FPGAhammer: Remote Voltage Fault Attacks on Shared FPGAs, suitable for DFA on AES Jonas Krautter, Dennis R.E. Gnad, Mehdi B. Tahoori | 10.09.2018 INSTITUTE OF COMPUTER ENGINEERING – CHAIR OF DEPENDABLE NANO COMPUTING KIT – Die Forschungsuniversität in der Helmholtz-Gemeinschaft www.kit.edu New attack scenarios: Passive on-chip side-channels1 Denial-of-Service2 This work: Fault attacks ... Proof-of-Concept work: Successful DFA on AES 1Schellenberg et al., ”An Inside Job: Remote Power Analysis Attacks on FPGAs”, DATE 2018 2Gnad et al., ”Voltage drop-based fault attacks on FPGAs using valid bitstreams”, FPL 2017 FPGAhammer: Motivation Remote Voltage Fault Attacks on Shared FPGAs More resources per FPGA ) Multi-user environments: J. Krautter, D.R.E. Gnad Amazon, Microsoft and introduce FPGA usage in cloud computing and M.B. Tahoori System-on-Chip (SoC) variants, tightly coupled FPGA based systems (Xilinx PYNQ, Intel Xeon FPGA, Intel/Altera-SoCs...) Accelerators deployed to partitions through partial reconfiguration ) Multi-tenant FPGAs KIT – The Research University in the Helmholtz Association, 10.09.2018 2/26 Proof-of-Concept work: Successful DFA on AES FPGAhammer: Motivation Remote Voltage Fault Attacks on Shared FPGAs More resources per FPGA ) Multi-user environments: J. Krautter, D.R.E. Gnad Amazon, Microsoft and introduce FPGA usage in cloud computing and M.B. Tahoori System-on-Chip (SoC) variants, tightly coupled FPGA based systems (Xilinx PYNQ, Intel Xeon FPGA, Intel/Altera-SoCs...) Accelerators deployed to partitions through partial reconfiguration ) Multi-tenant FPGAs New attack scenarios: Passive on-chip side-channels1 Denial-of-Service2 This work: Fault attacks ... 1Schellenberg et al., ”An Inside Job: Remote Power Analysis Attacks on FPGAs”, DATE 2018 2Gnad et al., ”Voltage drop-based fault attacks on FPGAs using valid bitstreams”, FPL 2017 KIT – The Research University in the Helmholtz Association, 10.09.2018 2/26 FPGAhammer: Motivation Remote Voltage Fault Attacks on Shared FPGAs More resources per FPGA ) Multi-user environments: J. Krautter, D.R.E. Gnad Amazon, Microsoft and introduce FPGA usage in cloud computing and M.B. Tahoori System-on-Chip (SoC) variants, tightly coupled FPGA based systems (Xilinx PYNQ, Intel Xeon FPGA, Intel/Altera-SoCs...) Accelerators deployed to partitions through partial reconfiguration ) Multi-tenant FPGAs New attack scenarios: Passive on-chip side-channels1 Denial-of-Service2 This work: Fault attacks ... Proof-of-Concept work: Successful DFA on AES 1Schellenberg et al., ”An Inside Job: Remote Power Analysis Attacks on FPGAs”, DATE 2018 2Gnad et al., ”Voltage drop-based fault attacks on FPGAs using valid bitstreams”, FPL 2017 KIT – The Research University in the Helmholtz Association, 10.09.2018 2/26 Attacker and victim design logically isolated Victim software process has a public interface Chosen-Plaintext Attack scenario FPGAhammer: Threat model Remote Voltage Fault Attacks on Shared FPGAs J. Krautter, D.R.E. Gnad and M.B. Tahoori Shared FPGA fabric ) Shared Power Distribution Network (PDN) KIT – The Research University in the Helmholtz Association, 10.09.2018 3/26 Victim software process has a public interface Chosen-Plaintext Attack scenario FPGAhammer: Threat model Remote Voltage Fault Attacks on Shared FPGAs J. Krautter, D.R.E. Gnad and M.B. Tahoori Shared FPGA fabric ) Shared Power Distribution Network (PDN) Attacker and victim design logically isolated KIT – The Research University in the Helmholtz Association, 10.09.2018 3/26 Chosen-Plaintext Attack scenario FPGAhammer: Threat model Remote Voltage Fault Attacks on Shared FPGAs J. Krautter, D.R.E. Gnad and M.B. Tahoori Shared FPGA fabric ) Shared Power Distribution Network (PDN) Attacker and victim design logically isolated Victim software process has a public interface KIT – The Research University in the Helmholtz Association, 10.09.2018 3/26 FPGAhammer: Threat model Remote Voltage Fault Attacks on Shared FPGAs J. Krautter, D.R.E. Gnad and M.B. Tahoori Shared FPGA fabric ) Shared Power Distribution Network (PDN) Attacker and victim design logically isolated Victim software process has a public interface Chosen-Plaintext Attack scenario KIT – The Research University in the Helmholtz Association, 10.09.2018 3/26 FPGAhammer: Outline Remote Voltage Fault Attacks on Shared FPGAs 1 Background J. Krautter, D.R.E. Gnad and M.B. Tahoori 2 Fault Injection and Analysis 3 Experimental Setup 4 Results 5 Discussion and Future Work 6 Conclusion KIT – The Research University in the Helmholtz Association, 10.09.2018 4/26 FPGAhammer: Outline Remote Voltage Fault Attacks on Shared FPGAs 1 Background J. Krautter, D.R.E. Gnad and M.B. Tahoori 2 Fault Injection and Analysis 3 Experimental Setup 4 Results 5 Discussion and Future Work 6 