Configuration Tampering of BRAM-based AES Implementations on FPGAs

Daniel Ziener, Jutta Pirkl, Jürgen Teich

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

7 Citations (Scopus)
12 Downloads (Pure)

Abstract

Fault injection attacks constitute a major attack vector on cryptographic implementations, such as the Advanced Encryption Standard (AES).
On Field Programmable Gate Arrays (FPGAs), the circuit can be altered by tampering the configuration data and thereby causing a desired faulty execution that leaks information about the secret key. Often it is not even necessary to conduct extensive reverse engineering of the propriety bitstream file format. In this paper, we present a novel strategy to recover the secret AES key by exploiting the properties of the FPGA's memory elements called Block RAM (BRAM) that are often used to store the Rijndael S-boxes. The attack can be performed by a single reconfiguration with a faulty bitstream without any knowledge of either design properties or plaintext input. The advantage of our approach is that this attack works also with encrypted bitstreams. However, our experiments show that the number of reconfigurations might increase in this case.
Original languageEnglish
Title of host publication2018 International Conference on ReConFigurable Computing and FPGAs
PublisherIEEE
Number of pages7
ISBN (Electronic)9781728119687
ISBN (Print)9781728119687
DOIs
Publication statusPublished - 14 Feb 2019
Event2018 International Conference on ReConFigurable Computing and FPGAs - Cancun, Mexico
Duration: 3 Dec 20185 Dec 2018

Conference

Conference2018 International Conference on ReConFigurable Computing and FPGAs
Abbreviated titleReConFig 2018
Country/TerritoryMexico
CityCancun
Period3/12/185/12/18

Fingerprint

Dive into the research topics of 'Configuration Tampering of BRAM-based AES Implementations on FPGAs'. Together they form a unique fingerprint.

Cite this