Exploiting FPGA Block Memories for Protected Cryptographic Implementations

Abstract

Modern field programmable gate arrays (FPGAs) are power packed with features to facilitate designers. Availability of features like large block memory (BRAM), digital signal processing cores, and embedded CPU makes the design strategy of FPGAs quite different from ASICs. FPGAs are also widely used in security-critical applications where protection against known attacks is of prime importance. We focus on physical attacks that target physical implementations. To design countermeasures against such attacks, the strategy for FPGA designers should be different from that in ASIC. The available features should be exploited to design compact and strong countermeasures. In this article, we propose methods to exploit the BRAMs in FPGAs for designing compact countermeasures. Internal BRAM can be used to optimize intrinsic countermeasures such as masking and dual-rail logics, which otherwise have significant overhead (at least 2 × ) compared to unprotected ones. The optimizations are applied on a real AES-128 co-processor and tested for area overhead and resistance on Xilinx Virtex-5 chips. The presented masking countermeasure has an overhead of only 16% when applied on AES. Moreover, the dual-rail precharge logic (DPL) countermeasure has been optimized to pack the whole sequential part in the BRAM, hence enhancing the security. Proper robustness evaluations are conducted to analyze the optimization in terms of area and security.