Advertisement

Securely Sealing Multi-FPGA Systems

  • Tim Güneysu
  • Igor Markov
  • André Weimerskirch
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7199)

Abstract

The importance of hardware security of electronic systems is rapidly increasing due to (1) the increasing reliance of mass-produced and mission-critical systems on embedded electronics, and (2) the ever-growing supply chains that disentangle chip designers and manufacturers from OEMs. Our work shows how to dramatically reduce vulnerability to Trojan-horse injection and in-field component replacement. We propose methods to verify the authenticity and integrity of an FPGA configuration during startup and at runtime. We also developed efficient protocols for electronic sealing of a multi-FPGA system, which automatically enforces the system configuration detected upon power-up and bans further modifications.

Keywords

Authentication Scheme Mutual Authentication Trojan Horse FPGA Device Integrity Check 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    China to make foreign firms reveal secret info. Yomiuri Shimbun (September 2008), http://www.yomiuri.co.jp/dy/business/20080919TDY01306.htm
  2. 2.
    FBI Concerned About Implications of Counterfeit Cisco Gear. Slashdot (April 2008), http://hardware.slashdot.org/article.pl?sid=08/04/22/1317212
  3. 3.
    Adee, S.: The Hunt For The Kill Switch. IEEE Spectrum 45(5), 34–39 (2008)CrossRefGoogle Scholar
  4. 4.
    Altera Corporation: FPGA Design Security Solution Using MAX II Devices. White Paper, ver. 1.0 (September 2004), http://www.altera.com/literature/wp/wp_m2dsgn.pdf
  5. 5.
    Drimer, S.: Authentication of FPGA Bitstreams: Why and How. In: Diniz, P.C., Marques, E., Bertels, K., Fernandes, M.M., Cardoso, J.M.P. (eds.) ARCS 2007. LNCS, vol. 4419, pp. 73–84. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  6. 6.
    Drimer, S.: Volatile FPGA design security – a survey (v0.96) (April 2008), http://www.cl.cam.ac.uk/~sd410/papers/fpga_security.pdf
  7. 7.
    Drimer, S., Güneysu, T., Paar, C.: DSPs, BRAMs, and a pinch of logic: Extended recipes for AES on FPGAs. ACM Trans. Reconfigurable Technol. Syst. 3, 1–27 (2010), http://doi.acm.org/10.1145/1661438.1661441 CrossRefGoogle Scholar
  8. 8.
    Gross, G.: US, Canadian agencies seize counterfeit Cisco gear. The Industry Standard (2008), http://slashdot.org/article.pl?sid=08/02/29/1642221
  9. 9.
    Guajardo, J., Kumar, S.S., Schrijen, G.-J., Tuyls, P.: FPGA Intrinsic PUFs and their Use for IP Protection. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 63–80. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  10. 10.
    Güneysu, T., Möller, B., Paar, C.: Dynamic Intellectual Property Protection for Reconfigurable Devices. In: ICFPT 2007, pp. 169–176 (2007)Google Scholar
  11. 11.
    Güneysu, T.: Using Data Contention in Dual-ported Memories for Security Applications. Journal of Signal Processing Systems, 1–15 (December 30, 2010), doi:10.1007/s11265-010-0560-zGoogle Scholar
  12. 12.
    Helion Technology: Tiny Hash Core Family for Xilinx FPGA. Data Sheet (2010), http://www.heliontech.com/downloads/tiny_hash_xilinx_datasheet.pdf
  13. 13.
    Kumar, S., Guajardo, J., Maes, R., Schrijen, G., Tuyls, P.: Extended abstract: The butterfly PUF protecting IP on every FPGA. In: IEEE International Workshop on Hardware-Oriented Security and Trust (HOST 2008), pp. 67–70 (2008)Google Scholar
  14. 14.
    McEvoy, R.P., Crowe, F.M., Murphy, C.C., Marnane, W.P.: Optimisation of the SHA-2 family of hash functions on FPGAs. In: Emerging VLSI Technologies and Architectures (2006)Google Scholar
  15. 15.
    Pappu, R., Recht, B., Taylor, J., Gershenfeld, N.: Physical one-way functions. Science 297(5589), 2026–2030 (2002)CrossRefGoogle Scholar
  16. 16.
    Parelkar, M.M.: FPGA security – bitstream authentication. Tech. rep., George Mason University (2005), http://ece.gmu.edu/courses/Crypto_resources/web_resources/theses/GMU_theses/Parelkar/Parelkar_Fall_2005.pdf
  17. 17.
    Roy, J.A., Koushanfar, F., Markov, I.L.: Extended abstract: Circuit CAD tools as a security threat. In: HOST, pp. 65–66 (2008)Google Scholar
  18. 18.
    Seamann, G.: FPGA bitstreams and open designs (April 2000), http://web.archive.org/web/20050831135514/http://www.opencollector.org/news/Bitstream/
  19. 19.
    Simpson, E., Schaumont, P.: Offline Hardware/Software Authentication for Reconfigurable Platforms. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 311–323. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  20. 20.
    Trimberger, S.: Trusted design in FPGAs. In: Design Automation Conference (June 2007), http://videos.dac.com/44th/papers/1_2.pdf
  21. 21.
    Wollinger, T., Guajardo, J., Paar, C.: Security on FPGAs; state of the art implementation and attacks. In: ACM Trans. Embedded Comp. Sys., TECS (2004)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Tim Güneysu
    • 1
  • Igor Markov
    • 2
  • André Weimerskirch
    • 3
  1. 1.Horst Görtz Institute for IT-SecurityRuhr-UniversityBochumGermany
  2. 2.University of MichiganAnn ArborUSA
  3. 3.ESCRYPT Inc.Ann ArborUSA

Personalised recommendations