DSPs, BRAMs and a Pinch of Logic: New Recipes for AES on FPGAs

Drimer, Saar; Güneysu, Tim; Paar, Christof

doi:10.1109/fccm.2008.42

Cited by 45 publications

(59 citation statements)

References 13 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The main concepts which enable the proposed scheme are the use of a trusted third party to provide an independent metering service between IP providers, system developers and customers, and the use of the self-reconfiguring techniques of modern FPGA devices to enhance the FPGA's protection primitives. Similar protocols based on these 1556-6013/$26.00 © 2011 IEEE techniques have been proposed earlier [1], [2], but we specifically aim for a scheme which is more practical and can be deployed on currently existing devices. Moreover, our proposal allows us to enforce a "pay-per-use" licensing scheme where system developers pay a small amount to the IP provider in order to use a particular module only once, instead of a large sum to use it indefinitely.…”

Section: A Our Contributionmentioning

confidence: 99%

See 1 more Smart Citation

A Pay-per-Use Licensing Scheme for Hardware IP Cores in Recent SRAM-Based FPGAs

Maes

Schellekens

Verbauwhede

2012

IEEE Trans.Inform.Forensic Secur.

View full text Add to dashboard Cite

Abstract-Currently achievable intellectual property (IP) protection solutions for field-programmable gate arrays (FPGAs) are limited to single large "monolithic" configurations. However, the ever growing capabilities of FPGAs and the consequential increasing complexity of their designs ask for a modular development model, where individual IP cores from multiple parties are integrated into a larger system. To enable such a model, the availability of IP protection at the modular level is imperative. In this work, we propose an IP protection mechanism for FPGA designs at the level of individual IP cores, by making use of the self-reconfiguring capabilities of modern FPGAs and deploying a trusted third party to run a metering service, similar to the work of Güneysu et al. and Drimer et al. The proposed scheme makes it possible to enforce a pay-per-use licensing scheme which holds considerable advantages, both for IP core providers as well as for system integrators. Moreover, the scheme has a minimal implementation overhead and is the first of its kind to be solely based on primitives that are already available in recent commercially available FPGA devices. This allows for an immediate and feasible deployment, in contrast to earlier proposed solutions.Index Terms-Cloning, design security, field-programmable gate array (FPGA), hardware metering, intellectual property (IP) protection, reverse-engineering, soft intellectual property (IP).

show abstract

Section: A Our Contributionmentioning

confidence: 99%

“…2 2) The Core Vendor (CV): offers access to its soft IP cores, i.e., innovative logical circuits for configuration on FPGAs, by licensing other parties to use them. We focus on pay-per-use licensing schemes with technical enforcement measures.…”

Section: Parties Involvedmentioning

confidence: 99%

A Pay-per-Use Licensing Scheme for Hardware IP Cores in Recent SRAM-Based FPGAs

Maes

Schellekens

Verbauwhede

2012

IEEE Trans.Inform.Forensic Secur.

View full text Add to dashboard Cite

show abstract

“…As compared to other architectures we found that sbox in LUT proves to be most robust implementation. We make an attempt to relate our scenario with what has been published elsewhere [11], [20]. In terms of cost, the sbox in LUT consumes the maximum area followed by sbox inGF(2 4 ) and RAM respectively.…”

Section: Discussionmentioning

confidence: 99%

“…A sbox which gets faulty at lower voltage is more secure because it is more likely that some other part of the design stops working at lower voltages. Recently, few methods have been reported [20] which suggest to synthesize the bulky parts of AES like SubBytes & MixColumns into the peripherals like block RAM, DSPs etc. These methods reduce the logic utilization in the FPGA and hence are cost effective.…”

Section: B Security Evaluation Of the Three Architectures Against Dfamentioning

confidence: 99%

Security evaluation of different AES implementations against practical setup time violation attacks in FPGAs

Bhasin

Selmane

Guilley

et al. 2009

2009 IEEE International Workshop on Hardware-Oriented Security and Trust

View full text Add to dashboard Cite

Abstract-Security evaluation of various AES implementation against practical power attacks has been reported in literature. However, to the authors' knowledge, very few of the fault attacks reported on AES have been practically realized. Since sbox is a crucial element in AES, in this article, we evaluate the security of some unprotected AES implementations differing in sbox construction, targeted for FPGA. Here the faults have been generated practically by underpowering the targeted circuit. Then we correlate our results with the underlying architecture, along a methodology already suggested in other articles, albeit theoretically. We also carry out an extensive characterization of the faults, in terms of temporal localization. On the basis of our results, we reach the conclusion that the two cheaper implementations in terms of silicon area are also the more vulnerable against DFA when implemented without countermeasures.

show abstract

“…The design and presentation of our protocol was influenced by our experience with an ongoing logic-circuit implementation on a Virtex-5 evaluation board, using the publicly available AES design by Drimer et al [12].…”

Section: Discussionmentioning

confidence: 99%

A Protocol for Secure Remote Updates of FPGA Configurations

Drimer

Kühn

2009

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

Abstract. We present a security protocol for the remote update of volatile FPGA configurations stored in non-volatile memory. Our approach can be implemented on existing FPGAs, as it sits entirely in user logic. Our protocol provides for remote attestation of the running configuration and the status of the upload process. It authenticates the uploading party both before initiating the upload and before completing it, to both limit a denial-of-service attack and protect the integrity of the bitstream. Encryption protects bitstream confidentiality in transit; we either decrypt it before non-volatile storage, or pass on ciphertext if the configuration logic can decrypt it. We discuss how tamper-proofing the connection between the FPGA and the non-volatile memory, as well as space for multiple bitstreams in the latter, can improve resilience against downgrading and denial-of-service attacks.

show abstract

DSPs, BRAMs and a Pinch of Logic: New Recipes for AES on FPGAs

Cited by 45 publications

References 13 publications

A Pay-per-Use Licensing Scheme for Hardware IP Cores in Recent SRAM-Based FPGAs

A Pay-per-Use Licensing Scheme for Hardware IP Cores in Recent SRAM-Based FPGAs

Security evaluation of different AES implementations against practical setup time violation attacks in FPGAs

A Protocol for Secure Remote Updates of FPGA Configurations

Contact Info

Product

Resources

About