Fig 2 - uploaded by Sunil Dath Kumar Malipatlolla
Content may be subject to copyright.
Source publication
The configuration data sequence of a Field Programmable Gate Array (FPGA) is an Intellectual Property (IP) of the original designer. With the increase in deployment of FPGAs in modern embedded systems, the IP protection of FPGA has become a necessary requirement for many IP vendors. There have been already many proposals to overcome this problem us...
Context in source publication
Context 1
... are encrypted with the recipient's public key and can only be decrypted with the corresponding private key, which is known only to the receiver. In figure 2, we see that all of the functions in the "dashed box" (named as security boundary) can be implemented within the physi- cal package of the FPGA. The plaintext and the private key information never leave a well-protected container i.e., the security boundary. ...
Similar publications
Dans le cadre de la formation d’ingénieurs automaticiens à l’ENSISA de Mulhouse, nous avons conçu un groupement d’unités d’enseignement portant sur la conception de systèmes numériques sur FPGA (Field Programmable Gate Array). L’offre comprend les bases de l’électronique numérique, la synthèse de systèmes combinatoires et séquentiels, et la descrip...
Processing and analysis of Very High Resolution (VHR) satellite images provide a mass of crucial information, which can be used for urban planning, security issues or environmental monitoring. However, they are computationally expensive and, thus, time consuming, while some of the applications, such as natural disaster monitoring and prevention, re...
AES (Advanced Encryption Standard) is a symmetric-key algorithm, meaning the same key is used for both encrypting and decrypting data. In this paper, we present three hardware architectures for AES, namely Serial/Serial, Parallel /Serial and Parallel/Pipelined. These architectures can be used as IP (Intellectual Property) cores in hybrid cryptosyst...
A new algorithm of the spectrum sensing is proposed in this paper. The spectrum sensing methods presented in this paper are optimised to implement these in FPGA based embedded systems. The low power and highly parallelised architecture of FPGA requires low complexity in implementation of separate processing units - spectrum sensors (SpS). The widel...
Field Programmable Gate Arrays (FPGAs) are seeing a surge in usage in many emerging application domains, where the in-field reconfigurability is an attractive characteristic for diverse applications with dynamic design requirements, such as cloud computing, automotive, IoT, and aerospace. The security of the FPGA configuration file, or bitstream ,...
Citations
... For the deployment of unclonable ECUs, Malipatlolla and Huss [48] suggest to divide software programs into two parts: a section with proprietary information and another without sensitive information. The first part contains all the sensitive information and is protected with the Public Key Infrastructure (PKI). ...
Modern cars have become quite complex and heavily connected. Today, diverse services offer infotainment services, electric power-assisted steering, assisted driving, automated toll payment and traffic-sharing information. Thanks to recent technologies, which made it possible to enable these services. Unfortunately, these technologies also enlarge the attack surface. This survey covers the main security and privacy issues and reviews recent research on these issues. It summarizes requirements of modern cars and classifies threats and solutions based on the underlying technologies. To the best of our knowledge, this is the first survey offering such an overall view.
... It is therefore necessary to search for solutions that will ensure security of reconfigurable systems. Since a decade, research works proposed interesting FPGA bitstream protection by using: partial and dynamic reconfiguration [44], message authentication code [45], public key encryption [46,47], PUF [48], protection against replay attack [49] and use of trusted platform module (TPM) [50,51]. These works are presented and discussed during this last lecture. ...
The digital rights management (DRM) principle is generally well known for the exchange of files (music, video), or software management. Specialized solutions concerning professional software are behind a business called “Software License Management”. The concept of DRM can be transposed to other areas, in particular to the design of hardware devices. Although the concept of DRM is allowed and widely used in the field of software, this is not the case for Integrated Circuit design (no industrial solutions to date are actually proposed).
... It is therefore necessary to search for solutions that will ensure security of reconfigurable systems. Since a decade, research works proposed interesting FPGA bitstream protection by using: partial and dynamic reconfiguration [44], message authentication code [45], public key encryption [46,47], PUF [48], protection against replay attack [49] and use of trusted platform module (TPM) [50,51]. These works are presented and discussed during this last lecture. ...
This paper proposes a theoretical study and a full overview of the design, evaluation and optimization of a PUF based on transient element ring oscillators (TERO-PUF). We show how, by following some simple design rules and strategies, designers can build and optimize a TERO-PUF with state of the art PUF characteristics in a standard CMOS technology. To this end, we analyzed the uniqueness, steadiness and randomness of responses generated from 30 test chips in a CMOS 350nm process in nominal and corner voltage and temperature conditions. Response generation schemes are proposed and discussed to optimize the PUF performances and reduce its area without noticeable loss in its output quality. In particular, we show that the large area of the basic blocks in the TERO-PUF is balanced by the high level of entropy extracted in each basic block. Guidelines are provided to balance reliability and randomness of the responses and the design area.
... Then FPGA will decrypt and process the data, and encrypt the results before sending back to the user. [20]. The FPGA has a public/private key pair and the bitstream is encrypted with the public key. ...
... Bitstream is the configuration data to be loaded into a FPGA and usually contains valuable intellectual property. In [20] the authors proposed a bitstream protection method using public/private key pair, and Fig. 3 shows the framework. ...
