SeRFI: Secure Remote FPGA Initialization in an Untrusted Environment

被引:2
作者
Duncan, Adam [1 ]
Nahiyan, Adib [2 ]
Rahman, Fahim [2 ]
Skipper, Grant [1 ]
Swany, Martin [1 ]
Lukefahr, Andrew [1 ]
Farahmandi, Farimah [2 ]
Tehranipoor, Mark [2 ]
机构
[1] Indiana Univ, Intelligent Syst Engn, Bloomington, IN 47401 USA
[2] Univ Florida, Elect & Comp Engn, Gainesville, FL 32611 USA
来源
2020 IEEE 38TH VLSI TEST SYMPOSIUM (VTS 2020) | 2020年
关键词
FPGA Security; Encryption; Secure Key Exchange;
D O I
10.1109/vts48691.2020.9107622
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
The bitstream inside a Field-Programmable Gate Array (FPGA) is often protected using an encryption key, acting as a root of trust and stored inside the FPGA, to defend against bitstream piracy, tampering, overproduction, and static-time reverse engineering. For cost savings and faster production, trusted system designers often rely on an untrusted system assembler to program the encryption key into the FPGA, focusing only the end-user-stage threats. However, providing the secret encryption key to an untrusted entity introduces additional threats, since access to this key can compromise the entire root of trust and breach the encrypted bitstream enabling a multitude of attacks including Trojan insertion, piracy and overproduction. To address this issue, we propose the Secure Remote FPGA Initialization (SeRFI) protocol to transmit the encryption key securely from a trusted system designer into an FPGA in physical possession of an untrusted system assembler. Our protocol eliminates direct key sharing with the untrusted system assembler as well as prevents against adversarial intention of extracting the encryption key during the programming phase where the assembler has physical access to the FPGA.
引用
收藏
页数:6
相关论文
共 17 条
[11]   TI-TRNG: Technology Independent True Random Number Generator [J].
Rahman, Md. Tauhidur ;
Xiao, Kan ;
Forte, Domenic ;
Zhang, Xuhei ;
Shi, Jerry ;
Tehranipoor, Mohammad .
2014 51ST ACM/EDAC/IEEE DESIGN AUTOMATION CONFERENCE (DAC), 2014,
[12]   IBM System z9 eFUSE applications and methodology [J].
Rizzolo, R. F. ;
Foote, T. G. ;
Crafts, J. M. ;
Grosch, D. A. ;
Leung, T. O. ;
Lund, D. J. ;
Mechtly, B. L. ;
Robbins, B. J. ;
Slegel, T. J. ;
Tremblay, M. J. ;
Wiedemeier, G. A. .
IBM JOURNAL OF RESEARCH AND DEVELOPMENT, 2007, 51 (1-2) :65-75
[13]  
Speedtest, SPEEDT GLOB IND
[14]  
Tahir Ari., 2015, INTERNATIONAL JOURNAL OF COMPUTERS TECHNOLOGY, V14, P6361
[15]   FPGA Security: Motivations, Features, and Applications [J].
Trimberger, Stephen M. ;
Moore, Jason J. .
PROCEEDINGS OF THE IEEE, 2014, 102 (08) :1248-1265
[16]  
Xilinx, 2018, UG470 V1 13 1
[17]   A Comprehensive FPGA Reverse Engineering Tool-Chain: From Bitstream to RTL Code [J].
Zhang, Tao ;
Wang, Jian ;
Guo, Shize ;
Chen, Zhe .
IEEE ACCESS, 2019, 7 :38379-38389