Visible to the public Biblio

Found 239 results

Filters: Keyword is Hardware  [Clear All Filters]
2014-09-26
Parno, B., McCune, J.M., Perrig, A.  2010.  Bootstrapping Trust in Commodity Computers. Security and Privacy (SP), 2010 IEEE Symposium on. :414-429.

Trusting a computer for a security-sensitive task (such as checking email or banking online) requires the user to know something about the computer's state. We examine research on securely capturing a computer's state, and consider the utility of this information both for improving security on the local computer (e.g., to convince the user that her computer is not infected with malware) and for communicating a remote computer's state (e.g., to enable the user to check that a web server will adequately protect her data). Although the recent "Trusted Computing" initiative has drawn both positive and negative attention to this area, we consider the older and broader topic of bootstrapping trust in a computer. We cover issues ranging from the wide collection of secure hardware that can serve as a foundation for trust, to the usability issues that arise when trying to convey computer state information to humans. This approach unifies disparate research efforts and highlights opportunities for additional work that can guide real-world improvements in computer security.

2015-04-29
Shafagh, H., Hithnawi, A..  2014.  Poster Abstract: Security Comes First, a Public-key Cryptography Framework for the Internet of Things. Distributed Computing in Sensor Systems (DCOSS), 2014 IEEE International Conference on. :135-136.

Novel Internet services are emerging around an increasing number of sensors and actuators in our surroundings, commonly referred to as smart devices. Smart devices, which form the backbone of the Internet of Things (IoT), enable alternative forms of user experience by means of automation, convenience, and efficiency. At the same time new security and safety issues arise, given the Internet-connectivity and the interaction possibility of smart devices with human's proximate living space. Hence, security is a fundamental requirement of the IoT design. In order to remain interoperable with the existing infrastructure, we postulate a security framework compatible to standard IP-based security solutions, yet optimized to meet the constraints of the IoT ecosystem. In this ongoing work, we first identify necessary components of an interoperable secure End-to-End communication while incorporating Public-key Cryptography (PKC). To this end, we tackle involved computational and communication overheads. The required components on the hardware side are the affordable hardware acceleration engines for cryptographic operations and on the software side header compression and long-lasting secure sessions. In future work, we focus on integration of these components into a framework and the evaluation of an early prototype of this framework.

2015-04-30
Shafagh, H., Hithnawi, A..  2014.  Poster Abstract: Security Comes First, a Public-key Cryptography Framework for the Internet of Things. Distributed Computing in Sensor Systems (DCOSS), 2014 IEEE International Conference on. :135-136.

Novel Internet services are emerging around an increasing number of sensors and actuators in our surroundings, commonly referred to as smart devices. Smart devices, which form the backbone of the Internet of Things (IoT), enable alternative forms of user experience by means of automation, convenience, and efficiency. At the same time new security and safety issues arise, given the Internet-connectivity and the interaction possibility of smart devices with human's proximate living space. Hence, security is a fundamental requirement of the IoT design. In order to remain interoperable with the existing infrastructure, we postulate a security framework compatible to standard IP-based security solutions, yet optimized to meet the constraints of the IoT ecosystem. In this ongoing work, we first identify necessary components of an interoperable secure End-to-End communication while incorporating Public-key Cryptography (PKC). To this end, we tackle involved computational and communication overheads. The required components on the hardware side are the affordable hardware acceleration engines for cryptographic operations and on the software side header compression and long-lasting secure sessions. In future work, we focus on integration of these components into a framework and the evaluation of an early prototype of this framework.

Shila, D.M., Venugopal, V..  2014.  Design, implementation and security analysis of Hardware Trojan Threats in FPGA. Communications (ICC), 2014 IEEE International Conference on. :719-724.

Hardware Trojan Threats (HTTs) are stealthy components embedded inside integrated circuits (ICs) with an intention to attack and cripple the IC similar to viruses infecting the human body. Previous efforts have focused essentially on systems being compromised using HTTs and the effectiveness of physical parameters including power consumption, timing variation and utilization for detecting HTTs. We propose a novel metric for hardware Trojan detection coined as HTT detectability metric (HDM) that uses a weighted combination of normalized physical parameters. HTTs are identified by comparing the HDM with an optimal detection threshold; if the monitored HDM exceeds the estimated optimal detection threshold, the IC will be tagged as malicious. As opposed to existing efforts, this work investigates a system model from a designer perspective in increasing the security of the device and an adversary model from an attacker perspective exposing and exploiting the vulnerabilities in the device. Using existing Trojan implementations and Trojan taxonomy as a baseline, seven HTTs were designed and implemented on a FPGA testbed; these Trojans perform a variety of threats ranging from sensitive information leak, denial of service to beat the Root of Trust (RoT). Security analysis on the implemented Trojans showed that existing detection techniques based on physical characteristics such as power consumption, timing variation or utilization alone does not necessarily capture the existence of HTTs and only a maximum of 57% of designed HTTs were detected. On the other hand, 86% of the implemented Trojans were detected with HDM. We further carry out analytical studies to determine the optimal detection threshold that minimizes the summation of false alarm and missed detection probabilities.

