IEEE Fails to Protect Intellectual Property – Security Flaws Enable Attackers to Hide Trojans in SoCs to Defame Competitors
Thanks to crypto flaws, attackers can recover highly valuable intellectual property from IEEE in plaintext. Security researchers have revealed that "a surprising number of cryptographic mistakes" in the IEEE P1735 electronics standard enable attackers to bypass safety measures and access intellectual property. This access can enable attackers to recover IPs encrypted using the insecure standard, resulting in IP theft or even allowing attackers to insert hardware trojans without the knowledge of the IP owner.
The Institute of Electrical and Electronics Engineers (IEEE) P1735 standard "describes methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP." The standard, in short, is crucial to keep products safe from any IP theft. Hardware and software vendors use IEEE P1735 to work together without having to share the underlying code. However, security researchers from the University of Florida recently reviewed the standard against common cryptographic attacks and discovered how easy it was to steal this valuable property.
"In order to protect confidentiality of IP and provide a common mark-up syntax for IP design that is interoperable across different electronic design and automation (EDA) tools and hardware flows, the IEEE SA-Standards Board developed the P1735 standard. This standard has been adopted by Synopsys, Xilinx, and other leaders of the semiconductor IP industry."
The security team wrote that using some well-known attack vectors along with a number of mistakes, attackers can recover entire IPs in plaintext and produce standard-compliant ciphertexts of IP modified to include targeted hardware Trojans.
In its advisory, the US-CERT explained that the "design of complex electronics design intellectual property (IP) involves multiple IP owners." To make sure that the IPs aren't stolen, these owners "use the P1735 IEEE standard to provide confidentiality and access control." Following the latest research, the US-CERT has warned that the standard "recommends poor cryptographic choices" and is "vague/silent on security critical decisions."
"Impacts may include loss of profit and reputation of the IP owners as well as integrated circuits (ICs) with trojans that contain backdoors, perform poorly, or even fail completely"
The CERT advisory also added that apart from the obvious IP theft concerns, this security weakness in the IEEE standard can also result in loss of profit and reputation for the IP owners as their property can be modified with hardware trojans "that contain backdoors, perform poorly, or even fail completely." This access could potentially be used by competitors to defame companies or certain products. This failure on part of the IEEE and the resulting access to the intellectual property is dangerous both for the vendors and the users, to say the least.
Researchers have said that the standard "requires a significant overhaul, and that IP-authors using P1735 encryption should consider themselves at risk." Calling the cryptographic weaknesses "troubling," they added that "it is disappointing that an international organisation like the IEEE would mandate a brittle encryption mode (AES-CBC) without any authentication, when there has been more than a decade of published research on AEAD schemes."