Abstract
To protect Field-Programmable Gate Array (FPGA) designs against Intellectual Property (IP) theft and related issues such as product cloning, all major FPGA manufacturers offer a mechanism to encrypt the bitstream that is used to configure the FPGA. From a mathematical point of view, the employed encryption algorithms (e.g., Advanced Encryption Standard (AES) or 3DES) are highly secure. However, it has been shown that the bitstream encryption feature of several FPGA families is susceptible to side-channel attacks based on measuring the power consumption of the cryptographic module. In this article, we present the first successful attack on the bitstream encryption of the Altera Stratix II and Stratix III FPGA families. To this end, we analyzed the Quartus II software and reverse engineered the details of the proprietary and unpublished schemes used for bitstream encryption on Stratix II and Stratix III. Using this knowledge, we demonstrate that the full 128-bit AES key of a Stratix II as well as the full 256-bit AES key of a Stratix III can be recovered by means of side-channel attacks. In both cases, the attack can be conducted in a few hours. The complete bitstream of these FPGAs that are (seemingly) protected by the bitstream encryption feature can hence fall into the hands of a competitor or criminal—possibly implying system-wide damage if confidential information such as proprietary encryption schemes or secret keys programmed into the FPGA are extracted. In addition to lost IP, reprogramming the attacked FPGA with modified code, for instance, to secretly plant a hardware Trojan, is a particularly dangerous scenario for many security-critical applications.
- AIST. 2008. Side-Channel Attack Standard Evaluation Board SASEBO-B Specification. Retrieved from http://www.risec.aist.go.jp/project/sasebo/download/SASEBO-B_Spec_Ver1.0_English.pdf.Google Scholar
- Alessandro Barenghi, Gerardo Pelosi, and Yannick Teglia. 2010. Improving first order differential power attacks through digital signal processing. In Security of Information and Networks—SIN 2010. ACM Press, New York, NY, 124--133. Google ScholarDigital Library
- Altera. 2007. Stratix II Device Handbook, Volume 1. Technical Report. Retrieved from http://www.altera.com/literature/hb/stx2/stratix2_handbook.pdf.Google Scholar
- Altera. 2008. Stratix III FPGA Development Kit. Retrieved from http://www.altera.com/products/devkits/altera/kit-siii-host.html.Google Scholar
- Altera. 2009. AN 341: Using the Design Security Feature in Stratix II and Stratix II GX Devices. Technical Report. Retrieved from http://www.altera.com/literature/an/an341.pdf.Google Scholar
- Eric Brier, Christophe Clavier, and Francis Olivier. 2004. Correlation power analysis with a leakage model. In CHES 2004 (LNCS), Vol. 3156. Springer, New York, 16--29.Google ScholarCross Ref
- Altera Corporation. 2012a. Design Security. Retrieved from http://www.altera.com/products/devices/stratix- fpgas/about/security/stx-design-security.html.Google Scholar
- Altera Corporation. 2012b. Stratix III FPGA: Lowest Power, Highest Performance 65-nm FPGA. Retrieved from http://www.altera.com/devices/fpga/stratix-fpgas/stratix-iii/st 3-index.jsp.Google Scholar
- Defense Science Board. 2011. Retrieved from http://www.acq.osd.mil/dsb/.Google Scholar
- Thomas Eisenbarth, Timo Kasper, Amir Moradi, Christof Paar, Mahmoud Salmasizadeh, and Mohammad T. Manzuri Shalmani. 2008. On the power of power analysis in the real world: A complete break of the keeloq code hopping scheme. In CRYPTO 2008 (LNCS), Vol. 5157. Springer, New York, 203--220. Google ScholarDigital Library
- Catherine H. Gebotys, C. C. Tiu, and X. Chen. 2005. A countermeasure for EM attack of a wireless PDA. In ITCC 2005, Vol. 1. IEEE Computer Society, 544--549. DOI: ieeecomputersociety.org/10.1109/ITCC.2005.6 Google ScholarDigital Library
- Hex-Rays. 2012. Homepage. Retrieved from http://www.hex-rays.com.Google Scholar
- Paul Kocher, Joshua Jaffe, and Benjamin Jun. 1999. Differential power analysis. In CRYPTO 99 (LNCS), Vol. 1666. Springer, New York, 388--397. Google ScholarDigital Library
