A Survey of Recent Results in FPGA Security and Intellectual Property Protection

  • François DurvauxEmail author
  • Stéphanie Kerckhof
  • Francesco Regazzoni
  • François-Xavier Standaert


Field programmable gate arrays (FPGAs) are reconfigurable devices which have emerged as an interesting trade-off between the efficiency of application-specific integrated circuits (ASICs) and the versatility of standard microprocessors [81]. Progresses over the last 10 years have improved their capabilities to the point where they can hold a complete system on a chip (SoC) and thus become an attractive platform for an increasing number of applications (e.g., signal processing, image processing, aerospace, etc.). In view of the important data manipulated by these devices, but also of the high amount of intellectual property (IP) they may contain, security-related questions have arisen. First, can we use FPGAs as security devices for example, securely and efficiently encrypting sensitive data (in particular when compared to software solutions)? Second, how can we guarantee that the IP corresponding to FPGA designs is protected (i.e., cannot be easily counterfeited)? Such questions have been the target of a large number of papers in the literature, including several surveys, example [13, 71, 83]. In this chapter, we take another look at them and review a number of important recent results related to security IPs and IP security in modern reconfigurable devices. The chapter is structured in three main sections. First, we briefly describe the structure of recent FPGAs. Next, we discuss security IPs in FPGAs, taking the example of symmetric encryption with the AES Rijndael, and including their performance evaluations and resistance against physical attacks. Finally, we emphasize recent trends for improving IP security in FPGAs, including bitstream security, the use of code watermarking techniques and the exploitation of physically unclonable functions (PUFs).


Intellectual Property Advanced Encryption Standard Trusted Third Party Intellectual Property Protection Hardware Description Language 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Amr T. Abdel-Hamid, Sofiène Tahar, and El Mostapha Aboulhamid. Ip watermarking techniques: Survey and comparison. In IWSOC, pages 60–65. IEEE Computer Society, 2003Google Scholar
  2. 2.
    Dakshi Agrawal, Bruce Archambeault, Josyula R. Rao, and Pankaj Rohatgi. The EM side-channel(s). In Burton S. Kaliski Jr., Çetin Kaya Koç, and Christof Paar, editors, CHES, volume 2523 of Lecture Notes in Computer Science, pages 29–45. Springer, 2002.Google Scholar
  3. 3.
  4. 4.
    Jason H. Anderson. A PUF design for secure FPGA-based embedded systems. In Design Automation Conference (ASP-DAC), 2010 15th Asia and South Pacific, pages 1–6, jan. 2010.Google Scholar
  5. 5.
    Georg T. Becker, Markus Kasper, Amir Moradi, and Christof Paar. Side-channel based watermarks for integrated circuits. In Hardware-Oriented Security and Trust (HOST), 2010 IEEE International Symposium on, pages 30–35, june 2010.Google Scholar
  6. 6.
    Guido Bertoni, Luca Breveglieri, Israel Koren, Paolo Maistri, and Vincenzo Piuri. Error analysis and detection procedures for a hardware implementation of the advanced encryption standard. IEEE Trans. Computers, 52(4):492–505, 2003.Google Scholar
  7. 7.
    Philippe Bulens, François-Xavier Standaert, Jean-Jacques Quisquater, Pascal Pellegrin, and Gaël Rouvroy. Implementation of the AES-128 on Virtex-5 FPGAs. In Serge Vaudenay, editor, AFRICACRYPT, volume 5023 of Lecture Notes in Computer Science, pages 16–26. Springer, 2008.Google Scholar
  8. 8.
    Encarnación Castillo, Luis Parrilla, Antonio García, Antonio Lloris-Ruíz, and Uwe Meyer-Bäse. IPP watermarking technique for IP core protection on FPL devices. In FPL, pages 1–6, 2006.Google Scholar
  9. 9.
    Ricardo Chaves, Georgi Kuzmanov, Stamatis Vassiliadis, and Leonel Sousa. Reconfigurable memory based AES co-processor. In IPDPS. IEEE, 2006.Google Scholar
  10. 10.
    Pawel Chodowiec and Kris Gaj. Very compact FPGA implementation of the AES algorithm. In Walter et al. [82], pages 319–333.Google Scholar
  11. 11.
