Jun 18, 2018

Unsafe FPGA/ASIC neighbors

Do you remember Spectre/Meltdown? Unsafe code on your processor can indirectly access data in memory locations which should have been isolated from the code.
Similar things can happen in FPGA/ASIC world. It can be that your sensitive data (e.g. ciphering keys) are used in your IP and there is another (rogue) IP on the same device. For example, you bought an IP from a malicious vendor, or you are sharing a big FPGA with an attacker on some cloud infrastructure.
Despite that your IPs are logically separated, they share the power distribution network of the device and variation in power consumption of your core, correlated with your sensitive data can be sensed by the other core using signal propagation speed/voltage dependency.

More details in the article
An Inside Job: Remote Power Analysis Attacks on FPGAs
Falk Schellenberg, Dennis R.E. Gnad, Amir Moradi, and Mehdi B. Tahoori

No comments:

Post a Comment