Professional Documents
Culture Documents
Towards Quantified Data Analysis of Information Flow Tracking For Secure System Design
Towards Quantified Data Analysis of Information Flow Tracking For Secure System Design
ENVIRONMENTS
Received August 30, 2017, accepted November 15, 2017, date of publication December 7, 2017,
date of current version February 14, 2018.
This work was supported in part by the Natural Science Foundation of China under Grant 61672433 and Grant 61303224, in part
by the Fundamental Research Fund for the Central Universities, China, under Grant 3102017OQD094, in part by the
Fundamental Research Fund for Shenzhen Science and Technology Innovation Committee under Grant 201703063000517, and
in part by the National Cryptography Development Fund under Grant MMJJ20170210.
ABSTRACT Computing hardware has become an attractive attack surface due to the
globalization of semi-conductor design and supply chain, and the wide integration of third-party
intellectual property cores. Recently, gate-level information ow tracking (GLIFT) has been
proposed to monitor the ow of information in secure hardware design by associating data
objects with sensitivity labels and tracking the ow of labeled data. GLIFT can be used to model
and verify security-related properties, such as con dentiality and integrity. However, existing
work in this realm only considers binary labels. These are inadequate for understanding
simultaneous information ow behaviors and the root source information ows. In this paper, we
propose a precise multi-bit GLIFT method to perform simultaneous multi-bit ow tracking for
understanding exactly which bits are affecting a data object at the same time. The proposed
method provides more detailed insights into simultaneous information ow behaviors and thus
allows proof of quantitative information ow data properties. We compare the complexity and veri
cation performance for different information ow models using primitive gates, IWLS benchmarks,
several cryptographic cores, and trust-HUB benchmarks. Experimental results have
demonstrated that our method can reason about multi-bit information ow behaviors and identify
potential security aws.
2169-3536 2017 IEEE. Translations and content mining are permitted for academic research only.
1822 Personal use is also permitted, but republication/redistribution requires IEEE permission. VOLUME 6, 2018
data bit. Such tracking at the gate level allows for de nition
of ne grained label propagation rules which can account for
multiple forms of ows including explicit, implicit and timing
ows [6], [8], [9]. However, the complexity of digital circuits
calls for study of more convoluted security properties such
as quanti ed metrics and comparative analysis. For
example, existing IFT methods can easily detect ow of the
secret key to the cipher text in a cryptographic algorithm,
while neither of them can quantify such information or detect
whether the key is maliciously leaked to the cipher.
Here, A and B are the original inputs of AND; At and Bt are
the two-level security labels; AMt, BMt and OMt are the multi-
Now we de ne the rules for mapping the binary taint ow security labels. We de ne an intermediate variable Ot, which
labels to that for multi- ow. Given an n- bit signal B, we e use this
re ects the two-level security label for the output. W
need n- bit security labels in one-hot encoding for each variable as the select line to set and reset the multi-ow security
signal bit. Let Bt a nd BMt b e the taint labels for label. The label propagation policy is shown as
two-level and multi- ow tracking respectively. When
0
Bt[ i] D 0 (0 i n 1), we have BMt[i] D n b0. When Bt[i] D 1826
Ot D A Bt C B At C
At Bt (1)
VOLUME 6, 2018
1: input A, B
2: input At, Bt
5: variable Ot
A. SECURITY VERIFICATION
VOLUME 6, 2018
end for
end for
Let A, B and O denote the inputs and output of AND-2
set Others :D 128'h0000_0000_0000_0000 while their security labels are denoted by At, Bt and Ot
respectively. The label policies and corresponding
assert cipher_i[w] 128'hFFFF_FFFF_FFFF_FFFF encoding implementations are shown in Table 5.
1828
TABLE 4. Encoding method for security labels under different IFT models.
VOLUME 6, 2018
The IFT logic for AND-2 can be derived from Table 5,
which are shown in Equation (2) and (3) respectively.
Ot[ 1] D
At[ 1] At[ 0] Bt[ 1] Bt[ 0]
Ot[ 0] D
At[ 1] At[ 0] Bt[1] Bt[ 0]
instantiating tracking logic for each logic primitive. Thus, the multi-level and multi- ow IFT models using the constructive
scalability of tracking logic for logic primitives should re ect method. The generated IFT logic circuits are then synthesized
the entire circuit scalability. We perform scalability analysis and mapped again for area, delay and power reports. We
using primitive gates when tracking different num-ber of conducted experiments using several IWLS benchmarks to
ows. We generate IFT logic for N input AND and OR gates obtain area, delay and power results to show the overheads of
for scalability analysis under the multi- ow IFT model. The multi- ow information ow tracking. Overheads in area, delay and
resulting circuits are synthesized using Synopsys Design power are provided to show the complexity of IFT logic as
Compiler and targeted to the SAED 90nm standard c ell compared with the original circuit.