FPGAs are widely deployed nowadays. Besides offering powerful computation capacity, contemporary FPGAs also provide many security features such as bitstream protection. The security of these features is dependent on the security of the keys embedded in the FPGA, which is usually generated by the vendor. This type of architecture has a shortcoming that the FPGA vendor knows everything and becomes the root of trust. In this work, we propose a key generation method utilizing bilinear pairing that enables the user of the FPGA to interact with the device to generate keys. The generated keys depend on both the input from the user and the device so vendor cannot learn the keys. Furthermore, we offer a method to allow the user to verify the generated keys to make sure that the keys are related to his input. Finally we conduct some experiments and indicate the effectiveness of our scheme.
... It is therefore necessary to search for solutions that will ensure security of reconfigurable systems. Since a decade, research works proposed interesting FPGA bitstream protection by using: partial and dynamic reconfiguration [44], message authentication code [45], public key encryption [46,47], PUF [48], protection against replay attack [49] and use of trusted platform module (TPM) [50,51]. These works are presented and discussed during this last lecture. ...
Teaching FPGA security to electrical engineering students is new at graduate level. It requires a wide field of knowledge and a lot of time. This paper describes a compact course on FPGA security that is available to electrical engineering master's students at the Saint-Etienne Institute of Telecom, University of Lyon, France. It is intended for instructors who wish to design a new course on this topic. The paper reviews the motivation for the course, the pedagogical issues involved, the curriculum, the lab materials and tools used, and the results. Details are provided on two original lab sessions, in particular, a compact lab that requires students to perform differential power analysis of FPGA implementation of the AES symmetric cipher.
... It is therefore necessary to search for solutions that will ensure security of reconfigurable systems. Since a decade, research works proposed interesting FPGA bitstream protection by using: partial and dynamic reconfiguration [44], message authentication code [45], public key encryption [46] [47], PUF [48], protection against replay attack [49] and use of trusted platform module (TPM) [50] [51]. These works are presented and discussed during this last lecture. ...
Teaching FPGA security to electrical engineering students is new at graduate level. It requires a wide field of knowledge and a lot of time. This paper describes a compact course on FPGA security that is available to electrical engineering master's students at the Saint-Etienne Institute of Telecom, University of Lyon, France. It is intended for instructors who wish to design a new course on this topic. The paper reviews the motivation for the course, the pedagogical issues involved, the curriculum, the lab materials and tools used, and the results. Details are provided on two original lab sessions, in particular, a compact lab that requires students to perform differential power analysis of FPGA implementation of the AES symmetric cipher. The paper gives numerous relevant references to allow the reader to prepare a similar curriculum.
Field-programmable gate-array (FPGA) based hardware IP cores have emerged as an integral part of modern SOC designs. IP trading plays central role in Electronic Design Automation (EDA) industry. While the potential of IP infringement is growing fast, the global awareness of IP protection remains low. In this work, we propose a Radio Frequency Identification (RFID) based protection scheme for Intellectual Property Protection (IPP) of Static Random Access Memory (SRAM) FPGA IP cores that overcome the limitations of existing IPP techniques. Here, three types of reconfigurable RFID tags is realised in order to support the incorporation of the proposed RFID based security scheme in all the reconfigurable FPGA devices of Xilinx family. Also a special tag bypass feature is employed to increase the suitability of proposed scheme as an IPP technique for reconfigurable IP cores. The proposed scheme supports safe exchange of reconfigurable FPGA IP cores between IP providers and system developers. The results derived from the testing of hardware prototype used for the evaluation of the proposed scheme are quite encouraging and shows that the proposed security feature can be incorporated into the reconfigurable IP cores of any functionality without significant performance degradation of the reconfigurable IP cores.
Throughput, flexibility, and security form the design trilogy of reconfigurable crypto engines; they must be carefully considered without reducing the major role of classical design constraints, such as surface, power consumption, dependability, and cost. Applications such as network security, Virtual Private Networks (VPN), Digital Rights Management (DRM), and pay per view have drawn attention to these three constraints. For more than ten years, many studies in the field of cryptographic engineering have focused on the design of optimized high-throughput hardware cryptographic cores (e.g., symmetric and asymmetric key block ciphers, stream ciphers, and hash functions). The flexibility of cryptographic systems plays a very important role in their practical application. Reconfigurable hardware systems can evolve with algorithms, face up to new types of attacks, and guarantee interoperability between countries and institutions. The flexibility of reconfigurable crypto processors and crypto coprocessors has reached new levels with the emergence of dynamically reconfigurable hardware architectures and tools. Last but not least, the security of systems that handle confidential information needs to be thoroughly evaluated at the design stage in order to meet security objectives that depend on the importance of the information to be protected and on the cost of protection. Usually, designers tackle security problems at the same time as other design constraints and in many cases target only one security objective, for example, a side-channel attack countermeasures, fault tolerance capability, or the monitoring of the device environment. Only a few authors have addressed all three design constraints at the same time. In particular, key management security (e.g., secure key generation and transmission, the use of a hierarchical key structure composed of session keys and master keys) has frequently been neglected to the benefit of performance and/or flexibility. Nevertheless, a few authors propose original processor architectures based on multi-crypto-processor structures and reconfigurable cryptographic arrays. In this article, we review published works on symmetric key crypto engines and present current trends and design challenges.
