Abstract
Intellectual property (IP) cores in FPGAs are being used widely as these provide high flexibility and efficiency at low cost and low time-to-market. An IP in FPGA is primarily a HDL design or a bitfile for the same. Security aspects have specific issues for the FPGA IP cores. Partial recon gurability of an FPGA has introduced further security holes. A bitfile or a partial bitstream is loaded on an FPGA architecture in encrypted form in order to prevent unauthorized access of the IP. This encryption of the bitfile may be cracked through side-channel attacks. For authentication of a genuine IP vendor and an authorized IP user, their binary signatures may be included in the FPGA bitstream. However, maintaining resilience of the signatures against tampering is a challenge in case of their public verification. Another recent challenge in FPGAs due to hardware Trojans or extraneous circuitry inserted surreptitiously is being combated with parity-based detection techniques. However, it is still hard for the standard FPGA tools to detect Trojan circuits inserted directly in the bitfile cores. In case of a system-on-a-chip (SoC) implemented with FPGAs, the security issues in IP distribution, IP management, and inter-communication are even more complex and challenging. This chapter elaborates the various security techniques adopted in FPGAs, security measures remain as research proposal, along with several alarming security threats open for research.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Dutt, S., Li, L.: Trust-based design and check of FPGA circuits using two-level randomized ECC structures. ACM Trans. Reconfig. Technol. Syst. 2(1) (2009)
http://homepages.cae.wisc.edu/~ece554/website/Lectures/Xilinx_Vertex_Tech_s03.pdf
Qu, G., Potkonjak, M.: Intellectual Property Protection in VLSI Designs: Theory and Practice. Springer, Heidelberg (2003)
Drimer, S.: Volatile FPGA design security–a survey. http://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-763.pdf (2008)
Majzoobi, M., Koushanfar, F., Potkonjak, M.: FPGA-oriented security. In: Introduction to Hardware Security and Trust, Chapter 1. Springer (2011)
Trimberger, S.M., Moore, J.J.: FPGA security: motivations, features, and applications, invited paper. Proc. IEEE 102(8) (2014)
McNeil, S.: Solving Today’s Design Security Concerns, Xilinx White paper FPGAs, WP365 (v1.2) July 30 (2012)
Menezes, A., Oorschot, P., Vanstone, S.: Handbook of Applied Cryptography. CRC Press (1996)
Good, T., Benaissa, M.: AES on FPGA from the fastest to the smallest. In: CHES 2005: Proceedings of International Conference on Cryptographic Hardware and Embedded Systems, LNCS 3659, pp. 427-440. Springer (2005)
Granado-Criado, J.M., Vega-Rodr\(\acute{i}\)guez, M.A., S\(\acute{a}\)nchez-P\(\acute{e}\)rez, J.M., G\(\acute{o}\)mez-Pulido, J.A.: A new methodology to implement the AES algorithm using partial and dynamic reconfiguration. Integr. VLSI J. 43(1), 72–80 (2010)
Chu, J., Benaissa, M.: Low area memory-free FPGA implementation of the AES algorithm. In: FPL 2012: Proceedings of International Conference on Field Programmable Logic and Applications, pp. 623–626 (2012)
Hori, Y., Katashita, T., Sakane, H., et al.: Bitstream protection in dynamic partial reconfiguration systems using authenticated encryption. IEICE Trans. Inf. Syst. E96-D(11), 2333–2343 (2013)
Abdellatif, K.M., Chotin-Avot, R., Mehrez, H.: Improved method for parallel AES-GCM cores using FPGAs. In: Proceedings of International Conference on Reconfigurable Computing and FPGAs, pp. 1–4 (2013)
Teegarden, C., Bhargava, M., Mai, K.: Side-channel attack resistant ROM-based AES S-box. In: HOST 2010: Proceedings of IEEE International Symposium on Hardware-Oriented Security and Trust, pp. 124–129 (2010)
Drimer, S., Kuhn, M.G.: A protocol for secure remote updates of FPGA configurations. In: Proceedings of International Workshop on Applied Reconfigurable Computing, Reconfigurable Computing: Architectures, Tools and Applications, pp. 50–61. Springer, Berlin (2009)
