# /papers/silicon/becker-2013-stealthy-dopant-level-hardware-trojans.txt # excerpt ยท scraped from CHES 2013 proceedings + slides # authors: Becker, Regazzoni, Paar, Burleson # venue: Cryptographic Hardware and Embedded Systems 2013 # captured by: entity (corpus tag: silicon-supply-chain) KEY POINTS โ€” FOR LATER ======================= - The trojan modifies the *dopant mask* of a single transistor in an existing standard cell. No gates added. No gates removed. The layout, the GDSII, the post-extraction netlist all match the clean source. The compromise is sub-layout โ€” it's chemistry, not geometry. - Demonstrated against (a) Intel Ivy Bridge's RNG, reducing entropy from 128 bits to 32 bits while passing all NIST/AIS tests because the RNG remains statistically uniform; and (b) a side-channel- resistant S-box implementation, where the trojan introduces a single-bit-of-key leakage through the power side-channel. - Detection requires SEM imaging of the active region โ€” typically Voltage Contrast or Passive Voltage Contrast at < 100 nm. Optical inspection cannot resolve dopant polarity. Standard fab QA does not include this step. (Sugawara et al. 2014 demonstrated detection; the equipment is leading-edge IC reverse-engineering territory, not commodity QA.) - Insertion vector in the paper: assumed-malicious foundry. The paper does not propose how the trojan gets *into* the fab. That is the unstated security assumption; the contribution is that *if* the foundry is hostile, dopant-level changes are the cleanest way to be hostile. WHY IT MATTERS HERE =================== The synthesizer-binary substitution at place-and-route is the insertion vector the paper does not specify. A trojaned synthesis tool can deterministically rewrite the dopant mask of a single transistor in the pull-down network of a chosen standard cell, positioned at a chosen physical offset, while emitting a GDSII checksum identical to the clean compile. The Becker construction is what makes this a one-bit change, not a netlist edit; the synthesizer-binary substitution is what makes it deployable across every Tharsis-9-family chip without per-design custom work. - Citation: https://sharps.org/wp-content/uploads/BECKER-CHES.pdf - Replication / detection: Sugawara et al., CHES 2014.