REVIEW ON SECURITY TECHNIQUES FOR FIELD PROGRAMMABLE GATE ARRAY

Transcription

1 INTERNATIONAL JOURNAL OF ELECTRONICS AND COMMUNICATION ENGINEERING & TECHNOLOGY (IJECET) Proceedings of the International Conference on Emerging Trends in Engineering and Management (ICETEM14) ISSN (Print) ISSN (Online) Volume 5, Issue 12, December (2014), pp IAEME: Journal Impact Factor (2014): (Calculated by GISI) IJECET I A E M E REVIEW ON SECURITY TECHNIQUES FOR FIELD PROGRAMMABLE GATE ARRAY Silpa Shaju 1, Parvathy R 2, Aryalakshmy M S 3, Dr. K. Gnana Sheela 4 1, 2, 3, 4 (ECE Department, TIST/ CUSAT, Arakunnam, India) ABSTRACT Nowadays FPGAs have been used in a wide variety of electronic devices in differenttypes of industry, from simple switches to complex factories, medical apparatus or building automation and control systems. Besides the advantages of the increasing use of FPGA devices such as: cost reduction, time to market, programmability, reliability, or high performance designs, security issues also start to appear.during the manufacturing process, the FPGA passes through different processes of different manufacturers. During this time, hardware threats the exposed the design. Therefore protection against hardware attacks is important. Digital circuits, like Ring Oscillators (ROs), which undergo process variations during the physical execution offpga are a promising method for security of FPGA. This paper presents and analyzes the method of generating a unique identifier for FPGA security, based on a ROs security primitive. Keywords: Challenge-Response Pairs (CRPs), Physical Uncloneable Functions (PUFs), Ring oscillators (RO), Integrated circuit(ic), Field Programmable Gate Array (FPGA) I. INTRODUCTION Several biometric technologies include those that support the use of behavioural or physiological human characteristic to determine the individual identity for an example is the human fingerprint. Since the FPGAs have been largely used in common applications and the types of hardware attacks have grown in that area. Then the researchers attempted to create a unique identifier, which is dependent on the intrinsic properties of the integrated circuit. The process variations within the circuit are used for the circuit. Fig.1: FPGA manufacturing flow 124

2 The application design creation on an FPGA also implies certain stages such as system development or system manufacturing, as it can be seen in Fig.2. All these steps, described in Fig. 1 and Fig. 2 are vulnerable to hardware attacks like cloning, mislabeling, overproducing, reverse engineering the bitstream, read back, side channels based on power analysis, EMF analysis, timing analysis; brute force, crippling or fault injection [8]. A main ingredient that is required to protect FPGAs against hardware attacks is a secret key generated for each device, which cannot be obtained or duplicated a chip fingerprint. Ring Oscillators that emphasize the process variations, are a good method for generating such a fingerprint. Although integrated circuits that are subjects to the same manufacturing processes, there will be some differences between circuits on the same wafer or on different wafers. This causes differences in physical imperfections that may arise during the execution phase of the integrated circuits (Fig. 1). Involuntary deviations of physical parameters from the normal values may arise due to the manufacturing process of the integrated circuits. The electrical parameter such as sheet resistance and threshold voltage changes by this method. There are several sources of parameter variability that can be attributed to different steps of the manufacturing process such as: the photolithography and etching processes, non uniformity in the process of oxide growth, and non uniformity in the process of dopant implantation, dosage, and diffusion. This paper provides a method to implement an optimized and secure technique for authentication of integrated circuits, using ring oscillators. This technique is a alternative method for protecting the integrated circuits against cloning, overproducing or stealing the implemented application (bitstream) based on ring oscillators in which the process variations are used to create a unique identifier for each FPGA device. In the present paper, the section 1 gives a brief overview of the previous work on ring oscillators and authentication of FPGAs using ring oscillators is made. Also, the algorithm used to generate a unique identifier for FPGA, based on ring oscillators is introduced. In section II, detailed study of different papers that related to FPGA protection is given.in section III, experimental results of comparative study that shown as a table is presented. Finally, the summarized is given in the last section. II. RELATED WORK Fig.2: Creating an application design on FPGA Kean T et al(2001), describes that, although SRAM programmed Field Programmable Gate Array (FPGA) have come to dominate the industry due to their density and performance advantages over non-volatile technologies they have a serious weakness in that they are vulnerable to piracy and reverse engineering of the use design[1]. This is becoming increasingly important as the size of chips and hence the value of customer designs - increases. FPGA's are now being used in consumer products where piracy is more common. Further, reconfiguration of FPGA's in the field is becoming increasingly popular particularly in networking applications and it is vital to provide security against malicious parties interfering with equipment functionality through this mechanism. The proposed security technology offers key advantages compared with alternative schemes it does not affect system reliability, it does not require additional components, it is compatible with standard CMOS processing, it does not require support from CAD software and it is based on standardized cryptographic protocols. Gassend B et al(2004) presented modern cryptographic protocols are based on the premise that only authorized participants can obtain secret keys and access to information systems[2]. However, various kinds of tampering methods have been devised to extract secret keys from conditional access systems. The physical unclonable functions (PUFs) exploit the statistical delay variation of wires and transistors across integrated circuits (ICs). It is used in manufacturing processes to build unclonable secret keys. It fabricated arbiter-based PUFs in custom silicon and thus investigated the 125

