Are Cloud FPGAs Really Vulnerable to Power Analysis Attacks?

Glamočanin, Ognjen; Coulon, Louis; Regazzoni, Francesco; Stojilović, Mirjana

doi:10.23919/date48585.2020.9116481

Cited by 55 publications

(24 citation statements)

References 9 publications

(17 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Multi-tenant power side-channel attacks have been investigated by Schellenberg et al [11] and Zhao et al [9]. A power analysis attack on an Amazon EC2 F1 instance [1] was successfully carried out by Glamočanin et al [7]. Furthermore, Ramesh et al [10] and Giechaskiel et al [8] demonstrated a crosstalkcoupling side-channel attack between the neighboring long wires of an FPGA.…”

Section: A Attacks In Multi-tenant Fpgasmentioning

confidence: 99%

X-Attack: Remote Activation of Satisfiability Don't-Care Hardware Trojans on Shared FPGAs

Mahmoud

Stojilović

2020

2020 30th International Conference on Field-Programmable Logic and Applications (FPL)

Self Cite

View full text Add to dashboard Cite

Albeit very appealing, FPGA multitenancy in the cloud computing environment is currently on hold due to a number of recently discovered vulnerabilities to side-channel attacks and covert communication. In this work, we successfully demonstrate a new attack scenario on shared FPGAs: we show that an FPGA tenant can activate a dormant hardware Trojan without any physical or logical connection to the private Trojan-infected FPGA circuit. Our victim contains a so-called satisfiability don't-care Trojan, activated by a pair of don't-care signals, which never reach the combined trigger condition under normal operation. However, once a malicious FPGA user starts to induce considerable fluctuations in the on-chip signal delaysand, consequently, the timing faults-these harmless don't-care signals take unexpected values which trigger the Trojan. Our attack model eliminates the assumption on physical access to or manipulation of the victim design. Contrary to existing fault and side-channel attacks that target unprotected cryptographic circuits, our new attack is shown effective even against provably well-protected cryptographic circuits. Besides demonstrating the attack by successfully leaking the entire cryptographic key from one unprotected and one masked AES S-box implementation, we present an efficient and lightweight countermeasure.

show abstract

Section: A Attacks In Multi-tenant Fpgasmentioning

confidence: 99%

X-Attack: Remote Activation of Satisfiability Don't-Care Hardware Trojans on Shared FPGAs

Mahmoud

Stojilović

2020

2020 30th International Conference on Field-Programmable Logic and Applications (FPL)

Self Cite

View full text Add to dashboard Cite

show abstract

Section: Introductionmentioning

confidence: 99%

“…Recent studies have revealed that field-programmable gate arrays (FPGAs) available on cloud services, such as Amazon Web Services Elastic Compute Cloud (AWS EC2), are vulnerable to remotely carried out power analysis attacks [GCRS20]. These attacks can deduce secret information, such as cryptographic keys, used in remote FPGAs by monitoring the fluctuations in dynamic power consumption of a targeted victim device [GCRS20]. In remote power analysis (RPA) attacks, an on-chip sensor that can measure the power consumption of a remote FPGA is deployed onto the targeted remote FPGA to monitor dynamic power fluctuations occurring on the FPGA.…”

Section: Introductionmentioning

confidence: 99%

Power to Pulse Width Modulation Sensor for Remote Power Analysis Attacks

Udugama

Jayasinghe²,

Saadat³

et al. 2022

TCHES

View full text Add to dashboard Cite

Field-programmable gate arrays (FPGAs) deployed on commercial cloud services are increasingly gaining popularity due to the cost and compute benefits offered by them. Recent studies have discovered security threats than can be launched remotely on FPGAs that share the logic fabric between trusted and untrusted parties, posing a danger to designs deployed on cloud FPGAs. With remote power analysis (RPA) attacks, an attacker aims to deduce secret information present on a remote FPGA by deploying an on-chip sensor on the FPGA logic fabric. Information captured with the on-chip sensor is transferred off the chip for analysis and existing on-chip sensors demand a significant amount of bandwidth for this task as a result of their wider output bit width. However, attackers are often left with the only option of using a covert communication channel and the bandwidth of such channels is generally limited. This paper proposes a novel area-efficient on-chip power sensor named PPWM that integrates a logic design outputting a pulse whose width is modulated by the power consumption of the FPGA. This pulse is used to clear a flip-flop selectively and asynchronously, and the single-bit output of the flip-flop is used to perform an RPA attack. This paper demonstrates the possibility of successfully recovering a 128-bit Advanced Encryption Standard (AES) key within 16,000 power traces while consuming just 25% of the bandwidth when compared to the state of the art. Moreover, this paper assesses the threat posed by the proposed PPWM to remote FPGAs including those that are deployed on cloud services.

show abstract

“…RPA attacks have shown to be effective on the same FPGA where multiple users share the FPGA (known as multi-tenant FPGA architectures) [18], [19]. Such multi-tenanted FPGAs are expected to be common on cloud computers in future to reduce the cost of cloud-based FPGA services [20].Therefore, cloud FPGA services, such as Amazon EC2 FPGA cloud [21] and Alibaba FPGA cloud service, where FPGA acceleration is offered as a service, are vulnerable to RPAs [22]. It is imperative that countermeasures be deployed to prevent RPA attack vulnerabilities.…”

Section: Introductionmentioning

confidence: 99%

UCloD: Small Clock Delays to Mitigate Remote Power Analysis Attacks

2021

View full text Add to dashboard Cite

This paper presents UCloD, a novel random clock delay-based robust and scalable countermeasure against recently discovered remote power analysis (RPA) attacks. UCloD deploys very small clock delays (in the picosecond range) generated using the tapped delays lines (TDLs) to mitigate RPA attacks. UCloD provides the most robust countermeasures demonstrated thus far against RPA attacks. RPA attacks use delay sensors, such as Time to Digital Converters (TDC) or Ring Oscillators (ROs) to measure voltage fluctuations occurring in power delivery networks (PDNs) of Field Programmable Gate Arrays (FPGAs). These voltage fluctuations reveal secret information, such as secret keys of cryptographic circuits. The only countermeasure proposed thus far activates ROs to consume significant power and has managed to secure Advanced Encryption Standard (AES) circuits for up to 300,000 encryptions. Using TDLs available in FPGAs, UCloD randomly varies the clock to the cryptographic circuits under attack to induce noise in the adversary's delay sensor(s). We demonstrate correlation power analysis (referred to as CPA) attack resistance of UCloD AES implementations for up to one million encryptions. Compared to an unprotected AES circuit, UCloD implementations have minimal overheads (0.2% Slice LUT overhead and 4.8% Slice register overhead for Xilinx implementations and 0.5% LogicCells overhead for Lattice Semiconductor implementations).

show abstract

Are Cloud FPGAs Really Vulnerable to Power Analysis Attacks?

Cited by 55 publications

References 9 publications

X-Attack: Remote Activation of Satisfiability Don't-Care Hardware Trojans on Shared FPGAs

X-Attack: Remote Activation of Satisfiability Don't-Care Hardware Trojans on Shared FPGAs

Power to Pulse Width Modulation Sensor for Remote Power Analysis Attacks

UCloD: Small Clock Delays to Mitigate Remote Power Analysis Attacks

Contact Info

Product

Resources

About