Security for volatile FPGAs

With reconfigurable devices fast becoming complete systems in their own right, interest in their security properties has increased. While research on " FPGA security " has been active since the early 2000s, few have treated the field as a whole, or framed its challenges in the context of the unique FPGA usage model and application space. This dissertation sets out to examine the role of FPGAs within a security system and how solutions to security challenges can be provided. I offer the following contributions. I motivate authenticating configurations as an additional capability to FPGA configuration logic, and then describe a flexible security protocol for remote recon-figuration of FPGA-based systems over insecure networks. Non-volatile memory devices are used for persistent storage when required, and complement the lack of features in some FPGAs with tamper proofing in order to maintain specified security properties. A unique advantage of the protocol is that it can be implemented on some existing FPGAs (i.e., it does not require FPGA vendors to add function-ality to their devices). Also proposed is a solution to the " IP distribution problem " where designs from multiple sources are integrated into a single bitstream, yet must maintain their confidentiality. I discuss the difficulty of reproducing and comparing FPGA implementation results reported in the academic literature. Concentrating on cryptographic implementations , problems are demonstrated through designing three architecture-optimized variants of the AES block cipher and analyzing the results to show that single figures of merit, namely " throughput " or " throughput per slice " , are often meaningless without the context of an application. To set a precedent for reproducibility in our field, the HDL source code, simulation testbenches and compilation instructions are made publicly available for scrutiny and reuse. Finally, I examine payment systems as ubiquitous embedded devices, and evaluate their security vulnerabilities as they interact in a multi-chip environment. Using FPGAs as an adversarial tool, a man-in-the-middle attack against these devices is demonstrated. An FPGA-based defense is also demonstrated: the first secure wired " distance bounding " protocol implementation. This is then put in the context of securing reconfigurable systems. Acknowledgments I dedicate this dissertation to my parents, Mika and Gideon, for their unconditional love and support throughout my life, and to my kind siblings Hadar and Oz, and their families. They have all seen less of me than they deserved in the past twelve years as I was …

[1]  Paul C. Kocher,et al.  Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.

[2]  Gerhard P. Hancke,et al.  Security of proximity identification systems , 2008 .

[3]  Miodrag Potkonjak,et al.  Techniques for Design and Implementation of Secure Reconfigurable PUFs , 2009, TRETS.

[4]  Kris Gaj,et al.  Fast Implementation and Fair Comparison of the Final Candidates for Advanced Encryption Standard Using Field Programmable Gate Arrays , 2001, CT-RSA.

[5]  Yvo Desmedt,et al.  Identification Tokens - or: Solving the Chess Grandmaster Problem , 1990, CRYPTO.

[6]  Tim Güneysu,et al.  Dynamic Intellectual Property Protection for Reconfigurable Devices , 2007, 2007 International Conference on Field-Programmable Technology.

[7]  Srinivas Devadas,et al.  Silicon physical random functions , 2002, CCS '02.

[8]  Jean-Jacques Quisquater,et al.  A Practical Implementation of the Timing Attack , 1998, CARDIS.

[9]  Ariel J. Feldman,et al.  Lest we remember: cold-boot attacks on encryption keys , 2008, CACM.

[10]  Jean-Jacques Quisquater,et al.  Implementation of the AES-128 on Virtex-5 FPGAs , 2008, AFRICACRYPT.

[11]  Stefan Mangard,et al.  Power analysis attacks - revealing the secrets of smart cards , 2007 .

[12]  Markus G. Kuhn,et al.  An RFID Distance Bounding Protocol , 2005, First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05).

[13]  Dakshi Agrawal,et al.  The EM Side-Channel(s) , 2002, CHES.

[14]  Francis Olivier,et al.  Electromagnetic Analysis: Concrete Results , 2001, CHES.

[15]  Kris Gaj,et al.  Very Compact FPGA Implementation of the AES Algorithm , 2003, CHES.

[16]  Peter M. Athanas,et al.  A Key Management Architecture for Securing Off-Chip Data Transfers , 2004, FPL.

[17]  Steven Trimberger Trusted Design in FPGAs , 2007, 2007 44th ACM/IEEE Design Automation Conference.

[18]  Steven J. Murdoch,et al.  Thinking Inside the Box: System-Level Failures of Tamper Proofing , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[19]  Patrick Schaumont,et al.  Offline Hardware/Software Authentication for Reconfigurable Platforms , 2006, CHES.

