Computer Laboratory

Technical reports

Security for volatile FPGAs

Saar Drimer

November 2009, 169 pages

This technical report is based on a dissertation submitted August 2009 by the author for the degree of Doctor of Philosophy to the University of Cambridge, Darwin College.

Abstract

With reconfigurable devices fast becoming complete systems in their own right, interest in their security properties has increased. While research on “FPGA security” has been active since the early 2000s, few have treated the field as a whole, or framed its challenges in the context of the unique FPGA usage model and application space. This dissertation sets out to examine the role of FPGAs within a security system and how solutions to security challenges can be provided. I offer the following contributions:

I motivate authenticating configurations as an additional capability to FPGA configuration logic, and then describe a flexible security protocol for remote reconfiguration of FPGA-based systems over insecure networks. Non-volatile memory devices are used for persistent storage when required, and complement the lack of features in some FPGAs with tamper proofing in order to maintain specified security properties. A unique advantage of the protocol is that it can be implemented on some existing FPGAs (i.e., it does not require FPGA vendors to add functionality to their devices). Also proposed is a solution to the “IP distribution problem” where designs from multiple sources are integrated into a single bitstream, yet must maintain their confidentiality.

I discuss the difficulty of reproducing and comparing FPGA implementation results reported in the academic literature. Concentrating on cryptographic implementations, problems are demonstrated through designing three architecture-optimized variants of the AES block cipher and analyzing the results to show that single figures of merit, namely “throughput” or “throughput per slice”, are often meaningless without the context of an application. To set a precedent for reproducibility in our field, the HDL source code, simulation testbenches and compilation instructions are made publicly available for scrutiny and reuse.

Finally, I examine payment systems as ubiquitous embedded devices, and evaluate their security vulnerabilities as they interact in a multi-chip environment. Using FPGAs as an adversarial tool, a man-in-the-middle attack against these devices is demonstrated. An FPGA-based defense is also demonstrated: the first secure wired “distance bounding” protocol implementation. This is then put in the context of securing reconfigurable systems.

Full text

PDF (3.2 MB)

BibTeX record

@TechReport{UCAM-CL-TR-763,
  author =	 {Drimer, Saar},
  title = 	 {{Security for volatile FPGAs}},
  year = 	 2009,
  month = 	 nov,
  url = 	 {http://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-763.pdf},
  institution =  {University of Cambridge, Computer Laboratory},
  number = 	 {UCAM-CL-TR-763}
}