Abstract
We describe a novel methodology to exploit the widely used Dynamic Partial Reconfiguration (DPR) support in Field Programmable Gate Arrays (FPGAs) to implant a hardware Trojan in an Advanced Encryption Standard (AES) encryption circuit implemented on a FPGA. The DPR is performed by transferring the required partial configuration bitstream file over an Ethernet connection to the FPGA board, from an attacker's computer which can communicate with the FPGA over a network. The inserted Trojan launches a "fault attack" on the AES encryption circuit, which enables recovery of the secret key by standard mathematical analysis of the faulty ciphertext produced. To the best of our knowledge, this is the first reported attack which exploits DPR to break an AES hardware implementation on FPGA. Our implementation results establish this to be an extremely potent attack on AES at low hardware and computational overhead, while using the standard unlicensed FPGA design tools.
Original language | English |
---|---|
Title of host publication | Proceedings of the 9th Workshop on Embedded Systems Security |
Subtitle of host publication | WESS '14 |
Publisher | Association for Computing Machinery (ACM) |
Number of pages | 8 |
ISBN (Electronic) | 9781450329323 |
DOIs | |
Publication status | Published - 12 Oct 2014 |
Externally published | Yes |
Event | 9th Workshop on Embedded Systems Security - New Delhi, India Duration: 12 Oct 2014 → 12 Oct 2014 Conference number: 9 http://www.wikicfp.com/cfp/servlet/event.showcfp?eventid=38626 (Link to Workshop Information) |
Workshop
Workshop | 9th Workshop on Embedded Systems Security |
---|---|
Abbreviated title | WESS'14 (ESWEEK) |
Country/Territory | India |
City | New Delhi |
Period | 12/10/14 → 12/10/14 |
Internet address |
|