Paper 2014/649

FPGA Trojans through Detecting and Weakening of Cryptographic Primitives

Pawel Swierczynski and Marc Fyrbiak and Philipp Koppe and Christof Paar

Abstract

This paper investigates a novel attack vector against cryptography realized on FPGAs, which can pose a serious threat to real-world implementations. We demonstrate how a simple bitstream modification can seriously weaken crypto algorithms, which we show by example of the AES and 3DES. The attack is performed by modifying the FPGA bitstream that configures the hardware elements during initialization. It has been known for a long time that cloning of FPGA designs, even if the bitstream is encrypted, is a relatively easy task. However, due to the proprietary format of the bitstream, a meaningful modification of an unknown FPGA bitstream is very challenging. While some previous work had addressed bitstream reverse-engineering, so far it has not been evaluated how difficult it is to detect and modify cryptographic elements. We outline two possible practical attacks that can lead to serious security implications. We target the non-linear S-boxes of crypto algorithms of a synthesized FPGA design that can be either implemented as Boolean equations in look-up tables, or as precomputed set of values that are stored in the memory of the FPGA. We demonstrate that it is possible to detect and apply meaningful changes to cryptographic elements inside an unknown propriety and undocumented bitstream. Furthermore, we also show how an AES key can be revealed within seconds by modifying the bitstream. Finally, we propose countermeasures that can raise the bar for an adversary to successfully perform an attack.