Originally published on ArXiv - Hardware Architecture

Computer Science > Cryptography and Security

arXiv:2408.04976v1 (cs)

[Submitted on 9 Aug 2024]

Title:Exploiting the Lock: Leveraging MiG-V's Logic Locking for Secret-Data Extraction

Authors:Lennart M. Reimann, Yadu Madhukumar Variyar, Lennet Huelser, Chiara Ghinami, Dominik Germek, Rainer Leupers

View a PDF of the paper titled Exploiting the Lock: Leveraging MiG-V's Logic Locking for Secret-Data Extraction, by Lennart M. Reimann and 4 other authors

View PDF

Abstract:The MiG-V was designed for high-security applications and is the first commercially available logic-locked RISC-V processor on the market. In this context logic locking was used to protect the RISC-V processor design during the untrusted manufacturing process by using key-driven logic gates to obfuscate the original design. Although this method defends against malicious modifications, such as hardware Trojans, logic locking's impact on the RISC-V processor's data confidentiality during runtime has not been thoroughly examined. In this study, we evaluate the impact of logic locking on data confidentiality. By altering the logic locking key of the MiG-V while running SSL cryptographic algorithms, we identify data leakages resulting from the exploitation of the logic locking hardware. We show that changing a single bit of the logic locking key can expose 100% of the cryptographic encryption key. This research reveals a critical security flaw in logic locking, highlighting the need for comprehensive security assessments beyond logic locking key-recovery attacks.

Comments:

Subjects:

Cryptography and Security (cs.CR); Hardware Architecture (cs.AR)

Cite as:

arXiv:2408.04976 [cs.CR]

(or arXiv:2408.04976v1 [cs.CR] for this version)

https://doi.org/10.48550/arXiv.2408.04976

Focus to learn more

arXiv-issued DOI via DataCite

Related DOI:

https://doi.org/10.1098/rsta.2023.0388

Focus to learn more

DOI(s) linking to related resources

Submission history

From: Lennart Reimann [view email]
[v1] Fri, 9 Aug 2024 09:59:23 UTC (3,521 KB)

Full-text links:

Access Paper:

View a PDF of the paper titled Exploiting the Lock: Leveraging MiG-V's Logic Locking for Secret-Data Extraction, by Lennart M. Reimann and 4 other authors

• View PDF
• TeX Sourceview license

Current browse context:

cs.CR

< prev   |   next >

new | recent | 2024-08

Change to browse by:

cs
cs.AR

References & Citations

• NASA ADS
• Google Scholar
• Semantic Scholar

export BibTeX citation Loading…

BibTeX formatted citation

×

loading…

Data provided by:

Bookmark

[

](http://www.bibsonomy.org/BibtexHandler?requTask=upload&url=https://arxiv.org/abs/2408.04976&description=Exploiting the Lock: Leveraging MiG-V's Logic Locking for Secret-Data Extraction "Bookmark on BibSonomy")[

](https://reddit.com/submit?url=https://arxiv.org/abs/2408.04976&title=Exploiting the Lock: Leveraging MiG-V's Logic Locking for Secret-Data Extraction "Bookmark on Reddit")

Bibliographic Tools

Bibliographic and Citation Tools

Bibliographic Explorer Toggle

Bibliographic Explorer (What is the Explorer?)

Connected Papers Toggle

Connected Papers (What is Connected Papers?)

Litmaps Toggle

Litmaps (What is Litmaps?)

scite.ai Toggle

scite Smart Citations (What are Smart Citations?)

Code, Data, Media

Code, Data and Media Associated with this Article

alphaXiv Toggle

alphaXiv (What is alphaXiv?)

Links to Code Toggle

CatalyzeX Code Finder for Papers (What is CatalyzeX?)

DagsHub Toggle

DagsHub (What is DagsHub?)

GotitPub Toggle

Gotit.pub (What is GotitPub?)

Huggingface Toggle

Hugging Face (What is Huggingface?)

Links to Code Toggle

Papers with Code (What is Papers with Code?)

ScienceCast Toggle

ScienceCast (What is ScienceCast?)

Demos

Demos

Replicate Toggle

Replicate (What is Replicate?)

Spaces Toggle

Hugging Face Spaces (What is Spaces?)

Spaces Toggle

TXYZ.AI (What is TXYZ.AI?)

Related Papers

Recommenders and Search Tools

Link to Influence Flower

Influence Flower (What are Influence Flowers?)

Core recommender toggle

CORE Recommender (What is CORE?)

• Author
• Venue
• Institution
• TopicAbout arXivLabs

arXivLabs: experimental projects with community collaborators

arXivLabs is a framework that allows collaborators to develop and share new arXiv features directly on our website.

Both individuals and organizations that work with arXivLabs have embraced and accepted our values of openness, community, excellence, and user data privacy. arXiv is committed to these values and only works with partners that adhere to them.

Have an idea for a project that will add value for arXiv's community? Learn more about arXivLabs.

Which authors of this paper are endorsers? | Disable MathJax (What is MathJax?)

AI Analysis

Structured Report: Exploiting the Lock: Leveraging MiG-V's Logic Locking for Secret-Data Extraction

Key Highlights

• Target Device: The MiG-V, noted as the first commercially available logic-locked RISC-V processor designed for high-security applications.
• Security Paradigm Shift: Logic locking, conventionally used to protect IP design during untrusted manufacturing (anti-Trojan defense), is repurposed as an attack vector for runtime data confidentiality compromise.
• Attack Success: The study successfully identified and exploited data leakages resulting from manipulating the logic locking hardware during operation.
• Critical Vulnerability: By altering only a single bit of the logic locking key, the researchers were able to successfully extract 100% of the cryptographic encryption key running through SSL algorithms.
• Mandated Review: The research emphasizes that security assessments must extend beyond traditional logic locking key-recovery attacks to evaluate runtime data leakage potential.

Technical Details

• Architecture Tested: MiG-V RISC-V processor.
• Mechanism Attacked: Key-driven logic gates used for design obfuscation (logic locking).
• Attack Methodology: The core technique involves actively altering the hardware's logic locking key while the processor is engaged in critical cryptographic processes (specifically, SSL cryptographic algorithms).
• Observation: The alteration of the logic locking key causes internal misconfigurations or side effects that expose sensitive data (the encryption key) being processed by the system.

Implications

• Compromised Trust in Hardware Security: This finding severely undermines the trust placed in logic locking as a comprehensive hardware protection measure, especially in architectures intended for high-security environments like the MiG-V.
• New Attack Surface: Logic locking is not merely a static defense against design extraction or modification, but a potential dynamic attack surface that can be leveraged by adversaries with physical access or exploit capabilities.
• RISC-V Ecosystem Impact: As the RISC-V architecture relies heavily on customizability and potentially distributed manufacturing chains, the failure of a primary hardware security feature (logic locking) in a commercial chip signals the need for far more robust verification across all hardware security IPs.
• Design Rework Required: Future implementations of logic locking must incorporate protective measures that prevent runtime manipulation of the locking key, or secure the processor state such that key changes do not induce observable or exploitable data leakage.