International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Trojan Insertion versus Layout Defenses for Modern ICs: Red-versus-Blue Teaming in a Competitive Community Effort

Authors:
Johann Knechtel
Mohammad Eslami
Peng Zou
Min Wei
Xingyu Tong
Binggang Qiu
Zhijie Cai
Guohao Chen
Benchao Zhu
Jiawei Li
Jun Yu
Jianli Chen
Chun-Wei Chiu
Min-Feng Hsieh
Chia-Hsiu Ou
Ting-Chi Wang
Bangqi Fu
Qijing Wang
Yang Sun
Qin Luo
Anthony W. H. Lau
Fangzhou Wang
Evangeline F. Y. Young
Shunyang Bi
Guangxin Guo
Haonan Wu
Zhengguang Tang
Hailong You
Cong Li
Ramesh Karri
Ozgur Sinanoglu
Samuel Pagliarini
Download:
DOI: 10.46586/tches.v2025.i1.37-77
URL: https://tches.iacr.org/index.php/TCHES/article/view/11921
Search ePrint
Search Google
Abstract: Hardware Trojans (HTs) are a longstanding threat to secure computation. Among different threat models, it is the fabrication-time insertion of additional malicious logic directly into the layout of integrated circuits (ICs) that constitutes the most versatile, yet challenging scenario, for both attackers and defenders.Here, we present a large-scale, first-of-its-kind community effort through red-versus-blue teaming that thoroughly explores this threat. Four independently competing blue teams of 23 IC designers in total had to analyze and fix vulnerabilities of representative IC layouts at the pre-silicon stage, whereas a red team of 3 experts in hardware security and IC design continuously pushed the boundaries of these defense efforts through different HTs and novel insertion techniques. Importantly, we find that, despite the blue teams’ commendable design efforts, even highly-optimized layouts retained at least some exploitable vulnerabilities.Our effort follows a real-world setting for a modern 7nm technology node and industrygrade tooling for IC design, all embedded into a fully-automated and extensible benchmarking framework. To ensure the relevance of this work, strict rules that adhere to real-world requirements for IC design and manufacturing were postulated by the organizers. For example, not a single violation for timing and design-rule checks were allowed for defense techniques. Besides, in an advancement over prior art, neither red nor blue teams were allowed to use any so-called fillers and spares for trivial attack or defense approaches.Finally, we release all methods and artifacts: the representative IC layouts and HTs, the devised attack and defense techniques, the evaluation metrics and setup, the technology setup and commercial-grade reference flow for IC design, the encompassing benchmarking framework, and all best results. This full release enables the community to continue exploring this important challenge for hardware security, in particular to focus on the urgent need for further advancements in defense strategies.
BibTeX
@article{tches-2024-34864,
  title={Trojan Insertion versus Layout Defenses for Modern ICs: Red-versus-Blue Teaming in a Competitive Community Effort},
  journal={IACR Transactions on Cryptographic Hardware and Embedded Systems},
  publisher={Ruhr-Universität Bochum},
  volume={2025},
  pages={37-77},
  url={https://tches.iacr.org/index.php/TCHES/article/view/11921},
  doi={10.46586/tches.v2025.i1.37-77},
  author={Johann Knechtel and Mohammad Eslami and Peng Zou and Min Wei and Xingyu Tong and Binggang Qiu and Zhijie Cai and Guohao Chen and Benchao Zhu and Jiawei Li and Jun Yu and Jianli Chen and Chun-Wei Chiu and Min-Feng Hsieh and Chia-Hsiu Ou and Ting-Chi Wang and Bangqi Fu and Qijing Wang and Yang Sun and Qin Luo and Anthony W. H. Lau and Fangzhou Wang and Evangeline F. Y. Young and Shunyang Bi and Guangxin Guo and Haonan Wu and Zhengguang Tang and Hailong You and Cong Li and Ramesh Karri and Ozgur Sinanoglu and Samuel Pagliarini},
  year=2024
}