

# **CONFIDENTIALITY ASSURANCE:** A KEY COMPONENT OF HARDWARE SECURITY

: Real Intent

: Real Intent

: Real Intent

Varun Sharma Vikas Sachdeva Vinod Viswanath

Abstract: Ensuring confidentiality in hardware is paramount in safeguarding the security triad—confidentiality, integrity, and availability. Modern processors face vulnerabilities such as Spectre-like attacks and transient execution hazards, where improper implementations can inadvertently expose sensitive signals. In our work, we address a critical gap: the absence of a unified, early-stage sign-off method to verify confidentiality at the RTL design phase.

Our approach leverages a novel verification framework that captures Secure Data Transaction Intent across user-defined signals. Through static analysis, our system identifies illegal data flows that could lead to the exposure of architecturally restricted information. The tool, Sentry, enforces these checks robustly at the RTL stage. It verifies that sensitive information is shielded from unauthorized propagation, even under scenarios of aggressive prediction or mis pipelined execution, thereby mitigating risks from stale data forwarding and other architectural nuances.



In summary, our poster presents a scalable, RTL-based verification technique that significantly enhances hardware security by reliably detecting and preventing illegal information flows. This work not only reduces dependency on post-silicon countermeasures but also improves the overall resilience of system-on-chip designs.

## II.a. Exposure of Restricted (Sensitive) Information during **Transient Execution**

- In this paper we will utilize open source OpenTitan's sub-block:
  - OpenTitan has a co-processor OTBN (OpenTitan Big Number accelerator)
  - OTBN is a processor, specialized for the execution of security-sensitive asymmetric (public-key) cryptography code, such as RSA or ECC
- OTBN has preventive measure: NO Transient Execution during Branch and Jump-and-link instructions (BR/JAL/JALR):
  - Stalls for one cycle after jump and branch instructions rather than attempt to predict the next PC
  - For demonstration, we enabled the transient execution with RTL modification
    - i.e. insn prefetch = 1'b1; //Code change
- Leakage illustration during mis-predicted BR instruction



#### **HIGH SPEED DOMAIN** Interrup ROM Ibex Core Controller (RV32IMCB) Main Debug SRAM DUAL LOCKSTE Module SPI KMAC EDN Manager Host 0 SPI CSRNC Host 1 Entropy USB Source

# III.a. Confidential signals should NOT be exposed w/o Encryption

Here we are using OpenTitan's Advanced Encryption Standard (AES) hardware IP block

• Capture Secure Data Transaction Intent across User Defined Signals. Static analysis to identify Illegal Data Flow causing Security Violations. • Facilitates early detection with minimal constraints during the RTL design phase. • Scales to full SoC sized design, saving time and effort.

#### 3. Caused by stale data forwarding

## II.b. Catching Sensitive Information Leak

- Define prefetch Address registers and legal destinations: u otbn core.u otbn instruction fetch.insn prefetch addr Outside world (Unused signals or POs): unused imem addr core wordbits
- **Define** the mis-prediction Branch sequence: Define a sequence named BRANCH PRED FAIL:

Set imem rvalid core constraint to 1 at time t=0

- Set u otbn core.insn fetch req valid constraint to 1 at time t=0
- Set u otbn core.u otbn instruction fetch.insn prefetch fail constraint to: 0 at time t=0
  - 1 at time t1 after 20 cycles
- Check: It is Illegal that during branch prediction computation, prefetch address registers leak to outside-world

## **Results:** Catches illegal transaction during transient execution



# III.b. Catching Confidential Signal propagation w/o Encryption

- Define the Secure Domains:



## IV. Summary and Conclusion

- Challenges in Security Countermeasure Verification:
  - Traditional formal and simulation-based approaches face significant risks, including scalability, missing 0

relevant corner cases and relying on incorrect assumptions.

- Effectiveness of New Technology (<u>Tool Name: Sentry</u>):
  - Sentry ensures no unexpected information flow from internal registers to exposed points in the design, 0
    - regardless of the applied stimulus.
  - Provides robust verification of security countermeasures with negative cases 0
  - Reduces risks of relying on incorrect assumptions. 0
  - Scalable to multi-million gate design at RTL design stage. 0
  - Enhances the reliability and security of designs. 0
- Demonstration of Sentry's Capabilities with OpenTitan:
  - OTBN Co-Processor: Sentry identifies information leakage if inserted RTL bug leads to transient execution.
  - AES Accelerator: Sentry ensures that secret key material only propagates to the register interface in 0



### **Benchmarking of Sentry with HRoT OpenTitan's blocks:**

| Design    | GateCount (Nand2) | Check # | Performance/Capacity |
|-----------|-------------------|---------|----------------------|
| OTBN      | 352K              | 2       | <1min/1M             |
| AEs       | 118K              | 8       | <1min/568K           |
| Earl Grey | 13.3M             | 16      | 45min/58G            |
|           |                   |         |                      |