Techniques and technology for preventing breaches are becoming more sophisticated, but so are the attacks.
New and different approaches to security are gaining a foothold as the life expectancy for advanced chips increases, and as emerging technologies such as quantum computing threaten to crack even the most complex encryption schemes.
These approaches include everything from homomorphic encryption, where data is processed without being decrypted, to different ways of sending and receiving data securely in a quantum world. Alongside of all of this, security is becoming more modular, flexible and distributed, allowing systems to be updated throughout their longer lifetimes, with more secure over-the-air updates using air-gapped roots of trust and authentication, and with an increasing emphasis on better visibility into the supply chain.
To be effective, security needs to be built into every facet of hardware and software, and it has to be designed in up front as part of a broad system-wide focus. But even then, nothing is guaranteed.
“Security is an arms race, and our requirements are always going to be changing” said Jason Moore, engineering senior director at Xilinx. “Another thing that needs to be considered is the capability of an adversary. Security is very similar to insurance. How much are you willing to pay for that? How much is your IP worth? Is this an environment where there are guns, gates and guards, and where an adversary does not have physical access? Or is this something that is remote in the field where an adversary can easily get their hands on it? These require very different security profiles. If you take into account the worst possible case, you’re dealing with a very talented adversary that may be a nation state with unlimited resources, unlimited funding, and a strong motivation.”
This is particularly important in safety-critical markets such as automotive, where advanced-node technology is expected to function without a hiccup for more than a decade. Any security breach can cause an accident. But with ransom-minded criminal organizations or states, it can cause many accidents simultaneously.
“Cars are staying in the field longer, so they need to get over-the-air firmware updates,” said Steven Woo, fellow and distinguished inventor at Rambus. “As a growing percentage of cars in the world shift to being more hubs for communications and entertainment, then those issues become more complicated. Spectre and Meltdown shed some light on what you need to think about as a programmer. So we need to start thinking about this in a different way. A lot of what we’ve done is retrofit the solution. We’ve relied on these architectures for decades. Now what we’re going to have to look at this from the ground up.”
Fig. 1: Side channel attack. Source: Cambridge University/hardwear.io
The bigger picture
One of the thorniest problems for chipmakers is they don’t know exactly how their technology will be used in the future, or what kinds of new threats will emerge. The whole idea behind speculative execution and branch prediction was to eke more performance per watt out of processors to compensate for the diminishing benefits of scaling. While that seemed like a good idea from a performance standpoint, it proved far less impressive from a security perspective. A decade later, the vulnerabilities were exposed with Spectre and Meltdown, forcing processor vendors to come up with solutions that erased those performance improvements.
Since then, designs have become increasingly modular, adding a level of programmability into tiles/chiplets inside of packages, or as blocks on the same die. That allows authentication keys and secure boot-up information to be stored in one or more different places with tamper-proof technology built around it.
“The U.S. government is now using embedded FPGAs for that,” said Geoff Tate, CEO of Flex Logix. “We’re seeing eFPGAs where designs are more constrained, such as with signal processing algorithms. You also can use an eFPGA as a security block, which may be non-internal, to help increase flexibility and update it for security risks.”
Arm is taking a somewhat different approach with TrustZone. Its new processor architecture allows the secure components to basically be air-gapped from other processes, so even if there is an attack the system can be securely rebooted.
“If you take a look at the new Cortex-R82, it’s a 64-bit core that supports memory management and allows Linux to run natively,” said Neil Werdmuller, director of storage solutions for real-time processors at Arm. “What’s different is that you can have some cores running Linux and others running a real-time operating system, and you can modify the balance between the two of them as needed. On top of that, it’s compatible with TrustZone, and actually extends it. So for hyperscalers, they can have an integrated security system and they can completely hide it from the end customer.”
The finer art of detecting problems
An important piece of the security puzzle is understanding not just whether a device is doing what it’s supposed to do, but also whether it’s doing something it shouldn’t be doing. That requires ongoing monitoring for unusual activity, because sometimes sleeper circuits can wake up months or years later. But it also requires extremely sensitive sensors, because with AI systems these rogue circuits can learn and mimic normal traffic patterns.
“People have added special circuitry to tell you if a circuit is behaving differently than you expected,” said Jason Oberg, CTO at Tortuga Logic. “It could be just a mistake on a die — or there could be a Trojan inserted into IP. And then, once you send that out to manufacturing, there is the possibility that someone puts a Trojan in at the fab, which is a hard attack model. There’s also the possibility that there is an attack on the design tool. And then there is the possibility that someone put a different die in the package and sent it to me. That happens all the time.”
