Proceedings ArticleDOI
Efficient and side-channel resistant authenticated encryption of FPGA bitstreams
Andrey Bogdanov,Amir Moradi,Tolga Yalcin +2 more
- pp 1-6
Reads0
Chats0
TLDR
This work proposes a new solution for authenticated encryption (AE) tailored for FPGA bitstream protection based on the recent proposal presented at DIAC'12: the AES-based authenticated encryption scheme ALE, which is at least twice more resource-efficient than the best AE modes of operation instantiated with AES.Abstract:
State-of-the-art solutions for FPGA bitstream protection rely on encryption and authentication of the bitstream to both ensure its confidentiality, thwarting unauthorized copying and reverse engineering, and prevent its unauthorized modification, maintaining a root of trust in the field. Adequate protection of the FPGA bitstream is of paramount importance to sustain the central functionality of dynamic reconfiguration in a hostile environment. In this work, we propose a new solution for authenticated encryption (AE) tailored for FPGA bitstream protection. It is based on the recent proposal presented at DIAC'12: the AES-based authenticated encryption scheme ALE. Our comparison to existing AES-based schemes reveals that ALE is at least twice more resource-efficient than the best AE modes of operation instantiated with AES. In the view of the recent successful side-channel attacks on Xilinx Virtex bitstream encryption, we investigate the possibility for side-channel resistant implementations of all these AES-based AE algorithms using state-of-the-art threshold masking techniques. Also in this side-channel resistant setting, the protected ALE design is about twice more resource-efficient than the best AE modes of operation with the same countermeasure. We conclude that the deployment of dedicated AE schemes such as ALE significantly facilitates the real-world efficiency and security of FPGA bitstream protection in practice: Not only our solution enables authenticated encryption for bitstream on low-cost FPGAs but it also aims to mitigate physical attacks which have been lately shown to undermine the security of the bitstream protection mechanisms in the field.read more
Citations
More filters
Proceedings ArticleDOI
Voltage drop-based fault attacks on FPGAs using valid bitstreams
TL;DR: This paper reveals a security vulnerability in FPGAs that allows a valid configuration to generate severe voltage fluctuations, which crashes the FPGA within a few microseconds, and analyzes its underlying mechanism.
Journal ArticleDOI
Recent Attacks and Defenses on FPGA-based Systems
Jiliang Zhang,Gang Qu +1 more
TL;DR: Field-programmable gate array (FPGA) is a kind of programmable chip that is widely used in many areas, including automotive electronics, medical devices, military and consumer electronics, and is increasingly being used in smart grids.
Journal ArticleDOI
Secure distribution infrastructure for hardware digital contents
TL;DR: This work clearly identifies the roles involved in the secure distribution process, including a trusted third-party entity, and introduces a cryptographic protocol ensuring the confidentiality and the trustworthiness of partial bitstreams dynamically downloaded to the user's device.
Proceedings ArticleDOI
A survey on security and trust of FPGA-based systems
Jiliang Zhang,Gang Qu +1 more
TL;DR: For each party involved in FPGA supply and demand, the security and trust problems they need to be aware of and the solutions that are available are shown.
Journal ArticleDOI
A Review on HT Attacks in PLD and ASIC Designs with Potential Defence Solutions
TL;DR: Based on the extensive literature survey on HTs and their countermeasure techniques, the state of the art HT prevention, detection, and diagnosis techniques are recommended to the valid stages of PLD and ASIC life cycles.
References
More filters
Book
Power Analysis Attacks: Revealing the Secrets of Smart Cards (Advances in Information Security)
TL;DR: In this paper, the authors present a comprehensive treatment of power analysis attacks and countermeasures, based on the principle that the only way to defend against such attacks is to understand them.
Proceedings ArticleDOI
OCB: a block-cipher mode of operation for efficient authenticated encryption
TL;DR: It is proved OCB secure, quantifying the adversary's ability to violate the mode's privacy or authenticity in terms of the quality of its block cipher as a pseudorandom permutation (PRP) or as a strong PRP, respectively.
ReportDOI
Recommendation for Block Cipher Modes of Operation. Methods and Techniques
TL;DR: This recommendation defines five confidentiality modes of operation for use with an underlying symmetric key block cipher algorithm: Electronic Codebook (ECB), Cipher Block Chaining (CBC), Cipher Feedback (CFB), Output Feedback (OFB), and Counter (CTR).
Book ChapterDOI
Pushing the limits: a very compact and a threshold implementation of AES
TL;DR: A very compact hardware implementation of AES-128, which requires only 2400 GE, is described, to the best of the knowledge the smallest implementation reported so far and is still susceptible to some sophisticated attacks having enough number of measurements.
Book ChapterDOI
Successfully attacking masked AES hardware implementations
TL;DR: It turns out that masking the AES S-Boxes does not prevent DPA attacks, if glitches occur in the circuit.
Related Papers (5)
Implementation of EAX mode of operation for FPGA bitstream encryption and authentication
M.M. Parelkar,Kris Gaj +1 more