[20]  Marc Ebner,et al.  Evolvable Hardware , 2004, Künstliche Intell..

[21]  Saar Drimer,et al.  Volatile FPGA design security { a survey , 2008 .

[22]  Bart Preneel,et al.  Power Analysis Attacks Against FPGA Implementations of the DES , 2004, FPL.

[23]  Jelena Kovacevic,et al.  Reproducible research in signal processing , 2009, IEEE Signal Process. Mag..

[24]  Ross J. Anderson The Man-in-the-Middle Defence , 2006, Security Protocols Workshop.

[25]  Tim Good,et al.  AES on FPGA from the Fastest to the Smallest , 2005, CHES.

[26]  M. Potkonjak,et al.  FPGA fingerprinting techniques for protecting intellectual property , 1998, Proceedings of the IEEE 1998 Custom Integrated Circuits Conference (Cat. No.98CH36143).

[27]  Hervé Chabanne,et al.  Electromagnetic Side Channels of an FPGA Implementation of AES , 2004, IACR Cryptol. ePrint Arch..

[28]  Lilian Bossuet,et al.  Dynamically configurable security for SRAM FPGA bitstreams , 2004, 18th International Parallel and Distributed Processing Symposium, 2004. Proceedings..

[29]  Steven J. Murdoch,et al.  Keep Your Enemies Close: Distance Bounding Against Smartcard Relay Attacks , 2007, USENIX Security Symposium.

[30]  S. Zielinski,et al.  International Court of Justice , 2002, International Organization.

[31]  José D. P. Rolim,et al.  A Comparative Study of Performance of AES Final Candidates Using FPGAs , 2000, CHES.

[32]  Sergei Skorobogatov,et al.  Semi-invasive attacks: a new approach to hardware security analysis , 2005 .

[33]  Lars Braun,et al.  FPGA Analysis Tool: High-Level Flows for Low-Level Design Analysis in Reconfigurable Computing , 2009, ARC.

[34]  B. Preneel,et al.  Electromagnetic Analysis Attack on an FPGA Implementation of an Elliptic Curve Cryptosystem , 2005, EUROCON 2005 - The International Conference on "Computer as a Tool".

[35]  Peter Gutmann,et al.  Data Remanence in Semiconductor Devices , 2001, USENIX Security Symposium.

[36]  Jean-Didier Legat,et al.  Efficient Implementation of Rijndael Encryption in Reconfigurable Hardware: Improvements and Design Tradeoffs , 2003, CHES.

[37]  Paul J. Layzell,et al.  Analysis of unconventional evolved electronics , 1999, CACM.

[38]  Jean-Jacques Quisquater,et al.  ElectroMagnetic Analysis (EMA): Measures and Counter-Measures for Smart Cards , 2001, E-smart.

[39]  Gang Wang,et al.  Moats and Drawbridges: An Isolation Primitive for Reconfigurable Hardware Based Systems , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[40]  Tor Helleseth,et al.  Workshop on the theory and application of cryptographic techniques on Advances in cryptology , 1994 .

[41]  Mahmut T. Kandemir,et al.  Leakage Current: Moore's Law Meets Static Power , 2003, Computer.

[42]  A. Lesea,et al.  The rosetta experiment: atmospheric soft error rate testing in differing technology FPGAs , 2005, IEEE Transactions on Device and Materials Reliability.

[43]  Alessandro Trifiletti,et al.  Enhancing power analysis attacks against cryptographic devices , 2006, 2006 IEEE International Symposium on Circuits and Systems.

[44]  Markus G. Kuhn,et al.  Compromising Emanations , 2002, Encyclopedia of Cryptography and Security.

[45]  M. Kuhn,et al.  The Advanced Computing Systems Association Design Principles for Tamper-resistant Smartcard Processors Design Principles for Tamper-resistant Smartcard Processors , 2022 .

[46]  Lukás Sekanina,et al.  An Evolvable Combinational Unit for FPGAs , 2004, Comput. Artif. Intell..

[47]  Ingrid Verbauwhede,et al.  Power and Fault Analysis Resistance in Hardware through Dynamic Reconfiguration , 2008, CHES.

[48]  Saar Drimer,et al.  Authentication of FPGA Bitstreams: Why and How , 2007, ARC.

