How Secure Are FPGAs in Cryptographic Applications?

  • Thomas Wollinger
  • Christof Paar
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2778)


The use of FPGAs for cryptographic applications is highly attractive for a variety of reasons but at the same time there are many open issues related to the general security of FPGAs. This contribution attempts to provide a state-of-the-art description of this topic. First, the advantages of reconfigurable hardware for cryptographic applications are listed. Second, potential security problems of FPGAs are described in detail, followed by a proposal of a some countermeasure. Third, a list of open research problems is provided. Even though there have been many contributions dealing with the algorithmic aspects of cryptographic schemes implemented on FPGAs, this contribution appears to be the first comprehensive treatment of system and security aspects.


cryptography FPGA security attacks reconfigurable hardware 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. AK97.
    Anderson, R.J., Kuhn, M.G.: Low Cost Attacks on Tamper Resistant Devices. In: Christianson, B., Lomas, M. (eds.) Security Protocols 1997. LNCS, vol. 1361, pp. 125–136. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  2. Alg.
    Algotronix Ltd. Method and Apparatus for Secure Configuration of a Field Programmable Gate Array. PCT Patent Application PCT/GB00/04988Google Scholar
  3. ASH+93.
    Aritome, S., Shirota, R., Hemink, G., Endoh, T., Masuoka, F.: Reliability Issues of Flash Memory Cells. Proceedings of the IEEE 81(5), 776–788 (1993)CrossRefGoogle Scholar
  4. Aus95.
    Austin, K.: Data Security Arrangements for Semicondutor Programmable Devices. United States Patent, No. 5388157 (1995)Google Scholar
  5. BDL97.
    Boneh, D., DeMillo, R.A., Lipton, R.J.: On the Importance of Checking Cryptographic Protocols for Faults. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 37–51. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  6. Dip.
    Dipert, B.: Cunning circuits confound crooks,
  7. Eri99.
    Erickson, C.R.: Configuration Stream Encryption. United States Patent, No. 5970142 (1999)Google Scholar
  8. EYCP01.
    Elbirt, A., Yip, W., Chetwynd, B., Paar, C.: An FPGA-based performance evaluation of the AES block cipher candidate algorithm finalists. IEEE Transactions on VLSI Design 9(4), 545–557 (2001)CrossRefGoogle Scholar
  9. Gut96.
    Gutmann, P.: Secure Deletion of Data from Magnetic and Solid-State Memory. In: Sixth USENIX Security Symposium, July 22-25, pp. 77–90 (1996)Google Scholar
  10. Gut01.
    Gutmann, P.: Data Remanence in Semiconductor Devices. In: 10th USENIX Security Symposium, August 13–17, pp. 39–54 (2001)Google Scholar
  11. HCSL89.
    Haddad, S., Chang, C., Swaminathan, B., Lien, J.: Degradations due to hole trapping in flash memory cells. IEEE Electron Device Letters 10(3), 117–119 (1989)CrossRefGoogle Scholar
  12. Jef02.
    Jeffrey, G.P.: Field programmable gate arrays. United States Patent, No. 6356637 (2002)Google Scholar
  13. KB00.
    Kelem, S.H., Burnham, J.L.: System and Method for PLD Bitstram Encryption. United States Patent, No. 6118868 (2000)Google Scholar
  14. Kea01.
    Kean, T.: Secure Configuration of Field Programmable Gate Arrays. In: Brebner, G., Woods, R. (eds.) FPL 2001. LNCS, vol. 2147, pp. 142–151. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  15. Kes.
    Kessner, D.: Copy Protection for SRAM based FPGA Designs,