Muller, K., Sigl, G., Triquet, B., Paulitsch, M..  2014.  On MILS I/O Sharing Targeting Avionic Systems. Dependable Computing Conference (EDCC), 2014 Tenth European. :182-193.

This paper discusses strategies for I/O sharing in Multiple Independent Levels of Security (MILS) systems mostly deployed in the special environment of avionic systems. MILS system designs are promising approaches for handling the increasing complexity of functionally integrated systems, where multiple applications run concurrently on the same hardware platform. Such integrated systems, also known as Integrated Modular Avionics (IMA) in the aviation industry, require communication to remote systems located outside of the hosting hardware platform. One possible solution is to provide each partition, the isolated runtime environment of an application, a direct interface to the communication's hardware controller. Nevertheless, this approach requires a special design of the hardware itself. This paper discusses efficient system architectures for I/O sharing in the environment of high-criticality embedded systems and the exemplary analysis of Free scale's proprietary Data Path Acceleration Architecture (DPAA) with respect to generic hardware requirements. Based on this analysis we also discuss the development of possible architectures matching with the MILS approach. Even though the analysis focuses on avionics it is equally applicable to automotive architectures such as Auto SAR.

Aiash, M., Mapp, G., Gemikonakli, O..  2014.  Secure Live Virtual Machines Migration: Issues and Solutions. Advanced Information Networking and Applications Workshops (WAINA), 2014 28th International Conference on. :160-165.

In recent years, there has been a huge trend towards running network intensive applications, such as Internet servers and Cloud-based service in virtual environment, where multiple virtual machines (VMs) running on the same machine share the machine's physical and network resources. In such environment, the virtual machine monitor (VMM) virtualizes the machine's resources in terms of CPU, memory, storage, network and I/O devices to allow multiple operating systems running in different VMs to operate and access the network concurrently. A key feature of virtualization is live migration (LM) that allows transfer of virtual machine from one physical server to another without interrupting the services running in virtual machine. Live migration facilitates workload balancing, fault tolerance, online system maintenance, consolidation of virtual machines etc. However, live migration is still in an early stage of implementation and its security is yet to be evaluated. The security concern of live migration is a major factor for its adoption by the IT industry. Therefore, this paper uses the X.805 security standard to investigate attacks on live virtual machine migration. The analysis highlights the main source of threats and suggests approaches to tackle them. The paper also surveys and compares different proposals in the literature to secure the live migration.

Shropshire, J..  2014.  Analysis of Monolithic and Microkernel Architectures: Towards Secure Hypervisor Design. System Sciences (HICSS), 2014 47th Hawaii International Conference on. :5008-5017.

This research focuses on hyper visor security from holistic perspective. It centers on hyper visor architecture - the organization of the various subsystems which collectively compromise a virtualization platform. It holds that the path to a secure hyper visor begins with a big-picture focus on architecture. Unfortunately, little research has been conducted with this perspective. This study investigates the impact of monolithic and micro kernel hyper visor architectures on the size and scope of the attack surface. Six architectural features are compared: management API, monitoring interface, hyper calls, interrupts, networking, and I/O. These subsystems are core hyper visor components which could be used as attack vectors. Specific examples and three leading hyper visor platforms are referenced (ESXi for monolithic architecture; Xen and Hyper-V for micro architecture). The results describe the relative strengths and vulnerabilities of both types of architectures. It is concluded that neither design is more secure, since both incorporate security tradeoffs in core processes.

Potkonjak, M., Goudar, V..  2014.  Public Physical Unclonable Functions. Proceedings of the IEEE. 102:1142-1156.

