AN ANALOG charge PUMP FABRICATION-TIME attack COMPROMISES A processor
We will all be used to malicious software, computers and operating systems compromised by viruses, worms, or Trojans. It has become a fact of life, and a whole industry of virus checking software exists to help users defend against it.
Underlying our issues about malicious software is an assumption that the hardware is inviolate, the computer itself can not be inherently compromised. It’s a false one though, as it is perfectly possible for a processor or other integrated circuit to have a malicious function included in its fabrication. You might think that such functions would not be included by a respectable chip manufacturer, and you’d be right. sadly though because the high cost of chip fabrication implies that the semiconductor industry is a web of third-party fabrication houses, there are numerous opportunities during which extra components can be inserted before the chips are manufactured. university of Michigan researchers have produced a paper on the subject (PDF) detailing a particularly smart attack on a processor that minimizes the number of components required through smart use of a FET gate in a capacitive charge pump.
On-chip backdoors have to be physically stealthy, challenging to set off accidentally, and easy to set off by those in the know. Their designers will find a line that changes logic state rarely, and enact a counter on it such that when they set off it to change state a certain number of times that would never happen accidentally, the exploit is triggered. In the past these counters have been conventional logic circuitry, an effective method but one that leaves a significant footprint of extra components on the chip for which space should be found, and which can become apparent when the chip is inspected through a microscope.
The university of Michigan backdoor is not a counter but an analog charge pump. each time its input is toggled, a small amount of charge is stored on the capacitor formed by the gate of a transistor, and eventually its voltage reaches a logic level such that an attack circuit can be triggered. They attached it to the divide-by-zero flag line of an OR1200 open-source processor, from which they could easily set off it by consistently dividing by zero. The charm of this circuit is both that it uses very few components so can hide much more easily, and that the charge leaks away with time so it can not persist in a state likely to be unintentionally triggered.
The best hardware hacks are those that are simple, novel, and push a device into doing something it would not otherwise have done. this one has all that, for which we take our hats off to the Michigan team.
If this subject interests you, you might like to take a look at a previous Hackaday prize finalist: ChipWhisperer.
[Thanks to our colleague Jack through Wired]