Paper 2018/012

An Inside Job: Remote Power Analysis Attacks on FPGAs

Falk Schellenberg, Dennis R. E. Gnad, Amir Moradi, and Mehdi B. Tahoori


Hardware Trojans have gained increasing interest during the past few years. Undeniably, the detection of such malicious designs needs a deep understanding of how they can practically be built and developed. In this work we present a design methodology dedicated to FPGAs which allows measuring a fraction of the dynamic power consumption. More precisely, we develop internal sensors which are based on FPGA primitives, and transfer the internally-measured side-channel leakages outside. These are distributed and calibrated delay sensors which can indirectly measure voltage fluctuations due to power consumption. By means of a cryptographic core as a case study, we present different settings and parameters for our employed sensors. Using their side-channel measurements, we further exhibit practical key-recovery attacks confirming the applicability of the underlying measurement methodology. This opens a new door to integrate hardware Trojans in a) applications where the FPGA is remotely accessible and b) FPGA-based multi-user platforms where the reconfigurable resources are shared among different users. This type of Trojan is highly difficult to detect since there is no signal connection between targeted (cryptographic) core and the internally-deployed sensors.

Available format(s)
Publication info
Published elsewhere. DATE 2018
side-channel analysisFPGA
Contact author(s)
amir moradi @ rub de
2018-01-03: received
Short URL
Creative Commons Attribution


      author = {Falk Schellenberg and Dennis R. E.  Gnad and Amir Moradi and Mehdi B.  Tahoori},
      title = {An Inside Job: Remote Power Analysis Attacks on FPGAs},
      howpublished = {Cryptology ePrint Archive, Paper 2018/012},
      year = {2018},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.