One way to avoid these kinds of issues is to physically inspect a chip and compare that to a photograph of the original design. But as chips become increasingly complex, as they are packaged with other chips, and as the features inside of these devices continues to shrink, this becomes much more difficult.
A second approach is to create a digital twin of the design, which can be used to compare something in the field with the digital model of that device. If a security problem is detected, it can be fixed first on the digital model and tested, and then patched in the field.
A third approach, which can be used in conjunction with the others, is to use formal technology to trace potential or real problems all the way through a system. Verification is becoming an important tool in the battle against cyber attacks, and formal is particularly useful for following potential weaknesses or attack pathways through chips and even into larger systems.
“With assembly, packaging and test, we’ve been looking at whether an IC is doing what it’s supposed to be doing,” said John Hallman, product manager for trust and security at OneSpin Solutions. “But we’re starting to ask the question, ‘Is it doing anything else?’ We want to independently verify that the IP or IC satisfies security objectives. And we’re going to be moving that solution further to the left.”
Homomorphic encryption
One of the new buzzwords around data security is fully homomorphic encryption (FHE). The idea has floating around for about a decade, but it is just beginning to be taken seriously in areas where a breach would be catastrophic, such as military computers. The general idea is that if data can remain encrypted, rather than decrypting everything before processing and re-encrypting it afterward, then it will be almost impossible to crack without a decryption key.
Most attacks on data happen when the data is unencrypted, and particularly when it is in motion. FHE would allow data to be processed on even unsecured networks and still remain secure. FHE uses lattice-based cryptography, an approach that is expected to become more prevalent as quantum computing gains traction because it is resistant to attacks by both conventional and quantum computers.
But homomorphic encryption has a unique set of challenges as well. One is the raw horsepower required to process these lattice-based code structures. That is largely due to what encryption experts call “noise,” which in the encryption world translates into errors in code. While it is possible to control that noise, it requires massive compute power.
DARPA, through its Data Protection In Virtual Environments (DPRIVE) program, currently is researching how to limit that noise. It’s also looking into how many bits will be required to process extremely long word lengths natively. While most computers run 32-bit or 64-bit applications, DPRIVE is looking at 1,024 bits or more.
“Encryption protects data in motion and at rest, but not in use,” said Tom Rondeau, program manager in DARPA’s Microsystems Technology Office, in a recent presentation. “But this is orders of magnitude slower than plain-text data. What would take 1 hour with unencrypted data would take 15 years under fully encrypted processing.”
Progress has been made by a number of startups working on this problem, such as Cornami and Borsetta, both of which are examining FHE in the context of quantum-proof algorithms. But adoption may require different chip architectures and software development strategies, such as carefully choosing what gets encrypted and what doesn’t. It also will require different tooling to be able to design and verify these systems.
“This presents an interesting verification challenge,” said OneSpin’s Hallman. “But right now it’s just a research area. It’s an interesting field, and it’s showing interesting promise. But it also requires some transparency, which isn’t there today.”
At least part of that is due to the limitations of the hardware. “If you have a functioning quantum computer, it would run homomorphic encryption very fast,” said Oberg. “It’s very computationally complex. On the hardware side, this is growing dramatically. If people keep waiting, they’re going to be overwhelmed with how to address this. There will be a huge financial impact because someone will have to do a recall or something disastrous could happen.”
Quantum computing
Quantum technology does indeed add another wrinkle into the security picture. Existing ciphers can be broken easily using quantum computers, and as this technology gains ground there is a fear that existing security measures very suddenly may become inadequate.
One of the main problems is that existing encryption schemes use more bits to strengthen security keys. But with quantum, where a bit can be a one and a zero, encryption schemes are built using a lattice approach rather than a linear one.
“There’s an exponential accruing of time on a standard computer to crack a key,” said Andy Heinig, group leader for advanced system integration and department head for efficient electronics in Fraunhofer IIS’ Engineering of Adaptive Systems Division. “A quantum computer can do all of this in parallel. That becomes a linear time dependency. The solution is you need a one-time key. That makes it difficult to crack because you don’t have enough information. And if you change that one-time key during transmission, it’s more or less impossible to crack. But you also need a secure way to transfer the keys, and this can be done through quantum communication.”
