Secure FPGA configuration architecture preventing system downgrade
- 1 January 2008
- conference paper
- conference paper
- Published by Institute of Electrical and Electronics Engineers (IEEE)
- p. 317-322
- https://doi.org/10.1109/fpl.2008.4629951
Abstract
In the context of FPGAs, system downgrade consists in preventing the update of the hardware configuration or in replaying an old bitstream. The objective can be to preclude a system designer from fixing security vulnerabilities in a design. Such an attack can be performed over a network when the FPGA-based system is remotely updated or on the bus between the configuration memory and the FPGA chip at power-up. Several security schemes providing encryption and integrity checking of the bitstream have been proposed in the literature. However, as we show in this paper, they do not detect the replay of old FPGA configurations; hence they provide adversaries with the opportunity to downgrade the system. We thus propose a new architecture that, in addition to ensuring bitstream confidentiality and integrity, precludes replay of old bitstreams. We show that the hardware cost of this architecture is negligible.Keywords
This publication has 6 references indexed in Scilit:
- Embedded Trusted Computing with Authenticated Non-volatile MemoryLecture Notes in Computer Science, 2008
- From the bitstream to the netlistPublished by Association for Computing Machinery (ACM) ,2008
- Reconfigurable trusted computing in hardwarePublished by Association for Computing Machinery (ACM) ,2007
- Authentication of FPGA Bitstreams: Why and HowPublished by Springer Science and Business Media LLC ,2007
- Implementation of EAX mode of operation for FPGA bitstream encryption and authenticationPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2006
- Challenges of Remote FPGA Configuration for Space ApplicationsPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2005