7 research outputs found
Improved Side-Channel Analysis Attacks on Xilinx Bitstream Encryption of 5, 6, and 7 Series
Since 2012, it is publicly known that the bitstream encryption feature of modern Xilinx FPGAs can be broken by side-channel analysis. Presented at CT-RSA 2012, using graphics processing units (GPUs) the authors demonstrated power analysis attacks mounted on side-channel evaluation boards optimized for power measurements. In this work, we extend such attacks by moving to the EM side channel to examine their practical relevance in real-world scenarios. Furthermore, by following a certain measurement procedure we reduce the search space of each part of the attack from 2^{32} to 2^8, which allows mounting the attacks on ordinary workstations. Several Xilinx FPGAs from different families - including the 7 series devices - are susceptible to the attacks presented here
Insights into the Mind of a Trojan Designer: The Challenge to Integrate a Trojan into the Bitstream
The threat of inserting hardware Trojans during the design, production, or
in-field poses a danger for integrated circuits in real-world applications. A
particular critical case of hardware Trojans is the malicious manipulation of
third-party FPGA configurations. In addition to attack vectors during the
design process, FPGAs can be infiltrated in a non-invasive manner after
shipment through alterations of the bitstream. First, we present an improved
methodology for bitstream file format reversing. Second, we introduce a novel
idea for Trojan insertion
Hardware Security Evaluation of MAX 10 FPGA
With the ubiquity of IoT devices there is a growing demand for
confidentiality and integrity of data. Solutions based on reconfigurable logic
(CPLD or FPGA) have certain advantages over ASIC and MCU/SoC alternatives.
Programmable logic devices are ideal for both confidentiality and upgradability
purposes. In this context the hardware security aspects of CPLD/FPGA devices
are paramount. This paper shows preliminary evaluation of hardware security in
Intel MAX 10 devices. These FPGAs are one of the most suitable candidates for
applications demanding extensive features and high level of security. Their
strong and week security aspects are revealed and some recommendations are
suggested to counter possible security vulnerabilities in real designs. This is
a feasibility study paper. Its purpose is to highlight the most vulnerable
areas to attacks aimed at data extraction and reverse engineering. That way
further investigations could be performed on specific areas of concern
ISAP – Towards Side-Channel Secure Authenticated Encryption
Side-channel attacks and in particular differential power analysis (DPA) attacks pose a serious threat to cryptographic implementations. One approach to counteract such attacks are cryptographic schemes based on fresh re-keying. In settings of pre-shared secret keys, such schemes render DPA attacks infeasible by deriving session keys and by ensuring that the attacker cannot collect side-channel leakage on the session key during cryptographic operations with different inputs. While these schemes can be applied to secure standard communication settings, current re-keying approaches are unable to provide protection in settings where the same input needs to be processed multiple times. In this work, we therefore adapt the re-keying approach and present a symmetric authenticated encryption scheme that is secure against DPA attacks and that does not have such a usage restriction. This means that our scheme fully complies with the requirements given in the CAESAR call and hence, can be used like other noncebased authenticated encryption schemes without loss of side-channel protection. Its resistance against side-channel analysis is highly relevant for several applications in practice, like bulk storage settings in general and the protection of FPGA bitfiles and firmware images in particular