Conclusion KIT – The Research University in the Helmholtz Association, 10.09.2018 5/26 dI Law of Inductance: Vdrop = I · R + L · dt High current variation ) Power supply voltage variation Lower supply voltage ) Timing faults FPGAhammer: Power Distribution Network (PDN) Remote Voltage Fault Attacks on Shared FPGAs Interconnections from the voltage regulator down to logic elements J. Krautter, D.R.E. Gnad Model: RLC-mesh (Resistive, Inductive and Capacitive elements) and M.B. Tahoori KIT – The Research University in the Helmholtz Association, 10.09.2018 6/26 High current variation ) Power supply voltage variation Lower supply voltage ) Timing faults FPGAhammer: Power Distribution Network (PDN) Remote Voltage Fault Attacks on Shared FPGAs Interconnections from the voltage regulator down to logic elements J. Krautter, D.R.E. Gnad Model: RLC-mesh (Resistive, Inductive and Capacitive elements) and M.B. Tahoori dI Law of Inductance: Vdrop = I · R + L · dt KIT – The Research University in the Helmholtz Association, 10.09.2018 6/26 Lower supply voltage ) Timing faults FPGAhammer: Power Distribution Network (PDN) Remote Voltage Fault Attacks on Shared FPGAs Interconnections from the voltage regulator down to logic elements J. Krautter, D.R.E. Gnad Model: RLC-mesh (Resistive, Inductive and Capacitive elements) and M.B. Tahoori dI Law of Inductance: Vdrop = I · R + L · dt High current variation ) Power supply voltage variation KIT – The Research University in the Helmholtz Association, 10.09.2018 6/26 FPGAhammer: Power Distribution Network (PDN) Remote Voltage Fault Attacks on Shared FPGAs Interconnections from the voltage regulator down to logic elements J. Krautter, D.R.E. Gnad Model: RLC-mesh (Resistive, Inductive and Capacitive elements) and M.B. Tahoori dI Law of Inductance: Vdrop = I · R + L · dt High current variation ) Power supply voltage variation Lower supply voltage ) Timing faults KIT – The Research University in the Helmholtz Association, 10.09.2018 6/26 Oscillation ) Gate switching ) Current variation ) Voltage drop RO-grid must be toggled in a very specific way (freq, duty-cycle, delay) ) Calibration of fault injection parameters required FPGAhammer: Malicious Logic Remote Voltage Fault Attacks on Shared FPGAs Logic element to cause high current variation2: J. Krautter, D.R.E. Gnad Ring Oscillators (ROs) and M.B. Tahoori 2Gnad et al., ”Voltage drop-based fault attacks on FPGAs using valid bitstreams”, FPL 2017 KIT – The Research University in the Helmholtz Association, 10.09.2018 7/26 RO-grid must be toggled in a very specific way (freq, duty-cycle, delay) ) Calibration of fault injection parameters required FPGAhammer: Malicious Logic Remote Voltage Fault Attacks on Shared FPGAs Logic element to cause high current variation2: J. Krautter, D.R.E. Gnad Ring Oscillators (ROs) and M.B. Tahoori Oscillation ) Gate switching ) Current variation ) Voltage drop 2Gnad et al., ”Voltage drop-based fault attacks on FPGAs using valid bitstreams”, FPL 2017 KIT – The Research University in the Helmholtz Association, 10.09.2018 7/26 ) Calibration of fault injection parameters required FPGAhammer: Malicious Logic Remote Voltage Fault Attacks on Shared FPGAs Logic element to cause high current variation2: J. Krautter, D.R.E. Gnad Ring Oscillators (ROs) and M.B. Tahoori Oscillation ) Gate switching ) Current variation ) Voltage drop RO-grid must be toggled in a very specific way (freq, duty-cycle, delay) 2Gnad et al., ”Voltage drop-based fault attacks on FPGAs using valid bitstreams”, FPL 2017 KIT – The Research University in the Helmholtz Association, 10.09.2018 7/26 FPGAhammer: Malicious Logic Remote Voltage Fault Attacks on Shared FPGAs Logic element to cause high current variation2: J. Krautter, D.R.E. Gnad Ring Oscillators (ROs) and M.B. Tahoori Oscillation ) Gate switching ) Current variation ) Voltage drop RO-grid must be toggled in a very specific way (freq, duty-cycle, delay) ) Calibration of fault injection parameters required 1.20 1.15 VCC max recommended ) V 1.10 ( C 1.05 C VCC min recommended V 1.00 0.95 0 5 10 15 20 Time (s) FPGA supply voltage VCC during frequency scan 2Gnad et al., ”Voltage drop-based fault attacks on FPGAs using valid bitstreams”, FPL 2017 KIT – The Research University in the Helmholtz Association, 10.09.2018 7/26 FPGAhammer: Malicious Logic Remote Voltage Fault Attacks on Shared FPGAs Logic element to cause high current variation2: J. Krautter, D.R.E. Gnad Ring Oscillators (ROs) and M.B. Tahoori Oscillation ) Gate switching ) Current variation ) Voltage drop RO-grid must be toggled in a very specific way (freq, duty-cycle, delay) ) Calibration of fault injection parameters required 1.20 1.15 VCC max recommended ) V 1.10 ( C 1.05 C VCC min recommended V 1.00 Toggle frequency decrease 0.95 0 5 10 15