13 research outputs found
Insights into the Mind of a Trojan Designer: The Challenge to Integrate a Trojan into the Bitstream
The threat of inserting hardware Trojans during the design, production, or
in-field poses a danger for integrated circuits in real-world applications. A
particular critical case of hardware Trojans is the malicious manipulation of
third-party FPGA configurations. In addition to attack vectors during the
design process, FPGAs can be infiltrated in a non-invasive manner after
shipment through alterations of the bitstream. First, we present an improved
methodology for bitstream file format reversing. Second, we introduce a novel
idea for Trojan insertion
FPGA Trojans through Detecting and Weakening of Cryptographic Primitives
This paper investigates a novel attack vector against
cryptography realized on FPGAs, which poses a serious threat to
real-world applications.We demonstrate how a targeted bitstream
modification can seriously weaken cryptographic algorithms,
which we show with the examples of AES and 3DES. The attack
is performed by modifying the FPGA bitstream that configures
the hardware elements during initialization. Recently, it has
been shown that cloning of FPGA designs is feasible, even if
the bitstream is encrypted. However, due to its proprietary file
format, a meaningful modification is very challenging. While
some previous work addressed bitstream reverse-engineering,
so far it has not been evaluated how difficult it is to detect
and modify cryptographic elements. We outline two possible
practical attacks that have serious security implications. We
target the S-boxes of block ciphers that can be implemented
in look-up tables or stored as precomputed set of values in the
memory of the FPGA. We demonstrate that it is possible to
detect and apply meaningful changes to cryptographic elements
inside an unknown, proprietary and undocumented bitstream.
Our proposed attack does not require any knowledge of the
internal routing. Furthermore, we show how an AES key can
be revealed within seconds. Finally, we discuss countermeasures
that can raise the bar for an adversary to successfully perform
this kind of attack
Bitstream Fault Injections (BiFI) – Automated Fault Attacks against SRAM-based FPGAs
This contribution is concerned with the question whether an adversary can automatically manipulate an unknown FPGA bitstream realizing a cryptographic primitive such that the underlying secret key is revealed. In general, if an attacker has full knowledge about the bitstream structure and can make changes to the target FPGA design, she can alter the bitstream leading to key recovery. However, this requires challenging reverse-engineering steps in practice. We argue that this is a major reason why bitstream fault injection attacks have been largely neglected in the past. In this paper, we show that malicious bitstream modifications are i) much easier to conduct than commonly assumed and ii) surprisingly powerful. We introduce a novel class of bitstream fault injection (BiFI) attacks which does not require any reverse-engineering. Our attacks can be automatically mounted without any detailed knowledge about either the bitstream format of the design or the crypto primitive which is being attacked. Bitstream encryption features do not necessarily prevent our attack if the integrity of the encrypted bitstream is not carefully checked. We have successfully verified the feasibility of our attacks in practice by considering several publicly available AES designs. As target platforms, we have conducted our experiments on Spartan-6 and Virtex-5 Xilinx FPGAs
Interdiction in Practice – Hardware Trojan Against a High-Security USB Flash Drive
As part of the revelations about the NSA activities,
the notion of interdiction has become known to the public:
the interception of deliveries to manipulate hardware in a way
that backdoors are introduced. Manipulations can occur on
the firmware or at hardware level. With respect to hardware,
FPGAs are particular interesting targets as they can be altered
by manipulating the corresponding bitstream which configures
the device. In this paper, we demonstrate the first successful
real-world FPGA hardware Trojan insertion into a commercial
product. On the target device, a FIPS-140-2 level 2 certified USB
flash drive from Kingston, the user data is encrypted using AES-256 in XTS mode, and the encryption/decryption is processed by
an off-the-shelf SRAM-based FPGA. Our investigation required
two reverse-engineering steps, related to the proprietary FPGA
bitstream and to the firmware of the underlying ARM CPU. In
our Trojan insertion scenario the targeted USB flash drive is
intercepted before being delivered to the victim. The physical
Trojan insertion requires the manipulation of the SPI flash
memory content, which contains the FPGA bitstream as well
as the ARM CPU code. The FPGA bitstream manipulation
alters the exploited AES-256 algorithm in a way that it turns
into a linear function which can be broken with 32 known
plaintext-ciphertext pairs. After the manipulated USB flash drive
has been used by the victim, the attacker is able to obtain all
user data from the ciphertexts. Our work indeed highlights the
security risks and especially the practical relevance of bitstream
modification attacks that became realistic due to FPGA bitstream
manipulations
HAL — The Missing Piece of the Puzzle for Hardware Reverse Engineering, Trojan Detection and Insertion
