Bitstream Fault Injections (BiFI)–Automated Fault Attacks Against SRAM-Based FPGAs

Swierczynski, Pawel; Becker, Georg T.; Moradi, Amir; Paar, Christof

doi:10.1109/tc.2016.2646367

Cited by 44 publications

(36 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Moreover, virtualization techniques for FPGAs need to provide security not only for network and memory access but also for the compute substrate itself, as it opens up to new types of attacks. For example, a malicious bitstream can potentially damage an FPGA [85] or crash the system until power cycle reset [86] or perform a side channel attack [87], [88]. To mitigate these types of attacks, FPGA specific solutions need to be designed (e.g., a configuration controller to identify and block malicious bitstreams).…”

Section: Trends and Future Directionsmentioning

confidence: 99%

A Survey on FPGA Virtualization

Vaishnav

Pham

Koch

2018

2018 28th International Conference on Field Programmable Logic and Applications (FPL)

View full text Add to dashboard Cite

FPGA accelerators are being applied in various types of systems ranging from embedded systems to cloud computing for their high performance and energy efficiency. Given the scale of deployment, there is a need for efficient application development, resource management, and scalable systems, which make FPGA virtualization extremely important. Consequently, FPGA virtualization methods and hardware infrastructures have frequently been proposed in both academia and industry for addressing multi-tenancy execution, multi-FPGA acceleration, flexibility, resource management and security. In this survey, we identify and classify the various techniques and approaches into three main categories: 1) Resource level, 2) Node level, and 3) Multi-node level. In addition, we identify current trends and developments and highlight important future directions for FPGA virtualization which require further work.

show abstract

Section: Trends and Future Directionsmentioning

confidence: 99%

A Survey on FPGA Virtualization

Vaishnav

Pham

Koch

2018

2018 28th International Conference on Field Programmable Logic and Applications (FPL)

View full text Add to dashboard Cite

show abstract

“…If no proper integrity checking mechanism is implemented for the encrypted bitstreams, bitstreams are vulnerable to fault injections as well, as the adversary can flip any arbitrary bits of the bitstream to inject a fault into the computation of the application [80]. Moreover, BBRAMs and eFuses of SRAM-based FPGAs, as well as flash memory of CPLDs and flash-based FPGAs could be vulnerable to semi-and fully-invasive attacks [88].…”

Section: Problem Statementmentioning

confidence: 99%

On the Physical Security of Physically Unclonable Functions

Tajik

2019

T-Labs Series in Telecommunication Services

View full text Add to dashboard Cite

“…The power-up configuration process associated with fielded systems first determines whether the external bitstream includes an encrypted-bitstream indicator, and if so, decrypts the bitstream using cipher block chaining (CBC) mode of AES. To prevent fault injection attacks [5], Xilinx authenticates configuration data as it is loaded. In particular, a 256-bit keyed hashed message authentication code (HMAC) of the bitstream is computed, using SHA-256 to detect tamper and to authenticate the sender of the bitstream.…”

Section: Overview Of a Secure Boot Under Xilinxmentioning

confidence: 99%

“…For example, a technique that manipulates cryptographic components embedded in the bitstream as a strategy to extract secret keys is described in [4]. A fault injection attack on an FPGA bitstream is described in [5] to accomplish the same goal, where faulty cipher texts are generated by fault injection and then used to recover the keys. A hardware Trojan insertion strategy is described in [6] that is designed to weaken FPGA-embedded cryptographic engines.…”

Section: Introductionmentioning

confidence: 99%

An Autonomous, Self-Authenticating, and Self-Contained Secure Boot Process for Field-Programmable Gate Arrays

et al. 2018

View full text Add to dashboard Cite

Secure booting within a field-programmable gate array (FPGA) environment is traditionally implemented using hardwired embedded cryptographic primitives and non-volatile memory (NVM)-based keys, whereby an encrypted bitstream is decrypted as it is loaded from an external storage medium, e.g., Flash memory. A novel technique is proposed in this paper that self-authenticates an unencrypted FPGA configuration bitstream loaded into the FPGA during the start-up. The internal configuration access port (ICAP) interface is accessed to read out configuration information of the unencrypted bitstream, which is then used as input to a secure hash function SHA-3 to generate a digest. In contrast to conventional authentication, where the digest is computed and compared with a second pre-computed value, we use the digest as a challenge to a hardware-embedded delay physical unclonable function (PUF) called HELP. The delays of the paths sensitized by the challenges are used to generate a decryption key using the HELP algorithm. The decryption key is used in the second stage of the boot process to decrypt the operating system (OS) and applications. It follows that any type of malicious tampering with the unencrypted bitstream changes the challenges and the corresponding decryption key, resulting in key regeneration failure. A ring oscillator is used as a clock to make the process autonomous (and unstoppable), and a novel on-chip time-to-digital-converter is used to measure path delays, making the proposed boot process completely self-contained, i.e., implemented entirely within the re-configurable fabric and without utilizing any vendor-specific FPGA features. Cryptography 2018, 2, 15 2 of 17Modern FPGAs provide on-chip battery-backed random-access memory (RAM) or E-Fuses for the storage of a decryption key, which is used by vendor-embedded encryption hardware functions, e.g., the Advanced Encryption Standard (AES), within the FPGA in order to decrypt the bitstream as it is read from the external NVM during the boot process [1]. Recent attack mechanisms have been shown to read out embedded keys, and therefore on-chip key storage threatens the security of the boot process [2].In this paper, we propose a physical unclonable function (PUF)-based key generation strategy that addresses the vulnerability of on-chip key storage. Moreover, the proposed secure boot technique is self-contained, in that none of the FPGA-embedded security primitives or FPGA clocking resources are utilized. We refer to the system as Bullet-Proof Boot for FPGAs (BulletProoF). BulletProoF uses a PUF implemented in the programmable logic (PL) side of an FPGA to generate the decryption key at boot time, and then uses the key for decrypting an off-chip NVM-stored second stage boot image. The second stage boot image contains PL components as well as software components, such as an operating system and applications. BulletProoF decrypts and programs the PL components directly into those portions of the PL side that are not occupied by BulletProoF using dynamic partial...

show abstract

Bitstream Fault Injections (BiFI)–Automated Fault Attacks Against SRAM-Based FPGAs

Cited by 44 publications

References 18 publications

A Survey on FPGA Virtualization

A Survey on FPGA Virtualization

On the Physical Security of Physically Unclonable Functions

An Autonomous, Self-Authenticating, and Self-Contained Secure Boot Process for Field-Programmable Gate Arrays

Contact Info

Product

Resources

About