A physical unclonable function (PUF) is an integrated circuit (IC) that serves as a hardware security primitive due to its complexity and the unpredictability between its outputs and the applied inputs. PUFs have received a great deal of research interest and significant commercial activity. Public PUFs (PPUFs) address the crucial PUF limitation of being a secret-key technology. To some extent, the first generation of PPUFs are similar to SIMulation Possible, but Laborious (SIMPL) systems and one-time hardware pads, and employ the time gap between direct execution and simulation. The second PPUF generation employs both process variation and device aging which results in matched devices that are excessively difficult to replicate. The third generation leaves the analog domain and employs reconfigurability and device aging to produce digital PPUFs. We survey representative PPUF architectures, related public protocols and trusted information flows, and related testing issues. We conclude by identifying the most important, challenging, and open PPUF-related problems.

Srivastava, P., Pande, S.S..  2014.  A novel architecture for identity management system using virtual appliance technology. Contemporary Computing (IC3), 2014 Seventh International Conference on. :171-175.

Identity management system has gained significance for any organization today for not only storing details of its employees but securing its sensitive information and safely managing access to its resources. This system being an enterprise based application has time taking deployment process, involving many complex and error prone steps. Also being globally used, its continuous running on servers lead to large carbon emissions. This paper proposes a novel architecture that integrates the Identity management system together with virtual appliance technology to reduce the overall deployment time of the system. It provides an Identity management system as pre-installed, pre-configured and ready to go solution that can be easily deployed even by a common user. The proposed architecture is implemented and the results have shown that there is decrease in deployment time and decrease in number of steps required in previous architecture. The hardware required by the application is also reduced as its deployed on virtual machine monitor platform, which can be installed on already used servers. This contributes to the green computing practices and gives costs benefits for enterprises. Also there is ease of migration of system from one server to another and the enterprises which do not want to depend on third party cloud for security and cost reasons, can easily deploy their identity management system in their own premises.
 

2015-05-01
Akram, R.N., Markantonakis, K., Mayes, K..  2014.  Trusted Platform Module for Smart Cards. New Technologies, Mobility and Security (NTMS), 2014 6th International Conference on. :1-5.

Near Field Communication (NFC)-based mobile phone services offer a lifeline to the under-appreciated multiapplication smart card initiative. The initiative could effectively replace heavy wallets full of smart cards for mundane tasks. However, the issue of the deployment model still lingers on. Possible approaches include, but are not restricted to, the User Centric Smart card Ownership Model (UCOM), GlobalPlatform Consumer Centric Model, and Trusted Service Manager (TSM). In addition, multiapplication smart card architecture can be a GlobalPlatform Trusted Execution Environment (TEE) and/or User Centric Tamper-Resistant Device (UCTD), which provide cross-device security and privacy preservation platforms to their users. In the multiapplication smart card environment, there might not be a prior off-card trusted relationship between a smart card and an application provider. Therefore, as a possible solution to overcome the absence of prior trusted relationships, this paper proposes the concept of Trusted Platform Module (TPM) for smart cards (embedded devices) that can act as a point of reference for establishing the necessary trust between the device and an application provider, and among applications.

2015-05-04
Haciosman, M., Bin Ye, Howells, G..  2014.  Protecting and Identifiying Smartphone Apps Using Icmetrics. Emerging Security Technologies (EST), 2014 Fifth International Conference on. :94-98.

As web-server spoofing is increasing, we investigate a novel technology termed ICmetrics, used to identify fraud for given software/hardware programs based on measurable quantities/features. ICmetrics technology is based on extracting features from digital systems' operation that may be integrated together to generate unique identifiers for each of the systems or create unique profiles that describe the systems' actual behavior. This paper looks at the properties of the several behaviors as a potential ICmetrics features to identify android apps, it presents several quality features which meet the ICmetrics requirements and can be used for encryption key generation. Finally, the paper identifies four android apps and verifies the use of ICmetrics by identifying a spoofed app as a different app altogether.

Gimenez, A., Gamblin, T., Rountree, B., Bhatele, A., Jusufi, I., Bremer, P.-T., Hamann, B..  2014.  Dissecting On-Node Memory Access Performance: A Semantic Approach. High Performance Computing, Networking, Storage and Analysis, SC14: International Conference for. :166-176.