[49]  Yvo Desmedt,et al.  Cryptanalysis of UCLA Watermarking Schemes for Intellectual Property Protection , 2002, Information Hiding.

[50]  Russell Tessier,et al.  FPGA Architecture: Survey and Challenges , 2008, Found. Trends Electron. Des. Autom..

[51]  Gang Xiong,et al.  Forgery: ‘Fingerprinting’ documents and packaging , 2005, Nature.

[52]  FRANÇOIS-XAVIER STANDAERT,et al.  An Overview of Power Analysis Attacks Against Field Programmable Gate Arrays , 2006, Proceedings of the IEEE.

[53]  Brian R. Gladman A Specification for Rijndael, the AES Algorithm , 2001 .

[54]  David Naccache,et al.  Thermocommunication , 2009, IACR Cryptol. ePrint Arch..

[55]  Bart Preneel,et al.  Power Analysis of an FPGA: Implementation of Rijndael: Is Pipelining a DPA Countermeasure? , 2004, CHES.

[56]  E. J. Koops,et al.  Crypto Law Survey , 2004 .

[57]  Kris Gaj,et al.  Implementation of EAX mode of operation for FPGA bitstream encryption and authentication , 2005, Proceedings. 2005 IEEE International Conference on Field-Programmable Technology, 2005..

[58]  Patrick Schaumont,et al.  A Hardware Interface for Hashing Algorithms , 2008, IACR Cryptol. ePrint Arch..

[59]  R.K. Guy,et al.  On numbers and games , 1978, Proceedings of the IEEE.

[60]  G. Edward Suh,et al.  Physical Unclonable Functions for Device Authentication and Secret Key Generation , 2007, 2007 44th ACM/IEEE Design Automation Conference.

[61]  Bruce Schneier,et al.  Practical cryptography , 2003 .

[62]  Jürgen Teich,et al.  FPGA core watermarking based on power signature analysis , 2006, 2006 IEEE International Conference on Field Programmable Technology.

[63]  Bruce Schneier,et al.  Applied cryptography (2nd ed.): protocols, algorithms, and source code in C , 1995 .

[64]  Stamatis Vassiliadis,et al.  Reconfigurable memory based AES co-processor , 2006, Proceedings 20th IEEE International Parallel & Distributed Processing Symposium.

[65]  Mark Stephen Anderson,et al.  Towards Countering the Rise of the Silicon Trojan , 2008 .

[66]  Daniel E. Holcomb,et al.  Initial SRAM State as a Fingerprint and Source of True Random Numbers for RFID Tags , 2007 .

[67]  R. Pappu,et al.  Physical One-Way Functions , 2002, Science.

[68]  Ken Thompson,et al.  Reflections on trusting trust , 1984, CACM.

[69]  T. Kean Secure configuration of Field Programmable Gate arrays , 2001 .

[70]  Máire O'Neill,et al.  Rijndael FPGA Implementations Utilising Look-Up Tables , 2003, J. VLSI Signal Process..

[71]  Peter Gutmann,et al.  Secure deletion of data from magnetic and solid-state memory , 1996 .

[72]  Miodrag Potkonjak,et al.  Robust FPGA intellectual property protection through multiple small watermarks , 1999, DAC '99.

[73]  Jonathan Rose,et al.  Measuring the Gap Between FPGAs and ASICs , 2006, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[74]  Markus G. Kuhn,et al.  Low Cost Attacks on Tamper Resistant Devices , 1997, Security Protocols Workshop.

[75]  B. Preneel,et al.  Differential Electromagnetic Attack on an FPGA Implementation of Elliptic Curve Cryptosystems , 2006, 2006 World Automation Congress.

[76]  Milos Drutarovský,et al.  Two Methods of Rijndael Implementation in Reconfigurable Hardware , 2001, CHES.

[77]  Boris Skoric,et al.  Read-Proof Hardware from Protective Coatings , 2006, CHES.

[78]  Marten van Dijk,et al.  A technique to build a secret key in integrated circuits for identification and authentication applications , 2004, 2004 Symposium on VLSI Circuits. Digest of Technical Papers (IEEE Cat. No.04CH37525).

[79]  Eric Peeters,et al.  Updates on the Security of FPGAs Against Power Analysis Attacks , 2006, ARC.

[80]  Tom Kean,et al.  Cryptographic rights management of FPGA intellectual property cores , 2002, FPGA '02.

