Description
Field programmable gate arrays (FPGAs) use encryption to protect the configuration data or “bitstream” containing the design to be run on the device. This encryption aims at protecting the intellectual property and other secrets contained in the bitstream and preventing e.g. cloning or tampering with an FPGA implementation.
This talk will demonstrate how attackers can use failure analysis equipment, namely laser scanning microscopes (LSMs), to break the bitstream security on recent FPGAs. Two attacks will be presented: one for decryption key readout, and one for extraction of the plaintext data. Both attacks do not require any device preparation or silicon polishing, which technically makes them non-invasive attacks.
The attack against the decryption key makes use of thermal laser stimulation (TLS). TLS is a failure analysis technique which can be deployed by an adversary to read out stored secrets in the SRAM of a chip. As the attack target, the so-called battery-backed SRAM (BBRAM) key storage inside a 20 nm technology Xilinx Kintex UltraScale FPGA is chosen. It is demonstrated that an attacker is able to extract the stored 256-bit AES key by conducting just a single measurement. The required effort to develop the attack is shown to be less than 7 hours.
The attack for plaintext data extraction applies optical contactless probing techniques. Optical contactless probing, again a failure analysis technique, allows attackers to localize and probe secret data on a chip with a laser beam. The attack is conducted on the decryption ASIC of a 28 nm technology Xilinx Kintex 7 FPGA. It is demonstrated that the adversary is able to extract the plaintext data containing sensitive design information and intellectual property. Less than 10 working days are needed to conduct the optical analysis and reverse-engineer the security-related parts of the hardware.
Infos pratiques
Prochains exposés
-
Chamois: Formally verified compilation for optimisation and security
Orateur : David MONNIAUX - CNRS - Verimag
Embedded programs (including those on smart cards) are often developed in C and then compiled for the embedded processor. Sometimes they are modified by hand to incorporate countermeasures (fault attacks, etc.), but care must be taken to ensure that this does not disrupt normal program execution and that the countermeasure is actually adequate for blocking the attacks.In the process, it is[…]-
SemSecuElec
-
Fault injection
-
Formal methods
-
-
Security of Smart Dust: Robust Key Derivation for Single-Chip Systems
Orateur : Sara Faour - Inria
The Smart Dust vision seeks to enable large networks of millimeter-scale wireless sensor nodes that tightly integrate sensing, computation, communication, and power management into a single-chip device. Establishing a robust hardware root of trust for such devices remains challenging, particularly in single, low-cost chip manufacturing processes that lack embedded writable Non-Volatile Memory (NVM[…] -
Securing processor's microarchitecture against SCA in a post-quantum cryptography setting
Orateur : Vincent MIGLIORE - LAAS-CNRS
Hardware microarchitecture is a well-known source of side-channel leakages, providing a notable security reduction of standard cryptographic algorithms (e.g. AES) if not properly addressed by software or hardware. In this talk, we present new design approaches to harden processor's microarchitecture against power-based side-channel attacks, relying on configurable and cascadable building blocks[…]-
SemSecuElec
-
Side-channel
-
Micro-architectural vulnerabilities
-
-
Onysis: A secure European SoC FPGA
Orateur : Adrien GRASSEIN - Nanoxplore
Developed in collaboration with the DGA, the Onysis project introduces a European SoC FPGA designed to embed advanced hardware security features. This presentation will provide an overview of the Onysis architecture, focusing specifically on its native mechanisms to protect critical systems. We will detail the implementation of its integrated security subsystem, covering the secure boot sequence[…]-
SemSecuElec
-