- Ralf Krueger. 2004. Application Note XAPP766: Using High Security Features in Virtex-II Series FPGAs. Technical Report. Xilinx. Retrieved from http://www.xilinx.com/support/documentation/application_notes/x app766.pdf.Google Scholar
- LANGER EMV-Technik. 2013. Near-field Probes. Retrieved from http://www.langer-emv.de/en/products/disturbance-emission/near-field-probes/rf-1/devices-data.Google Scholar
- Stefan Mangard, Elisabeth Oswald, and Thomas Popp. 2007. Power Analysis Attacks: Revealing the Secrets of Smart Cards. Springer, New York. Google ScholarDigital Library
- Mini-Circuits. 2013. Amplifier Data Sheet. Retrieved from http://www.minicircuits.com/pdfs/ZFL-1000LN+.pdf.Google Scholar
- Amir Moradi, Alessandro Barenghi, Timo Kasper, and Christof Paar. 2011. On the vulnerability of FPGA bitstream encryption against power analysis attacks: Extracting keys from Xilinx Virtex-II FPGAs. In CCS 2011. ACM Press, New York, NY, 111--124. Google ScholarDigital Library
- Amir Moradi, Markus Kasper, and Christof Paar. 2012. Black-box side-channel attacks highlight the importance of countermeasures—An analysis of the xilinx virtex-4 and virtex-5 bitstream encryption mechanism. In CT-RSA 2012 (LNCS), Vol. 7178. Springer, New York, 1--18. Google ScholarDigital Library
- NIST. 2001a. FIPS 197 Advanced Encryption Standard (AES). Retrieved from http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf.Google Scholar
- NIST. 2001b. Recommendation for Block 2001 Edition Cipher Modes of Operation. Retrieved from http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf.Google Scholar
- On-line CRC calculation and free library. 2012. Homepage. Retrieved from http://www.lammertbies.nl/comm/info/crc-calculation.html.Google Scholar
- David Oswald and Christof Paar. 2011. Breaking mifare DESFire MF3ICD40: Power analysis and templates in the real world. In CHES 2011 (LNCS), Vol. 6917. Springer, New York, 207--222. Google ScholarDigital Library
- Thomas Plos, Michael Hutter, and Martin Feldhofer. 2008. Evaluation of side-channel preprocessing techniques on cryptographic-enabled HF and UHF RFID-tag prototypes. In RFIDSec 2008. 114--127.Google Scholar
- Sergei Skorobogatov and Christopher Woods. 2012. In the blink of an eye: There goes your AES key. Cryptology ePrint Archive, Report 2012/296. Retrieved from http://eprint.iacr.org/.Google Scholar
- Chen Wei Tseng. 2005. Lock Your Designs with the Virtex-4 Security Solution. XCell Journal. Xilinx.Google Scholar
Index Terms
- Physical Security Evaluation of the Bitstream Encryption Mechanism of Altera Stratix II and Stratix III FPGAs
Recommendations
Side-channel attacks on the bitstream encryption mechanism of Altera Stratix II: facilitating black-box analysis using software reverse-engineering
FPGA '13: Proceedings of the ACM/SIGDA international symposium on Field programmable gate arraysIn order to protect FPGA designs against IP theft and related issues such as product cloning, all major FPGA manufacturers offer a mechanism to encrypt the bitstream used to configure the FPGA. From a mathematical point of view, the employed encryption ...
On the vulnerability of FPGA bitstream encryption against power analysis attacks: extracting keys from xilinx Virtex-II FPGAs
CCS '11: Proceedings of the 18th ACM conference on Computer and communications securityOver the last two decades FPGAs have become central components for many advanced digital systems, e.g., video signal processing, network routers, data acquisition and military systems. In order to protect the intellectual property and to prevent fraud, ...
In-Package Domain-Specific ASICs for Intel® Stratix® 10 FPGAs: A Case Study of Accelerating Deep Learning Using TensorTile ASIC(Abstract Only)
FPGA '18: Proceedings of the 2018 ACM/SIGDA International Symposium on Field-Programmable Gate ArraysFPGAs or ASICs? There is a long-running debate on this. FPGAs are extremely flexible while ASICs offer top efficiency but inflexible. We believe that FPGAs and ASICs are better together, to offer both flexible and efficient solutions. We propose single-...
Comments