[81]  Jean-Baptiste Note,et al.  From the bitstream to the netlist , 2008, FPGA '08.

[82]  Gang Qu,et al.  Zero overhead watermarking technique for FPGA designs , 2003, GLSVLSI '03.

[83]  Frank K. Gürkaynak Recommendations for Hardware Evaluation of Cryptographic Algorithms , 2006 .

[84]  Tim Güneysu,et al.  DSPs, BRAMs, and a Pinch of Logic: Extended Recipes for AES on FPGAs , 2010, TRETS.

[85]  Matti Tommiska,et al.  A fully pipelined memoryless 17.8 Gbps AES-128 encryptor , 2003, FPGA '03.

[86]  Kimmo Järvinen,et al.  Comparative survey of high-performance cryptographic algorithm implementations on FPGAs , 2005 .

[87]  Steven Trimberger,et al.  Analysis of Data Remanence in a 90nm FPGA , 2007, 2007 IEEE Custom Integrated Circuits Conference.

[88]  Christof Paar,et al.  An FPGA-based performance evaluation of the AES block cipher candidate algorithm finalists , 2001, IEEE Trans. Very Large Scale Integr. Syst..

[89]  Adam Megacz,et al.  A Library and Platform for FPGA Bitstream Manipulation , 2007, 15th Annual IEEE Symposium on Field-Programmable Custom Computing Machines (FCCM 2007).

[90]  Steven J. E. Wilton,et al.  On the sensitivity of FPGA architectural conclusions to experimental assumptions, tools, and techniques , 2002, FPGA '02.

[91]  Jürgen Teich,et al.  Identifying FPGA IP-Cores Based on Lookup Table Content Analysis , 2006, 2006 International Conference on Field Programmable Logic and Applications.

[92]  Vincent Rijmen,et al.  The Design of Rijndael: AES - The Advanced Encryption Standard , 2002 .

[93]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[94]  David L. Donoho,et al.  WaveLab and Reproducible Research , 1995 .

[95]  Markus G. Kuhn,et al.  Tamper resistance: a cautionary note , 1996 .

[96]  Peter M. Athanas,et al.  A versatile framework for FPGA field updates: an application of partial self-reconfiguration , 2003, 14th IEEE International Workshop on Rapid Systems Prototyping, 2003. Proceedings..

[97]  Li Shang,et al.  Dynamic power consumption in Virtex™-II FPGA family , 2002, FPGA '02.

[98]  Jean-Jacques Quisquater,et al.  Power Analysis of FPGAs: How Practical is the Attack? , 2003, FPL.

[99]  Sergei Skorobogatov Low temperature data remanence in static RAM , 2002 .

[100]  Miodrag Potkonjak,et al.  Constraint-based watermarking techniques for design IP protection , 2001, IEEE Trans. Comput. Aided Des. Integr. Circuits Syst..

[101]  Yuanyuan Zhou,et al.  Designing and Implementing Malicious Hardware , 2008, LEET.

[102]  Delon Levi,et al.  JBits: Java based interface for reconfigurable computing , 1999 .

[103]  Lionel Torres,et al.  Secure FPGA configuration architecture preventing system downgrade , 2008, 2008 International Conference on Field Programmable Logic and Applications.

[104]  Bart Preneel,et al.  Power-Analysis Attacks on an FPGA - First Experimental Results , 2003, CHES.

[105]  Steven J. Murdoch,et al.  Optimised to Fail: Card Readers for Online Banking , 2009, Financial Cryptography.

[106]  Mike Bond,et al.  Chip and spin , 2006 .

[107]  Javier Castillo,et al.  Secure IP downloading for SRAM FPGAs , 2007, Microprocess. Microsystems.

[108]  Mihir Bellare,et al.  The EAX Mode of Operation , 2004, FSE.

[109]  Yih-Chun Hu,et al.  Wormhole attacks in wireless networks , 2006, IEEE Journal on Selected Areas in Communications.

[110]  Sofiène Tahar,et al.  IP watermarking techniques: survey and comparison , 2003, The 3rd IEEE International Workshop on System-on-Chip for Real-Time Applications, 2003. Proceedings..

[111]  G. Edward Suh,et al.  Extracting secret keys from integrated circuits , 2005, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.

[112]  Siva Sai Yerubandi,et al.  Differential Power Analysis , 2002 .

[113]  Hervé Debar,et al.  Authenticating public terminals , 1999, Comput. Networks.