In effect, this behaves like a random number generator, but one that is compatible with existing technology. “Those one-time keys use standard communication channels,” said Heinig.
That’s part of the solution. The bigger problem is the algorithm itself, and so far there is no standardized quantum-resistant algorithm. While that may not seem like a problem today, many of these devices will be in the market for a decade or more. For forward-looking designs, choosing the wrong algorithm could lead to problems down the road.
“It’s a very big risk,” said Xilinx’s Moore. “If you choose a quantum-resistant algorithm now, and it hasn’t had the analysis done by the community at large, you might commit yourself to an algorithm for which they discover an inherent weakness eight months from now. And then what do you do? Security is not just about the chip. For a long time, people have used the term ‘defense in depth.’ It requires very close collaboration with their customers. That should provide some level of protection. But it’s not the be-all and end-all. The system has to have protections, too. So we have to work closely with our customers to put a layered security approach together. They need to clearly define what’s inside the box and what’s outside the box when it comes to the security of the chip, and what it can do for the system. Until we can have quantum-resistant algorithms in place, we’re going to continue to rely on what is already a very good practice — and hope we do not end up with a gap, which would be very serious.”
The exact timing is unknown, but the move to quantum computing is real. The next challenges involve improved accuracy of results and longer lifetimes for quibits.
“With quantum, you’ll see simulations with material science within five years,” said Mike Mayberry, CTO of Intel, during a recent panel discussion. “For other applications, it will be 10 years. Cryptography is a little further out.”
Other concerns
At nearly every security conference, experts reiterate that more chips and more complexity widen the attack surface, and white-hat hackers explained a number of possible attack vectors at the recent hardwear.io conference in the Netherlands.
“If I know there’s a chip that controls the power management, and maybe another one that controls the bit security, I would extract both of those,” said John McMaster, a consultant who reverse-engineers technology for companies. “They would probably be two contiguous blocks on a chip, but I don’t have to worry about all the power stuff in between. I’m just focusing on the firmware, because that controls a lot of the high-level functionality on a chip, and I can extract it without worrying about all the other details. Sometimes we’ll find a vulnerability in the firmware, but a lot of times we have to stack it with another attack. So I might find an ‘If’ check in the firmware. Then I can apply a voltage glitch to unlock the code. Sometimes it requires me to know when to do that, and that becomes a multi-step process.”
One problem is that many chipmakers want to control these functions centrally. As they design the firmware to do that, they also make it possible to control more of the device once attackers understand how to get in. Hackers have become sophisticated enough to penetrate even the newest technology relatively quickly, and the number and complexity of recent attacks attests to their growing prowess.
“We started looking at the shift from symmetrical to elliptical (elliptic curve) cryptography,” said Sergei Skorobogatov, a University of Cambridge senior research associate. “The typical point of view is that they are harder to break because they are newer devices, made with advanced technology and multiple metal layers. The features are so small that you need an electron microscope to look into those devices. But we managed to get all the data out of the device and make an exact clone.”
To make matters worse, it’s often difficult to even determine when there is a breach because these devices are becoming so complex.
“Fault tolerance is going to be an issue,” said Oberg. “Because of the way these chips are being architected, you can have a failure in the middle from a physical, fault-injection standpoint. And then there’s the whole issue of making sure that the IP and the system is upgradable. Bitstream to protect an FPGA, and that kind of approach, will be important to protecting training data to make sure people can’t reverse engineer or modify it. Those will become more important, particularly for AI accelerators.”
Conclusion
Security always has been a game of finding holes and plugging them. In the past, most of that was done in software. But as hackers increasingly target semiconductors, those holes are sometimes harder to fill than in software. They require broad architectural and systemic changes, and much more focus on flexibility and ongoing monitoring.
The fact that the chip industry is taking this seriously is a step in the right direction. But even with the best intentions and nearly unlimited resources, there will continue to be breaches. The challenge is to be able to prevent these problems from spreading, and to snuff them out as quickly as possible when they do occur. Chipmakers are finally coming around to recognizing that, but it still will take time before those changes are implemented on a wide enough scale to make a significant impact.
Related Articles
HW Security Better, But Attack Surface Is Growing
Fundamental Changes In Economics Of Chip Security
What Makes A Chip Tamper-Proof?
Security knowledge center
Making Sense Of PUFs
Hardware Attack Surface Widening
Determining What Really Needs To Be Secured In A Chip
Security on our YouTube Channel
Leave a Reply