Abstract
With the increase of design scale and complexity, security vulnerabilities residing in hardware designs become hard to detect. Existing functional testing and verification methods cannot guarantee test and verification coverage in design phase. Fortunately, gate level information flow tracking (GLIFT) has been proposed to enforce bit-tight information flow security from the gate level to detect security vulnerabilities and prevent information leakage effectively. However, there is a significant limitation that the inherent high complexity of GLIFT logic causes significant overheads in static verification and physical implementation. In order to address the limitation, we propose a simplified GLIFT method that incorporates more detailed optimization logic routes to reduce its complexity and allow don’t care to simplify original GLIFT logic. Experimental results have demonstrated that the simplified GLIFT method can reduce the design overhand in several gates by sacrificing a fraction of GLIFT precision.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Extracting qualcomms keymaster keys - breaking android full disk encryption (2016). http://bits-please.blogspot.com/2016/06/extractingqualcomms-keymaster-keys.html
Becker, G.T., Regazzoni, F., Paar, C., Burleson, W.P.: Stealthy dopant-level hardware trojans. In: Bertoni, G., Coron, J.-S. (eds.) CHES 2013. LNCS, vol. 8086, pp. 197–214. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40349-1_12
Bell, D.E., LaPadula, L.J.: Secure computer systems: mathematical foundations. Technical report, DTIC Document (1973)
Dalton, M., Kannan, H., Kozyrakis. C.: Raksha: a flexible information flow architecture for software security. In: ACM SIGARCH Computer Architecture News, vol. 35, pp. 482–493. ACM (2007)
Denning, D.E.: A lattice model of secure information flow. Commun. ACM 19(5), 236–243 (1976)
Denning, D.E.: Cryptography and Data Security. Addison-Wesley Longman Publishing Co., Inc., Boston (1982)
Goguen, J.A., Meseguer, J.: Security policies and security models. In: IEEE Symposium on Security and privacy, vol. 11, p. 77 (1982)
Hu, W., Becker, A., Ardeshiricham, A., Tai, Y., Ienne, P., Mu, D., Kastner, R.: Imprecise security: quality and complexity tradeoffs for hardware information flow tracking. In: Proceedings of the 35th International Conference on Computer-Aided Design, p. 95. ACM (2016)
Hu, W., Mao, B., Oberg, J., Kastner, R.: Detecting hardware trojans with gate-level information-flow tracking. Computer 49(8), 44–52 (2016)
Keating, M.: The Simple Art of SoC Design: Closing the Gap Between RTL and ESL. Springer Science & Business Media, Heidelberg (2011). https://doi.org/10.1007/978-1-4419-8586-6
Krohn, M., Yip, A., Brodsky, M., Cliffer, N., Kaashoek, M.F., Kohler, E., Morris, R.: Information flow control for standard OS abstractions. In: ACM SIGOPS Operating Systems Review, vol. 41, pp. 321–334. ACM (2007)
Mu, D., Hu, W., Mao, B., Ma, B.: A bottom-up approach to verifiable embedded system information flow security. IET Inf. Secur. 8(1), 12–17 (2014)
Pottier, F., Simonet, V.: Information flow inference for ML. ACM Trans. Program. Lang. Syst. (TOPLAS) 25(1), 117–158 (2003)
Sabelfeld, A., Myers, A.C.: Language-based information-flow security. IEEE J. Sel. Areas Commun. 21(1), 5–19 (2003)
Suh, G.E., Lee, J.W., Zhang, D., Devadas, S.L Secure program execution via dynamic information flow tracking. In: ACM Sigplan Notices, vol. 39, pp. 85–96. ACM (2004)
Tiwari, M., Wassel, H.M., Mazloom, B., Mysore, S., Chong, F.T., Sherwood, T.: Complete information flow tracking from the gates up. In: ACM Sigplan Notices, vol. 44, pp. 109–120. ACM (2009)
Vandebogart, S., Efstathopoulos, P., Kohler, E., Krohn, M., Frey, C., Ziegler, D., Kaashoek, F., Morris, R., Mazières, D.: Labels and event processes in the asbestos operating system. ACM Trans. Comput. Syst. (TOCS) 25(4), 11 (2007)
Venkataramani, G., Doudalis, I., Solihin, Y., Prvulovic, M.: Flexitaint: a programmable accelerator for dynamic taint propagation. In: 2008 IEEE 14th International Symposium on High Performance Computer Architecture, pp. 173–184. IEEE (2008)
Volpano, D., Irvine, C., Smith, G.: A sound type system for secure flow analysis. J. Comput. Secur. 4(2–3), 167–187 (1996)
Zhang, D., Wang, Y., Suh, G.E., Myers, A.C.: A hardware design language for timing-sensitive information-flow security. In: The Twentieth International Conference on Architectural Support for Programming Languages and Operating Systems, ASPLOS 2015, pp. 503–516, New York, NY, USA (2015)
Acknowledgments
This research was financially supported by the National Natural Science Foundation of China under Grant 61303224 and Grant 61672433, the National Cryptography Development Fund under Grant MMJJ20170210.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Tai, Y., Hu, W., Mu, D., Mao, B., Guo, L., Qin, M. (2018). A Simplifying Logic Approach for Gate Level Information Flow Tracking. In: Li, B., Shu, L., Zeng, D. (eds) Communications and Networking. ChinaCom 2017. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 237. Springer, Cham. https://doi.org/10.1007/978-3-319-78139-6_31
Download citation
DOI: https://doi.org/10.1007/978-3-319-78139-6_31
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-78138-9
Online ISBN: 978-3-319-78139-6
eBook Packages: Computer ScienceComputer Science (R0)