Threshold-based Obfuscated Keys with Quantifiable Security against Invasive Readout

TL;DR

This paper introduces a threshold-based obfuscation technique for memory keys that enhances security against invasive reverse engineering by combining threshold voltage manipulation with error correction, allowing quantifiable security-cost tradeoffs.

Contribution

It proposes a novel methodology that uses threshold-defined behavior and error correcting codes to protect memory keys from invasive attacks, with analysis of reliability and security.

Findings

Threshold manipulation combined with error correction improves security.

The approach maintains key reliability while resisting reverse engineering.

Quantifiable tradeoffs between security and cost are provided.

Abstract

Advances in reverse engineering make it challenging to deploy any on-chip information in a way that is hidden from a determined attacker. A variety of techniques have been proposed for design obfuscation including look-alike cells in which functionality is determined by hard to observe mechanisms including dummy vias or transistor threshold voltages. Threshold-based obfuscation is especially promising because threshold voltages cannot be observed optically and require more sophisticated measurements by the attacker. In this work, we demonstrate the effectiveness of a methodology that applies threshold-defined behavior to memory cells, in combination with error correcting codes to achieve a high degree of protection against invasive reverse engineering. The combination of error correction and small threshold manipulations is significant because it makes the attacker's job harder without compromising the reliability of the obfuscated key. We present analysis to quantify key reliability of our approach, and its resistance to reverse engineering attacks that seek to extract the key through imperfect measurement of transistor threshold voltages. The security analysis and cost metrics we provide allow designers to make a quantifiable tradeoff between cost and security. We find that the combination of small threshold offsets and stronger error correcting codes are advantageous when security is the primary objective.