Go to DBLP homepageSplitting the Secrets: A Cooperative Trust Model for System-on-Chip Designs with Untrusted IPs
Abstract: Securing System-on-Chips (SoCs) is challenging due to the globally distributed supply chain involving untrusted entities and integrating multiple third-party hardware intellectual properties (IPs) with varying trust levels. Each IP has distinct security needs, requiring a comprehensive strategy that addresses both individual IP-level security and overall SoC protection. Common threats, such as reverse engineering and tampering, pose significant risks to the confidentiality, integrity, and availability of secure assets. In this paper, we introduce a novel architecture-level solution for distributed authentication of unlocking keys in obfuscatedllocked IP cores based on secret-splitting techniques from cryptography. We propose secret-splitting methods for IP-level countermeasures and define a Distributed Authentication Protocol (DAP) for secure key splitting, which can operate in a point-to-point (P2P) mode or through a Centralized Engine for Secure Secret Splitting (CES3). We also discuss how CES3 can integrate a Security Policy Engine and a Trusted Platform Module to create a robust framework for cooperative security and trust in SoCs. The estimated black-box and white-box attack complexities are provided for an SoC containing multiple locked IPs with distributed authentication.
Loading