Vliege, J., Mentens, N., Verbauwhede, I.: A single-chip solution for the secure remote configuration of FPGA using bitstream compression. In: Proceedings of International Conference on Reconfigurable Computing and FPGAs, pp. 1–6 (2013)
Adi, W., Ernst, R., Soudan, B., Hanoun, A.: VLSI design exchange with intellectual property protection in FPGA environment using both secret and public-key cryptography. In: ISVLSI 2006: Proceedings of IEEE Computer Society Annual Symposium on VLSI, pp. 24–29 (2006)
Morozov, S., Maiti, A., Schaumont, P.: An analysis of delay based PUF implementations on FPGA. In: Proceedings of International Conference on Reconfigurable Computing: Architectures, Tools and Applications, pp. 382–387 (2010)
Pappala, S., Niamat, M., Sun, W.: FPGA based trustworthy authentication technique using physically unclonable functions and artificial intelligence. In: HOST 2012: Proceedings of IEEE International Symposium on Hardware-Oriented Security and Trust, pp. 59–62 (2012)
Majzoobi, M., Koushanfar, F., Potkonjak, M.: Techniques for design and implementation of secure reconfigurable PUFs. ACM Trans. Reconfig. Technol. Syst. 2(1) (2009)
Majzoobi, M., Koushanfar, F., Devadas, S.: FPGA-based true random number generation using circuit metastability with adaptive feedback Control. In: CHES 2011: Proceedings of Cryptographic Hardware and Embedded Systems, LNCS 6917, pp. 17–32. Springer (2011)
Varchola, M., Drutarovsky, M., Fischer, V.: New universal element with integrated PUF and TRNG capability. In Proceedings of International Conference on Reconfigurable Computing and FPGAs, pp. 1–6 (2013)
Yip, K., Ng, T.: Partial-encryption technique for intellectual property protection of FPGA-based products. IEEE Trans. Consum. Electr. 46(1), 183–190 (2000)
Kirovski, D., Hwang, Y., Potkonjak, M., Cong, J.: Protecting combinational logic synthesis solutions. IEEE Trans. Comput.-Aided Des. Integr. Circuit Syst. 25(12), 2687–2696 (2006)
Cui, A., Chang, C.H., Tahar, S.: IP watermarking using incremental technology mapping. IEEE Trans. Comput.-Aided Des. Integr. Circuit Syst. 27(9), 1565–1570 (2008)
Jain, A., Yuan, L., Puri, P., Qu, G.: Zero overhead watermarking technique for FPGA designs. In: GLSVLSI 2003: Proceedings of ACM Great Lakes symposium on VLSI, pp. 147–152 (2003)
Lach J., Mangione-Smith, W.H., Potkonjak, M.: Fingerprinting techniques for field-programmable gate array intellectual property protection. IEEE Trans. Comput.-Aided Des. Integr. Circuit Syst. 20(10), 1253–1261 (2001)
Saha, D., Sur-Kolay, S.: Robust intellectual property protection of VLSI physical design. J. IET Comput. Dig. Tech. 4(5), 388–399 (2010)
Castillo, E., Meyer-Baese, U., Garcia, A., Parrilla, L., Lloris, A.: IPP@HDL: efficient intellectual property protection scheme for IP cores. IEEE Trans. Very Large Scale Integr. (VLSI) Syst. 15(5), 578–591 (2007)
Kerckhof, S., Durvaux, F., Standaert, F., Gerard, B.: Intellectual property protection for FPGA designs with soft physical hash functions: first experimental results. In: HOST 2013: Proceedings of IEEE International Symposium on Hardware-Oriented Security and Trust, pp. 7–12 (2013)
Qu, G.: Publicly detectable techniques for the protection of virtual components. In: Proceedings of Design Automation Conference, pp. 474–479 (2001)
Ziener, D., Teich, J.: Power signature watermarking of IP cores for FPGAs. J. Signal Process. Syst. 51(1), 123–136 (2008)
Kean, T., McLaren, D., Marsh, C.: Verifying the authenticity of chip designs with the design tag system. In: HOST 2008: Proceedings of IEEE International Workshop on Hardware-Oriented Security and Trust, pp. 59–64 (2008)
Saha, D., Sur-Kolay, S.: Secure public verification of IP marks in FPGA design through a zero-knowledge protocol. IEEE Trans. VLSI (VLSI) Syst. 20(10), 1749–1757 (2012)
Rilling, J., Graziano, D., Hitchcock, J., et al.: Circumventing a ring oscillator approach to FPGA-based hardware Trojan detection. In: ICCD 2011: IEEE International Conference on Computer Design, pp. 289–292 (2011)
