Detecting power attacks on reconfigurable hardware

Masle, Adrien Le; Luk, Wayne

doi:10.1109/fpl.2012.6339235

Cited by 18 publications

(13 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…2) Potential use-cases: RO-based sensors have been widely adopted for voltage and temperature monitoring [11], attack detection [23] and more recently side-channel attacks [8]. Our novel RO-based sensor has been shown suitable for statistical side-channel attacks and could be used to improve the previous applications.…”

Section: B Side-channel Resultsmentioning

confidence: 99%

“…Hence, it provides an image of the power supply consumption. To enable the measurement of the RO oscillation frequency, designers commonly adopt digital counters [8,23]. A counter C RO is connected to the RO output: it is incremented by the RO oscillations and is read out by a register at a fixed sampling frequency f s .…”

Section: Delay Sensors: Ring Oscillator Based Sensormentioning

confidence: 99%

“…Several RO-based sensors downsides recently pushed designers to adopt TDC-based sensors for side-channel purposes instead [12,22]. This mainly comes from the fact that the RObased sensors struggle to provide reliable measurements when their sampling rate exceeds 8 MS/s [8,23,12]. This limitation comes from three major factors:…”

Section: A Ro-based Sensors Downsidesmentioning

confidence: 99%

See 2 more Smart Citations

High-Speed Ring Oscillator based Sensors for Remote Side-Channel Attacks on FPGAs

Gravellier

Dutertre

Téglia

et al. 2019

2019 International Conference on ReConFigurable Computing and FPGAs (ReConFig)

View full text Add to dashboard Cite

FPGAs have been widely adopted in cloud datacenters and System-on-Chip for hardware acceleration purposes during the past few years. For flexibility and efficiency reasons, cloud FPGA fabrics are likely to be shared between multiple users. Despite the logical isolation suggested to protect each tenant, multiuser FPGA environment raises crucial questions about the potential security threats that it may represent. Recently, a series of papers demonstrated that a malicious user could be able to use its rented logic to perform remote sidechannel and fault attacks on other user assets located inside the fabric or in the surrounding chips. In this paper, we present a novel implementation method for ring oscillator based voltage sensors that enables runtime supply voltage fluctuation measurement. Considering a multiuser FPGA cloud scenario, we evaluate our sensor performances for side-channel purposes by performing CPA attacks against a hardware AES module instantiated within the same FPGA fabric. Then, we compare our results with existing voltage sensors and also demonstrate that, when calibrated, our sensors can provide results similar to traditional electromagnetic side-channel setups.

show abstract

Section: B Side-channel Resultsmentioning

confidence: 99%

Section: Delay Sensors: Ring Oscillator Based Sensormentioning

confidence: 99%

Section: A Ro-based Sensors Downsidesmentioning

confidence: 99%

See 1 more Smart Citation

High-Speed Ring Oscillator based Sensors for Remote Side-Channel Attacks on FPGAs

Gravellier

Dutertre

Téglia

et al. 2019

2019 International Conference on ReConFigurable Computing and FPGAs (ReConFig)

View full text Add to dashboard Cite

show abstract

“…Thus it is better suited for sensing static effects or slow transients. By combining multiple oscillators, it may be feasible to achieve rates such as 8MSPS [15], but a sample period of 125ns is still far too slow for detecting and reacting to nanosecond-scale effects.…”

Section: Related Workmentioning

confidence: 99%

Sensing nanosecond-scale voltage attacks and natural transients in FPGAs

Zick

Srivastav

Zhang

et al. 2013

Proceedings of the ACM/SIGDA International Symposium on Field Programmable Gate Arrays

View full text Add to dashboard Cite

Voltage noise not only detracts from reliability and performance, but has been used to attack system security. Most systems are completely unaware of fluctuations occurring on nanosecond time scales. This paper quantifies the threat to FPGA-based systems and presents a solution approach. Novel measurements of transients on 28nm FPGAs show that extreme activity in the fabric can cause enormous undershoot and overshoot, more than 10× larger than what is allowed by the specification. An existing voltage sensor is evaluated and shown to be insufficient. Lastly, a sensor design using reconfigurable logic is presented; its timeto-digital converter enables sample rates 500× faster than the 28nm Xilinx ADC. This enables quick characterization of transients that would normally go undetected, thereby providing potentially useful data for system optimization and helping to defend against supply voltage attacks.

show abstract

“…This method was shown to be susceptible to power analysis attacks when used without countermeasures [6]. There are many proposed countermeasures against power analysis attacks in FPGAs, one example is the system proposed in [7], where an internal circuitry is used to monitor the power supply voltage to detect possible insertion of power measurement circuits onto the device's power rail. Another solution is proposed in [8].…”

Section: Introductionmentioning

confidence: 98%

A platform for secure IP integration in Xilinx Virtex FPGAs

Ebrahim

Benkrid

Khalifat

et al. 2013

2013 International Conference on Reconfigurable Computing and FPGAs (ReConFig)

View full text Add to dashboard Cite

Advancements in silicon, software and IP support have made Field Programmable Gate Arrays (FPGAs) a highly flexible solution for many applications. With the growing number of companies providing IP support for FPGAs, IP license violations by over-deployment of IP into more devices than originally licensed remains a major concern for IP owners. In this paper we present a solution for secure IP exchange and configuration based on the Dynamic Partial Reconfiguration (DPR) feature in Xilinx FPGAs. Our system deploys DPR to integrate encrypted hard-macro IP cores into identifiable FPGA devices. These IP cores are configured using a proposed partial bitstream relocation technique to allow for a flexible design flow. We present a proof-of-concept implementation of a secure internal reconfiguration engine on a Xilinx Virtex-6 FPGA.

show abstract

Detecting power attacks on reconfigurable hardware

Cited by 18 publications

References 5 publications

High-Speed Ring Oscillator based Sensors for Remote Side-Channel Attacks on FPGAs

High-Speed Ring Oscillator based Sensors for Remote Side-Channel Attacks on FPGAs

Sensing nanosecond-scale voltage attacks and natural transients in FPGAs

A platform for secure IP integration in Xilinx Virtex FPGAs

Contact Info

Product

Resources

About