Skip to main content
SpringerLink
Log in

Security FPGA Analysis

  • Chapter
Security Trends for FPGAS

Abstract

Security is becoming since several years a major issue in the domain of embedded systems. Fine grain reconfigurable architectures like FPGAs are providing many interesting features to be selected as an efficient target for embedded systems when security is an important concern. In this chapter we propose an overview of some existing attacks, a classification of attackers and the different levels of security as promoted by the FIPS 140-2 standard. We identify the main vulnerabilities of FPGAs to tackle the security requirements based on the security pyramid concept. We propose a presentation of some existing countermeasures at the different levels of the security pyramid to guarantee a defense-in-depth approach.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 109.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Abraham, D.G., Dolan, G.M., Double, G.P., Stevens, J.V.: Transaction security system. IBM Syst. J. (1991)

    Google Scholar 

  2. ACTEL: Proasic3/e security. In: Application Note. ACTEL Corporation (2005)

    Google Scholar 

  3. Agrawal, D., Rohatgi, P., Rao, J.R.: Multi-channel Attacks. Lecture Notes in Computer Science (2003)

    Google Scholar 

  4. Bajard, J.-C., Imbert, L.: Leak resistant arithmetic. In: Cryptographic Hardware and Embedded Systems, Proceedings of CHES (2004)

    Google Scholar 

  5. Barker, E., Roginsky, A.: NIST special publication 800-131a—transitions: recommendation for transitioning the use of cryptographic algorithms and key lengths. In: Computer Security Division—Information Technology Laboratory (January 2011)

    Google Scholar 

  6. Barthe, L., Benoit, P., Torres, L.: Investigation of a masking countermeasure against side-channel attacks for RISC-based processor architectures. In: FPL, pp. 139–144 (2010)

    Google Scholar 

  7. Ciet, M., Nevel, M., Peeters, E., Quisquater, J.-J.: Parallel FPGA implementation of RSA with residue number systems—can side-channel threats be avoided. In: UCL Crypto Group (2004)

    Google Scholar 

  8. Coburn, J., Ravi, S., Raghunathan, A., Chakradhar, S.: SECA security-enhanced communication architecture. In: Proceedings of the 2005 International Conference on Compilers, Architectures and Synthesis for Embedded Systems (2005)

    Google Scholar 

  9. Dagon, D., Martin, T., Starner, T.: Mobile phones as computing devices: the viruses are coming! IEEE Pervasive Comput. 3(4) 11–15 (2004)

    Article  Google Scholar 

  10. Dandalis, A., Prasanna, V.K.: An adaptive cryptographic engine for Internet protocol security architectures. ACM Trans. Des. Autom. Electron. Syst. 9, 333–353 (2004)

    Article  Google Scholar 

  11. Daniel, M., Techer, J.-D., Torres, L., Robert, M., Cathebras, G., Sassatelli, G., Moraes, F.: Current mask generation: an analogical circuit to thwart DPA attacks. In: IFIP International Federation for Information Processing (2006)

    Google Scholar 

  12. Elbaz, R., Champagne, D., Gebotys, C., Lee, R., Potlapally, N., Torres, L.: Hardware mechanisms for memory authentication: a survey of existing techniques and engines. In: Transactions on Computational Science IV. Lecture Notes in Computer Science, vol. 5430. Springer, Berlin (2009)

    Chapter  Google Scholar 

  13. Elbirt, A.J., Yip, W., Chetwynd, B., Paar, C.: An FPGA-based performance evaluation of the AES block cipher candidate algorithm finalists. IEEE Trans. Very Large Scale Integr. 9, 545–557 (2001)

    Article  Google Scholar 

  14. FPGA: Reverse engineering services. http://www.bltinc.com/services.fpga-reverse-engineering.htm

  15. Gaj, K., Chodowiec, P.: Fast implementation and fair comparison of the final candidates for advanced encryption standard using field programmable gate arrays. In: Proc. RSA Security Conf. (2001)

    Google Scholar 

  16. Giraud, C.: DFA on AES. Technical report, Oberthur Card Systems (2004)

    Google Scholar 

  17. Gogniat, G., Wolf, T., Burleson, W., Diguet, J.-P., Bossuet, L., Vaslin, R.: Reconfigurable hardware for high-security/high-performance embedded systems: the safes perspective. IEEE Trans. Very Large Scale Integr. 16(2) 144–155 (2008)

    Article  Google Scholar 

  18. Gueron, Sh., Parzanchevsky, O., Zuk, O.: Masked inversion in GF(2n) using mixed field representations and its efficient implementation for AES. In: Smart Card System Engineering, System LSI Division, Device Solutions Network. Samsung Electronics Co. Ltd (2006)

    Google Scholar 

  19. Guilley, S., Pacalet, R.: SoC security: a war against side-channels. Annals of the Telecommunications. Système sur puce Électronique pour les Télécommunications (2004)

    Google Scholar 

  20. Hodjat, A., Verbauwhede, I.: A 21.54 Gbits/s fully pipelined AES processor on FPGA. In: Proceedings of the Annual IEEE Symposium on Field-Programmable Custom Computing Machines (2004)

