Efficient and side-channel resistant authenticated encryption of FPGA bitstreams

Andrey Bogdanov, Amir Moradi, Tolga Yalcin

Research output: Chapter in Book/Report/Conference proceedingArticle in proceedingsResearchpeer-review

Abstract

State-of-the-art solutions for FPGA bitstream protection rely on encryption and authentication of the bitstream to both ensure its confidentiality, thwarting unauthorized copying and reverse engineering, and prevent its unauthorized modification, maintaining a root of trust in the field. Adequate protection of the FPGA bitstream is of paramount importance to sustain the central functionality of dynamic reconfiguration in a hostile environment. In this work, we propose a new solution for authenticated encryption (AE) tailored for FPGA bitstream protection. It is based on the recent proposal presented at DIAC'12: the AES-based authenticated encryption scheme ALE. Our comparison to existing AES-based schemes reveals that ALE is at least twice more resource-efficient than the best AE modes of operation instantiated with AES. In the view of the recent successful side-channel attacks on Xilinx Virtex bitstream encryption, we investigate the possibility for side-channel resistant implementations of all these AES-based AE algorithms using state-of-the-art threshold masking techniques. Also in this side-channel resistant setting, the protected ALE design is about twice more resource-efficient than the best AE modes of operation with the same countermeasure. We conclude that the deployment of dedicated AE schemes such as ALE significantly facilitates the real-world efficiency and security of FPGA bitstream protection in practice: Not only our solution enables authenticated encryption for bitstream on low-cost FPGAs but it also aims to mitigate physical attacks which have been lately shown to undermine the security of the bitstream protection mechanisms in the field.
Original languageEnglish
Title of host publicationProceedings of 2012 International Conference on Reconfigurable Computing and FPGAs (ReConFig)
Number of pages6
PublisherIEEE
Publication date2013
ISBN (Print)978-1-4673-2919-4
DOIs
Publication statusPublished - 2013
Event2012 International Conference on Reconfigurable Computing and FPGAs (ReConFig) - Cancun, Mexico
Duration: 5 Dec 20127 Dec 2012

Conference

Conference2012 International Conference on Reconfigurable Computing and FPGAs (ReConFig)
Country/TerritoryMexico
CityCancun
Period05/12/201207/12/2012

Fingerprint

Dive into the research topics of 'Efficient and side-channel resistant authenticated encryption of FPGA bitstreams'. Together they form a unique fingerprint.

Cite this