24 research outputs found
Active Fences against Voltage-based Side Channels in Multi-Tenant FPGAs
Dynamic and partial reconfiguration together with hardware parallelism make FPGAs attractive as virtualized accelerators. However, recently it has been shown that multi-tenant FPGAs are vulnerable to remote side-channel attacks (SCA) from malicious users, allowing them to extract secret keys without a logical connection to the victim core. Typical mitigations against such attacks are hiding and masking schemes, to increase attackersâ efforts in terms of side-channel measurements. However, they require significant efforts and tailoring for a specific algorithm, hardware implementation and mapping. In this paper, we show a hiding countermeasure against voltage-based SCA that can be integrated into any implementation, without requiring modifications or tailoring to the protected module. We place a properly mapped Active Fence of ring oscillators between victim and attacker circuit, enabled as a feedback of an FPGA-based sensor, leading to reduced side-channel leakage. Our experimental results based on a Lattice ECP5 FPGA and an AES-128 module show that two orders of magnitude more traces are needed for a successful key recovery, while no modifications to the underlying cryptographic module are necessary
Analysis and Mitigation of Remote Side-Channel and Fault Attacks on the Electrical Level
In der fortlaufenden Miniaturisierung von integrierten Schaltungen werden physikalische Grenzen erreicht, wobei beispielsweise Einzelatomtransistoren eine mögliche untere Grenze fĂŒr StrukturgröĂen darstellen.
Zudem ist die Herstellung der neuesten Generationen von Mikrochips heutzutage finanziell nur noch von groĂen, multinationalen Unternehmen zu stemmen.
Aufgrund dieser Entwicklung ist Miniaturisierung nicht lÀnger die treibende Kraft um die Leistung von elektronischen Komponenten weiter zu erhöhen.
Stattdessen werden klassische Computerarchitekturen mit generischen Prozessoren weiterentwickelt zu heterogenen Systemen mit hoher ParallelitÀt und speziellen Beschleunigern.
Allerdings wird in diesen heterogenen Systemen auch der Schutz von privaten Daten gegen Angreifer zunehmend schwieriger.
Neue Arten von Hardware-Komponenten, neue Arten von Anwendungen und eine allgemein erhöhte KomplexitÀt sind einige der Faktoren, die die Sicherheit in solchen Systemen zur Herausforderung machen.
Kryptografische Algorithmen sind oftmals nur unter bestimmten Annahmen ĂŒber den Angreifer wirklich sicher.
Es wird zum Beispiel oft angenommen, dass der Angreifer nur auf Eingaben und Ausgaben eines Moduls zugreifen kann, wÀhrend interne Signale und Zwischenwerte verborgen sind.
In echten Implementierungen zeigen jedoch Angriffe ĂŒber SeitenkanĂ€le und Faults die Grenzen dieses sogenannten Black-Box-Modells auf.
WĂ€hrend bei Seitenkanalangriffen der Angreifer datenabhĂ€ngige MessgröĂen wie Stromverbrauch oder elektromagnetische Strahlung ausnutzt, wird bei Fault Angriffen aktiv in die Berechnungen eingegriffen, und die falschen Ausgabewerte zum Finden der geheimen Daten verwendet.
Diese Art von Angriffen auf Implementierungen wurde ursprĂŒnglich nur im Kontext eines lokalen Angreifers mit Zugriff auf das ZielgerĂ€t behandelt.
Jedoch haben bereits Angriffe, die auf der Messung der Zeit fĂŒr bestimmte Speicherzugriffe basieren, gezeigt, dass die Bedrohung auch durch Angreifer mit Fernzugriff besteht.
In dieser Arbeit wird die Bedrohung durch Seitenkanal- und Fault-Angriffe ĂŒber Fernzugriff behandelt, welche eng mit der Entwicklung zu mehr heterogenen Systemen verknĂŒpft sind.
Ein Beispiel fĂŒr neuartige Hardware im heterogenen Rechnen sind Field-Programmable Gate Arrays (FPGAs), mit welchen sich fast beliebige Schaltungen in programmierbarer Logik realisieren lassen.
Diese Logik-Chips werden bereits jetzt als Beschleuniger sowohl in der Cloud als auch in EndgerÀten eingesetzt.
Allerdings wurde gezeigt, wie die FlexibilitÀt dieser Beschleuniger zur Implementierung von Sensoren zur AbschÀtzung der Versorgungsspannung ausgenutzt werden kann.
Zudem können durch eine spezielle Art der Aktivierung von groĂen Mengen an Logik Berechnungen in anderen Schaltungen fĂŒr Fault Angriffe gestört werden.
