Cipher-destroying and secret-key-emitting hardware Trojan against AES core

This paper reports cipher-destroying and secret-key-emitting hardware Trojan against Advanced Encryption Standard (AES) cores in order to facilitate countermeasures against such Trojans. We developed a malicious circuit that connects the encryption and decryption modules in the AES core. If an attacker-defined predetermined rule is satisfied in the AES core, the hardware Trojan is triggered and it sends half-encoded data from the encryption module to the decryption module via a Trojan path. As a result, plain text is directly delivered to the output port. Furthermore, if the hardware Trojan-inserted AES core is inputted with a predefined keyword, which is transferred to a controller via the Trojan path, a secret-key is directly outputted. To verify the threat of AES hardware Trojan, we evaluated the Field Programmable Gate Array (FPGA) and Application Specific Integrated Circuit (ASIC) implementation results from the Verilog-Hardware Description Language (HDL) macro. From the FPGA implementation of a conventional AES core and malicious AES core on the microblaze system, additional hardware of the malicious circuit was about 0.18% larger than the normal AES core. The maximum operating frequency of the malicious AES core was the same as that of the normal one. From the ASIC implementation, additional hardware and power consumption of the malicious circuit was about 0.37% and 0.13% larger than the normal one, respectively. Therefore, we argue that the development of hardware Trojan analysis and detection techniques must be accelerated for ensuring the reliability of LSI products.