A Post-Quantum Chip with Hardware Trojans
(TUM.de) A team at the Technical University of Munich (TUM) has designed and commissioned the production of a computer chip that implements post-quantum cryptography very efficiently. Such chips could provide protection against future hacker attacks using quantum computers. The researchers also incorporated hardware trojans in the chip in order to study methods for detecting this type of “malware from the chip factory”.
Security experts around the world are working to develop technical standards for “post-quantum cryptography”. One of the challenges is posed by the enormous processing power needed for these encryption methods. A team working with Georg Sigl, Professor of Security in Information Technology at TUM, has now designed and commissioned a highly efficient chip for post-quantum cryptography.
Professor Sigl and his team took an approach based on hardware/software co-design, in which specialized components and the control software complement one another. “Ours is the first chip for post-quantum cryptography to be based entirely on a hardware/software co-design approach,” says Prof. Sigl.
“As a result, it is around 10 times as fast when encrypting with Kyber – one of the most promising candidates for post-quantum cryptography – as compared to chips based entirely on software solutions. It also uses around eight times less energy and is almost as flexible.”
The chip is an application-specific integrated circuit (ASIC). This kind of specialized microcontroller is often manufactured in large numbers according to specifications of companies. The TUM team modified an open source chip design based on the open source RISC-V standard. It is used by increasing numbers of chip makers and could replace proprietary approaches of big companies in many areas.
Another potential threat, alongside the rise in conventional attacks, is posed by hardware trojans. Computer chips are generally produced according to companies’ specifications and made in specialized factories. If attackers succeed in planting trojan circuitry in the chip design before or during the manufacturing stage, this could have disastrous consequences.
Over the coming months, Prof. Sigl and his team will intensively test the chip’s cryptography capabilities and functionality and the detectability of the hardware trojans. The chip will then be destroyed – for research purposes.
Sigl commented. “Processes like ours could become the standard for taking random samples in large orders of chips. Combined with effective post-quantum cryptography, this could help us to make hardware more secure – in industrial facilities as well as in cars.”