The Side-Channel Metrics Cheat Sheet

Side-channel attacks exploit a physical observable originating from a cryptographic device in order to extract its secrets. Many practically relevant advances in the field of side-channel analysis relate to security evaluations of cryptographic functions and devices. Accordingly, many metrics have been adopted or defined to express and quantify side-channel security. These metrics can relate to one another, but also conflict in terms of effectiveness, assumptions and security goals. In this work, we review the most commonly used metrics in the field of side-channel analysis. We provide a self-contained presentation of each metric, along with a discussion of its limitations. We practically demonstrate the metrics on examples of relevant implementations of the Advanced Encryption Standard (AES), and make the software implementation of the presented metrics available to the community as open source. This work, being beyond a survey of the current status of metrics, will allow researchers and practitioners to produce a well-informed security evaluation through a better understanding of its supporting and summarizing metrics

Parallel FPGA routing: Survey and challenges

As transistor scaling is slowing down [1], other opportunities for ensuring continuous performance increase have to be explored. Field programmable gate arrays (FPGAs) are in the spotlight these days: not only due to their malleability and energy efficiency, but also because FPGAs have recently been integrated into the cloud [2]. The latter makes them available to everyone in need of the immense computing power and data throughput they can offer. However, one important issue needs to be resolved first - the time to compile an industrial-scale design for an FPGA must be drastically reduced. Researchers have been looking for ways to accelerate FPGA routing through parallelism, since routing is one of the most time-consuming compilation steps. However, the ideal solution has not been found yet. This paper provides a survey of parallel FPGA routers, with the aim to identify their strengths and weaknesses, thus suggesting directions to take in further efforts for acceleration

FPGA-Assisted Deterministic Routing for FPGAs

FPGA routing is one of the most time-consuming steps of FPGA compilation, often preventing fast edit-compile-test cycles in prototyping and development. There have been attempts to accelerate FPGA routing using algorithmic improvements, multi-core or multi-CPU platforms. Instead, we propose porting FPGA routing to a CPU+FPGA platform. Motivated by the approaches used in FPGA-accelerated graph processing, we propose and implement three acceleration strategies: (1) reducing the number of expensive random memory accesses, (2) parallel and pipelined computation, and (3) efficient hardware priority queues. To test and evaluate the router performance, we implement it on DE1-SoC, a mid-end ARM+FPGA platform of Intel. Our router works and produces good quality results. Moreover, we succeed in accelerating the software router running on the embedded ARM. However, when compared to the latest VPR router running on a powerful Intel Core-i5 CPU, our CPU+FPGA router is slower. This is not unexpected, given the limited performance of the chosen hardware platform. Since this design can easily be ported to newer and higher-end CPU+FPGA systems, we estimate the performance it could achieve; the results indicate that a non-negligible speedup over the software-only router could indeed be obtained

Timing Violation Induced Faults in Multi-Tenant FPGAs

FPGAs have made their way into the cloud, allowing users to gain remote access to the state-of-the-art reconfigurable fabric and implement their custom accelerators. Since FPGAs are large enough to accommodate multiple independent designs, the multi-tenant user scenario may soon be prevalent in cloud computing environments. However, shared use of an FPGA raises security concerns. Recently discovered hardware Trojans for use in multi-tenant FPGA settings target denial-of-service attacks, power side-channel attacks, and crosstalk side-channel attacks. In this work, we present an attack method for causing timing-constraints violation in the multi-tenant FPGA setting. This type of attack is very dangerous as the consequences of timing faults are temporary errors, which are often impossible to notice. We demonstrate the attack on a set of self-timed true random number generators (STRNGs), frequently used in cryptographic applications. When the attack is launched, the STRNG outputs become biased and fail randomness tests. However, after the attack, STRNGs recover and continue generating random bits

Physical Side-Channel Attacks and Covert Communication on FPGAs: A Survey

Field-programmable gate arrays (FPGAs) are, like CPUs, susceptible to side-channel information leakage and covert communication. The malleability of FPGAs enables users to create and control physical effects, and sense and measure the consequences. With FPGAs becoming integrated into the cloud, a range of hardware-and software-based attacks may be waiting to be discovered. In this survey, we focus on physical channels used for side-channel attacks or covert communication. Physical channels are those that exist due to the physical properties of FPGAs, for example: power consumption, temperature, or electromagnetic emission. We include the most recent demonstrations of malicious or unintended use of physical channels in remote and/or shared FPGAs, propose taxonomies, compare the efficiency and feasibility of the attacks, and discuss challenges in preventing them