Optimizing memory access is critical for performance and power efficiency. CPU manufacturers have developed sampling-based performance measurement units (PMUs) that report precise costs of memory accesses at specific addresses. However, this data is too low-level to be meaningfully interpreted and contains an excessive amount of irrelevant or uninteresting information. We have developed a method to gather fine-grained memory access performance data for specific data objects and regions of code with low overhead and attribute semantic information to the sampled memory accesses. This information provides the context necessary to more effectively interpret the data. We have developed a tool that performs this sampling and attribution and used the tool to discover and diagnose performance problems in real-world applications. Our techniques provide useful insight into the memory behaviour of applications and allow programmers to understand the performance ramifications of key design decisions: domain decomposition, multi-threading, and data motion within distributed memory systems.
 

2015-05-05
Everspaugh, A., Yan Zhai, Jellinek, R., Ristenpart, T., Swift, M..  2014.  Not-So-Random Numbers in Virtualized Linux and the Whirlwind RNG. Security and Privacy (SP), 2014 IEEE Symposium on. :559-574.

Virtualized environments are widely thought to cause problems for software-based random number generators (RNGs), due to use of virtual machine (VM) snapshots as well as fewer and believed-to-be lower quality entropy sources. Despite this, we are unaware of any published analysis of the security of critical RNGs when running in VMs. We fill this gap, using measurements of Linux's RNG systems (without the aid of hardware RNGs, the most common use case today) on Xen, VMware, and Amazon EC2. Despite CPU cycle counters providing a significant source of entropy, various deficiencies in the design of the Linux RNG makes its first output vulnerable during VM boots and, more critically, makes it suffer from catastrophic reset vulnerabilities. We show cases in which the RNG will output the exact same sequence of bits each time it is resumed from the same snapshot. This can compromise, for example, cryptographic secrets generated after resumption. We explore legacy-compatible countermeasures, as well as a clean-slate solution. The latter is a new RNG called Whirlwind that provides a simpler, more-secure solution for providing system randomness.
 

Gregr, M., Veda, M..  2014.  Challenges with Transition and User Accounting in Next Generation Networks. Network Protocols (ICNP), 2014 IEEE 22nd International Conference on. :501-503.

Future networks may change the way how network administrators monitor and account their users. History shows that usually a completely new design (clean slate) is used to propose a new network architecture - e.g. Network Control Protocol to TCP/IP, IPv4 to IPv6 or IP to Recursive Inter Network Architecture. The incompatibility between these architectures changes the user accounting process as network administrators have to use different information to identify a user. The paper presents a methodology how it is possible to gather all necessary information needed for smooth transition between two incompatible architectures. The transition from IPv4 and IPv6 is used as a use case, but it should be able to use the same process with any new networking architecture.
 

Farag, M.M., Azab, M., Mokhtar, B..  2014.  Cross-layer security framework for smart grid: Physical security layer. Innovative Smart Grid Technologies Conference Europe (ISGT-Europe), 2014 IEEE PES. :1-7.

Security is a major challenge preventing wide deployment of the smart grid technology. Typically, the classical power grid is protected with a set of isolated security tools applied to individual grid components and layers ignoring their cross-layer interaction. Such an approach does not address the smart grid security requirements because usually intricate attacks are cross-layer exploiting multiple vulnerabilities at various grid layers and domains. We advance a conceptual layering model of the smart grid and a high-level overview of a security framework, termed CyNetPhy, towards enabling cross-layer security of the smart grid. CyNetPhy tightly integrates and coordinates between three interrelated, and highly cooperative real-time security systems crossing section various layers of the grid cyber and physical domains to simultaneously address the grid's operational and security requirements. In this article, we present in detail the physical security layer (PSL) in CyNetPhy. We describe an attack scenario raising the emerging hardware Trojan threat in process control systems (PCSes) and its novel PSL resolution leveraging the model predictive control principles. Initial simulation results illustrate the feasibility and effectiveness of the PSL.
 

Yongle Hao, Yizhen Jia, Baojiang Cui, Wei Xin, Dehu Meng.  2014.  OpenSSL HeartBleed: Security Management of Implements of Basic Protocols. P2P, Parallel, Grid, Cloud and Internet Computing (3PGCIC), 2014 Ninth International Conference on. :520-524.

With the rapid development of information technology, information security management is ever more important. OpenSSL security incident told us, there's distinct disadvantages of security management of current hierarchical structure, the software and hardware facilities are necessary to enforce security management on their implements of crucial basic protocols, in order to ease the security threats against the facilities in a certain extent. This article expounded cross-layer security management and enumerated 5 contributory factors for the core problems that management facing to.
 