    Guerric Meurice de Dormale, Philippe Bulens, and Jean-Jacques Quisquater. Collision search for Elliptic Curve Discrete logarithm over GF(2\(^{{m}}\)) with FPGA. In Pascal Paillier and Ingrid Verbauwhede, editors, CHES, volume 4727 of Lecture Notes in Computer Science, pages 378–393. Springer, 2007.Google Scholar
  12. 12.
    Saar Drimer. Authentication of fpga bitstreams: Why and how. In Pedro C. Diniz, Eduardo Marques, Koen Bertels, Marcio Merino Fernandes, and João M. P. Cardoso, editors, ARC, volume 4419 of Lecture Notes in Computer Science, pages 73–84. Springer, 2007.Google Scholar
  13. 13.
    Saar Drimer. Security for volatile FPGAs. PhD dissertation, University of Cambridge Technical, Report UCAM-CL-TR-763, 2009.Google Scholar
  14. 14.
    Saar Drimer. Security for volatile FPGAs. Technical Report UCAM-CL-TR-763, University of Cambridge, Computer Laboratory, November 2009.Google Scholar
  15. 15.
    Saar Drimer, Tim Güneysu, and Christof Paar. DSPs, BRAMs, and a pinch of logic: Extended recipes for AES on FPGAs. TRETS, 3(1), 2010.Google Scholar
  16. 16.
    Pierre Dusart, Gilles Letourneux, and Olivier Vivolo. Differential fault analysis on AES. CoRR, cs.CR/0301020, 2003.Google Scholar
  17. 17.
    Junfeng Fan, Daniel V. Bailey, Lejla Batina, Tim Güneysu, Christof Paar, and Ingrid Verbauwhede. Breaking Elliptic Curve Cryptosystems using reconfigurable hardware. In FPL, pages 133–138. IEEE, 2010.Google Scholar
  18. 18.
    Kris Gaj, Ekawat Homsirikamol, and Marcin Rogawski. Fair and comprehensive methodology for comparing hardware performance of fourteen round two SHA-3 candidates using FPGAs. In Stefan Mangard and François-Xavier Standaert, editors, CHES, volume 6225 of Lecture Notes in Computer Science, pages 264–278. Springer, 2010.Google Scholar
  19. 19.
    Blaise Gassend. Physical Random Functions. Master’s thesis, MIT, USA, 2003.Google Scholar
  20. 20.
    Blaise Gassend, Dwaine Clarke, Marten van Dijk, and Srinivas Devadas. Silicon physical random functions. In ACM Conference on Computer and Communications Security, pages 148–160, New York, NY, USA, 2002. ACM Press.Google Scholar
  21. 21.
    Tim Good and Mohammed Benaissa. AES on FPGA from the fastest to the smallest. In Rao and Sunar [59], pages 427–440.Google Scholar
  22. 22.
    Louis Goubin and Mitsuru Matsui, editors. Cryptographic Hardware and Embedded Systems - CHES 2006, 8th International Workshop, Yokohama, Japan, October 10–13, 2006, Proceedings, volume 4249 of Lecture Notes in Computer Science. Springer, 2006.Google Scholar
  23. 23.
    Jorge Guajardo, Sandeep S. Kumar, Geert Jan Schrijen, and Pim Tuyls. FPGA intrinsic PUFs and their use for IP protection. In Cryptographic Hardware and Embedded Systems Workshop, volume 4727 of LNCS, pages 63–80, September 2007.Google Scholar
  24. 24.
    Jorge Guajardo, Sandeep S. Kumar, Geert Jan Schrijen, and Pim Tuyls. Physical unclonable functions and public-key crypto for FPGA IP protection. In Field Programmable Logic and Applications, 2007. FPL 2007. International Conference on, pages 189–195, Aug. 2007.Google Scholar
  25. 25.
    Tim Güneysu and Amir Moradi. Generic side-channel countermeasures for reconfigurable devices. In Bart Preneel and Tsuyoshi Takagi, editors, CHES, volume 6917 of Lecture Notes in Computer Science, pages 33–48. Springer, 2011.Google Scholar
  26. 26.
