Abstract
We present a security protocol for the remote update of volatile FPGA configurations stored in non-volatile memory. Our approach can be implemented on existing FPGAs, as it sits entirely in user logic. Our protocol provides for remote attestation of the running configuration and the status of the upload process. It authenticates the uploading party both before initiating the upload and before completing it, to both limit a denial-of-service attack and protect the integrity of the bitstream. Encryption protects bitstream confidentiality in transit; we either decrypt it before non-volatile storage, or pass on ciphertext if the configuration logic can decrypt it. We discuss how tamper-proofing the connection between the FPGA and the non-volatile memory, as well as space for multiple bitstreams in the latter, can improve resilience against downgrading and denial-of-service attacks.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Parelkar, M.M., Gaj, K.: Implementation of EAX mode of operation for FPGA bitstream encryption and authentication. In: Field Programmable Technology, pp. 335–336 (December 2005)
Drimer, S.: Authentication of FPGA bitstreams: why and how. In: Diniz, P.C., Marques, E., Bertels, K., Fernandes, M.M., Cardoso, J.M.P. (eds.) ARCS 2007. LNCS, vol. 4419, pp. 73–84. Springer, Heidelberg (2007)
Xilinx Inc., http://www.xilinx.com
Lattice Semiconductor Corp., http://www.latticesemi.com
Altera Corp., http://www.altera.com
Note, J.B., Rannaud, É.: From the bitstream to the netlist. In: ACM/SIGDA Symposium on Field Programmable Gate Arrays, pp. 264–264. ACM, New York (2008)
Trimberger, S.M., Conn, R.O.: Remote field upgrading of programmable logic device configuration data via adapter connected to target memory socket. United States Patent 7, 269, 724 (September 2007)
Castillo, J., Huerta, P., Martínez, J.I.: Secure IP downloading for SRAM FPGAs. Microprocessors and Microsystems 31(2), 77–86 (2007)
Fong, R.J., Harper, S.J., Athanas, P.M.: A versatile framework for FPGA field updates: an application of partial self-reconfiguration. In: IEEE International Workshop on Rapid Systems Prototyping, pp. 117–123 (2003)
Drimer, S.: Volatile FPGA design security – a survey (v0.96) (April 2008), http://www.cl.cam.ac.uk/~sd410/papers/fpga_security.pdf
Benoît, B., Reouven, E., Lionel, T.: Secure FPGA configuration architecture preventing system downgrade. In: Field Programmable Logic, pp. 317–322 (September 2008)
Drimer, S., Güneysu, T., Paar, C.: DSPs, BRAMs and a pinch of logic: new recipes for AES on FPGAs. In: IEEE Symposium on Field-Programmable Custom Computing Machines. IEEE, Los Alamitos (2008)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Drimer, S., Kuhn, M.G. (2009). A Protocol for Secure Remote Updates of FPGA Configurations. In: Becker, J., Woods, R., Athanas, P., Morgan, F. (eds) Reconfigurable Computing: Architectures, Tools and Applications. ARC 2009. Lecture Notes in Computer Science, vol 5453. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-00641-8_8
Download citation
DOI: https://doi.org/10.1007/978-3-642-00641-8_8
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-00640-1
Online ISBN: 978-3-642-00641-8
eBook Packages: Computer ScienceComputer Science (R0)