Crisan, D., Birke, R., Barabash, K., Cohen, R., Gusat, M..  2014.  Datacenter Applications in Virtualized Networks: A Cross-Layer Performance Study. Selected Areas in Communications, IEEE Journal on. 32:77-87.

Datacenter-based Cloud computing has induced new disruptive trends in networking, key among which is network virtualization. Software-Defined Networking overlays aim to improve the efficiency of the next generation multitenant datacenters. While early overlay prototypes are already available, they focus mainly on core functionality, with little being known yet about their impact on the system level performance. Using query completion time as our primary performance metric, we evaluate the overlay network impact on two representative datacenter workloads, Partition/Aggregate and 3-Tier. We measure how much performance is traded for overlay's benefits in manageability, security and policing. Finally, we aim to assist the datacenter architects by providing a detailed evaluation of the key overlay choices, all made possible by our accurate cross-layer hybrid/mesoscale simulation platform.
 

Elwell, J., Riley, R., Abu-Ghazaleh, N., Ponomarev, D..  2014.  A Non-Inclusive Memory Permissions architecture for protection against cross-layer attacks. High Performance Computer Architecture (HPCA), 2014 IEEE 20th International Symposium on. :201-212.

Protecting modern computer systems and complex software stacks against the growing range of possible attacks is becoming increasingly difficult. The architecture of modern commodity systems allows attackers to subvert privileged system software often using a single exploit. Once the system is compromised, inclusive permissions used by current architectures and operating systems easily allow a compromised high-privileged software layer to perform arbitrary malicious activities, even on behalf of other software layers. This paper presents a hardware-supported page permission scheme for the physical pages that is based on the concept of non-inclusive sets of memory permissions for different layers of system software such as hypervisors, operating systems, and user-level applications. Instead of viewing privilege levels as an ordered hierarchy with each successive level being more privileged, we view them as distinct levels each with its own set of permissions. Such a permission mechanism, implemented as part of a processor architecture, provides a common framework for defending against a range of recent attacks. We demonstrate that such a protection can be achieved with negligible performance overhead, low hardware complexity and minimal changes to the commodity OS and hypervisor code.
 

Torrieri, D..  2014.  Cyber Maneuvers and Maneuver Keys. Military Communications Conference (MILCOM), 2014 IEEE. :262-267.

This paper presents an overview of cyber maneuvers and their roles in cyber security. As the cyber war escalates, a strategy that preemptively limits and curtails attacks is required. Such a proactive strategy is called a cyber maneuver and is a refinement of the concept of a moving-target defense, which includes both reactive and proactive network changes. The major advantages of cyber maneuvers relative to other moving-target defenses are described. The use of maneuver keys in making cyber maneuvers much more feasible and affordable is explained. As specific examples, the applications of maneuver keys in encryption algorithms and as spread-spectrum keys are described. The integration of cyber maneuvers into a complete cyber security system with intrusion detection, identification of compromised nodes, and secure rekeying is presented. An example of secure rekeying despite the presence of compromised nodes is described.
 

Vijayakumar, R., Selvakumar, K., Kulothungan, K., Kannan, A..  2014.  Prevention of multiple spoofing attacks with dynamic MAC address allocation for wireless networks. Communications and Signal Processing (ICCSP), 2014 International Conference on. :1635-1639.

In wireless networks, spoofing attack is one of the most common and challenging attacks. Due to these attacks the overall network performance would be degraded. In this paper, a medoid based clustering approach has been proposed to detect a multiple spoofing attacks in wireless networks. In addition, a Enhanced Partitioning Around Medoid (EPAM) with average silhouette has been integrated with the clustering mechanism to detect a multiple spoofing attacks with a higher accuracy rate. Based on the proposed method, the received signal strength based clustering approach has been adopted for medoid clustering for detection of attacks. In order to prevent the multiple spoofing attacks, dynamic MAC address allocation scheme using MD5 hashing technique is implemented. The experimental results shows, the proposed method can detect spoofing attacks with high accuracy rate and prevent the attacks. Thus the overall network performance is improved with high accuracy rate.
 

Bhandari, P., Gujral, M.S..  2014.  Ontology based approach for perception of network security state. Engineering and Computational Sciences (RAECS), 2014 Recent Advances in. :1-6.