    Tim Güneysu and Christof Paar. Ultra high performance ECC over NIST primes on commercial FPGAs. In Elisabeth Oswald and Pankaj Rohatgi, editors, CHES, volume 5154 of Lecture Notes in Computer Science, pages 62–78. Springer, 2008.Google Scholar
  27. 27.
    Mohamed N. Hassan and Mohammed Benaissa. Efficient time-area scalable ECC processor using \(\mu \)-coding technique. In M. Hasan and Tor Helleseth, editors, Arithmetic of Finite Fields, volume 6087 of Lecture Notes in Computer Science, pages 250–268. Springer Berlin / Heidelberg, 2010.Google Scholar
  28. 28.
    Mohamed N. Hassan and Mohammed Benaissa. Small footprint implementations of scalable ECC point multiplication on FPGA. In Communications (ICC), 2010 IEEE International Conference on, pages 1–4, May 2010.Google Scholar
  29. 29.
    Alireza Hodjat and Ingrid Verbauwhede. A 21.54 Gbits/s fully pipelined AES processor on FPGA. In FCCM, pages 308–309. IEEE Computer Society, 2004.Google Scholar
  30. 30.
    Kimmo U. Järvinen, Matti Tommiska, and Jorma Skyttä. A fully pipelined memoryless 17.8 Gbps AES-128 encryptor. In FPGA, pages 207–215, 2003.Google Scholar
  31. 31.
    Andrew B. Kahng, Darko Kirovski, Stefanus Mantik, Miodrag Potkonjak, and Jennifer L. Wong. Copy detection for intellectual property protection of VLSI designs. In Computer-Aided Design, 1999. Digest of Technical Papers. 1999 IEEE/ACM International Conference on, pages 600–604, 1999.Google Scholar
  32. 32.
    Najeh Kamoun, Lilian Bossuet, and Adel Ghazel. SRAM-FPGA implementation of masked S-Box based DPA countermeasure for AES. In Design and Test Workshop, 2008. IDT 2008. 3rd International, pages 74–77. IEEE, 2009.Google Scholar
  33. 33.
    Ramesh Karri, Kaijie Wu, Piyush Mishra, and Yongkook Kim. Concurrent error detection schemes for fault-based side-channel cryptanalysis of symmetric block ciphers. IEEE Trans. on CAD of Integrated Circuits and Systems, 21(12):1509–1517, 2002.Google Scholar
  34. 34.
    Tom Kean, David McLaren, and Carol Marsh. Verifying the authenticity of chip designs with the DesignTag system. In Hardware-Oriented Security and Trust, 2008. HOST 2008. IEEE International Workshop on, pages 59–64, June 2008.Google Scholar
  35. 35.
    David Kenney. Energy efficiency analysis and implementation of AES on an FPGA. Master’s thesis, University of Waterloo, Canada, 2008.Google Scholar
  36. 36.
    Stéphanie Kerckhof, François Durvaux, Nicolas Veyrat-Charvillon, Francesco Regazzoni, Guerric Meurice de Dormaele, and François-Xavier Standaert. Compact fpga implementations of the five sha-3 finalists. ECRYPT II Hash Workshop, Talinn, Estonia, May 2011.Google Scholar
  37. 37.
    Farouk Khelil, Mohamed Hamdi, Sylvain Guilley, Jean-Luc Danger, and Nidhal Selmane. Fault analysis attack on an FPGA AES implementation. In NTMS’08, pages 1–5, 2008.Google Scholar
  38. 38.
    Paul Kocher. Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In Neal I. Koblitz, editor, Advances in Cryptology-CRYPTO ’96, volume 1109 of LNCS, pages 104–13. Springer, Berlin, September 1996.Google Scholar
  39. 39.
    Paul Kocher, Joshua Jaffe, and Benjamin Jun. Differential Power Analysis. In Michael Wiener, editor, Advances in Cryptology-CRYPTO ’99, volume 1666 of LNCS, pages 398–412. Springer, Berlin, August 1999.Google Scholar
  40. 40.
    Sandeep S. Kumar, Jorge Guajardo, Roel Maes, Geert Jan Schrijen, and Pim Tuyls. Extended abstract: The butterfly PUF protecting IP on every FPGA. In Hardware-Oriented Security and Trust, 2008. HOST 2008. IEEE International Workshop on, pages 67–70, June 2008.Google Scholar
  41. 41.
