On the vulnerability of FPGA bitstream encryption against power analysis attacks: extracting keys from xilinx Virtex-II FPGAs

Over the last two decades FPGAs have become central components for many advanced digital systems, e.g., video signal processing, network routers, data acquisition and military systems. In order to protect the intellectual property and to prevent fraud, e.g., by cloning a design embedded into an FPGA or manipulating its content, many current FPGAs employ a bitstream encryption feature. We develop a successful attack on the bitstream encryption engine integrated in the widespread Virtex-II Pro FPGAs from Xilinx, using side-channel analysis. After measuring the power consumption of a single power-up of the device and a modest amount of off-line computation, we are able to recover all three different keys used by its triple DES module. Our method allows extracting secret keys from any real-world device where the bitstream encryption feature of Virtex-II Pro is enabled. As a consequence, the target product can be cloned and manipulated at the will of the attacker since no side-channel protection was included into the design of the decryption module. Also, more advanced attacks such as reverse engineering or the introduction of hardware Trojans become potential threats. While performing the side-channel attack, we were able to deduce a hypothetical architecture of the hardware encryption engine. To our knowledge, this is the first attack against the bitstream encryption of a commercial FPGA reported in the open literature.

[1]  P ? ? ? ? ? ? ? % ? ? ? ? , 1991 .

[2]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[3]  Rodham E. Tulloss,et al.  The Test Access Port and Boundary Scan Architecture , 1990 .

[4]  Tim Güneysu,et al.  Cryptanalysis with COPACOBANA , 2008, IEEE Transactions on Computers.

[5]  Giovanni Agosta,et al.  Record Setting Software Implementation of DES Using CUDA , 2010, 2010 Seventh International Conference on Information Technology: New Generations.

[6]  Bart Preneel,et al.  Power-Analysis Attacks on an FPGA - First Experimental Results , 2003, CHES.

[7]  Christophe Clavier,et al.  Correlation Power Analysis with a Leakage Model , 2004, CHES.

[8]  Siva Sai Yerubandi,et al.  Differential Power Analysis , 2002 .

[9]  Tim Güneysu,et al.  Trojan Side-Channels: Lightweight Hardware Trojans through Side-Channel Engineering , 2009, CHES.

[10]  Bart Preneel,et al.  Power Analysis Attacks Against FPGA Implementations of the DES , 2004, FPL.

[11]  Eric Peeters,et al.  Power and electromagnetic analysis: Improved model, consequences and comparisons , 2007, Integr..

[12]  Jean-Baptiste Note,et al.  From the bitstream to the netlist , 2008, FPGA '08.

[13]  Dennis G. Abraham,et al.  Transaction Security System , 1991, IBM Syst. J..

[14]  Ralf Krueger Using High Security Features in Virtex-II Series FPGAs , 2004 .

[15]  Ieee Standard Test Access Port and Boundary-scan Architecture Ieee-sa Standards Board , 2001 .

[16]  Alessandro Barenghi,et al.  Improving first order differential power attacks through digital signal processing , 2010, SIN.

[17]  Christof Paar,et al.  On the Power of Power Analysis in the Real World: A Complete Break of the KeeLoqCode Hopping Scheme , 2008, CRYPTO.

[18]  Christof Paar,et al.  Security on FPGAs: State-of-the-art implementations and attacks , 2004, TECS.

[19]  Alessandro Barenghi,et al.  Information Leakage Discovery Techniques to Enhance Secure Chip Design , 2011, WISTP.

[20]  Saar Drimer,et al.  Security for volatile FPGAs , 2009 .