Interdiction in practice—Hardware Trojan against a high-security USB flash drive

Abstract

As part of the revelations about the NSA activities, the notion of interdiction has become known to the public: the interception of deliveries to manipulate hardware in a way that backdoors are introduced. Manipulations can occur on the firmware or at hardware level. With respect to hardware, FPGAs are particular interesting targets as they can be altered by manipulating the corresponding bitstream which configures the device. In this paper, we demonstrate the first successful real-world FPGA hardware Trojan insertion into a commercial product. On the target device, a FIPS-140-2 level 2 certified USB flash drive from Kingston, the user data are encrypted using AES-256 in XTS mode, and the encryption/decryption is processed by an off-the-shelf SRAM-based FPGA. Our investigation required two reverse-engineering steps, related to the proprietary FPGA bitstream and to the firmware of the underlying ARM CPU. In our Trojan insertion scenario, the targeted USB flash drive is intercepted before being delivered to the victim. The physical Trojan insertion requires the manipulation of the SPI flash memory content, which contains the FPGA bitstream as well as the ARM CPU code. The FPGA bitstream manipulation alters the exploited AES-256 algorithm in a way that it turns into a linear function which can be broken with 32 known plaintext–ciphertext pairs. After the manipulated USB flash drive has been used by the victim, the attacker is able to obtain all user data from the ciphertexts. Our work indeed highlights the security risks and especially the practical relevance of bitstream modification attacks that became realistic due to FPGA bitstream manipulations.

This is a preview of subscription content, access via your institution.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10

Notes

  1. 1.

    Many categories even fulfill the qualitative security level 3, cf. [4].

References

  1. 1.

    Hex-Rays, S.A. http://www.hex-rays.com

  2. 2.

    Suite B Cryptography. https://www.nsa.gov/ia/programs/suiteb_cryptography/ (2001)

  3. 3.

    Report of the defense science board task force on high performance microchip supply. http://www.acq.osd.mil/dsb/reports/ADA435563.pdf? (2005)

  4. 4.

    DataTraveler 5000 FIPS 140-2 Level 2 certification. http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140crt/140crt1316.pdf (2010)

  5. 5.

    Aldaya, A.C., Sarmiento, A.J.C., Sánchez-Solano, S.: AES T-Box tampering attack. J. Cryptogr. Eng., pp.1–18 (2015). doi:10.1007/s13389-015-0103-4

  6. 6.

    Becker, G.T., Regazzoni, F., Paar, C., Burleson, W.P.: Stealthy dopant-level hardware Trojans. In: Cryptographic hardware and embedded systems–CHES 2013–15th International Workshop, Santa Barbara, CA, USA, August 20–23, 2013

  7. 7.

    Benz, F., Seffrin, A., Huss, S.: Bil: A tool-chain for bitstream reverse-engineering. In: Field programmable logic and applications (FPL), 2012 22nd International Conference on, pp. 735–738 (2012). doi:10.1109/FPL.2012.6339165

  8. 8.

    Chakraborty, R., Saha, I., Palchaudhuri, A., Naik, G.: Hardware Trojan insertion by direct modification of FPGA configuration bitstream. Des. Test IEEE 30(2), 45–54 (2013)

    Article  Google Scholar 

  9. 9.

    Ding, Z., Wu, Q., Zhang, Y., Zhu, L.: Deriving an NCD file from an FPGA bitstream: methodology, architecture and evaluation. Microprocess. Microsyst.—Embed. Hardware Des. 37(3), 299–312 (2013)

    Article  Google Scholar 

  10. 10.

    Drimer, S.: Security for volatile FPGAs. Technical Report UCAM-CLTR-763, University of Cambridge, Computer Laboratory (2009)

  11. 11.

    Eisenbarth, T., Güneysu, T., Paar, C., Sadeghi, A., Schellekens, D., Wolf, M.: Reconfigurable trusted computing in hardware. In: Workshop on scalable trusted computing, STC 2007, pp. 15–20. ACM (2007)

  12. 12.

    Greenwald, G.: No place to hide: Edward Snowden, the NSA and the surveillance state. Metropolitan Books, New York (2014)

    Google Scholar 

  13. 13.

    IEEE Std 1619-2007: IEEE standard for cryptographic protection of data on block-oriented storage devices

  14. 14.

    Kakarlapudi, B., Alabur, N.: FPGA implementations of S-box vs. T-box iterative architectures of AES, http://teal.gmu.edu/courses/ECE746/project/reports_2008/AES_T-box_report.pdf

  15. 15.

    Karri, R., Rajendran, J., Rosenfeld, K.: Trojan taxonomy. In: Tehranipoor, M., Wang, C. (eds.) Introduction to hardware security and trust. Springer-Verlag, (2012)

  16. 16.

