Secure FPGA configuration architecture preventing system downgrade

Badrignans, Benoit; Elbaz, Reouven; Torres, Lionel

doi:10.1109/fpl.2008.4629951

Cited by 22 publications

(13 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…• Only the freshest updates must be allowed to prevent an attacker from reusing old updates [46]. We have already shown that our design flow can ensure integrity, authenticity, and confidentiality for SWIP.…”

Section: A Software Updatementioning

confidence: 99%

“…Then, the server generates a challenge for which the remote server must be able to generate an appropriate response for authentication. Next, the SWIP is encrypted and packaged in such a way to ensure integrity, authenticity, confidentiality, and freshness [46]. This must be performed in such a way to minimize storage, computational overhead, and transmission overhead [47].…”

Section: A Software Updatementioning

confidence: 99%

See 1 more Smart Citation

A flexible design flow for software IP binding in commodity FPGA

Gora

Maiti

Schaumont

2009

2009 IEEE International Symposium on Industrial Embedded Systems

View full text Add to dashboard Cite

This work proposes a novel design flow for SWIP binding on a commodity FPGA platform lacking specialized hardcore security facilities. We accomplish this by leveraging the qualities of a Physical Unclonable Function (PUF) and a tight integration of hardware and software security features. A prototype implementation demonstrates our design flow's ability to successfully protect software by encryption using a 128 bit FPGA-unique key extracted from a PUF. Based on this proof of concept, a solution to perform secure remote software updates, a common challenge in embedded systems, is proposed to showcase the practicality and flexibility of the design flow.Index Terms-Design flow, firmware, field programmable gate arrays (FPGA), intellectual property, physical unclonable function, secure embedded systems, security, software binding.

show abstract

Section: A Software Updatementioning

confidence: 99%

Section: A Software Updatementioning

confidence: 99%

A flexible design flow for software IP binding in commodity FPGA

Gora

Maiti

Schaumont

2009

2009 IEEE International Symposium on Industrial Embedded Systems

View full text Add to dashboard Cite

show abstract

“…Motivated by this, Badrignans et al [11] proposed additions to the hard-coded configuration logic in order to prevent replay of old bitstreams. They use a nonce in the authentication process, in addition to a mechanism for alerting the developer of its failure.…”

Section: Related Workmentioning

confidence: 99%

A Protocol for Secure Remote Updates of FPGA Configurations

Drimer

Kühn

2009

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. We present a security protocol for the remote update of volatile FPGA configurations stored in non-volatile memory. Our approach can be implemented on existing FPGAs, as it sits entirely in user logic. Our protocol provides for remote attestation of the running configuration and the status of the upload process. It authenticates the uploading party both before initiating the upload and before completing it, to both limit a denial-of-service attack and protect the integrity of the bitstream. Encryption protects bitstream confidentiality in transit; we either decrypt it before non-volatile storage, or pass on ciphertext if the configuration logic can decrypt it. We discuss how tamper-proofing the connection between the FPGA and the non-volatile memory, as well as space for multiple bitstreams in the latter, can improve resilience against downgrading and denial-of-service attacks.

show abstract

“…Several security architectures have been proposed for satellites to remotely manage their hardware configuration from the ground station [16], and for purposes of key distribution [17] and management [18], [19], [20]. All of those works make use of cryptographic primitives such as hash functions to achieve their goals, but none of them considers the harsh environment surrounding spacecrafts and more specifically the resistance to SEUs.…”

Section: Related Workmentioning

confidence: 99%

Efficient fault tolerant SHA-2 hash functions for space applications

Juliato

Gebotys

Elbaz

2009

2009 IEEE Aerospace Conference

Self Cite

View full text Add to dashboard Cite

Abstract-Satellites are extensively used by public and private sectors to support a variety of services. Considering the cost and the strategic importance of these spacecrafts, it is fundamental to utilize strong cryptographic primitives to assure their security. However, it is of utmost importance to consider fault tolerance in their designs due to the harsh environment found in space, while keeping low area and power consumption. Therefore, this paper proposes novel fault tolerant schemes for the SHA-2 family of hash functions and analyzes their resistance to SEUs. Results obtained through FPGA implementation show that our best fault tolerant scheme for SHA-512 uses up to 32% less area and consumes up to 43% less power than the commonly used TMR technique. Moreover, its memory and registers are 435 and 175 times more resistant to SEUs than TMR. These results are crucial for supporting low area and low power fault tolerant cryptographic primitives in satellites.

show abstract

Secure FPGA configuration architecture preventing system downgrade

Cited by 22 publications

References 6 publications

A flexible design flow for software IP binding in commodity FPGA

A flexible design flow for software IP binding in commodity FPGA

A Protocol for Secure Remote Updates of FPGA Configurations

Efficient fault tolerant SHA-2 hash functions for space applications

Contact Info

Product

Resources

About