    Google Scholar 

  21. IBM: IBM PCI cryptographic coprocessor. In: General Information Manual. IBM Corporation (2002)

    Google Scholar 

  22. Järvinen, K.U., Tommiska, M.T., Skyttä, J.O.: A fully pipelined memoryless 17.8 Gbps AES-128 encryptor. In: Proceedings of the ACM/SIGDA Eleventh International Symposium on Field Programmable Gate Arrays (2003)

    Google Scholar 

  23. Karri, R., Wu, K., Mishra, P., Kim, Y.: Concurrent error detection schemes for fault-based side-channel cryptanalysis of symmetric block ciphers. IEEE Trans. Comput.-Aided Des. Integr. Circuits Syst. (2002)

    Google Scholar 

  24. Kocher, P.C.: Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems. Lecture Notes in Computer Science (1996)

    Google Scholar 

  25. Kocher, P., Jaffe, J., Jun, B.: Differential Power Analysis. Lecture Notes in Computer Science (1999)

    Google Scholar 

  26. Liardet, P.-Y., Teglia, Y.: Fault resistance: from reliability to safety. In: Proceedings of the International Conference on Dependable Systems and Networks (2004)

    Google Scholar 

  27. Martin, T., Hsiao, M., Ha, D., Krishnaswami, J.: Denial-of-service attacks on battery-powered mobile computers. In: Proceedings of the Second IEEE Annual Conference on Pervasive Computing and Communications (2004)

    Google Scholar 

  28. Mcloone, M., Mccanny, J.V.: High performance single-chip FPGA Rijndael algorithm implementations. In: Proceedings of the Third International Workshop on Cryptographic Hardware and Embedded Systems (2001)

    Google Scholar 

  29. Mcmillan, S., Cameron, C.: JBITS implementation of the advanced encryption standard (Rijndael). In: Proceedings of the International Conference on Field-Programmable Logic and Its Applications (2001)

    Google Scholar 

  30. Messerges, T.S.: Using second-order power analysis to attack DPA resistant software. In: CHES, Worcester, MA, USA, August 17–18. LNCS, vol. 1965, pp. 71–77. Springer, Berlin (2000)

    Google Scholar 

  31. Nash, D., Martin, T., Ha, D., Hsiao, M.: Towards an intrusion detection system for battery exhaustion attacks on mobile computing devices. In: Proceedings of the Third IEEE International Conference on Pervasive Computing and Communications Workshops (2005)

    Google Scholar 

  32. Nassar, M., Bhasin, S., Danger, J.-L., Duc, G., Guilley, S.: BCDL: a high performance balanced DPL with global precharge and without early-evaluation. In: DATE’10, Dresden, Germany, March 8–12, 2010, pp. 849–854. IEEE Comput. Soc., Los Alamitos (2010)

    Google Scholar 

  33. National Institute of Standards Technology: Security requirements for cryptographic modules (FIPS pub 140-2). In: Federal Information Processing Standards Publication. National Institute of Standards and Technology (NIST) (2001)

    Google Scholar 

  34. Örs, S.B., Oswald, E., Preneel, B.: Power-analysis attacks on an FPGA—first experimental results. In: Proceedings of the CHES 2003 (2003)

    Google Scholar 

  35. Popp, T., Mangard, S.: Masked dual-rail pre-charge logic: DPA-resistance without routing constraints. In: Proceedings of CHES’05, Edinburgh, Scotland, UK, September 2005. Lecture Notes in Computer Science, vol. 3659, pp. 172–186. Springer, Berlin (2005)

    Google Scholar 

  36. Razafindraibe, A., Robert, M., Maurine, P.: Analysis and improvement of dual rail logic as a countermeasure against DPA. In: PATMOS, Göteborg, Sweden, pp. 340–351 (2007)

    Google Scholar 

  37. Saggese, G.P., Mazzeo, A., Mazzocca, N., Strollo, A.G.M.: An FPGA-based performance analysis of the unrolling, tiling, and pipelining of the AES algorithm. In: Proceedings of the International Conference on Field-Programmable Logic and Its Applications (FPL 2003) (2003)

    Google Scholar 

  38. Schaumont, P., Verbauwhede, I.: Domain specific tools and methods for application in security processor design. Des. Autom. Embed. Syst. 7, 365–383 (2002)

    Article  MATH  Google Scholar 

  39. Standaert, F.-X., Örs, S.B., Preneel, B.: Power analysis of an FPGA: implementation of Rijndael: is pipelining a DPA countermeasure. In: Proceedings of the CHES 2004 (2004)

    Google Scholar 

  40. Standaert, F.-X., Rouvroy, G., Quisquater, J.-J., Legat, J.-D.: Efficient implementation of Rijndael encryption in reconfigurable hardware: improvements and design tradeoffs. In: Proceedings of Cryptographic Hardware and Embedded Systems (2003)

    Google Scholar 

  41. Standaert, F.-X., Rouvroy, G., Quisquater, J.-J., Legat, J.-D.: A methodology to implement block ciphers in reconfigurable hardware and its application to fast and compact AES Rijndael. In: Proceedings of the 2003 ACM/SIGDA Eleventh International Symposium on Field Programmable Gate Arrays (FPGA 2003) (2003)

