute for Security and Privacy, Germany
Christof Paar , Max Planck Institute for Security and Privacy, Germany
Download:
DOI: 10.46586/tches.v2021.i1.82-108
URL: https://tches.iacr.org/index.php/TCHES/article/view/8728
Search ePrint
Search Google
Abstract: Hardware obfuscation is widely used in practice to counteract reverse engineering. In recent years, low-level obfuscation via camouflaged gates has been increasingly discussed in the scientific community and industry. In contrast to classical high-level obfuscation, such gates result in recovery of an erroneous netlist. This technology has so far been regarded as a purely defensive tool. We show that low-level obfuscation is in fact a double-edged sword that can also enable stealthy malicious functionalities.In this work, we present Doppelganger, the first generic design-level obfuscation technique that is based on low-level camouflaging. Doppelganger obstructs central control modules of digital designs, e.g., Finite State Machines (FSMs) or bus controllers, resulting in two different design functionalities: an apparent one that is recovered during reverse engineering and the actual one that is executed during operation. Notably, both functionalities are under the designer’s control.In two case studies, we apply Doppelganger to a universal cryptographic coprocessor. First, we show the defensive capabilities by presenting the reverse engineer with a different mode of operation than the one that is actually executed. Then, for the first time, we demonstrate the considerable threat potential of low-level obfuscation. We show how an invisible, remotely exploitable key-leakage Trojan can be injected into the same cryptographic coprocessor just through obfuscation. In both applications of Doppelganger, the resulting design size is indistinguishable from that of an unobfuscated design, depending on the choice of encodings.
Video from TCHES 2020
BibTeX
@article{tches-2020-30761,
  title={Doppelganger Obfuscation — Exploring theDefensive and Offensive Aspects of Hardware Camouflaging},
  journal={IACR Transactions on Cryptographic Hardware and Embedded Systems},
  publisher={Ruhr-Universität Bochum},
  volume={2021, Issue 1},
  pages={82-108},
  url={https://tches.iacr.org/index.php/TCHES/article/view/8728},
  doi={10.46586/tches.v2021.i1.82-108},
  author={Max Hoffmann and Christof Paar},
  year=2020
}