Security Trends for FPGAS

This book is designed for all those who would like to upgrade their knowledge in the field of security and digital platforms including reconfigurable FPGAs. It is the result of a national project (ICTER) funded by the French National Research Agency (ANR) and involving four research centers (Montpellier, Paris, Lorient, Saint-Etienne) and a private company. This book details several solutions for secure application execution and application update. It presents an analysis of current threats against embedded systems and especially FPGAs. The discussion includes requirements to build a secure system, according to the FIPS standard. New secure schemes are proposed to ensure data confidentiality, integrity and authentication. These new schemes fit the tight requirements of embedded systems (performance, memory footprint, logic area and energy consumption). The cost of different architectures for performance, memory, and energy are estimated. Innovative solutions for remote reconfigurations are also detailed, taking into account security when downloading a new bitstream. Since the replay of an old bitstream in the field is a major threat for embedded systems, this issue is discussed and an original solution proposed. * Proposes solutions at the logical, architecture and system levels in order to provide a global solution * Clearly defines the security boundaries for a system * Describes different hierarchical levels of a design, from application to technological levels

[1]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[2]  Mohamed I. Elmasry,et al.  Modeling and comparing CMOS implementations of the C-element , 1998, IEEE Trans. Very Large Scale Integr. Syst..

[3]  Pankaj Rohatgi,et al.  Towards Sound Approaches to Counteract Power-Analysis Attacks , 1999, CRYPTO.

[4]  Jean-Luc Danger,et al.  Power Modelling in Field Programmable Gate Arrays (FPGA) , 1999, FPL.

[5]  L. Goubin,et al.  DES and Differential Power Analysis , 1999 .

[6]  Thomas S. Messerges,et al.  Securing the AES Finalists Against Power Analysis Attacks , 2000, FSE.

[7]  Thomas S. Messerges,et al.  Using Second-Order Power Analysis to Attack DPA Resistant Software , 2000, CHES.

[8]  Christophe Giraud,et al.  An Implementation of DES and AES, Secure against Some Attacks , 2001, CHES.

[9]  Jovan Dj. Golic,et al.  Multiplicative Masking and Power Analysis of AES , 2002, CHES.

[10]  Elena Trichina,et al.  Simplified Adaptive Multiplicative Masking for AES , 2002, CHES.

[11]  Sergio D'Angelo,et al.  A fault injection tool for SRAM-based FPGAs , 2003, 9th IEEE On-Line Testing Symposium, 2003. IOLTS 2003..

[12]  Mark Horowitz,et al.  Implementing an untrusted operating system on trusted hardware , 2003, SOSP '03.

[13]  Johannes Blömer,et al.  Provably Secure Masking of AES , 2004, IACR Cryptol. ePrint Arch..

[14]  Ingrid Verbauwhede,et al.  A logic level design methodology for a secure DPA resistant ASIC or FPGA implementation , 2004, Proceedings Design, Automation and Test in Europe Conference and Exhibition.

[15]  Ingrid Verbauwhede,et al.  Place and Route for Secure Standard Cell Design , 2004, CARDIS.

[16]  Alessandro Trifiletti,et al.  A Power Consumption Randomization Countermeasure for DPA-Resistant Cryptographic Processors , 2004, PATMOS.

[17]  Bart Preneel,et al.  Power Analysis of an FPGA: Implementation of Rijndael: Is Pipelining a DPA Countermeasure? , 2004, CHES.

[18]  David A. Wagner,et al.  Towards Efficient Second-Order Power Analysis , 2004, CHES.

[19]  R. Menicocci,et al.  Universal masking on logic gate level , 2004 .

[20]  Sylvain Guilley,et al.  The "Backend Duplication" Method , 2005, CHES.

[21]  Patrick Schaumont,et al.  Prototype IC with WDDL and Differential Routing - DPA Resistance Assessment , 2005, CHES.

[22]  Eric Peeters,et al.  Improved Higher-Order Side-Channel Attacks with FPGA Experiments , 2005, CHES.

[23]  Vincent Rijmen,et al.  A Side-Channel Analysis Resistant Description of the AES S-Box , 2005, FSE.

[24]  Clemens Fruhwirth,et al.  New Methods in Hard Disk Encryption , 2005 .

[25]  Christof Paar,et al.  A Stochastic Model for Differential Side Channel Cryptanalysis , 2005, CHES.

[26]  Manuel Blum,et al.  Checking the correctness of memories , 2005, Algorithmica.

[27]  Wieland Fischer,et al.  Masking at Gate Level in the Presence of Glitches , 2005, CHES.

[28]  Stefan Mangard,et al.  Side-Channel Leakage of Masked CMOS Gates , 2005, CT-RSA.

[29]  Stefan Mangard,et al.  Masked Dual-Rail Pre-charge Logic: DPA-Resistance Without Routing Constraints , 2005, CHES.

[30]  Zhimin Chen,et al.  Dual-Rail Random Switching Logic: A Countermeasure to Reduce Side Channel Leakage , 2006, CHES.

[31]  Lionel Torres,et al.  A Comparison of Two Approaches Providing Data Encryption and Authentication on a Processor Memory Bus , 2006, PATMOS.

[32]  Daisuke Suzuki,et al.  Security Evaluation of DPA Countermeasures Using Dual-Rail Pre-charge Logic Style , 2006, CHES.

[33]  Sylvain Guilley,et al.  FASE: An Open Run-Time Reconfigurable FPGA Architecture for Tamper-Resistant and Secure Embedded Systems , 2006, 2006 IEEE International Conference on Reconfigurable Computing and FPGA's (ReConFig 2006).

