Semi Conscious
Comment
UdaraW
In their paper, the researchers from Horst Gortz Institute for IT-Security claim ...
Research points to vulnerability in Xilinx FPGAs
Dylan McGrath
7/26/2011 10:38 PM EDT
A known issue for some time
The feasibility of side-channel attacks on FPGAs and other devices has been known for some time. Firms such as Cryptography Research Inc. (CRI) offer countermeasures for differential power analysis attacks. More than 5 billion chips incorporating CRI's technology ship each year. (CRI was acquired by technology licensor Rambus Inc. earlier this year and now operates as an independent unit of Rambus).
It's not clear how many successful side-channel analysis attacks have been performed. The paper by the Ruhr University researchers cites several previous academic examples, including one by the same authors apparently describing a power analysis attack on a Virtex-II device. While the recent Ruhr paper focuses specifically on Xilinx devices, CRI executives say vulnerability to side-channel is an issue with all FPGAs, as well as other types of devices.
The need for countermeasures to thwart side-channel attacks is obvious in applications like cable TV set top boxes—where customers have access to the hardware and could be motivated to break the encryption in order to gain access to more channels and pay-per-view events. But, aside from aerospace and defense applications where security is paramount, do typical FPGA applications demand countermeasures to prevent side-channel attacks?
Actel Corp. (now part of Microsemi Corp.) licensed technology from CRI in 2010 to enhance the security of its products against differential power analysis and other side-channel related attacks. CRI has not publicly announced any other FPGA vendor licensees.
Paul Kocher, CRI's founder and a pioneer in differential power analysis research, said the new research represents a problem for Xilinx because of the huge number of FPGAs Xilinx has in the field, which cannot be fixed through a simple software patch but must be physically altered or replaced.
"Hardware vulnerabilities like this one can only be fixed by replacing the physical chips," Kocher said. "That's very difficult and expensive to fix. If you are Xilinx, this is a big challenge to deal with," Kocher said.
But Kocher said protecting Xilinx chips from vulnerability to attacks would be pretty straightforward, requiring the implementation of cryptography algorithms in other ways. "It's actually not a terribly difficult issue to fix if you know what you are doing," Kocher said.
For the record, Kocher acknowledges that he has tried to persuade FPGA vendors—including Xilinx—to license CRI technology, which would reduce the devices' vulnerability to side-channel attacks. But he says he is more interested in promoting awareness of the issue than landing a particular customer. "It's a bit like selling life insurance," Kocher said. "You don't go into this business hoping that people will have vulnerabilities."
The feasibility of side-channel attacks on FPGAs and other devices has been known for some time. Firms such as Cryptography Research Inc. (CRI) offer countermeasures for differential power analysis attacks. More than 5 billion chips incorporating CRI's technology ship each year. (CRI was acquired by technology licensor Rambus Inc. earlier this year and now operates as an independent unit of Rambus).
It's not clear how many successful side-channel analysis attacks have been performed. The paper by the Ruhr University researchers cites several previous academic examples, including one by the same authors apparently describing a power analysis attack on a Virtex-II device. While the recent Ruhr paper focuses specifically on Xilinx devices, CRI executives say vulnerability to side-channel is an issue with all FPGAs, as well as other types of devices.
The need for countermeasures to thwart side-channel attacks is obvious in applications like cable TV set top boxes—where customers have access to the hardware and could be motivated to break the encryption in order to gain access to more channels and pay-per-view events. But, aside from aerospace and defense applications where security is paramount, do typical FPGA applications demand countermeasures to prevent side-channel attacks?
Actel Corp. (now part of Microsemi Corp.) licensed technology from CRI in 2010 to enhance the security of its products against differential power analysis and other side-channel related attacks. CRI has not publicly announced any other FPGA vendor licensees.
Paul Kocher, CRI's founder and a pioneer in differential power analysis research, said the new research represents a problem for Xilinx because of the huge number of FPGAs Xilinx has in the field, which cannot be fixed through a simple software patch but must be physically altered or replaced.
"Hardware vulnerabilities like this one can only be fixed by replacing the physical chips," Kocher said. "That's very difficult and expensive to fix. If you are Xilinx, this is a big challenge to deal with," Kocher said.
But Kocher said protecting Xilinx chips from vulnerability to attacks would be pretty straightforward, requiring the implementation of cryptography algorithms in other ways. "It's actually not a terribly difficult issue to fix if you know what you are doing," Kocher said.
For the record, Kocher acknowledges that he has tried to persuade FPGA vendors—including Xilinx—to license CRI technology, which would reduce the devices' vulnerability to side-channel attacks. But he says he is more interested in promoting awareness of the issue than landing a particular customer. "It's a bit like selling life insurance," Kocher said. "You don't go into this business hoping that people will have vulnerabilities."
|
|
|
|
|
Navigate to related information
UdaraW
8/5/2011 8:45 PM EDT
In their paper, the researchers from Horst Gortz Institute for IT-Security claim that their was the first successful attack against the Virtex 4 and Virtex 5 FPGAs where the side-channel analysis of bit-stream encryption was utilized. While the technical vulnerability is acknowledged, the important questions is on whether a corresponding business vulnerability exists for FPGA users in it or not.
The Xilinx spokesperson argues (as expected) that the attack requires a higher degree of sophistication, a high level of motivation and for the attacker to have physically access to the circuitry and therefore, the business vulnerability is minimal at present. This seems like many other claims that the vendors tend offer before a serious breach occurs.
What I believe is that technical landscapes can change very very fast. For an example, side-channel attacks on the AES algorithm at the software-level is no longer a sophisticated process. In few more months, a side-channel attack on attack on an FPGA may not require the same level of sophistication and motivation as is argued. Besides, who can disregard the motivation to reverse-engineer a state-of-the-art product to steal its IP? The motivation is present all the time.
Sign in to Reply