At the DEFCON 16 hacker conference, Fouad Kiamilev and Ryan Hoover gave a presentation on the security threat presented by hardware Trojans, extra circuitry illicitly added to hardware during its manufacture. When triggered, the hardware Trojan performs an illicit action such as leaking secret information, allowing attackers clandestine access or control, or disabling or reducing functionality of the device. While this 18 minute presentation doesn’t offer details on how to program FPGAs to compromise a system, it serves to illustrate how the growing use of programmable hardware devices means that our hardware is increasingly vulnerable to a Trojan attack.
This talk explores three possible methods that a hardware Trojan can use: thermal, optical and radio. The hardware platform for this demonstration was the Spartan-3E Starter Kit from XILINX. The objective of their Trojan was to illicitly leak the AES encryption keys from a compromised device once triggered.
The illustrations are available as a PDF download.