Securing Cryptographic Circuits by Exploiting Implementation Diversity and Partial Reconfiguration on FPGAs
Benjamin Hettwer1,2,a, Johannes Petersen3,d, Stefan Gehrer2,c, Heike Neumann3,e and Tim Güneysu1,b
1Horst Görtz Institute for IT-Security, Ruhr University Bochum, Germany
abenjamin.hettwer@de.bosch.com
btim.gueneysu@rub.de
2Robert Bosch GmbH, Corporate Research, Renningen, Germany
cstefan.gehrer@bosch.com
3Hamburg University of Applied Sciences, Germany
djohannes.petersen@haw-hamburg.de
eheike.neumann@haw-hamburg.de
ABSTRACT
Adaptive and reconfigurable systems such as Field Programmable Gate Arrays (FPGAs) play an integral part of many complex embedded platforms. This implies the capability to perform runtime changes to hardware circuits on demand. In this work, we make use of this feature to propose a novel countermeasure against physical attacks of cryptographic implementations. In particular, we leverage exploration of the implementation space on FPGAs to create various circuits with different hardware layouts from a single design of the Advanced Encryption Standard (AES), that are dynamically exchanged during device operation. We provide evidence from practical experiments based on a modern Xilinx ZYNQ UltraScale+ FPGA that our approach increases the resistance against physical attacks by at least factor two. Furthermore, the genericness of our approach allows an easy adaption to other algorithms and combination with other countermeasures.
Keywords: Physical attack, Side-channel attacks, Fault attacks, Partial reconfiguration, FPGAs.