On the Power of Optical Contactless Probing: Attacking Bitstream Encryption of FPGAs

Modern Integrated Circuits (ICs) employ several classes of countermeasures to mitigate physical attacks. Recently, a powerful semi-invasive attack relying on optical contactless probing has been introduced, which can assist the attacker in circumventing the integrated countermeasures and probe the secret data on a chip. This attack can be mounted using IC debug tools from the backside of the chip. The first published attack based on this technique was conducted against a proof-of-concept hardware implementation on a Field Programmable Gate Array (FPGA). Therefore, the success of optical probing techniques against a real commercial device without any knowledge of the hardware implementation is still questionable. The aim of this work is to assess the threat of optical contactless probing in a real attack scenario. To this end, we conduct an optical probing attack against the bitstream encryption feature of a common FPGA. We demonstrate that the adversary is able to extract the plaintext data containing sensitive design information and intellectual property (IP). In contrast to previous optical attacks from the IC backside, our attack does not require any device preparation or silicon polishing, which makes it a non-invasive attack. Additionally, we debunk the myth that small technology sizes are unsusceptible to optical attacks, as we use an optical resolution of about 1 um to successfully attack a 28 nm device. Based on our time measurements, an attacker needs less than 10 working days to conduct the optical analysis and reverse-engineer the security-related parts of the hardware. Finally, we propose and discuss potential countermeasures, which could make the attack more challenging.

[1]  Elham Amini,et al.  STUDENT PAPER: Backside Protection Structure for Security Sensitive ICs , 2017 .

[2]  C. Boit,et al.  From IC debug to hardware security risk: The power of backside access and optical interaction , 2016, 2016 IEEE 23rd International Symposium on the Physical and Failure Analysis of Integrated Circuits (IPFA).

[3]  Jean-Pierre Seifert,et al.  PUFMon: Security monitoring of FPGAs using physically unclonable functions , 2017, 2017 IEEE 23rd International Symposium on On-Line Testing and Robust System Design (IOLTS).

[4]  Stephan Saalfeld,et al.  Globally optimal stitching of tiled 3D microscopic image acquisitions , 2009, Bioinform..

[5]  Amir Moradi,et al.  Improved Side-Channel Analysis Attacks on Xilinx Bitstream Encryption of 5, 6, and 7 Series , 2016, COSADE.

[6]  Jean-Pierre Seifert,et al.  Invasive PUF Analysis , 2013, 2013 Workshop on Fault Diagnosis and Tolerance in Cryptography.

[7]  Akashi Satoh,et al.  Electromagnetic Side-channel Attack against 28-nm FPGA Device , 2012 .

[8]  Stephen M. Trimberger,et al.  FPGA Security: Motivations, Features, and Applications , 2014, Proceedings of the IEEE.

[9]  Christof Paar,et al.  Side-channel attacks on the bitstream encryption mechanism of Altera Stratix II: facilitating black-box analysis using software reverse-engineering , 2013, FPGA '13.

[10]  Christof Paar,et al.  Black-Box Side-Channel Attacks Highlight the Importance of Countermeasures - An Analysis of the Xilinx Virtex-4 and Virtex-5 Bitstream Encryption Mechanism , 2012, CT-RSA.

[11]  Sergei Skorobogatov,et al.  Breakthrough Silicon Scanning Discovers Backdoor in Military Chip , 2012, CHES.

[12]  G. Richard Newell,et al.  Differential power analysis countermeasures for the configuration of SRAM FPGAs , 2015, MILCOM 2015 - 2015 IEEE Military Communications Conference.

[13]  John Villasenor,et al.  Chop shop electronics , 2013, IEEE Spectrum.

[14]  Ujjwal Guin,et al.  Invasion of the hardware snatchers , 2017, IEEE Spectrum.

[15]  Christof Paar,et al.  Physical Security Evaluation of the Bitstream Encryption Mechanism of Altera Stratix II and Stratix III FPGAs , 2015, TRETS.

[16]  R. Bracewell The Fourier transform. , 1989, Scientific American.

[17]  Jean-Pierre Seifert,et al.  No Place to Hide: Contactless Probing of Secret Data on FPGAs , 2016, CHES.

[18]  Alessandro Barenghi,et al.  On the vulnerability of FPGA bitstream encryption against power analysis attacks: extracting keys from xilinx Virtex-II FPGAs , 2011, CCS '11.