Methods for detection, prevention, and protection from physical side-channel attacks in remote FPGAs
Event details
| Date | 12.06.2019 |
| Hour | 09:00 › 11:00 |
| Speaker | Ognjen Glamocanin |
| Location | |
| Category | Conferences - Seminars |
EDIC candidacy exam
Exam president: Prof. James Larus
Thesis advisor: Prof. Babak Falsafi
Thesis co-advisor: Dr. Mirjana Stojilovic
Co-examiner: Prof. Mathias Payer
Abstract
Recently developed mechanisms for remote measuring of voltage drops inside the cloud FPGAs have made it possible to conduct power side-channel attacks on shared FPGAs. In other words, while one user of the FPGA is encrypting data using a cryptographic IP core, another (malicious) user is able to record the power consumption of the FPGA. Using this side-channel information, a set of standard power analysis attacks can be executed to try to recover the secret key. During my first project at PARSA, I have demonstrated a successful remote power-analysis attack. Besides side-channel attacks, it was recently shown that a remote denial-of-service attack (using fault-injection) or even a more subtle timing attack (by disturbing FPGA voltage) may be successfully executed. These findings opened up fresh research opportunities, as many questions are still left unanswered: can we protect FPGA users from these attacks and can we do it without paying too high a price in area, performance, or power consumption? Can we improve the FPGA compilation flow to detect malicious code? Can we detect a malicious activity on the fly? What other security risks may be out there, waiting to be discovered?
Background papers
Differential Power Analysis, by Paul Kocher, Joshua Jaffe, and Benjamin Jun CRYPTO 1999.
An Inside Job: Remote Power Analysis Attacks on FPGAs, by Falk Schellenberg, Dennis R.E. Gnad, Amir Moradi, and Mehdi B. Tahoori, DATE 2018.
A Logic Level Design Methodology for a Secure DPA Resistant ASIC or FPGA Implementation, by Kris Tiri and Ingrid Verbauwhede, DATE 2004.
Exam president: Prof. James Larus
Thesis advisor: Prof. Babak Falsafi
Thesis co-advisor: Dr. Mirjana Stojilovic
Co-examiner: Prof. Mathias Payer
Abstract
Recently developed mechanisms for remote measuring of voltage drops inside the cloud FPGAs have made it possible to conduct power side-channel attacks on shared FPGAs. In other words, while one user of the FPGA is encrypting data using a cryptographic IP core, another (malicious) user is able to record the power consumption of the FPGA. Using this side-channel information, a set of standard power analysis attacks can be executed to try to recover the secret key. During my first project at PARSA, I have demonstrated a successful remote power-analysis attack. Besides side-channel attacks, it was recently shown that a remote denial-of-service attack (using fault-injection) or even a more subtle timing attack (by disturbing FPGA voltage) may be successfully executed. These findings opened up fresh research opportunities, as many questions are still left unanswered: can we protect FPGA users from these attacks and can we do it without paying too high a price in area, performance, or power consumption? Can we improve the FPGA compilation flow to detect malicious code? Can we detect a malicious activity on the fly? What other security risks may be out there, waiting to be discovered?
Background papers
Differential Power Analysis, by Paul Kocher, Joshua Jaffe, and Benjamin Jun CRYPTO 1999.
An Inside Job: Remote Power Analysis Attacks on FPGAs, by Falk Schellenberg, Dennis R.E. Gnad, Amir Moradi, and Mehdi B. Tahoori, DATE 2018.
A Logic Level Design Methodology for a Secure DPA Resistant ASIC or FPGA Implementation, by Kris Tiri and Ingrid Verbauwhede, DATE 2004.
Practical information
- General public
- Free