FPGA Side Channel Attacks without Physical Access

Ramesh, Chethan; Patil, Shivukumar B.; Dhanuskodi, Siva Nishok; Provelengios, George; Pillement, Sébastien; Holcomb, Daniel; Tessier, Russell

doi:10.1109/fccm.2018.00016

Cited by 102 publications

(52 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Schellenberg et al [2] and Zhao et al [3], followed by demonstrating a multi-tenant power sidechannel attack. Ramesh et al [4] and Giechaskiel et al [5] demonstrated a side-channel attack leveraging the crosstalk effects between the neighboring long wires of the FPGA. Our work differs from these in that we use the voltage-drop attack with the aim to cause timing constraints violations.…”

Section: Related Workmentioning

confidence: 99%

Timing Violation Induced Faults in Multi-Tenant FPGAs

Mahmoud

Stojilović

2019

2019 Design, Automation &Amp; Test in Europe Conference &Amp; Exhibition (DATE)

View full text Add to dashboard Cite

FPGAs have made their way into the cloud, allowing users to gain remote access to the state-of-the-art reconfigurable fabric and implement their custom accelerators. Since FPGAs are large enough to accommodate multiple independent designs, the multi-tenant user scenario may soon be prevalent in cloud computing environments. However, shared use of an FPGA raises security concerns. Recently discovered hardware Trojans for use in multi-tenant FPGA settings target denial-of-service attacks, power side-channel attacks, and crosstalk side-channel attacks. In this work, we present an attack method for causing timingconstraints violation in the multi-tenant FPGA setting. This type of attack is very dangerous as the consequences of timing faults are temporary errors, which are often impossible to notice. We demonstrate the attack on a set of self-timed true random number generators (STRNGs), frequently used in cryptographic applications. When the attack is launched, the STRNG outputs become biased and fail randomness tests. However, after the attack, STRNGs recover and continue generating random bits.

show abstract

Section: Related Workmentioning

confidence: 99%

Timing Violation Induced Faults in Multi-Tenant FPGAs

Mahmoud

Stojilović

2019

2019 Design, Automation &Amp; Test in Europe Conference &Amp; Exhibition (DATE)

View full text Add to dashboard Cite

show abstract

“…A power analysis attack on an Amazon EC2 F1 instance [1] was successfully carried out by Glamočanin et al [7]. Furthermore, Ramesh et al [10] and Giechaskiel et al [8] demonstrated a crosstalkcoupling side-channel attack between the neighboring long wires of an FPGA. Mahmoud et al used ring oscillators (ROs) to bias the output of a colocated true random number generator [6].…”

Section: A Attacks In Multi-tenant Fpgasmentioning

confidence: 99%

“…At the same time, partial reconfiguration enables temporal and spatial multiplexing of the FPGA die, rendering a multi-tenant use mode compatible with the rest of the cloud ecosystem. These appealing computing features, however, have raised new security concerns supported by recent denialof-service, fault-injection, power side-channel and crosstalk side-channel attacks, as well as covert communication on shared FPGAs [3]- [10].…”

Section: Introductionmentioning

confidence: 99%

X-Attack: Remote Activation of Satisfiability Don't-Care Hardware Trojans on Shared FPGAs

Mahmoud

Stojilović

2020

2020 30th International Conference on Field-Programmable Logic and Applications (FPL)

View full text Add to dashboard Cite

Albeit very appealing, FPGA multitenancy in the cloud computing environment is currently on hold due to a number of recently discovered vulnerabilities to side-channel attacks and covert communication. In this work, we successfully demonstrate a new attack scenario on shared FPGAs: we show that an FPGA tenant can activate a dormant hardware Trojan without any physical or logical connection to the private Trojan-infected FPGA circuit. Our victim contains a so-called satisfiability don't-care Trojan, activated by a pair of don't-care signals, which never reach the combined trigger condition under normal operation. However, once a malicious FPGA user starts to induce considerable fluctuations in the on-chip signal delaysand, consequently, the timing faults-these harmless don't-care signals take unexpected values which trigger the Trojan. Our attack model eliminates the assumption on physical access to or manipulation of the victim design. Contrary to existing fault and side-channel attacks that target unprotected cryptographic circuits, our new attack is shown effective even against provably well-protected cryptographic circuits. Besides demonstrating the attack by successfully leaking the entire cryptographic key from one unprotected and one masked AES S-box implementation, we present an efficient and lightweight countermeasure.

show abstract

“…Successful examples of these attacks exploited directly the relation between circuit activity and the voltage fluctuations on the power distribution network (PDN) to extract encryption keys of a neighbouring encryption core [3], [4] or exploited the crosstalk coupling to extract values of secret data from neighbouring long wires [6], [7]. These attacks were carried out in a controlled lab environment with a dedicated setup and, while giving the intuition that the threat could also be exploitable in a real cloud environment, they were not providing any clear evidence of this fact.…”

Section: Introductionmentioning

confidence: 99%

Are Cloud FPGAs Really Vulnerable to Power Analysis Attacks?

Glamočanin

Coulon

Regazzoni

et al. 2020

2020 Design, Automation &Amp; Test in Europe Conference &Amp; Exhibition (DATE)

View full text Add to dashboard Cite

Recent works have demonstrated the possibility of extracting secrets from a cryptographic core running on an FPGA by means of remote power analysis attacks. To mount these attacks, an adversary implements a voltage fluctuation sensor in the FPGA logic, records the power consumption of the target cryptographic core, and recovers the secret key by running a power analysis attack on the recorded traces. Despite showing that the power analysis could also be performed without physical access to the cryptographic core, these works were mostly carried out on dedicated FPGA boards in a controlled environment, leaving open the question about the possibility to successfully mount these attacks on a real system deployed in the cloud. In this paper, we demonstrate, for the first time, a successful key recovery attack on an AES cryptographic accelerator running on an Amazon EC2 F1 instance. We collect the power traces using a delay-line based voltage drop sensor, adapted to the Xilinx Virtex Ultrascale+ architecture used on Amazon EC2 F1, where CARRY8 blocks do not have a monotonic delay increase at their outputs. Our results demonstrate that security concerns raised by multitenant FPGAs are indeed valid and that countermeasures should be put in place to mitigate them.

show abstract

FPGA Side Channel Attacks without Physical Access

Cited by 102 publications

References 5 publications

Timing Violation Induced Faults in Multi-Tenant FPGAs

Timing Violation Induced Faults in Multi-Tenant FPGAs

X-Attack: Remote Activation of Satisfiability Don't-Care Hardware Trojans on Shared FPGAs

Are Cloud FPGAs Really Vulnerable to Power Analysis Attacks?

Contact Info

Product

Resources

About