  16. KJJ99.
    Kocher, P., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  17. KK99.
    Kommerling, O., Kuhn, M.G.: Design Principles for Tamper-Resistant Smartcard Processors. In: Smartcard 1999, May 1999, pp. 9–20 (1999)Google Scholar
  18. KKP02.
    Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.): CHES 2002. LNCS, vol. 2523. Springer, Heidelberg (2003)Google Scholar
  19. KNP01.
    Koç, Ç.K., Naccache, D., Paar, C. (eds.): CHES 2001. LNCS, vol. 2162. Springer, Heidelberg (2001)zbMATHGoogle Scholar
  20. KP99.
    Koç, Ç.K., Paar, C. (eds.): CHES 1999. LNCS, vol. 1717. Springer, Heidelberg (1999)zbMATHGoogle Scholar
  21. KP00.
    Paar, C., Koç, Ç.K. (eds.): CHES 2000. LNCS, vol. 1965. Springer, Heidelberg (2000)zbMATHGoogle Scholar
  22. PGP+91.
    Papadas, C., Ghibaudo, G., Pananakakis, G., Riva, C., Ghezzi, P., Gounelle, C., Mortini, P.: Retention characteristics of single-poly EEPROM cells. In: European Symposium on Reliability of Electron Devices, Failure Physics and Analysis, October 1991, p. 517 (1991)Google Scholar
  23. PWF+00.
    Pang, R.C., Wong, J., Frake, S.O., Sowards, J.W., Kondapalli, V.M., Goetting, F.E., Trimberger, S.M., Rao, K.K.: Nonvolatile/battery-backed key in PLD. United States Patent, No. 6366117, Novemebr 28 (2000)Google Scholar
  24. Ric98.
    Richard, G.: Digital Signature Technology Aids IP Protection. In: EETimes - News (1998),
  25. SA93.
    Soden, J., Anderson, R.E.: IC failure analysis: techniques and tools for quality and reliability improvement. Proceedings of the IEEE 81(5), 703–715 (1993)CrossRefGoogle Scholar
  26. Sch98.
    Schroder, D.K.: Semiconducor Material and Device Characterization. John Wiley and Sons, Chichester (1998)Google Scholar
  27. Sea.
    Seamann, G.: FPGA Bitstreams and Open Designs,
  28. SKM95.
    San, K.T., Kaya, C., Ma, T.P.: Effects of erase source bias on Flash EPROM device reliability. IEEE Transactions on Electron Devices 42(1), 150–159 (1995)CrossRefGoogle Scholar
  29. SW99.
    Sung, C., Wang, B.I.: Method and Apparatus for Securing Programming Data of Programmable Logic Device. United States Patent, Patent Number 5970142, June 22 (1999)Google Scholar
  30. TCH93.
    Tao, J., Cheung, N., Ho, C.: Metal Electromigration Damage Healing Under Bidirectional Current Stress. IEEE Transactions on Elecron Devices 14(12), 554–556 (1993)CrossRefGoogle Scholar
  31. vdPK90.
    van der Pol, J., Koomen, J.: Relation between the hot carrier lifetime of transistors and CMOS SRAM products. In: IRPS 1990, p. 178 (1990)Google Scholar
  32. WKM+96.
    Williams, T.W., Kapur, R., Mercer, M.R., Dennard, R.H., Maly, W.: IDDQ Testing for High Performance CMOS - The Next Ten Years. In: ED&TC 1996, pp. 578–583 (1996)Google Scholar
  33. WP03.
    Wollinger, T., Paar, C.: How Secure Are FPGAs in Cryptographic Applications (Long Version). Report 2003/119, IACR (2003),
  34. Xil.
    Xilinx Inc. Using Bitstream Encryption. Handbook of the Virtex II Platform,
  35. YN00.
    Yip, K.-W., Ng, T.-S.: Partial-Encryption Technique for Intellectual Property Protection of FPGA-based Products. IEEE Transactions on Consumer Electronics 46(1), 183–190 (2000)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2003

Authors and Affiliations

  • Thomas Wollinger
    • 1
  • Christof Paar
    • 1
  1. 1.Chair for Communication Security (COSY), Horst Görtz Institute for IT SecurityRuhr-Universität BochumGermany

Personalised recommendations