Abstract
Many Field-Programmable Gate Array (FPGA) based systems utilize third-party intellectual property (IP) in their development. When they are deployed in non-networked environments, the question raises how this IP can be protected against non-authorized use. We describe an offline authentication scheme for IP modules. The scheme implements mutual authentication of the IP modules and the hardware platform, and enables us to provide authentication and integrity assurances to both the system developer and IP provider. Compared to the Trusted Computing Platform’s approach to hardware, software authentication, our solution is more lightweight and tightly integrates with existing FPGA security features. We are able to demonstrate an implementation of the authentication scheme that requires a symmetric cipher and a Physically Unclonable Function (PUF). In addition to the low hardware requirements, our implementation does not require any on-chip, non-volatile storage.
Keywords
- System Developer
- Authentication Scheme
- Mutual Authentication
- Trust Platform Module
- Physically Unclonable Function
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
Chapter PDF
References
Moyer, B.: Using softcore-based FPGAs to balance hardware/software needs in a multicore design. Embedded System Design Magazine (2006)
Feng, J.: FPGA design security. ECN Magazine, 23–24 (2006)
Inc., X.: Using bitstream encryption. Handbook of the Virtex II Platform (2003)
Gassend, B.: Physical Random Functions. Master’s thesis, Massachusetts Institute of Technology (2003)
Suh, G.E., O’Donnell, C.W., Sachdev, I., Devadas, S.: Design and Implementation of the AEGIS Single-Chip Secure Processor Using Physical Random Functions. SIGARCH Comput. Archit. News 33, 25–36 (2005)
Kahng, A.B., Lach, J., Mangione-Smith, W.H., Mantik, S., Markov, I.L., Potkonjak, M., Tucker, P., Wang, H., Wolfe, G.: Watermarking techniques for intellectual property protection. In: Design Automation Conference, pp. 776–781 (1998)
Feige, U., Fiat, A., Shamir, A.: Zero-knowledge proofs of identity. J. Cryptol. 1, 77–94 (1988)
Bellare, M., Palacio, A.: Gq and schnorr identification schemes: Proofs of security against impersonation under active and concurrent attacks. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 162–177. Springer, Heidelberg (2002)
Otway, D., Rees, O.: Efficient and timely mutual authentication. Operating Systems Review 21, 8–10 (1987)
Schaumont, P., Ching, D.: GEZEL homepage (2006), http://rijndael.ece.vt.edu/gezel2
Cohen, B., Laurie, B.: AES-Hash. NIST: Modes of Operation for Symmetric Key Block Ciphers (2001)
Group, T.C.: TCG Specification Architecture Overview (2004)
DoCoMo, N.: IBM, Corporation, I.: Trusted Mobile Platform Hardware Architecture Description (2004)
Kuhn, U., Kursawe, K., Lucks, S., Sadeghi, A.R., Stuble, C.: Secure Data Management in Trusted Computing. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 324–338. Springer, Heidelberg (2005)
Khan, M., Seifert, J., Wheeler, D.M., Brizek, J.P.: A platform-level trust-architecture for hand-held devices. In: Cryptographic Advances in Secure Hardware (CRASH 2005) (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Simpson, E., Schaumont, P. (2006). Offline Hardware/Software Authentication for Reconfigurable Platforms. In: Goubin, L., Matsui, M. (eds) Cryptographic Hardware and Embedded Systems - CHES 2006. CHES 2006. Lecture Notes in Computer Science, vol 4249. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11894063_25
Download citation
DOI: https://doi.org/10.1007/11894063_25
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-46559-1
Online ISBN: 978-3-540-46561-4
eBook Packages: Computer ScienceComputer Science (R0)