Surprising amout of cryptographic mistakes in IEEE standards allow IP theft

News by Rene Millman

Weak cryptography in a standard developed by the IEEE could result in hackers bypassing encryption safeguards to steal intellectual property in plaintext, scientists discover.

Weak cryptography in a standard developed by the IEEE could result in hackers bypassing encryption safeguards to steal intellectual property.

According to a research carried out by scientists at the University of Florida, titled Standardising Bad Cryptographic Practice, a number of issues were unearthed with IEEE P1735. This electronics standard is used to encrypt intellectual property in the hardware and software of electronic equipment. It describes how to protect IP for commercial electronic design, as well as access rights management for such IP. 

According to IEEE, the standard “specifies embeddable and encapsulating markup syntaxes for design intellectual property encryption and rights management, together with recommendations for integration with design specification formats described in other standards. It also recommends use models for interoperable tool and hardware flows, which will include selecting encryption and encoding algorithms and encryption key management.”

This means that code from various vendors can run in hardware securely. But researchers said the methods by which IP was secured was flawed with a “a surprising number of cryptographic mistakes in the standard”.

“In the most egregious cases, these mistakes enable attack vectors that allow us to recover the entire underlying plaintext IP. Some of these attack vectors are well-known, eg padding-oracle attacks,” said the researchers. “Others are new, and are made possible by the need to support the typical uses of the underlying IP; in particular, the need for commercial system-on-chip (SoC) tools to synthesise multiple pieces of IP into a fully specified chip design and to provide syntax errors.”

Out of the many vulnerabilities, researchers said one of these could be exploited by hackers to bypass encryption safety guards and access intellectual property in cleartext.

“An adversary can recover electronic design IPs encrypted using the P1735 workflow, resulting in IP theft and/or analysis of security critical features, as well as the ability to insert hardware trojans into an encrypted IP without the knowledge of the IP owner,” said US-CERT in a warning.

“Impacts may include loss of profit and reputation of the IP owners as well as integrated circuits (ICs) with trojans that contain backdoors, perform poorly, or even fail completely.”

Researchers said that obvious “quick fixes” to the standard (and the tools that support it) do not stop all of the potential attacks.

“This suggests that the standard requires a significant overhaul, and that IP-authors using P1735 encryption should consider themselves at risk,” warned researchers.

Researchers added that while confidentiality attacks can reveal the entire plaintext IP, the integrity attack enables an attacker to insert hardware Trojans into the encrypted IP.

“This not only destroys any protection that the standard was supposed to provide, but also increases the risk premium of the IP,” said researchers.

According to researchers, the design flaws in P1735 are “troubling” considering the fact that it is susceptible to the classical POA that was reported in 2002.

“It is disappointing that an international organisation like the IEEE would mandate a brittle encryption mode (CBC) without any authentication, when there has been more than a decade of published research on AEAD schemes.”

The IEEE  was asked to comment but had not responded at the time of going to press.

Crime & Threats

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews