Power to Pulse Width Modulation Sensor for Remote Power Analysis Attacks (original) (raw)
Related papers
Intensive Analysis of Physical Parameters of Power Sensors for Remote Side-Channel Attacks
The ISC International Journal of Information Security, 2021
Side-channel analysis methods can reveal the secret information of digital electronic systems by analyzing the dependency between the power consumption of implemented cryptographic algorithms and the secret data. Recent studies show that it is possible to gather information about power consumption from FPGAs without any physical access. High flexibilities of modern FPGAs cause that they are used for cloud accelerator in Platform as a Service (PaaS) system; however, new serious vulnerabilities emerged for these platforms. Although there are some reports about how switching activities from one region of FPGA affect other regions, details of this technique are not analyzed. In this paper, we analyzed the strength of this kind of attack and examined the impact of geometrical and electrical parameters of the victim/attacker modules on the efficiency of this attack. We utilized a Zynq-based Xilinx platform as the device under attack. Experimental results and analyses show that the distance between the victim module and the sensor modules is not the only effective parameter on the quality of attack; the influence of the relational location of victim/attacker modules could be more considerable on the quality of attack. Results of this analysis can help the FPGA manufacturer and IP developers to protect their systems against this serious attack. https://www.isecure-journal.com/article\_132589.html
Updates on the security of FPGAs against power analysis attacks
2006
This paper reports on the security of cryptographic algorithms implemented on FPGAs against power analysis attacks. We first present some improved experiments against these reconfigurable devices, due to an improved measurement process. Although it is usually believed that FPGAs are noisy targets for such attacks, it is shown that simple power consumption models can nearly perfectly correlate with actual measurements.
UCloD: Small Clock Delays to Mitigate Remote Power Analysis Attacks
IEEE Access
This paper presents UCloD, a novel random clock delay-based robust and scalable countermeasure against recently discovered remote power analysis (RPA) attacks. UCloD deploys very small clock delays (in the picosecond range) generated using the tapped delays lines (TDLs) to mitigate RPA attacks. UCloD provides the most robust countermeasures demonstrated thus far against RPA attacks. RPA attacks use delay sensors, such as Time to Digital Converters (TDC) or Ring Oscillators (ROs) to measure voltage fluctuations occurring in power delivery networks (PDNs) of Field Programmable Gate Arrays (FPGAs). These voltage fluctuations reveal secret information, such as secret keys of cryptographic circuits. The only countermeasure proposed thus far activates ROs to consume significant power and has managed to secure Advanced Encryption Standard (AES) circuits for up to 300,000 encryptions. Using TDLs available in FPGAs, UCloD randomly varies the clock to the cryptographic circuits under attack to induce noise in the adversary's delay sensor(s). We demonstrate correlation power analysis (referred to as CPA) attack resistance of UCloD AES implementations for up to one million encryptions. Compared to an unprotected AES circuit, UCloD implementations have minimal overheads (0.2% Slice LUT overhead and 4.8% Slice register overhead for Xilinx implementations and 0.5% LogicCells overhead for Lattice Semiconductor implementations).
Secured-by-design FPGA against side-channel attacks based on power consumption
2017
Power Analysis Attacks pose serious threats to hardware implementations of cryptographic systems. To retrieve the secret key, the attackers can exploit the mutual information between power consumption and processed data / operations through monitoring the power consumption of the cryptosystems. Field Programmable Gate Arrays (FPGA) have emerged as attractive implementation platforms for providing hardware-like performance and software-like flexibility for cryptosystem developers. These features come at the expense of larger power consumption, which makes FPGAs more vulnerable to power attacks. Different countermeasures have been introduced in the literature, but as they have originally been developed for Application-Specific Integrated Circuits (ASIC), mapping them onto FPGAs degrades their effectiveness. In this work we propose a logic
Power-analysis attacks on an FPGA–first experimental results
Cryptographic Hardware and Embedded …, 2003
Field Programmable Gate Arrays (FPGAs) are becoming increasingly popular, especially for rapid prototyping. For implementations of cryptographic algorithms, not only the speed and the size of the circuit are important, but also their security against implementation attacks such as side-channel attacks. Power-analysis attacks are typical examples of side-channel attacks, that have been demonstrated to be effective against implementations without special countermeasures. The flexibility of FPGAs is an important advantage in real applications but also in lab environments. It is therefore natural to use FPGAs to assess the vulnerability of hardware implementations to power-analysis attacks. To our knowledge, this paper is the first to describe a setup to conduct power-analysis attacks on FPGAs. We discuss the design of our hand-made FPGA-board and we provide a first characterization of the power consumption of a Virtex 800 FPGA. Finally we provide strong evidence that implementations of elliptic curve cryptosystems without specific countermeasures are indeed vulnerable to simple power-analysis attacks.
Enhancing power analysis attacks against cryptographic devices
IET Circuits, Devices & Systems, 2008
A current-measuring technique is introduced, which promises to substantially enhance power analysis attacks against cryptographic co-processors. The proposed technique exploits an active circuit to measure the instantaneous current consumption of a device under attack while supplying, at the same time, the device with a stable voltage. Higher gain-bandwidth product, higher sensitivity and lower insertion error are the main advantages with respect to a resistor-based measurement. Experimental results when the proposed circuit is used to measure the current consumption of an FPGA are reported, and the achievable advantage in terms of sensitivity is discussed. Results of a differential power analysis attack are reported too.
Physical Side-Channel Attacks and Covert Communication on FPGAs: A Survey
2019 29th International Conference on Field Programmable Logic and Applications (FPL)
Field-programmable gate arrays (FPGAs) are, like CPUs, susceptible to side-channel information leakage and covert communication. The malleability of FPGAs enables users to create and control physical effects, and sense and measure the consequences. With FPGAs becoming integrated into the cloud, a range of hardware-and software-based attacks may be waiting to be discovered. In this survey, we focus on physical channels used for side-channel attacks or covert communication. Physical channels are those that exist due to the physical properties of FPGAs, for example: power consumption, temperature, or electromagnetic emission. We include the most recent demonstrations of malicious or unintended use of physical channels in remote and/or shared FPGAs, propose taxonomies, compare the efficiency and feasibility of the attacks, and discuss challenges in preventing them. Index Terms-covert communication, crosstalk, electromagnetism, FPGA, power, side-channel attacks, temperature • a survey of the recently shown physical side-and covertcommunication channels in shared and/or remote FPGAs, • a comprehensive list of FPGA devices and platforms that have been successfully attacked or used to perform covert communication, and • a discussion, based on qualitative and quantitative data, about the threat that the FPGA physical channels pose.
Remote Side-Channel Attacks on Heterogeneous SoC
Smart Card Research and Advanced Applications
Thanks to their performance and flexibility, FPGAs are increasingly adopted for hardware acceleration on various platforms such as system on chip and cloud datacenters. Their use for commercial and industrial purposes raises concern about potential hardware security threats. By getting access to the FPGA fabric, an attacker could implement malicious logic to perform remote hardware attacks. Recently, several papers demonstrated that FPGA can be used to eavesdrop or disturb the activity of resources located within and outside the chip. In a complex SoC that contains a processor and a FPGA within the same die, we experimentally demonstrate that FPGA-based voltage sensors can eavesdrop computations running on the CPU and that advanced side-channel attacks can be conducted remotely to retrieve the secret key of a symmetric crypto-algorithm.
IEEE Transactions on Circuits and Systems I: Regular Papers, 2019
Modern power analysis attacks (PAAs) and existing countermeasures pose unique challenges on the design of simultaneously secure, power efficient, and high-performance ICs. In a typical PAA, power information is collected with a monitoring circuit connected to the compromised device. The non-typical voltage variations induced on a power distribution network (PDN) by such a malicious probing are sensed with on-chip sensors and exploited in this paper for detecting PAAs in real-time using statistical analysis. A closed-form expression for the voltage variations caused by malicious probing is provided. Guidelines with respect to the PDN characteristics and number of sensors are proposed for securing power delivery. The PAA detection system is designed in a 45-nm standard CMOS process. Based on the simulation results, a PAA on an IBM benchmarked microprocessor is detected with the accuracy of 88% with 30 on-chip sensors. Power overhead of 0.34% and 14.3% is demonstrated in, respectively, the IBM microprocessor and a typical advanced encryption standard system. In a practical cryptographic device, security sensitive PDN regions can be identified, significantly reducing the number of the on-chip sensors.
Experiments in attacking FPGA-based embedded systems using differential power analysis
2008
In the decade since the concept was publicly introduced, power analysis attacks on cryptographic systems have become an increasingly studied topic in the computer security community. Research into countermeasures for these cryptographic systems has intensified as well. Experiments have been conducted showing the potential effectiveness of power analysis attacks and preventative techniques on both software (e.g. smartcard, DSP) and hardware (e.g. ASIC, FPGA) processing elements. One key observation that motivates our work is that the majority of the research into power analysis on FPGA-based cryptographic systems has been a) theoretical in nature, b) evaluated through simulation, or c) experimented using custom hardware that does not closely mirror real-world systems. In this paper, we look to bridge this gap between theory and practice by detailing our experience in performing a Differential Power Analysis (DPA) attack on a commercial FPGA development board. We present an automated data acquisition and analysis design for an FPGA-based implementation of the Data Encryption Standard (DES), and discuss some of the challenges and obstacles that we encountered when performing the DPA attack on our chosen commercial platform.