Deterministic Parallel Routing for FPGAs based on Galois Parallel Execution Model

This paper describes a deterministic and parallel implementation of the VPR routability-driven router for FPGAs. We considered two parallefization strategies: (1) routing multiple nets in parallel; and (2) routing one net at a time, while parallelizing the Maze Expansion step. Using eight threads running on eight cores, the two methods achieved speedups of 1.84 x and 3.67 x, respectively, compared to VPR's single threaded routability-driven router. Removing the determinism requirement increased these respective speedups to 2.67 x and 5.46 x, while sacrificing the guarantee of reproducible results

Development of a Lightning Location System Based on Electromagnetic Time Reversal: Technical Challenges and Expected Gain

The basic principles on which commercial Lightning Location Systems are based have not changed since their inception and the research and innovation efforts in the field have been essentially aimed at refining the location accuracy and at improving the discrimination and grouping algorithms of different types of lightning. Time Reversal is a promising technique that has recently received attention for source location and has been shown to be applicable to lightning location with improved performance. This paper describes the technique and the challenges involved in the development of such a system

A Shared-Memory Parallel Implementation of the RePlAce Global Cell Placer

RePlAce is a state-of-the-art prototype of a flat, analytic, and nonlinear global cell placement algorithm, which models a placement instance as an electrostatic system with positively charged objects. It can handle large-scale standard-cell and mixed-cell placement, while achieving shorter wirelength and similar or shorter runtimes than other state-of-the-art placers on the ISPD-2005/2006 standard-cell benchmarks; however, the runtime of RePlAce on these benchmarks ranges from 15 minutes to 5+ hours on a 2.6 GHz Intel Xeon server running a single thread, rendering development cycles prohibitively long. To address this concern, this paper introduces a multi-threaded shared-memory implementation of RePlAce. The contributions include techniques to reduce memory contention and to effectively balance the workload among threads, targeting the most substantial performance bottlenecks. With 2–12 threads, our parallel RePlAce speeds up the bin density function by a factor of 4.2–10×, the wirelength function by a factor of 2.3–3×, and the cost gradient function by a factor of 2.9–6.6× compared to the single-threaded original RePlAce baseline. Moreover, our parallel RePlAce is ≈3.5× faster than the state-of-the-art PyTorch-based placer DREAMPlace, when both are running on 12 CPU cores

A machine learning approach for power gating the FPGA routing network

Power gating is a common approach for reducing circuit static power consumption. In FPGAs, resources that dominate static power consumption lie in the routing network. Researchers have proposed several heuristics for clustering multiplexers in the routing network into power-gating regions. In this paper, we propose a fundamentally different approach based on K-means clustering, an algorithm commonly used in machine learning. Experimental results on Titan benchmarks and Stratix-IV FPGA architecture show that our proposed clustering algorithms outperform the state of the art. For example, for 32 power-gating regions in FPGA routing switch matrices, we achieve (on average) almost 1.4× higher savings (37.48% vs. 26.94%) in the static power consumption of the FPGA routing resources at lower area overhead than the most efficient heuristic published so far

Quasi-impulse response of frequency-periodic microwave networks

Microwave networks with parameters that are periodic in the frequency domain are found in many RF subsystems, e.g., in radar and wireless communication devices. This paper analyses the impulse response (IR) of those microwave networks, obtained by applying the inverse Fourier transform to data limited to the basic passband only. Here, we refer to such an IR as a quasi-impulse response (QIR). We investigate mathematical relations between the QIR and the exact IR. Additionally, we theoretically and experimentally demonstrate the importance of considering the parasitic passbands of these microwave networks when calculating the IR. Our insight is that neglecting the parasitic passbands can lead to unforeseen EMC problems and security vulnerabilities because these passbands may be entrance points for interference. We believe these results to be particularly important when considering intentional electromagnetic attacks