Chakraborty, R.S., Saha, I., Palchaudhuri, A., Naik, G.K.: Hardware Trojan insertion by direct modification of FPGA configuration bitstream. IEEE Des. Test Comput. 30(2), 45–54 (2013)
Drimer, S., Guneysu, T., Kuhn, M.G., Paar, C.: Protecting multiple cores in a single FPGA design. http://www.saardrimer.com/sd410/papers/protect_many_cores.pdf (2007)
Maes, R., Schellekens, D., Verbauwhede, I.: A Pay-per-use licensing scheme for hardware IP cores in recent SRAM-based FPGAs. IEEE Trans. Inf. Forensics Secur. 7(1), 98–108 (2012)
Guajardo, J., Guneysu, T., Kumar, S.S., Paar, C.: Secure IP-block distribution for hardware devices. In: HOST 2009: IEEE International Workshop on Hardware-Oriented Security and Trust, pp. 82–89 (2009)
Ebrahim, A., Benkrid, K., Khalifat, J., Hong, C.: A platform for secure IP integration in Xilinx Virtex FPGAs. In: International Conference on Reconfigurable Computing and FPGAs, pp. 1–6 (2013)
Khan, Z.U.A., Benaissa, M.: High speed ECC implementation on FPGA over \(GF(2^m)\). In: FPL 2015: Proceedings of International Conference on Field Programmable Logic and Applications, pp. 1–6 (2015)
Roy, S.S., Rebeiro, C., Mukhopadhyay, D.: Theoretical modeling of elliptic curve scalar multiplier on LUT-based FPGAs for area and speed. IEEE Trans. Very Large Scale Integr. (VLSI) Syst. 21(5), 901–909 (2013)
Guneysu, T., Paar, C.: Ultra high performance ECC over NIST primes on commercial FPGAs, In: CHES 2008: Proceedings International Workshop on Cryptographic Hardware and Embedded Systems, LNCS 5154, pp. 62–78. Springer (2008)
Basu Roy, D., Das, P., Mukhopadhyay, D.: ECC on your fingertips: a single instruction approach for lightweight ECC design in GF(p). IACR Cryptology ePrint Archive 2015: 1225
Vliegen, J., Mentens, N., Genoe, J., Braeken, A., Kubera, S., Touhafi, A., Verbauwhede, I.: A compact FPGA-based architecture for elliptic curve cryptography over prime fields. In: ASAP 2010: Proceedings of IEEE International Conference on Application-specific Systems Architectures and Processors, pp. 313–316 (2010)
Khan, Z.U.A., Benaissa, M.: Throughput/area-efficient ECC processor using Montgomery point multiplication on FPGA. IEEE Trans. Circuits Syst. 62-II(11), 1078–1082 (2015)
Cho, S.M., Seo, S.C., Kim, T.H., Park, Y.-H., Hong, S.: Extended elliptic curve Montgomery ladder algorithm over binary fields with resistance to simple power analysis. J. Inf. Sci. 245, 304–312 (2013)
Azarderakhsh, R., Reyhani-Masoleh, A.: Efficient FPGA implementations of point multiplication on binary Edwards and generalized Hessian curves using Gaussian normal basis. IEEE Trans. Very Large Scale Integr. (VLSI) Syst. 20(8), 1453–1466 (2012)
Chatterjee, A., Sengupta, I.: High-speed unified elliptic curve cryptosystem on FPGAs using binary Huff curves. In: VDAT 2012: Proceedings of VISI Design and Test, LNCS 7373, pp. 243–251. Springer (2012)
Shahzad, K., Khalid, A., Rkossy, Z.E., Paul, G., Chattopadhyay, A: CoARX: a coprocessor for ARX-based cryptographic algorithms. In: Proceedings of Annual Design Automation Conference, Article No. 133 (2013)
Zheng, J.X., Chen, E., Potkonjak, M.: A benign hardware Trojan on FPGA-based embedded systems. In: FPL 2012: Proceedings of International Conference on Field Programmable Logic and Applications, pp. 464–470 (2012)
Kliem, D., Voigt, S.-O.: Scalability evaluation of an FPGA-based multi-core architecture with hardware-enforced domain partitioning. Microprocess. Microsyst. (2014)
Costan, V., Devadas, S.: Security challenges and opportunities in adaptive and reconfigurable hardware. In: HOST 2011: Proceedings of IEEE International Symposium on Hardware-Oriented Security and Trust (2011)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this chapter
Cite this chapter
Saha, D., Sur-Kolay, S. (2017). FPGA-Based IP and SoC Security. In: Bhunia, S., Ray, S., Sur-Kolay, S. (eds) Fundamentals of IP and SoC Security. Springer, Cham. https://doi.org/10.1007/978-3-319-50057-7_7
Download citation
DOI: https://doi.org/10.1007/978-3-319-50057-7_7
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-50055-3
Online ISBN: 978-3-319-50057-7
eBook Packages: EngineeringEngineering (R0)