Datenschutz und Datensicherheit - DuD

, Volume 35, Issue 11, pp 779–785 | Cite as

Praktische Angriffe auf die Bitstromverschlüsselung von Xilinx FPGAs

  • Markus Kasper
  • Timo Kasper
  • Amir Moradi
  • Christof Paar
Schwerpunkt
  • 131 Downloads

Zusammenfassung

Heute bedrohen Risiken wie Produktpiraterie und Industriespionage Technologiekonzerne mehr denn je. Weder wertvoll aufgebautes Know-How noch kostspielige Eigenentwicklungen dürfen in die Hände der Konkurrenz geraten. Über Gewinner und Verlierer dieses Wettkampfs entscheidet häufig, ob die Schutzmechanismen der verwendeten Baugruppen halten, was die Hersteller versprechen. In diesem Beitrag untersuchen wir am Beispiel von Xilinx Bauelementen, wie sich die Bitstromverschlüsselung zum Schutz der FPGA Konfiguration in der Praxis bewährt. Wir zeigen, wie sich mittels Seitenkanalanalyse sogar mit dem hochsicheren AES-256 geschützte Inhalte entschlüsseln lassen.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Literatur

  1. [1]
    ALTERA. Using the Design Security Feature in Stratix II and Stratix II GX Devices (AN 341 version 2.3). Technical report, August 2009. http://www.altera.com/literature/an/an341.pdf.
  2. [2]
    E. Brier, C. Clavier, and F. Olivier. Correlation Power Analysis with a Leakage Model. In CHES 2004, volume 3156 of LNCS, pages 16–29. Springer, 2004.Google Scholar
  3. [3]
    W. J. Broad, J. Markoff, and D. E. Sanger. Israeli Test on Worm Called Crucial in Iran Nuclear Delay. Technical report, New York Times, January 2011. http://www.nytimes.com/2011/01/16/world/middleeast/16stuxnet.html.Google Scholar
  4. [4]
    O. Coudert. Why FPGA startups keep failing, 2009. FPGA market shares according to Gartner Inc, 2008.Google Scholar
  5. [5]
    S. Drimer. Security for volatile FPGAs. Technical Report UCAM-CL-TR-763, University of Cambridge, Computer Laboratory, Novembre 2009. ISSN 1476-2986. http://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-763.pdf.
  6. [6]
    P. Kocher, J. Jaffe, and B. Jun. Differential Power Analysis. In CRYPTO 99, volume 1666 of LNCS, pages 388–397. Springer, 1999.CrossRefGoogle Scholar
  7. [7]
    R. Krueger. Application Note XAPP766: Using High Security Features in Virtex-II Series FPGAs. Technical report, XILINX, 2004. http://www.xilinx.com/support/documentation/application_notes/xapp766.pdf.
  8. [8]
    A. Lesea. IP Security in FPGAs, White Paper WP261. Technical report, XILINX, February 2007.Google Scholar
  9. [9]
    NIST. FIPS-46-3: Data Encryption Standard (DES), 1999.Google Scholar
  10. [10]
    Amir Moradi, Alessandro Barenghi, Timo Kasper and Christof Paar. On the Vulnerability of FPGA Bitstream Encryption against Power Analysis Attacks — Extracting Keys from Xilinx Virtex-II FPGAs, ACM CCS 2011. To appear: A draft version is available in the Cryptology ePrint Archive, Report 2011/390 http://eprint.iacr.org/
  11. [11]
    J.-B. Note and E. Rannaud. From the bitstream to the netlist. In M. Hutton and P. Chow, editors, 16th International Symposium on Field Programmable Gate Arrays, FPGA 2008. ACM, 2008.Google Scholar
  12. [12]
    S. B. Ors, E. Oswald, and B. Preneel. Power-Analysis Attacks on an FPGA — First Experimental Results. In CHES 2003, volume 2779 of LNCS, pages 35–50. Springer, 2003.Google Scholar
  13. [13]
    Side-channel Attack Standard Evaluation Board (SASEBO). http://www.rcis.aist.go.jp/special/SASEBO/.
  14. [14]
    F.-X. Standaert, S. B. Ors, J.-J. Quisquater, and B. Preneel. Power Analysis Attacks Against FPGA Implementations of the DES. In FPL 2004, volume 3203 of LNCS, pages 84–94. Springer, 2004.CrossRefGoogle Scholar
  15. [15]
    Studiengänge IT-Sicherheit des Horst Görtz Instituts an der Ruhr-Universität Bochum, http://www.ei.rub.de/studium/its/
  16. [16]
    A. Telikepalli. Is Your FPGA Design Secure? XCell Journal, XILINX, Fall 2003.Google Scholar
  17. [17]
    C. W. Tseng. Lock Your Designs with the Virtex-4 Security Solution. XCell Journal, XILINX, Spring 2005.Google Scholar
  18. [18]
    T. J. Wollinger, J. Guajardo, and C. Paar. Security on FPGAs: State-of-the-art implementations and attacks. ACM Transactions in Embedded Computing Systems (TECS), 3(3):534–574, 2004.CrossRefGoogle Scholar
  19. [19]
    XILINX. Virtex-2 Platform FPGA User Guide (UG002 version 2.2). Technical report, November 2007. http://www.xilinx.com/support/documentation/user_guides/ug002.pdf.
  20. [20]
    XILINX. Virtex-II Pro and Virtex-II Pro X FPGA User Guide. Technical report, 2007. http://www.xilinx.com/support/documentation/user_guides/ug012.pdf.
  21. [21]
    XILINX. Virtex-II Pro Platform FPGAs: Complete Data Sheet (DS 083 version 4.7). Technical report, November 2007. http://www.xilinx.com/support/documentation/data_sheets/ds083.pdf.
  22. [22]
    D. Ziener, S. Assmus, and J. Teich. Identifying FPGA IP-Cores Based on Lookup Table Content Analysis. In FPL 2006, pages 1–6. IEEE, 2006.Google Scholar

Copyright information

© Springer Fachmedien Wiesbaden 2011

Authors and Affiliations

  • Markus Kasper
  • Timo Kasper
  • Amir Moradi
  • Christof Paar

There are no affiliations available

Personalised recommendations