Tanvir Hossain, Matthew Showers, Mahmudul Hasan, Tamzidul Hoque

On the Security of Lightweight Homomorphic Obfuscation for Protecting Against Hardware Trojans

Introduction

On the security of lightweight homomorphic obfuscation for protecting against hardware trojans. HOACS secures COTS processors from hardware Trojans using lightweight homomorphic obfuscation. Protect C-programs and sensitive data with low overhead and no hardware trust.

Abstract

Hardware Trojan (HT) attacks pose a critical threat to modern microelectronics by enabling the leakage of sensitive information, such as cryptographic keys, or by inducing functional faults. This risk is amplified in Commercial-Off-the-Shelf (COTS) processors, where users have limited control over the supply chain and cannot verify the integrity of integrated circuits. Existing countermeasures often fall short in this context, as they rely on trusted design houses or foundries and require access to design data for modification or analysis. Moreover, most golden-reference-free detection methods can only identify but not bypass HTs. To address these challenges, we present HOACS (Homomorphic Obfuscation Assisted Concealing of Secrets), a software-oriented framework that protects confidential data from HT-based leakage without any trust or modification at the hardware level. HOACS employs the Residue Number System (RNS) to homomorphically encode computations, transforming standard C-based programs into residue-obfuscated equivalents. Implemented as an LLVM compiler pass, HOACS automatically protects arbitrary programs with minimal developer effort. We evaluate HOACS across AES key expansion, RSA, and MAC (multiply–accumulate) operations on x86 (via gem5) and RISC-V platforms, including FPGA validation on the Cappuccino soft-core. Results confirm that plaintext secrets never appear in processor registers and that RNC-based encoding significantly disrupts side-channel leakage. A detailed threat and complexity analysis demonstrates that Trojan activation before encoding is mathematically improbable and that brute-force decoding of unknown moduli is computationally infeasible. Finally, performance comparisons show that HOACS achieves far lower overhead than existing fully or partially homomorphic encryption frameworks, offering a practical, lightweight obfuscation method for securing COTS processors in untrusted environments.

Review

The paper addresses a critical and growing concern in microelectronics security: Hardware Trojan (HT) attacks, particularly their threat to Commercial-Off-the-Shelf (COTS) processors. These attacks can facilitate sensitive data leakage, such as cryptographic keys, or introduce functional faults, a risk exacerbated by the limited supply chain control and integrity verification challenges inherent in COTS components. The authors effectively highlight the inadequacy of existing countermeasures, which typically demand trust in hardware design houses, access to design data, or offer only detection capabilities without true bypass. This sets a clear and compelling context for the proposed solution, HOACS (Homomorphic Obfuscation Assisted Concealing of Secrets). HOACS is presented as an innovative, software-oriented framework designed to protect confidential data from HT-based leakage without requiring any modifications or trust at the hardware level. The core technical contribution lies in its use of the Residue Number System (RNS) to homomorphically encode computations, transforming standard C-based programs into residue-obfuscated equivalents. This mechanism, implemented as an LLVM compiler pass, significantly reduces developer effort, a key practical advantage. The abstract details a robust evaluation across diverse cryptographic operations (AES, RSA, MAC) and platforms (x86 via gem5, RISC-V, FPGA), affirming that plaintext secrets are absent from processor registers and that RNC-based encoding effectively disrupts side-channel leakage. Crucially, the authors also provide a detailed threat and complexity analysis, asserting the mathematical improbability of Trojan activation prior to encoding and the computational infeasibility of brute-force decoding. The strengths of HOACS are manifold, particularly its hardware-agnostic nature and independence from trusted hardware components, which represents a significant departure from conventional approaches. Its ability to automatically protect arbitrary programs with minimal developer effort, coupled with its lightweight performance overhead compared to existing homomorphic encryption frameworks, positions it as a highly practical solution. By offering a method that not only detects but also effectively bypasses the threat of HTs in COTS processors, HOACS addresses a long-standing security gap. This work offers a compelling and potentially transformative approach to securing computations in untrusted hardware environments, presenting a novel paradigm for protecting sensitive data against sophisticated hardware-level attacks.

Full Text

Comments

You need to be logged in to post a comment.