X-Attack: Remote Activation of Satisfiability Don't-Care Hardware Trojans on Shared FPGAs
Autor: | Wei Hu, Dina G. Mahmoud, Mirjana Stojilovic |
---|---|
Rok vydání: | 2020 |
Předmět: |
Multitenancy
business.industry Computer science Cryptography Cloud computing 02 engineering and technology Computer security computer.software_genre 020202 computer hardware & architecture Attack model Trojan Hardware Trojan 0202 electrical engineering electronic engineering information engineering 020201 artificial intelligence & image processing business Field-programmable gate array computer Countermeasure (computer) |
Zdroj: | FPL |
DOI: | 10.1109/fpl50879.2020.00039 |
Popis: | Albeit very appealing, FPGA multitenancy in the cloud computing environment is currently on hold due to a number of recently discovered vulnerabilities to side-channel attacks and covert communication. In this work, we successfully demonstrate a new attack scenario on shared FPGAs: we show that an FPGA tenant can activate a dormant hardware Trojan without any physical or logical connection to the private Trojan-infected FPGA circuit. Our victim contains a so-called satisfiability don't-care Trojan, activated by a pair of don't-care signals, which never reach the combined trigger condition under normal operation. However, once a malicious FPGA user starts to induce considerable fluctuations in the on-chip signal delays—and, consequently, the timing faults-these harmless don't-care signals take unexpected values which trigger the Trojan. Our attack model eliminates the assumption on physical access to or manipulation of the victim design. Contrary to existing fault and side-channel attacks that target unprotected cryptographic circuits, our new attack is shown effective even against provably well-protected cryptographic circuits. Besides demonstrating the attack by successfully leaking the entire cryptographic key from one unprotected and one masked AES S-box implementation, we present an efficient and lightweight countermeasure. |
Databáze: | OpenAIRE |
Externí odkaz: |