Differential power analysis countermeasures for the configuration of SRAM FPGAs

This paper presents a practical way to mitigate Side Channel Analysis vulnerabilities inherent in the bitstream decryption engines in SRAM FPGAs. The method uses SmartFusion®2 flash based FPGAs as the secure root-of-trust. A multi-staged approach is used, where the SmartFusion2 host establishes a secure boot loader in the target FPGA The host and boot loader establish a secret key pair to securely transmit the long term application keys used to decrypt the final bitstream to be loaded into the device. All cryptographic algorithms have DPA countermeasures in place. This work further presents data on the effectiveness of the underlying solution using a statistical characterization of side channel leakage using the Test Vector Leakage Assessment (TVLA) methodology proposed by Cryptography Research, Inc. (CRI).