Diese Bedrohung wird hier beispielsweise durch die Erweiterung bestehender Angriffe weiter analysiert und es werden Strategien zur Absicherung dagegen entwickelt
Recommended from our members
FPGA Security Techniques with Applications to Cloud and Multi-Tenant Use Cases
Field programmable gate arrays (FPGAs) are integrated circuits that consist of programmable logic that a user can configure and deploy for applications such as hardware emulation and accelerating high performance computing. In recent years, the emergence of FPGAs in the cloud has led to research on multi-tenant FPGAs. In a multi-tenant scenario, the same FPGA fabric is shared among multiple users, or among multiple untrusting IP cores. Multi-tenancy has economic benefits, largely due to improvements in resource utilization, but also brings new security concerns since the tenants could behave maliciously. Although the tenants sharing an FPGA are logically isolated from each other, they may still have unintended interactions through side channel attacks and fault attacks. In this dissertation, we aim to evaluate security threats and defenses in the multi-tenant FPGA scenario. Firstly, the work in this dissertation studies a true random number generator (TRNG) on cloud FPGAs that is robust against voltage manipulation from co-tenants. The TRNG design is based on harvesting clock jitter using a tunable time-to-digital converter circuit. In accordance with best practices, a stochastic model is built to evaluate the min-entropy of the design, and further validated by NIST entropy assessment test suite and NIST statistical tests. The basic version of the TRNG is extended with a linkable sampling module to increase min-entropy per sample and throughput at a modest resource cost. Then the dissertation analyzes a type of fault attack that can be conducted by one tenant against another in a multi-tenant setting. Specifically, the fault attack is differential fault intensity analysis (DFIA), which is a biased-fault based attack on Advanced Encryption Standard (AES) circuits. Ring oscillators (ROs) are deployed as effective power wasters to cause a supply voltage drop through the shared power distribution network (PDN) of tenants. The attack is highly relevant to multi-tenant scenarios because the attacking tenant can create the voltage drop without physical access, and can precisely control the shape of the voltage drop by adjusting both the number of activated ROs and their duration as required for the attack. The voltage drop will in turn increase the delay in the logic and eventually cause specific timing faults which are analyzed to successfully recover the AES keys. In the last part, we use on-chip voltage sensors to detect the location of a target circuits. The sensing scheme leverages time-to-digital converters (TDCs) as voltage sensors, and a novel differential analysis is applied to the sensor data. In a multi-tenant setting, this method can be used either as part of a defensive scheme to monitor against attacks, or it can be used to probe a system and determine how to effectively target an attack to a particular co-tenant victim
FPGA-Patch: Mitigating Remote Side-Channel Attacks on FPGAs using Dynamic Patch Generation
We propose FPGA-Patch, the first-of-its-kind defense that leverages automated
program repair concepts to thwart power side-channel attacks on cloud FPGAs.
FPGA-Patch generates isofunctional variants of the target hardware by injecting
faults and finding transformations that eliminate failure. The obtained
variants display different hardware characteristics, ensuring a maximal
diversity in power traces once dynamically swapped at run-time. Yet, FPGA-Patch
forces the variants to have enough similarity, enabling bitstream compression
and minimizing dynamic exchange costs. Considering AES running on AMD/Xilinx
FPGA, FPGA-Patch increases the attacker's effort by three orders of magnitude,
while preserving the performance of AES and a minimal area overhead of 14.2%.Comment: 6 page
Defense against ML-based Power Side-channel Attacks on DNN Accelerators with Adversarial Attacks
Artificial Intelligence (AI) hardware accelerators have been widely adopted
to enhance the efficiency of deep learning applications. However, they also
raise security concerns regarding their vulnerability to power side-channel
attacks (SCA). In these attacks, the adversary exploits unintended
communication channels to infer sensitive information processed by the
accelerator, posing significant privacy and copyright risks to the models.
Advanced machine learning algorithms are further employed to facilitate the
side-channel analysis and exacerbate the privacy issue of AI accelerators.
Traditional defense strategies naively inject execution noise to the runtime of
AI models, which inevitably introduce large overheads.
In this paper, we present AIAShield, a novel defense methodology to safeguard
FPGA-based AI accelerators and mitigate model extraction threats via
power-based SCAs. The key insight of AIAShield is to leverage the prominent
adversarial attack technique from the machine learning community to craft
delicate noise, which can significantly obfuscate the adversary's side-channel
observation while incurring minimal overhead to the execution of the protected
model. At the hardware level, we design a new module based on ring oscillators
to achieve fine-grained noise generation. At the algorithm level, we repurpose
Neural Architecture Search to worsen the adversary's extraction results.
Extensive experiments on the Nvidia Deep Learning Accelerator (NVDLA)
demonstrate that AIAShield outperforms existing solutions with excellent
transferability
Voltage-based Covert Channels using FPGAs
FPGAs are increasingly used in cloud applications and being integrated into Systems-on-Chip (SoCs).
For these systems, various side-channel attacks on cryptographic implementations have been reported, motivating to apply proper countermeasures.
Beyond cryptographic implementations, maliciously introduced covert channel receivers and transmitters can allow to exfiltrate other secret information from the FPGA.
In this paper, we present a fast covert channel on FPGAs, which exploits the on-chip power distribution network.
This can be achieved without any logical connection between the transmitter and receiver blocks.
Compared to a recently published covert channel with an estimated 4.8 Mbit/s transmission speed, we show 8 Mbit/s transmission and reduced errors from around 3% to less than 0.003%.
Furthermore, we demonstrate proper transmissions of word-size messages and test the channel in the presence of noise generated from other residing tenants\u27 modules in the FPGA. When we place and operate other co-tenant modules that require 85% of the total FPGA area, the error rate increases to 0.02%, depending on the platform and setup.
This error rate is still reasonably low for a covert channel.
Overall, the transmitter and receiver work with less than 3-5% FPGA LUT resources together.
We also show the feasibility of other types of covert channel transmitters, in the form of synchronous circuits within the FPGA