Abstract
With virtualized Field Programmable Gate Arrays (FPGAs) on the verge of being deployed to the cloud computing domain, there is a rising interest in resolving recently identified security issues. Those issues result from different trusted and untrusted entities sharing the FPGA fabric and the Power Distribution Network. Researchers were able to perform both side-channel and fault attacks between logically isolated designs on the same FPGA fabric, compromising security of cryptographic modules and other critical implementations. Side-channel attacks specifically are enabled by the vast degree of freedom given to developers when making use of the basic FPGA resources. Both ring oscillators as well as long delay lines, implemented using low-level FPGA primitives, have been shown to provide sufficient data for simple or correlation-based power analysis attacks. In order to develop new or apply known countermeasures onto designs and implementations in a virtualized multi-tenant FPGA, we seek to fully understand the underlying mechanisms and dependencies of chip-internal side-channel attacks. Although the impact of process variation and other physical design parameters on side-channel vulnerability has been investigated in previous works, remote attacks between logically isolated partitions in multi-tenant FPGAs introduce new and unique challenges. Thus, we systematically analyze the impact of physical mapping of both attacker and victim design on the success of correlation power analysis attacks on the Advanced Encryption Standard (AES). We report our findings on a Xilinx Zynq 7000-based platform, which show that the effect of global and local placement as well as routing and process variation on the success of side-channel attacks almost exceeds the impact of hiding countermeasures. This result reveals fundamental challenges in secure virtualization of FPGAs, which have been mostly ignored so far. Eventually, our results may also help vendors and hypervisors in developing zero overhead side-channel countermeasures based on adequate global and local placement of isolated designs on a multi-tenant FPGA.
Highlights
Field Programmable Gate Arrays (FPGAs) have become an important component for all major cloud computing providers as a generic, versatile hardware accelerator, in the area of artificial intelligence and machine learning [AWS19, Cor17, CLO19]
We start with presenting the measurements from evaluating the impact of noise modules on sensors in various respective locations, followed by the results of Correlation Power Analysis (CPA) on Advanced Encryption Standard (AES) in different setups
We thoroughly analyze the impact of physical design mapping parameters in multi-tenant FPGAs on the success of Side-Channel Analysis (SCA) attacks
Summary
Field Programmable Gate Arrays (FPGAs) have become an important component for all major cloud computing providers as a generic, versatile hardware accelerator, in the area of artificial intelligence and machine learning [AWS19, Cor, CLO19]. The accelerator hardware in public clouds is – to the best of our knowledge – not distributed to users on a finer granularity than allowing one user per chip. Major operating systems already support partial reconfiguration [Lin18] and datacenter-specific FPGAs have been offered just recently [Xil19]. Virtualization and multi-tenancy will allow for maximum. Licensed under Creative Commons License CC-BY 4.0. CPAmap: On the Complexity of Secure FPGA Virtualization. FPGA utilization, as widely discussed in recent publications [FVS15, BSB+14, KLP+18]. There still remain unresolved security issues [SGMT18b, KGT18]
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