library for area. We use area of the tracking logic as a
measure of complexity. This is because area is proportional By comparison of the normalized average area for
to the number of gates, which positively correlates to formal 2-level and 2-bit, we can see that the 2-bit IFT logic
veri cation performance. Figure 4 shows the results. doubles the area. However, the 2-bit model can track 2
bits while the 2-level model only tracks one. The increase
in complexity is due to the reason that the multi- ow IFT
method uses a one-hot encoding. However, the 2-level
IFT model still only tracks the information ows of the
highest security class. The 2-bit model can track
information ows with two different security classes. Thus,
the multi- ow IFT method can reduce the number of
security veri cations. By com-parison of 2-bit, 4-bit and
8-bit models, there is about 1.5 times increase in
average for area complexity of tracking logic when
doubling the number of ows to be tracked (in this case,
area of 2-bit as the statistical benchmarks). We can also
analyze delay and power for 2-lev, 2-bit, 4-bit and 8-bit
models. From Table 7, take the alu4 as an example, the
FIGURE 4. Area for N-Input AND and OR. 2
area reports 10765/20915/30732/49360 um for 2-lev/
From Figure 4, when the number of ows to be 2-bit/4-bit/8-bit models, the delay reports 2.27/2.47/2.47/
2.71 ns for 2-lev/2-bit/4-bit/8-bit models and the power
moni-tored is doubled, the area for multi- ow tracking
reports 2.18/4.40/6.99/11.55 uW for 2-lev/2-bit/4-bit/8-bit
logic also increases by about 1X. Thus, the complexity of
models.
the multi- ow IFT model increases linearly to the number
of ows.
C. SECURITY VERIFICATION ANALYSIS
B. COMPLEXITY ANALYSIS
We use several cryptographic cores and trust-HUB
We further perform complexity analysis by comparing the bench-marks [33] for security veri cation analysis. We
various models using IWLS benchmarks [32]. The compare the veri cation performance across two-level,
bench-marks are rst synthesized using Synopsys Design four-level and multi- ow IFT methods. We compare the veri
Compiler and mapped to its internal technology library. The cation per-formance across two-level, four-level and multi-
synthe-sized netlist are then augmented with IFT logic by ow IFT
map-ping the logic primitives to IFT libraries for the
two-level,
2
TABLE 7. Area, delay and power of IWLS benchmarks using two-level and multi-flow IFT. Area is in square micrometers (um ); delay is in
nanoseconds (ns); power is in microwatts (uW ).
VOLUME 6, 2018 1829
. Tai et al.: Toward Quantified Data Analysis of IFT for Secure System Design
Y
TABLE 8. Proof time results for Cryptographic cores and trust-HUB benchmarks.
properties, e.g., no
key bit information
should ow to a
given output.
VII.
CONCLUSIONS
VOLUME 6, 2018
REFERENCES
[4] M. Keating, The Simple Art of SoC Design: Closing the Gap Between RTL
[11] D. Volpano, C. Irvine, and G. Smith, ``A sound type system for secure
ow analysis,'' J. Comput. Secur., vol. 4, nos. 2 3, pp. 167 187, 1996.
[12] D. E. Denning, Cryptography and Data Security. Boston, MA, USA:
Addison-Wesley, 1982.
[21] M. Dalton, H. Kannan, and C. Kozyrakis, YU TAI is currently pursuing the Ph.D. degree
``Raksha: A exible information ow with the School of
architecture for software security,'' ACM Automation,
SIGARCH Comput. Archit. News, vol. 35, Northwestern
no. 1, pp. 482 493, 2007. Poly-technical University,
Xi'an, China. From 2015
[22] G. Venkataramani, I. Doudalis, Y. Solihin, and M. to 2016, he was a Visiting
Prvulovic, ``FlexiTaint: A programmable accelerator
Graduate Student with
for dynamic taint propagation,'' in Proc. IEEE 14th
the Department of
Int. Symp. High Perform. Comput. Architecture,
Feb. 2008,
Computer Science and
Engi-neering, University
pp. 173 184. of California at San
Diego, San Diego.
[23] W. Hu, B. Mao, J. Oberg, and R. Kastner,
``Detecting hardware trojans with gate-level His current research
information- ow tracking,'' Computer, vol. 49, interests include
pp. 44 52, Aug. 2016. hardware security, logic
synthesis, and
[24] Y. Jin and Y. Makris, ``Proof carrying-based
information ow tracking for data secrecy optimization in
protection and hardware trust,'' in Proc. IEEE hard-ware information
VLSI Test Symp., Apr. 2012, pp. 252 257. ow.