    John Lach, William H. Mangione-Smith, and Miodrag Potkonjak. Signature hiding techniques for FPGA intellectual property protection. In ICCAD, pages 186–189, 1998.Google Scholar
  42. 42.
    John Lach, William H. Mangione-Smith, and Miodrag Potkonjak. Robust FPGA intellectual property protection through multiple small watermarks. In DAC, pages 831–836, 1999.Google Scholar
  43. 43.
    Bernhard Linke. Xilinx FPGA IFF copy protection with 1-wire SHA-1 secure memories., June 2006
  44. 44.
    Roel Maes, Pim Tuyls, and Ingrid Verbauwhede. Intrinsic PUFs from flip-flops on reconfigurable devices. In 3rd Benelux Workshop on Information and System Security (WISSec 2008), page 17, Eindhoven, NL, 2008.Google Scholar
  45. 45.
    Mehrdad Majzoobi, Ahmed Elnably, and Farinaz Koushanfar. Information Hiding, volume 6387 of Lecture Notes in Computer Science, pages 1–16. Springer Berlin / Heidelberg, 2010.Google Scholar
  46. 46.
    Stefan Mangard, Elisabeth Oswald, and Thomas Popp. Power Analysis Attacks: Revealing the Secrets of Smart Cards. Advances in Information Security. Springer, New York, 2007.Google Scholar
  47. 47.
    Stefan Mangard, Norbert Pramstaller, and Elisabeth Oswald. Successfully attacking masked AES hardware implementations. In Rao and Sunar [59], pages 157–171.Google Scholar
  48. 48.
    Stefan Mangard and Kai Schramm. Pinpointing the side-channel leakage of masked AES hardware implementations. In Goubin and Matsui [22], pages 76–90.Google Scholar
  49. 49.
    Nele Mentens, Lejla Batina, Bart Preneel, and Ingrid Verbauwhede. An FPGA implementation of Rijndael: Trade-offs for side-channel security. In IFAC Workshop-PDS, pages 493–498. Citeseer, 2004.Google Scholar
  50. 50.
    Amir Moradi, Alessandro Barenghi, Timo Kasper, and Christof Paar.Google Scholar
  51. 51.
    Sergey Morozov, Abhranil Maiti, and Patrick Schaumont. An analysis of delay based PUF implementations on FPGA. In Phaophak Sirisuk, Fearghal Morgan, Tarek El-Ghazawi, and Hideharu Amano, editors, Reconfigurable Computing: Architectures, Tools and Applications, volume 5992 of Lecture Notes in Computer Science, pages 382–387. Springer Berlin / Heidelberg, 2010.Google Scholar
  52. 52.
    Naveen Narayan, Rexford D. Newbould, Jo Dale Carothers, Jeffrey J. Rodriguez, and W. Timothy Holman. IP protection for VLSI designs via watermarking of routes. In ASIC/SOC Conference, 2001. Proceedings. 14th Annual IEEE, International, pp. 406–410, 2001.Google Scholar
  53. 53.
  54. 54.
    NIST. Announcing the Advanced Encryption Standard (AES). Federal Information Processing Standards Publication 197, November 2001.Google Scholar
  55. 55.
    Arlindo L. Oliveira. Techniques for the creation of digital watermarks in sequential circuit designs. IEEE Trans. on CAD of Integrated Circuits and Systems, 20(9):1101–1117, 2001.Google Scholar
  56. 56.
    Siddika Berna Örs, Elisabeth Oswald, and Bart Preneel. Power-analysis attacks on an FPGA - first experimental results. In Walter et al. [82], pages 35–50.Google Scholar
  57. 57.
    Gilles Piret and Jean-Jacques Quisquater. A differential fault attack technique against SPN structures, with application to the AES and KHAZAD. In CHES’03, pages 77–88, 2003.Google Scholar
  58. 58.
    Jean-Jacques Quisquater and David Samyde. Electromagnetic analysis (ema): Measures and counter-measures for smart cards. In Isabelle Attali and Thomas P. Jensen, editors, E-smart, volume 2140 of Lecture Notes in Computer Science, pages 200–210. Springer, 2001.Google Scholar
  59. 59.