[34]  Moti Yung,et al.  A Unified Framework for the Analysis of Side-Channel Key Recovery Attacks (extended version) , 2009, IACR Cryptol. ePrint Arch..

[35]  Vincent Rijmen,et al.  Threshold Implementations Against Side-Channel Attacks and Glitches , 2006, ICICS.

[36]  Lionel Torres,et al.  A parallelized way to provide data encryption and integrity checking on a processor-memory bus , 2006, 2006 43rd ACM/IEEE Design Automation Conference.

[37]  Jean-Jacques Quisquater,et al.  FPGA Implementations of the DES and Triple-DES Masked Against Power Analysis Attacks , 2006, 2006 International Conference on Field Programmable Logic and Applications.

[38]  Thomas Zefferer,et al.  Evaluation of the Masked Logic Style MDPL on a Prototype Chip , 2007, CHES.

[39]  Philippe Maurine,et al.  Analysis and Improvement of Dual Rail Logic as a Countermeasure Against DPA , 2007, PATMOS.

[40]  Patrick Schaumont,et al.  Masking and Dual-Rail Logic Don't Add Up , 2007, CHES.

[41]  Lionel Torres,et al.  TEC-Tree: A Low-Cost, Parallelizable Tree for Efficient Defense Against Memory Replay Attacks , 2007, CHES.

[42]  Jonathan Rose,et al.  Measuring the Gap Between FPGAs and ASICs , 2007, IEEE Trans. Comput. Aided Des. Integr. Circuits Syst..

[43]  Mike Hendry Multi-application Smart Cards: Technology and Applications , 2007 .

[44]  Sylvain Guilley,et al.  Place-and-route impact on the security of DPL designs in FPGAs , 2008, 2008 IEEE International Workshop on Hardware-Oriented Security and Trust.

[45]  Ingrid Verbauwhede,et al.  Power and Fault Analysis Resistance in Hardware through Dynamic Reconfiguration , 2008, CHES.

[46]  Guido Bertoni,et al.  Security Evaluation of WDDL and SecLib Countermeasures against Power Attacks , 2008, IEEE Transactions on Computers.

[47]  Daisuke Suzuki,et al.  An Analysis of Leakage Factors for Dual-Rail Pre-Charge Logic Style , 2008, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[48]  Vincent Rijmen,et al.  Secure Hardware Implementation of Non-linear Functions in the Presence of Glitches , 2009, ICISC.

[49]  Saar Drimer,et al.  Volatile FPGA design security { a survey , 2008 .

[50]  Bart Preneel,et al.  Mutual Information Analysis , 2008, CHES.

[51]  Mario Kirschbaum,et al.  Evaluation of a DPA-Resistant Prototype Chip , 2009, 2009 Annual Computer Security Applications Conference.

[52]  Bart Preneel,et al.  Revisiting Higher-Order DPA Attacks: Multivariate Mutual Information Analysis. , 2009 .

[53]  Sylvain Guilley,et al.  Combined SCA and DFA Countermeasures Integrable in a FPGA Design Flow , 2009, 2009 International Conference on Reconfigurable Computing and FPGAs.

[54]  Sylvain Guilley,et al.  Overview of Dual rail with Precharge logic styles to thwart implementation-level attacks on hardware cryptoprocessors , 2009, 2009 3rd International Conference on Signals, Circuits and Systems (SCS).

[55]  Sylvain Guilley,et al.  WDDL is Protected against Setup Time Violation Attacks , 2009, 2009 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC).

[56]  Sylvain Guilley,et al.  Successful attack on an FPGA-based WDDL DES cryptoprocessor without place and route constraints , 2009, 2009 Design, Automation & Test in Europe Conference & Exhibition.

[57]  François-Xavier Standaert Secure and Efficient Implementation of Symmetric Encryption Schemes using FPGAs , 2009, Cryptographic Engineering.

[58]  William P. Marnane,et al.  Isolated WDDL: A Hiding Countermeasure for Differential Power Analysis on FPGAs , 2009, TRETS.

[59]  Sylvain Guilley,et al.  Exploiting Dual-Output Programmable Blocks to Balance Secure Dual-Rail Logics , 2010, Int. J. Reconfigurable Comput..

[60]  François-Xavier Standaert,et al.  Fresh Re-keying: Security against Side-Channel and Fault Attacks for Low-Cost Devices , 2010, AFRICACRYPT.

[61]  Lionel Torres,et al.  SARFUM: Security Architecture for Remote FPGA Update and Monitoring , 2010, TRETS.

[62]  Markus Kasper,et al.  The World is Not Enough: Another Look on Second-Order DPA , 2010, IACR Cryptol. ePrint Arch..

[63]  Sylvain Guilley,et al.  Entropy-based power attack , 2010, 2010 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST).

[64]  Sylvain Guilley,et al.  Fault Injection Resilience , 2010, 2010 Workshop on Fault Diagnosis and Tolerance in Cryptography.

[65]  Sylvain Guilley,et al.  Unrolling Cryptographic Circuits: A Simple Countermeasure Against Side-Channel Attacks , 2010, CT-RSA.

[66]  Pascal Benoit,et al.  Investigation of a Masking Countermeasure against Side-Channel Attacks for RISC-based Processor Architectures , 2010, 2010 International Conference on Field Programmable Logic and Applications.

[67]  Sylvain Guilley,et al.  Leakage Squeezing Countermeasure against High-Order Attacks , 2011, WISTP.