Hardware manipulations pose a serious threat to numerous systems, ranging from a myriad of smart-X devices to military systems. In many attack scenarios an adversary merely has access to the low-level, potentially obfuscated gate-level netlist. In general, the attacker possesses minimal information and faces the costly and time-consuming task of reverse engineering the design to identify security-critical circuitry, followed by the insertion of a meaningful hardware Trojan. These challenges have been considered only in passing by the research community. The contribution of this work is threefold: First, we present HAL, a comprehensive reverse engineering and manipulation framework for gate-level netlists. HAL allows automating defensive design analysis (e.g., including arbitrary Trojan detection algorithms with minimal effort) as well as offensive reverse engineering and targeted logic insertion. Second, we present a novel static analysis Trojan detection technique ANGEL which considerably reduces the false-positive detection rate of the detection technique FANCI. Furthermore, we demonstrate that ANGEL is capable of automatically detecting Trojans obfuscated with DeTrust. Third, we demonstrate how a malicious party can semi-automatically inject hardware Trojans into third-party designs. We present reverse engineering algorithms to disarm and trick cryptographic self-tests, and subtly leak cryptographic keys without any a priori knowledge of the design’s internal workings
Proteomic Modeling for HIV-1 Infected Microglia-Astrocyte Crosstalk
Background: HIV-1-infected and immune competent brain mononuclear phagocytes (MP; macrophages and microglia) secrete cellular and viral toxins that affect neuronal damage during advanced disease. In contrast, astrocytes can affect disease by modulating the nervous system’s microenvironment. Interestingly, little is known how astrocytes communicate with MP to influence disease. Methods and Findings: MP-astrocyte crosstalk was investigated by a proteomic platform analysis using vesicular stomatitis virus pseudotyped HIV infected murine microglia. The microglial-astrocyte dialogue was significant and affected microglial cytoskeleton by modulation of cell death and migratory pathways. These were mediated, in part, through F-actin polymerization and filament formation. Astrocyte secretions attenuated HIV-1 infected microglia neurotoxicity and viral growth linked to the regulation of reactive oxygen species. Conclusions: These observations provide unique insights into glial crosstalk during disease by supporting astrocytemediated regulation of microglial function and its influence on the onset and progression of neuroAIDS. The results open new insights into previously undisclosed pathogenic mechanisms and open the potential for biomarker discovery an
Bitstream-based attacks against reconfigurable hardware
In den letzten drei Jahrzehnten haben sich FPGAs zu fortgeschrittenen re-programmierbaren Hardwarebausteinen entwickelt und wurden zu elementaren Komponenten für zahlreiche Informations- und Kommunikationssysteme. SRAM-basierte FPGAs werden in Anwendungen wie der Luft- und Raumfahrt, dem Gesundheitswesen, dem Militärbereich, der Automobilindustrie und in Computernetzwerken sowie Datenzentren genutzt. Viele Anwendungen sind sicherheitskritisch und benötigen deshalb kryptographische Operationen beispielsweise zur Generierung von Zufallszahlen, zum Schlüsselaustausch oder zur Verschlüsselung von Daten. In der Praxis werden kryptographische Schaltkreise durch proprietäre Bitstreams kodiert, welche für Angreifer häufig zugänglich sind, da diese extern über einen Konfigurationsbus übertragen und somit abgefangen bzw. ausgelesen werden können. Diese Arbeit zeigt auf, dass es einem Angreifer möglich ist kryptographische Hardwarekonfigurationen durch Bitstreammanipulationen zu kompromittieren
Physical security evaluation of the bitstream encryption mechanism of altera stratix II and stratix III FPGAs
To protect Field-Programmable Gate Array (FPGA) designs against Intellectual Property (IP) theft and related issues such as product cloning, all major FPGA manufacturers offer a mechanism to encrypt the bitstream that is used to configure the FPGA. From a mathematical point of view, the employed encryption algorithms (e.g., Advanced Encryption Standard (AES) or 3DES) are highly secure. However, it has been shown that the bitstream encryption feature of several FPGA families is susceptible to side-channel attacks based on measuring the power consumption of the cryptographic module. In this article, we present the first successful attack on the bitstream encryption of the Altera Stratix II and Stratix III FPGA families. To this end, we analyzed the Quartus II software and reverse engineered the details of the proprietary and unpublished schemes used for bitstream encryption on Stratix II and Stratix III. Using this knowledge, we demonstrate that the full 128-bit AES key of a Stratix II as well as the full 256-bit AES key of a Stratix III can be recovered by means of side-channel attacks. In both cases, the attack can be conducted in a few hours. The complete bitstream of these FPGAs that are (seemingly) protected by the bitstream encryption feature can hence fall into the hands of a competitor or criminal—possibly implying system-wide damage if confidential information such as proprietary encryption schemes or secret keys programmed into the FPGA are extracted. In addition to lost IP, reprogramming the attacked FPGA with modified code, for instance, to secretly plant a hardware Trojan, is a particularly dangerous scenario for many security-critical applications.</jats:p
Protecting against Cryptographic Trojans in FPGAs
International audienceIn contrast to ASICs, hardware Trojans can potentially be injected into FPGA designs post-manufacturing by bit-stream alteration. Hardware Trojans which target cryptographic primitives are particularly interesting for an adversary because a weakened primitive can lead to a complete loss of system security. One problem an attacker has to overcome is the identification of cryptographic primitives in a large bitstream with unknown semantics. As the first contribution, we demonstrate that AES can be algorithmically identified in a look-up table-level design for a variety of implementation styles. Our graph-based approach considers AES implementations which are created using several synthesis and technology mapping options. As the second contribution , we present and discuss the drawbacks of a dynamic obfuscation countermeasure which allows for the configuration of certain crucial parts of a cryptographic primitive after the algorithm has been loaded into the FPGA. As a result, reverse-engineering and modifying a primitive in the bitstream is more challenging