This paper presents an ontological approach to perceive the current security status of the network. Computer network is a dynamic entity whose state changes with the introduction of new services, installation of new network operating system, and addition of new hardware components, creation of new user roles and by attacks from various actors instigated by aggressors. Various security mechanisms employed in the network does not give the complete picture of security of complete network. In this paper we have proposed taxonomy and ontology which may be used to infer impact of various events happening in the network on security status of the network. Vulnerability, Network and Attack are the main taxonomy classes in the ontology. Vulnerability class describes various types of vulnerabilities in the network which may in hardware components like storage devices, computing devices or networks devices. Attack class has many subclasses like Actor class which is entity executing the attack, Goal class describes goal of the attack, Attack mechanism class defines attack methodology, Scope class describes size and utility of the target, Automation level describes the automation level of the attack Evaluation of security status of the network is required for network security situational awareness. Network class has network operating system, users, roles, hardware components and services as its subclasses. Based on this taxonomy ontology has been developed to perceive network security status. Finally a framework, which uses this ontology as knowledgebase has been proposed.
 

Coatsworth, M., Tran, J., Ferworn, A..  2014.  A hybrid lossless and lossy compression scheme for streaming RGB-D data in real time. Safety, Security, and Rescue Robotics (SSRR), 2014 IEEE International Symposium on. :1-6.

Mobile and aerial robots used in urban search and rescue (USAR) operations have shown the potential for allowing us to explore, survey and assess collapsed structures effectively at a safe distance. RGB-D cameras, such as the Microsoft Kinect, allow us to capture 3D depth data in addition to RGB images, providing a significantly richer user experience than flat video, which may provide improved situational awareness for first responders. However, the richer data comes at a higher cost in terms of data throughput and computing power requirements. In this paper we consider the problem of live streaming RGB-D data over wired and wireless communication channels, using low-power, embedded computing equipment. When assessing a disaster environment, a range camera is typically mounted on a ground or aerial robot along with the onboard computer system. Ground robots can use both wireless radio and tethers for communications, whereas aerial robots can only use wireless communication. We propose a hybrid lossless and lossy streaming compression format designed specifically for RGB-D data and investigate the feasibility and usefulness of live-streaming this data in disaster situations.
 

2015-05-06
Kuklinski, S..  2014.  Programmable management framework for evolved SDN. Network Operations and Management Symposium (NOMS), 2014 IEEE. :1-8.

In the paper a programmable management framework for SDN networks is presented. The concept is in-line with SDN philosophy - it can be programmed from scratch. The implemented management functions can be case dependent. The concept introduces a new node in the SDN architecture, namely the SDN manager. In compliance with the latest trends in network management the approach allows for embedded management of all network nodes and gradual implementation of management functions providing their code lifecycle management as well as the ability to on-the-fly code update. The described concept is a bottom-up approach, which key element is distributed execution environment (PDEE) that is based on well-established technologies like OSGI and FIPA. The described management idea has strong impact on the evolution of the SDN architecture, because the proposed distributed execution environment is a generic one, therefore it can be used not only for the management, but also for distributing of control or application functions.
 

Kitsos, Paris, Voyiatzis, Artemios G..  2014.  Towards a hardware Trojan detection methodology. Embedded Computing (MECO), 2014 3rd Mediterranean Conference on. :18-23.

Malicious hardware is a realistic threat. It can be possible to insert the malicious functionality on a device as deep as in the hardware design flow, long before manufacturing the silicon product. Towards developing a hardware Trojan horse detection methodology, we analyze capabilities and limitations of existing techniques, framing a testing strategy for uncovering efficiently hardware Trojan horses in mass-produced integrated circuits.
 

Kumar, P., Srinivasan, R..  2014.  Detection of hardware Trojan in SEA using path delay. Electrical, Electronics and Computer Science (SCEECS), 2014 IEEE Students' Conference on. :1-6.

Detecting hardware Trojan is a difficult task in general. The context is that of a fabless design house that sells IP blocks as GDSII hard macros, and wants to check that final products have not been infected by Trojan during the foundry stage. In this paper we analyzed hardware Trojan horses insertion and detection in Scalable Encryption Algorithm (SEA) crypto. We inserted Trojan at different levels in the ASIC design flow of SEA crypto and most importantly we focused on Gate level and layout level Trojan insertions. We choose path delays in order to detect Trojan at both levels in design phase. Because the path delays detection technique is cost effective and efficient method to detect Trojan. The comparison of path delays makes small Trojan circuits significant from a delay point of view. We used typical, fast and slow 90nm libraries in order to estimate the efficiency of path delay technique in different operating conditions. The experiment's results show that the detection rate on payload Trojan is 100%.