[114]  Régis Leveugle,et al.  Configuration errors analysis in SRAM-based FPGAs: Software tool and practical results , 2007, Microelectron. Reliab..

[115]  Richard E. Anderson,et al.  IC Failure Analysis: Magic, Mystery, and Science , 1997, IEEE Des. Test Comput..

[116]  Ingrid Verbauwhede,et al.  Synthesis of Secure FPGA Implementations , 2004, IACR Cryptol. ePrint Arch..

[117]  Markus G. Kuhn,et al.  Attacks on time-of-flight distance bounding channels , 2008, WiSec '08.

[118]  Milind M. Parelkar,et al.  FPGA Security – Bitstream Authentication , .

[119]  Sean W. Smith,et al.  Building a high-performance, programmable secure coprocessor , 1999, Comput. Networks.

[120]  Antonino Mazzeo,et al.  An FPGA-Based Performance Analysis of the Unrolling, Tiling, and Pipelining of the AES Algorithm , 2003, FPL.

[121]  Lukás Sekanina,et al.  Towards evolvable IP cores for FPGAs , 2003, NASA/DoD Conference on Evolvable Hardware, 2003. Proceedings..

[122]  Stephen A. Benton,et al.  Physical one-way functions , 2001 .

[123]  Markus G. Kuhn,et al.  So Near and Yet So Far: Distance-Bounding Attacks in Wireless Networks , 2006, ESAS.

[124]  Kimmo Järvinen,et al.  STUDIES ON HIGH-SPEED HARDWARE IMPLEMENTATION OF CRYPTOGRAPHIC ALGORITHMS , 2008 .

[125]  Steve Kilts Control System Components , 2008 .

[126]  Markus G. Kuhn,et al.  An Asymmetric Security Mechanism for Navigation Signals , 2004, Information Hiding.

[127]  Dhiraj K. Pradhan,et al.  A Routing-Aware ILS Design Technique , 2011, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.

[128]  Mike Bond,et al.  Cryptographic Processors-A Survey , 2006, Proceedings of the IEEE.

[129]  Tim Güneysu,et al.  DSPs, BRAMs and a Pinch of Logic: New Recipes for AES on FPGAs , 2008, 2008 16th International Symposium on Field-Programmable Custom Computing Machines.

[130]  Sally Adee,et al.  The Hunt For The Kill Switch , 2008, IEEE Spectrum.

[131]  Jonathan M. Smith,et al.  FPGA Viruses , 1999, FPL.

[132]  Benjamin Gittins,et al.  A Presentation on VEST Hardware Performance, Chip Area Measurements, Power Consumption Estimates and Benchmarking in Relation to the AES, SHA-256 and SHA-512 , 2005, IACR Cryptol. ePrint Arch..

[133]  Dr Adrian Thompson,et al.  Hardware Evolution , 1998, Distinguished Dissertations.

[134]  Ingrid Verbauwhede,et al.  A 21.54 Gbits/s fully pipelined AES processor on FPGA , 2004, 12th Annual IEEE Symposium on Field-Programmable Custom Computing Machines.

[135]  Jorge Guajardo,et al.  FPGA Intrinsic PUFs and Their Use for IP Protection , 2007, CHES.

[136]  Christof Paar,et al.  Security on FPGAs: State-of-the-art implementations and attacks , 2004, TECS.

[137]  Samy Bengio,et al.  Special Uses and Abuses of the Fiat-Shamir Passport Protocol , 1987, CRYPTO.

[138]  David Chaum,et al.  Distance-Bounding Protocols (Extended Abstract) , 1994, EUROCRYPT.

[139]  Jean-Didier Legat,et al.  Compact and efficient encryption/decryption module for FPGA implementation of the AES Rijndael very well suited for small embedded applications , 2004, International Conference on Information Technology: Coding and Computing, 2004. Proceedings. ITCC 2004..

[140]  Martin Stigge,et al.  Reversing CRC { Theory and Practice , 2006 .

[141]  Markus G. Kuhn,et al.  A Protocol for Secure Remote Updates of FPGA Configurations , 2009, ARC.

[142]  J. R. Rao,et al.  The EM Side–Channel(s):Attacks and Assessment Methodologies , 2003 .

[143]  Ross J. Anderson Security engineering - a guide to building dependable distributed systems (2. ed.) , 2001 .