Secure FPGA configuration architecture preventing system downgrade

Author

Badrignans, Benoît ; Elbaz, Reouven ; Torres, Lionel

Author_Institution

LIRMM UMR, Univ. of Montpellier 2- CNRS C5506, Montpellier

fYear

2008

fDate

8-10 Sept. 2008

Firstpage

317

Lastpage

322

Abstract

In the context of FPGAs, system downgrade consists in preventing the update of the hardware configuration or in replaying an old bitstream. The objective can be to preclude a system designer from fixing security vulnerabilities in a design. Such an attack can be performed over a network when the FPGA-based system is remotely updated or on the bus between the configuration memory and the FPGA chip at power-up. Several security schemes providing encryption and integrity checking of the bitstream have been proposed in the literature. However, as we show in this paper, they do not detect the replay of old FPGA configurations; hence they provide adversaries with the opportunity to downgrade the system. We thus propose a new architecture that, in addition to ensuring bitstream confidentiality and integrity, precludes replay of old bitstreams. We show that the hardware cost of this architecture is negligible.

Keywords

cryptography; field programmable gate arrays; logic design; encryption; field programmable gate arrays; hardware configuration; integrity checking; system downgrade; Communication channels; Communication system security; Costs; Cryptography; Field programmable gate arrays; Hardware; Power system management; Power system security; Protocols; Synthetic aperture sonar;

fLanguage

English

Publisher

ieee

Conference_Titel

Field Programmable Logic and Applications, 2008. FPL 2008. International Conference on

Conference_Location

Heidelberg

Print_ISBN

978-1-4244-1960-9

Electronic_ISBN

978-1-4244-1961-6

Type

conf

DOI

10.1109/FPL.2008.4629951

Filename

4629951