A field-programmable gate array – or FPGA – is an integrated circuit that can be configured by a customer or designer after manufacturing. As HPC Wire’s Nicole Hemsoth recently reported, FPGAs have found a comfortable home in a broad range of applications that can be very broadly defined as search-based with the arrival of Big Data in HPC, hyperscale and general commercial environments. In addition, FPGAs are seeing significant adoption in research—particularly in the life sciences.
“There’s never been more activity around FPGAs than we’re seeing now,” Convey CEO Bruce Toal told HPC Wire. “We’ve seen Moore’s Law have the expected impact on size and price performance so that the latest 20 and 28-nanometer FPGAs are really delivering a price performance point that hasn’t been possible to date—allowing very small devices to be integrated in a much higher volume sense in computing, rather than just on a specialized basis.”
According to Pankaj Rohatgi, technical director of hardware security solutions at the Rambus Cryptography Research Division, the advantages of FPGAs include reduced time-to-market, field-reconfigurability and lower up-front costs.
“FPGAs [are also] ideally suited for many commercial and government applications. For sensitive defense systems, FPGAs may be selected to help mitigate threats from hardware-based Trojans introduced during the ASIC manufacturing process,” Rohatgi wrote in an article penned forECNMag.
“As a result, FPGAs are increasingly being relied upon to protect highly-sensitive intellectual property, trade-secrets, algorithms and cryptographic keys. Sensitive FPGA applications require strong tamper resistance to protect both the secrets contained within these devices as well as the data they process.”
As Rohatgi confirms, power analysis attacks are among the most important to protect against, since they are non-invasive, widely understood by adversaries and easy to execute via off-the-shelf oscilloscopes.
“To mount a power analysis attack, an attacker passively measures the power consumption or electromagnetic emissions of a device containing an FPGA,” he explained.
“The resulting measurements will reveal aggregated and noisy information related to the sensitive data being processed by the device. Simple power analysis (SPA) and differential power analysis (DPA) attacks utilize this information to recover secrets from the device.”
Meaning, if an FPGA design lacks adequate protective countermeasures, sensitive data and cryptographic keys can be extracted, allowing adversaries to make unauthorized modifications to the device configuration.
Specific countermeasure strategies include techniques to minimize information leakage, generating noise to drown out leakage signals, the use of randomness to mask computational intermediates, algorithm and implementation obfuscation as well as the use of protocols designed to preserve secrecy even in the presence of (some) leakage.
It should be noted that a number of companies, including Microsemi Corporation, have licensed Differential Power Analysis (DPA) countermeasures from the Cryptography Research division of Rambus. The DPA technology allows Microsemi to supply solutions that ensure the secure booting of third-party processors and FPGAs.
According to Paul Kocher, chief scientist of the Rambus Cryptography Research division, there are a massive number of processors and FPGAs used in critical industrial, communications, networking and defense applications, many of which are still vulnerable to the DPA attacks.
“While the security issues surrounding side channel attacks have continued to gain notoriety, expanding this needed power analysis protection for the boot stage of FPGA devices and processors is an important step towards securing overall systems,” he concluded.