Sciweavers

FPL
2008
Springer

Secure FPGA configuration architecture preventing system downgrade

14 years 2 months ago
Secure FPGA configuration architecture preventing system downgrade
In the context of FPGAs, system downgrade consists in preventing the update of the hardware configuration or in replaying an old bitstream. The objective can be to preclude a system designer from fixing security vulnerabilities in a design. Such an attack can be performed over a network when the FPGA-based system is remotely updated or on the bus between the configuration memory and the FPGA chip at power-up. Several security schemes providing encryption and integrity checking of the bitstream have been proposed in the literature. However, as we show in this paper, they do not detect the replay of old FPGA configurations; hence they provide adversaries with the opportunity to downgrade the system. We thus propose a new architecture that, in addition to ensuring bitstream confidentiality and integrity, precludes replay of old bitstreams. We show that the hardware cost of this architecture is negligible.
Benoît Badrignans, Reouven Elbaz, Lionel Tor
Added 26 Oct 2010
Updated 26 Oct 2010
Type Conference
Year 2008
Where FPL
Authors Benoît Badrignans, Reouven Elbaz, Lionel Torres
Comments (0)