    King, S.T., Tucek, J., Cozzie, A., Grier, C., Jiang, W., Zhou, Y.: Designing and implementing malicious hardware. In: Proceedings of the 1st Usenix Workshop on Large-Scale Exploits and Emergent Threats, LEET’08, pp. 5:1–5:8. Berkeley, CA, USA:USENIX Association (2008). http://dl.acm.org/citation.cfm?id=1387709.1387714

  17. 17.

    Kingston Technology: Protect sensitive data with FIPS 140-2 Level 2 validation and 100 per cent privacy. http://www.kingston.com/datasheets/dt5000_en.pdf

  18. 18.

    Macri, G.: Leaked Photos Show NSA Hardware Interception And Bug-Planting Workstation (2014). http://dailycaller.com/2014/05/15/leaked-photosshow-nsa-hardware-interception-and-bug-plantingworkstation/

  19. 19.

    McGrath, D.: Analyst: Altera to catch Xilinx in 2012. EE Times (2011)

  20. 20.

    Micro, R.: Ensuring trust in cyberspace. http://www.spyrus.com/company/literature/SPYRUSdatasheets/DSRosettaMicroSeriesII.pdf

  21. 21.

    Moradi, A., Barenghi, A., Kasper, T., Paar, C.: On the vulnerability of FPGA bitstream encryption against power analysis attacks: extracting keys from Xilinx Virtex-II FPGAs. In: ACM Conference on Computer and Communications Security, pp. 111–124 (2011)

  22. 22.

    Moradi, A., Kasper, M., Paar, C.: Black-box side-channel attacks highlight the importance of countermeasures—an analysis of the Xilinx Virtex-4 and Virtex-5 bitstream encryption mechanism. In: The Cryptographers’ Track at the RSA Conference, pp. 1–18 (2012)

  23. 23.

    Moradi, A., Oswald, D., Paar, C., Swierczynski, P.: Side-channel attacks on the bitstream encryption mechanism of Altera Stratix II: facilitating black-box analysis using software reverse-engineering. In: Proceedings of the ACM/SIGDA International Symposium on Field Programmable Gate Arrays, FPGA ’13, pp. 91–100. New York, NY, USA :ACM (2013)

  24. 24.

    Narasimhan, S., Bhunia, S.: Hardware Trojan detection. In: Tehranipoor, M., Wang, C. (eds.) Introduction to Hardware Security and Trust. Springer-Verlag (2012)

  25. 25.

    Nohl, K., Kriler, S., Lell, J.: BadUSB—On accessories that turn evil. BlackHat (2014). https://srlabs.de/badusb/

  26. 26.

    Rannaud, É.: From the bitstream to the netlist. In: Proceedings of the 16th International ACM/SIGDA Symposium on Field Programmable Gate Arrays, pp. 264–264 (2008)

  27. 27.

    Snyder, B.: Snowden: The NSA planted backdoors in Cisco products (2014). http://www.infoworld.com/article/2608141/internet-privacy/snowden--the-nsa-planted-backdoors-in-cisco-products.html

  28. 28.

    SPIEGEL Staff: Inside TAO: Documents reveal top NSA hacking unit (2013). http://www.spiegel.de/international/world/the-nsa-uses-powerful-toolbox-in-effort-to-spy-on-global-networks-a-940969.html

  29. 29.

    Swierczynski, P., Fyrbiak, M., Koppe, P., Paar, C.: FPGA Trojans through detecting and weakening of cryptographic primitives. Comput-Aided Des. Integr. Circuits Syst. IEEE Trans. 34(8), 1236–1249 (2015). doi:10.1109/TCAD.2015.2399455

    Article  Google Scholar 

  30. 30.

    Ziener, D., Assmus, S., Teich, J.: Identifying fpga ip-cores based on lookup table content analysis. In: Field Programmable Logic and Applications, 2006. FPL ’06. International Conference on, pp. 1–6 (2006). doi:10.1109/FPL.2006.311255

Download references

Acknowledgments

The authors would like to thank Kai Stawikowski and Georg T. Becker for their fruitful comments and help regarding this project. Part of the research was conducted at the University of Massachusetts Amherst. This work was partially supported through NSF grants CNS-1318497 and CNS-1421352. It has been also partially supported by the Bosch Research Foundation.

Author information

Affiliations

Authors

Corresponding author

Correspondence to Pawel Swierczynski.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Swierczynski, P., Fyrbiak, M., Koppe, P. et al. Interdiction in practice—Hardware Trojan against a high-security USB flash drive. J Cryptogr Eng 7, 199–211 (2017). https://doi.org/10.1007/s13389-016-0132-7

Download citation

Keywords

  • Hardware Trojan
  • Real-world attack
  • FPGA security
  • AES