Paper 2014/649

FPGA Trojans through Detecting and Weakening of Cryptographic Primitives

Pawel Swierczynski, Marc Fyrbiak, Philipp Koppe, and Christof Paar


This paper investigates a novel attack vector against cryptography realized on FPGAs, which poses a serious threat to real-world applications.We demonstrate how a targeted bitstream modification can seriously weaken cryptographic algorithms, which we show with the examples of AES and 3DES. The attack is performed by modifying the FPGA bitstream that configures the hardware elements during initialization. Recently, it has been shown that cloning of FPGA designs is feasible, even if the bitstream is encrypted. However, due to its proprietary file format, a meaningful modification is very challenging. While some previous work addressed bitstream reverse-engineering, so far it has not been evaluated how difficult it is to detect and modify cryptographic elements. We outline two possible practical attacks that have serious security implications. We target the S-boxes of block ciphers that can be implemented in look-up tables or stored as precomputed set of values in the memory of the FPGA. We demonstrate that it is possible to detect and apply meaningful changes to cryptographic elements inside an unknown, proprietary and undocumented bitstream. Our proposed attack does not require any knowledge of the internal routing. Furthermore, we show how an AES key can be revealed within seconds. Finally, we discuss countermeasures that can raise the bar for an adversary to successfully perform this kind of attack.

Available format(s)
Publication info
Preprint. MINOR revision.
Hardware securityFPGAsTrojansbitstream manipulationreverse-engineeringDESAES.
Contact author(s)
pawel swierczynski @ rub de
2014-12-18: revised
2014-08-27: received
See all versions
Short URL
Creative Commons Attribution


      author = {Pawel Swierczynski and Marc Fyrbiak and Philipp Koppe and Christof Paar},
      title = {FPGA Trojans through Detecting and Weakening of Cryptographic Primitives},
      howpublished = {Cryptology ePrint Archive, Paper 2014/649},
      year = {2014},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.