    Josyula R. Rao and Berk Sunar, editors. Cryptographic Hardware and Embedded Systems - CHES 2005, 7th International Workshop, Edinburgh, UK, August 29 – September 1, 2005, Proceedings, volume 3659 of Lecture Notes in Computer Science. Springer, 2005.Google Scholar
  60. 60.
    Francesco Regazzoni, Thomas Eisenbarth, Luca Breveglieri, Paolo Ienne, and Israel Koren. Can knowledge regarding the presence of countermeasures against fault attacks simplify power attacks on cryptographic devices? In Cristiana Bolchini, Yong-Bin Kim, Dimitris Gizopoulos, and Mohammad Tehranipoor, editors, 23rd IEEE International Symposium on Defect and Fault-Tolerance in VLSI Systems (DFT 2008), pages 202–210. IEEE Computer Society, 2008.Google Scholar
  61. 61.
    Francesco Regazzoni, Thomas Eisenbarth, Johann Großschädl, Luca Breveglieri, Paolo Ienne, Israel Koren, and Christof Paar. Power attacks resistance of cryptographic S-boxes with added error detection procedures. In Cristiana Bolchini, Yong-Bin Kim, Adelio Salsano, and Nur A. Touba, editors, 22nd IEEE International Symposium on Defect and Fault-Tolerance in VLSI Systems (DFT 2007), pages 508–516. IEEE Computer Society, 2007.Google Scholar
  62. 62.
    Francesco Regazzoni, Yi Wang, and François-Xavier Standaert. FPGA implementations of the AES masked against power analysis attacks. In COSADE 2011, 2011.Google Scholar
  63. 63.
    G. Rouvroy, F.-X. Standaert, J.-J. Quisquater, and J.-D. Legat. Compact and efficient encryption/decryption module for fpga implementation of the aes rijndael very well suited for small embedded applications. In Information Technology: Coding and Computing, 2004. Proceedings. ITCC 2004. International Conference on, volume 2, pages 583–587 Vol. 2, April 2004.Google Scholar
  64. 64.
    Dhiman Saha, Debdeep Mukhopadhyay, and Dipanwita RoyChowdhury. A diagonal fault attack on the Advanced Encryption Standard. Cryptology ePrint Archive, Report 2009/581, 2009.
  65. 65.
  66. 66.
    Moritz Schmid, Daniel Ziener, and Jürgen Teich. Netlist-level IP protection by watermarking for LUT-based FPGAs. In Proceedings of IEEE International Conference on Field-Programmable Technology (FPT 2008), pages 209–216, Taipei, Taiwan, December 2008.Google Scholar
  67. 67.
    Nidhal Selmane, Shivam Bhasin, Sylvain Guilley, Tarik Graba, and Jean-Luc Danger. WDDL is protected against setup time violation attacks. In Fault Diagnosis and Tolerance in Cryptography (FDTC), 2009 Workshop on, pages 73–83, Sept. 2009.Google Scholar
  68. 68.
    Nidhal Selmane, Sylvain Guilley, and Jean-Luc Danger. Practical setup time violation attacks on AES. In Proceedings of the 2008 Seventh European Dependable Computing Conference, pages 91–96, Washington, DC, USA, 2008. IEEE Computer Society.Google Scholar
  69. 69.
    Li Shang, Alireza S. Kaviani, and Kusuma Bathala. Dynamic power consumption in virtex-II FPGA family. In Proceedings of the 2002 ACM/SIGDA tenth international symposium on Field-programmable gate arrays, FPGA ’02, pages 157–164, New York, NY, USA, 2002. ACM.Google Scholar
  70. 70.
    Eric Simpson and Patrick Schaumont. Offline hardware/software authentication for reconfigurable platforms. In Louis Goubin and Mitsuru Matsui, editors, Cryptographic Hardware and Embedded Systems - CHES 2006, volume 4249 of Lecture Notes in Computer Science, pages 311–323. Springer Berlin/Heidelberg, 2006.Google Scholar
  71. 71.
    François-Xavier Standaert. Secure and efficient symmetric encryption using FPGAs. Cryptographic Engineering. Chapter 11, pp 295–320, Springer, 2009.Google Scholar
  72. 72.
