当前位置: X-MOL 学术arXiv.cs.AR › 论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
QFlow: Quantitative Information Flow for Security-Aware Hardware Design in Verilog
arXiv - CS - Hardware Architecture Pub Date : 2021-09-06 , DOI: arxiv-2109.02379
Lennart M. Reimann, Luca Hanel, Dominik Sisejkovic, Farhad Merchant, Rainer Leupers

The enormous amount of code required to design modern hardware implementations often leads to critical vulnerabilities being overlooked. Especially vulnerabilities that compromise the confidentiality of sensitive data, such as cryptographic keys, have a major impact on the trustworthiness of an entire system. Information flow analysis can elaborate whether information from sensitive signals flows towards outputs or untrusted components of the system. But most of these analytical strategies rely on the non-interference property, stating that the untrusted targets must not be influenced by the source's data, which is shown to be too inflexible for many applications. To address this issue, there are approaches to quantify the information flow between components such that insignificant leakage can be neglected. Due to the high computational complexity of this quantification, approximations are needed, which introduce mispredictions. To tackle those limitations, we reformulate the approximations. Further, we propose a tool QFlow with a higher detection rate than previous tools. It can be used by non-experienced users to identify data leakages in hardware designs, thus facilitating a security-aware design process.

中文翻译:

QFlow:Verilog 中安全感知硬件设计的定量信息流

设计现代硬件实现所需的大量代码通常会导致忽略关键漏洞。尤其是危及敏感数据机密性的漏洞,例如加密密钥,对整个系统的可信度有重大影响。信息流分析可以详细说明来自敏感信号的信息是否流向系统的输出或不受信任的组件。但是这些分析策略中的大多数都依赖于非干扰属性,说明不受信任的目标不得受到源数据的影响,这对于许多应用程序来说太不灵活了。为了解决这个问题,有一些方法可以量化组件之间的信息流,从而可以忽略微不足道的泄漏。由于这种量化的计算复杂度很高,因此需要近似值,这会引入错误预测。为了解决这些限制,我们重新制定了近似值。此外,我们提出了一种比以前的工具具有更高检测率的工具 QFlow。没有经验的用户可以使用它来识别硬件设计中的数据泄漏,从而促进具有安全意识的设计过程。
更新日期:2021-09-07
down
wechat
bug