On the effects of ring oscillator length and hardware Trojan size on an FPGA-based implementation of AES

The recent trend in a wide range of application domains, from the Internet of Things to space communications, is to deploy computing systems on FPGA devices. Modern FPGA technology encompasses billions of gates integrated in a single chip. In this setting, it is easier for an attacker to inject or introduce additional, malicious logic or to modify an existing one in order to cause abnormal behavior. As a result, new security requirements arise from the design process perspective. A Ring Oscillator (RO) is an established technique to realize a digital sensor in FPGA designs to detect additional or modified malicious circuit, i.e., a hardware Trojan horse or simply a Trojan. Variable-length Ring Oscillators (VLROs) were proposed in the literature as an advanced detection mechanism for run-time configuration of RO length to avoid bypassing. Here, we expand VLROs effectiveness studies in two families of Trojans (combinational and sequential) and Trojans of varying size. We analyze the effect of the Trojan size and the length of the RO on the ability to detect malicious logic injected in a reference FPGA implementation of the AES cryptographic algorithm.