    Google Scholar 

  42. Standaert, F.-X., Örs, S.B., Quisquater, J.-J., Preneel, B.: Power analysis attacks against FPGA implementations of the DES In: Proceedings of the FPL 2004 (2004)

    Google Scholar 

  43. Tiri, K., Verbauwhede, I.: Synthesis of secure FPGA implementations. In: Proceedings of International Workshop on Logic and Synthesis (IWLS 2004) (2004)

    Google Scholar 

  44. Tiri, K., Verbauwhede, I.: A logic level design methodology for a secure DPA resistant ASIC or FPGA implementation. In: Design Automation and Test in Europe Conference (DATE 2004) (2004)

    Google Scholar 

  45. Trichina, E.: Combinational logic design for AES subbyte transformation on masked data. In: Smart Card System Engineering, System LSI Division, Device Solutions Network. Samsung Electronics Co. Ltd (2006)

    Google Scholar 

  46. Trichina, E., Korkishko, T.: Secure AES hardware module for resource constrained devices. In: Smart Card System Engineering, System LSI Division, Device Solutions Network. Samsung Electronics Co. Ltd (2006)

    Google Scholar 

  47. Waddle, J., Wagner, D.: Towards Efficient Second-Order Power Analysis. In: CHES. Lecture Notes in Computer Science, vol. 3156, pp. 1–15. Springer, Berlin (2004)

    Google Scholar 

  48. Wanderley, E., Vaslin, R., Gogniat, G., Diguet, J.-P.: A code compression method to cope with security hardware overheads. In: 19th IEEE International Symposium on Computer Architecture and High Performance Computing (2007)

    Google Scholar 

  49. Wollinger, T., Paar, C.: How secure are FPGAs in cryptographic applications. In: Proceedings of the 13th International Conference on Field-Programmable Logic and Applications (2003)

    Google Scholar 

  50. Wollinger, T., Paar, C.: Security aspects of FPGAs in cryptographic applications. In: Lysaght, P., Rosenstiel, W. (eds.) New Algorithms, Architectures and Applications for Reconfigurable Computing, pp. 265–278. Springer, Dordrecht (2005)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Federal Institute of Rio Grande do Norte IFRN, Natal, Brazil

    E. Wanderley

  2. Thales Communications, Cholet, France

    R. Vaslin

  3. Lab-STICC—UMR CNRS 3192, Bretagne-Sud University, Lorient, France

    J. Crenne, P. Cotret, G. Gogniat & J.-P. Diguet

  4. Telecom Paris-Tech, Paris, France

    J.-L. Danger

  5. LIRMM—UMR CNRS 5506, University of Montpellier 2, Montpellier, France

    P. Maurine, L. Barthe, P. Benoit & L. Torres

  6. Netheos, Montpellier, France

    B. Badrignans

  7. Hubert Curien Laboratory—UMR CNRS 5516, Jean Monnet University, Saint-Etienne, France

    V. Fischer

Authors
  1. E. Wanderley
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. R. Vaslin
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. J. Crenne
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. P. Cotret
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. G. Gogniat
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. J.-P. Diguet
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. J.-L. Danger
    View author publications

    You can also search for this author in PubMed Google Scholar

  8. P. Maurine
    View author publications

    You can also search for this author in PubMed Google Scholar

  9. V. Fischer
    View author publications

    You can also search for this author in PubMed Google Scholar

  10. B. Badrignans
    View author publications

    You can also search for this author in PubMed Google Scholar

  11. L. Barthe
    View author publications

    You can also search for this author in PubMed Google Scholar

  12. P. Benoit
    View author publications

    You can also search for this author in PubMed Google Scholar

  13. L. Torres
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to G. Gogniat .

Editor information

Editors and Affiliations

  1. Netheos Company, rue Auguste Broussonnet 300, Montpellier, 34090, France

    Benoit Badrignans

  2. Communications et Electronique, Ecole Nationale Superieure de Telecom., rue Barrault 46, Paris, 75013, France

    Jean Luc Danger

  3. Cryptography, University of St. Etienne, St. Etienne, France

    Viktor Fischer

  4. Lab-STICC-CNRS, UMR 3192, Centre de Recherche, Universite de Bretagne Sud - UEB, Centre de Recherche - BP 92116, Lorient Cedex, 56321, France

    Guy Gogniat

  5. Microelectronics, University Monpellier 2, Rue ADA 161, Montpellier 2, 34392, France

    Lionel Torres

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer Science+Business Media B.V.

About this chapter

Cite this chapter

Wanderley, E. et al. (2011). Security FPGA Analysis. In: Badrignans, B., Danger, J., Fischer, V., Gogniat, G., Torres, L. (eds) Security Trends for FPGAS. Springer, Dordrecht. https://doi.org/10.1007/978-94-007-1338-3_2

Download citation

  • DOI: https://doi.org/10.1007/978-94-007-1338-3_2

  • Publisher Name: Springer, Dordrecht

  • Print ISBN: 978-94-007-1337-6

  • Online ISBN: 978-94-007-1338-3

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation