You are looking at a specific version 20191204:081942 of this paper. See the latest version.

Paper 2019/1394

Voltage-based Covert Channels in Multi-Tenant FPGAs

Dennis R. E. Gnad and Cong Dang Khoa Nguyen and Syed Hashim Gillani and Mehdi B. Tahoori

Abstract

FPGAs are increasingly used in cloud applications and being integrated into Systems-on-Chip (SoCs). For these systems, various side-channel attacks on cryptographic implementations have been reported, motivating to apply proper countermeasures. Beyond cryptographic implementations, maliciously introduced covert channel receivers and transmitters can allow to exfiltrate any kind of secret information from the FPGA. In this paper, we present a fast covert channel on FPGAs, which exploits the on-chip power distribution network. This can be achieved without any logical connection between the transmitter and receiver blocks. Compared to FPGA thermal covert channels that reach about 1 bit/s, we can show a transmission rate of 8 MBit/s which is almost error free. We reach a small raw bit error ratio (BER) below 10 $\times$ 10$^{-6}$ BER, even in the presence of noise generated from another functional module in the FPGA, and without using error correction codes. When we place and operate other co-tenant modules that require 85% total FPGA area, the BER increases to $\approx$100-1000$\times$ 10$^{-6}$, depending on the platform. This error rate is still reasonably low for a covert channel. Overall, the transmitter and receiver work with less than 3% FPGA resources together.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Preprint. MINOR revision.
Keywords
fpgamulti-tenantacceleratorSoCside-channelcovert-channelpower distribution networkon-chipremotesoftwarehardwaretrojan
Contact author(s)
dennis gnad @ kit edu
History
2021-08-27: revised
2019-12-04: received
See all versions
Short URL
https://ia.cr/2019/1394
License
Creative Commons Attribution
CC BY
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.