Enabling unauthorized RF transmission below noise floor with no detectable impact on primary communication performance

With increasing diversity of supply chains from design to delivery, there is an increasing risk of unauthorized changes within an IC. One of the motivations for this type change is to learn important information (such as encryption keys, spreading codes) from the hardware and pass this information to a malicious party through wireless means. In order to evade detection, such unauthorized communication can be hidden within legitimate bursts of transmit signal. In this paper, we present a stealth circuit for unauthorized transmissions which can be hidden within the legitimate signal. A CDMA-based spread spectrum with a CDMA encoder is implemented with a handful of transistors. We show that the unauthorized signal does not alter the circuit performance while being easily detectable by the malicious receiver.

[1]  Mark Mohammad Tehranipoor,et al.  Sensitivity analysis to hardware Trojans using power supply transient signals , 2008, 2008 IEEE International Workshop on Hardware-Oriented Security and Trust.

[2]  Swarup Bhunia,et al.  Towards Trojan-Free Trusted ICs: Problem Analysis and Detection Scheme , 2008, 2008 Design, Automation and Test in Europe.

[3]  Mark Mohammad Tehranipoor,et al.  Power supply signal calibration techniques for improving detection resolution to hardware Trojans , 2008, 2008 IEEE/ACM International Conference on Computer-Aided Design.

[4]  A.J. Viterbi,et al.  Spread spectrum communications: myths and realities , 2002, IEEE Communications Magazine.

[5]  Carlos E. Saavedra,et al.  A CMOS Direct-Digital BPSK Modulator Using an Active Balun and Common-Gate Switches , 2007, 2007 IEEE International Symposium on Circuits and Systems.

[6]  David Hély,et al.  Malicious key emission via hardware Trojan against encryption system , 2012, 2012 IEEE 30th International Conference on Computer Design (ICCD).

[7]  Swarup Bhunia,et al.  Security against hardware Trojan through a novel application of design obfuscation , 2009, 2009 IEEE/ACM International Conference on Computer-Aided Design - Digest of Technical Papers.

[8]  T. Tokumitsu,et al.  A K-band bi-phase modulator MMIC for UWB application , 2005, IEEE Microwave and Wireless Components Letters.

[9]  S. Baktir,et al.  Detection of Trojans in integrated circuits , 2012, 2012 International Symposium on Innovations in Intelligent Systems and Applications.

[10]  Manolis Terrovitis,et al.  An 802.11g WLAN SoC , 2005, ISSCC. 2005 IEEE International Digest of Technical Papers. Solid-State Circuits Conference, 2005..

[11]  Yiorgos Makris,et al.  Hardware Trojans in Wireless Cryptographic ICs , 2010, IEEE Design & Test of Computers.

[12]  H. T. Kung,et al.  Statistical screening for IC Trojan detection , 2012, 2012 IEEE International Symposium on Circuits and Systems.

[13]  Yiorgos Makris,et al.  Post-deployment trust evaluation in wireless cryptographic ICs , 2012, 2012 Design, Automation & Test in Europe Conference & Exhibition (DATE).