On the vulnerability of FPGA bitstream encryption against power analysis attacks

Moradi, Amir; Barenghi, Alessandro; Kasper, Timo; Paar, Christof

doi:10.1145/2046707.2046722

Cited by 185 publications

(90 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…As discussed in the previous section, it is prudent and reasonable to take into consideration the side-channel attacks [29,38,39,42] when designing a smartcard-based two-factor authentication scheme. In other words, the secret data stored in the card memory are assumed to be extractable when the smart card is in the hands of an attacker.…”

Section: Adversary Models For Smart-card-based Authentication and Formentioning

confidence: 99%

“…Recent studies have pointed out that the secret parameters stored in common smart cards can be extracted by side-channel attacks such as power analysis [29,38,39] or reverse engineering techniques [35,42]. Even though the card manufacturers may have considered the risks of side-channel attacks and provided countermeasures to cope with the problem, how much confidence can one have that these countermeasures residing in the card are still effective after three years of the card production and circulation?…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Offline Dictionary Attack on Password Authentication Schemes Using Smart Cards

Wang

2015

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. The design of secure and efficient smart-card-based password authentication schemes remains a challenging problem today despite two decades of intensive research in the security community, and the current crux lies in how to achieve truly two-factor security even if the smart cards can be tampered. In this paper, we analyze two recent proposals, namely, Hsieh-Leu's scheme and Wang's PSCAV scheme. We show that, under their non-tamper-resistance assumption of the smart cards, both schemes are still prone to offline dictionary attack, in which an attacker can obtain the victim's password when getting temporary access to the victim's smart card. This indicates that compromising a single factor (i.e., the smart card) of these two schemes leads to the downfall of both factors (i.e., both the smart card and the password), thereby invalidating their claim of preserving two-factor security. Remarkably, our attack on the latter protocol, which is not captured in Wang's original protocol security model, reveals a new attacking scenario and gives rise to the strongest adversary model so far. In addition, we make the first attempt to explain why smart cards, instead of common cheap storage devices (e.g., USB sticks), are preferred in most two-factor authentication schemes for security-critical applications.

show abstract

Section: Adversary Models For Smart-card-based Authentication and Formentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Offline Dictionary Attack on Password Authentication Schemes Using Smart Cards

Wang

2015

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…The circuit leakages (power consumption, EM, temperature or timing variations) which reflect the activity during the decryption are correlated with the input data to reconstruct the key value, it is called the side-channel analysis (SCA). Some successful side-channel attacks have be reported for Altera Stratix-II and Stratix-III [19], Microsemi ProASIC3 [20] and Xilinx Virtex-II [21] that used bitstream AES-128 encryption. These papers demonstrate that SCA techniques are incredibly efficient with an affordable cost.…”

Section: ) Bitstream Decryption Key Stealingmentioning

confidence: 99%

A survey on security features in modern FPGAs

Druyer

Torres

Benoit

et al. 2015

2015 10th International Symposium on Reconfigurable Communication-Centric Systems-on-Chip (ReCoSoC)

View full text Add to dashboard Cite

Abstract-Security is a major challenge for the design on FPGAs. This one applies to different levels: IP protection, information confidentiality and denial of service. To assist the application designer in this purpose, FPGA vendors provide dedicated features, which address potential security breaches of their devices. In this paper, after setting up a complete FPGA threat model, we compare relevant functionalities of the most advanced products of Altera, Microsemi and Xilinx. The goal of this paper is to evaluate whether the security features embedded on the current FPGAs address the threat model.

show abstract

“…Indeed, they work in a context of known-plaintext or know-ciphertext only. For instance, such an attack has been conducted successfully in a know-ciphertext context of FPGA bitstream decryption [19,20]. The fault injection attack can only be applied in some conditions.…”

Section: Threatsmentioning

confidence: 99%