    François-Xavier Standaert, François Macé, Eric Peeters, and Jean-Jacques Quisquater. Updates on the security of FPGAs against power analysis attacks. In Koen Bertels, João M. P. Cardoso, and Stamatis Vassiliadis, editors, ARC, volume 3985 of Lecture Notes in Computer Science, pages 335–346. Springer, 2006.Google Scholar
  73. 73.
    François-Xavier Standaert, Siddika Berna Örs, and Bart Preneel. Power analysis of an FPGA: Implementation of Rijndael: Is pipelining a DPA countermeasure? In Marc Joye and Jean-Jacques Quisquater, editors, CHES, volume 3156 of Lecture Notes in Computer Science, pages 30–44. Springer, 2004.Google Scholar
  74. 74.
    François-Xavier Standaert, Eric Peeters, Gaël Rouvroy, and Jean-Jacques Quisquater. An overview of power analysis attacks against field programmable gate arrays. Proceedings of the IEEE, 94(2):383–394, 2006.CrossRefGoogle Scholar
  75. 75.
    François-Xavier Standaert, Gaël Rouvroy, Jean-Jacques Quisquater, and Jean-Didier Legat. Efficient implementation of rijndael encryption in reconfigurable hardware: Improvements and design tradeoffs. In Walter et al. [82], pages 334–350.Google Scholar
  76. 76.
    François-Xavier Standaert, Loïc van Oldeneel tot Oldenzeel, David Samyde, and Jean-Jacques Quisquater. Power analysis of fpgas: How practical is the attack? In Peter Y. K. Cheung, George A. Constantinides, and José T. de Sousa, editors, FPL, volume 2778 of Lecture Notes in Computer Science, pages 701–711. Springer, 2003.Google Scholar
  77. 77.
    Daisuke Suzuki and Minoru Saeki. Security evaluation of dpa countermeasures using dual-rail pre-charge logic style. In Goubin and Matsui [22], pages 255–269.Google Scholar
  78. 78.
    Helion Technology.
  79. 79.
    Kris Tiri and Ingrid Verbauwhede. A logic level design methodology for a secure DPA resistant ASIC or FPGA implementation. In DATE, pages 246–251. IEEE Computer Society, 2004.Google Scholar
  80. 80.
    Stephen Trimberger, Jason Moore, and Weiguang Lu. Authenticated encryption for fpga bitstreams. In Proceedings of the 19th ACM/SIGDA international symposium on Field programmable gate arrays, FPGA ’11, pages 83–86, New York, NY, USA, 2011. ACM.Google Scholar
  81. 81.
    Frank Vahid. The softening of hardware. Computer, 36:27–34, April 2003.Google Scholar
  82. 82.
    Colin D. Walter, Çetin Kaya Koç, and Christof Paar, editors. Cryptographic Hardware and Embedded Systems - CHES 2003, 5th International Workshop, Cologne, Germany, September 8–10, 2003, Proceedings, volume 2779 of Lecture Notes in Computer Science. Springer, 2003.Google Scholar
  83. 83.
    Thomas Wollinger, Jorge Guajardo, and Christof Paar. Security on FPGAs: State-of-the-art implementations and attacks. ACM Trans. Embed. Comput. Syst., 3:534–574, August 2004.Google Scholar
  84. 84.
  85. 85.
    Daniel Ziener. Techniques for Increasing Security and Reliability of IP Cores Embedded in FPGA and ASIC Designs. Dissertation, University of Erlangen-Nuremberg, Germany, July 2010. Verlag Dr. Hut, Munich, Germany.Google Scholar
  86. 86.
    Daniel Ziener and Jürgen Teich. Power signature watermarking of IP cores for FPGAs. Signal Processing Systems, 51(1):123–136, 2008.Google Scholar
  87. 87.

Copyright information

© Springer Science+Business Media New York 2014

Authors and Affiliations

  • François Durvaux
    • 1
    Email author
  • Stéphanie Kerckhof
    • 1
  • Francesco Regazzoni
    • 1
    • 2
  • François-Xavier Standaert
    • 1
  1. 1.UCL Crypto GroupUniversité catholique de LouvainLouvain-la-NeuveBelgium
  2. 2.ALaRI InstituteUniversity of LuganoLuganoSwitzerland

Personalised recommendations