Stealthy Logic Misuse for Power Analysis Attacks in Multi-Tenant FPGAs

Dennis R. E. Gnad^1,a, Vincent Meyers^1,b, Nguyen Minh Dang^1,c, Falk Schellenberg^2,a, Amir Moradi^2,b and Mehdi B. Tahoori^1,d
1Institute of Computer Engineering, Karlsruhe Institute of Technology (KIT), Karlsruhe, Germany
^adennis.gnad@kit.edu
^bmehdi.tahoori@kit.edu
^cvincent.meyers@student.kit.edu
^dnguyen.dang@student.kit.edu
²Horst Görtz Institute for IT Security, Ruhr-Universität Bochum, Germany
^afalk.schellenberg@rub.de
^bamir.moradi@rub.de

ABSTRACT

FPGAs have been used in the cloud since several years, for workloads such as machine learning, database processes and security tasks. As for other cloud services, a highly desired feature is virtualization in which multiple tenants share a single FPGA to increase utilization and by that efficiency. By solely using standard FPGA logic in the untrusted tenant, onchip logic sensors have recently been proposed, allowing remote power analysis side-channel and covert channel attacks on the victim tenant. However, such sensors are implemented by unusual circuit constructions, such as ring oscillators or delay lines, which might be easily detected by bitstream and/or netlist checking. In this paper we show that such structural checking methods are not universal solutions as the attacks can make use of “benign-looking” circuits. We demonstrate this by showing a successful Correlation Power Analysis attack on the Advanced Encryption Standard.

---

Full Text (PDF)

© 2021 EDAA. All rights reserved.