3 identification capability, reliability, and security of this scheme. Experimental results and theoretical studies indicates that a sufficient amount of inter-chip variation existed for enabling each IC to be identified from environmental variations such as temperature and power supply voltage. It show that arbiter-based PUFs are realizable and which is suitable to build key-cards that need to be resistant to physical attacks. Tuyls P et al(2005) described a technique that exploits the statistical delay variations of wires and transistors across ICs to build a secret key unique to each IC. To explore its feasibility, it fabricated a candidate circuit in order to generate a response on the basis of its delay characteristics [3]. It shows that there exists enough delay variation across ICs implementing. The evaluation indicates that there exists significant delay variations of wires and transistors across ICs implementing this circuit and that idea of leveraging this variation to uniquely identify and authenticate an IC is promising. Physical Uncloneable Functions (PUFs) can be used as a cost-effective method to store key material in an uncloneable way. Because of this fact, noise is inevitably present in each readout of the key material obtained by performing measurements on a physical system. It presents a number of methods that increase the robustness of bit-string extraction from noisy PUF measurements and in particular for optical PUFs. It describes a practical implementation in the case of optical PUFs and shows the obtained results. Edward G et al (2007) provided Physical Unclonable Functions (PUFs) are innovative circuitprimitives that extract secrets from physical characteristics of integrated circuits[4]. As electronic devices become ubiquitous and interconnected, people are increasingly relying on integrated circuits (ICs) for performing security sensitive tasks as well as handling sensitive information. For example, an RFID is oftenused as a key card to control access to buildings, smart cards carry out financial transactions, and mobile phones often contain sensitive data such as confidential documents, personal s, etc. Therefore, it is critical for ICs to be able to perform operations such as authentication of devices, protection of confidential information, and secure communication in an inexpensive yet highly secure way. A common ingredient that is required to enable the above security operations is a secret on each IC, which an adversary cannot obtain or duplicate. The current best practice is to place a secret key in non-volatile memory such as fuses and EEPROM, and use cryptographic primitives such as digital signature and encryption to authenticate a device and protect confidential information. PUFs significantly increase physical security by generating volatilesecrets that only exist in a digital form when a chip is powered on and running. This immediately requires the adversary to mount an attack while the IC is running and using the secret, a significantly harder proposition than discovering non-volatile keys; an invasive attack must accurately measure PUF delays without changing the delays or discover volatile keys in registers without cutting power or tamper-sensing wires that clear out the registers. This paper discusses how PUFs can enable low-cost authentication of ICs and generate volatile secret keys for cryptographic operations. We also introduce a new PUF circuit design based on ring oscillators, which has advantages in the ease of implementation and reliability over previously proposed designs. The PUF circuits can also be used as hardware random number generators. However, this paper only focuses on device authentication and key generation. In this paper Physical Unclonable Functions (PUFs) and showed PUFs can provide low-cost authentication of ICs and generate volatile keys for both symmetric and asymmetric cryptographic operations. Ongoing work includes the implementation of PUF-enabled RFIDs and the development of a secure processor that uses a PUF to generate cryptographic keys that are only known to the processor. Guajardo J (2007) et al described that IP protection of FPGA hardware designs has become an important factor for many IP vendors[5]. The end solutions have been proposed on the basis of the idea of bitstream encryption, symmetric-key primitives, and the use of Physical Unclonable Functions (PUFs). This paper proposed new protocols for the IP protection problem on FPGAs based on public-key cryptography which analyzes the advantages and costs and finally describes the PUF intrinsic to current FPGAs based on SRAM properties. The main advantage of using Public Key based protocols is that they do not require the private key stored in the FPGA to leave the device which increases security. This security provided by the additional hardware resources but it does not cause any significant performance degradation. Patterson M et al (2007) presented Physical Unclonable Function (PUF) is a function in some physical device that is easy to evaluate but hard to predict [6]. It is equivalent to the mathematical one-way function. Every challenge should map to a specific response but the disadvantage is that this mapping is impossible for predicting and different for every physical device. On-chip PUF is useful for several reasons. First, it provides a way to uniquely identify a given device. This could be used for secure chip authentication or for protection of Intellectual Property. Second, since an FPGA PUF is based on intrinsic randomness, it could also serve as a Random Number Generator. Finally, and most importantly, a PUF provides all this functionality without storing any secret information on the chip. Most solutions to the previously listed problems involve storing some type of key or seed value on the chip. This poses many security hazards. However, a PUF relies on the characteristics of the chip itself, which are considered impossible to observe and duplicate. Huffmire T et al (2008) describes that FPGAs combine the programmability of processors with the performance of custom hardware [7]. It is more common in critical embedded systems. Thus new techniques are necessary to manage security in FPGA designs. FPGA security problems and current research on reconfigurable devices and security, and presents security primitives and component architecture for building highly secure systems on FPGAs are discussed here. It is due to the fact that FPGAs can provide a useful balance between rapid time to market, performance, and flexibility; 126

4 they have become the primary source of computation in many critical embedded systems. The aerospace industry, for example, relies on FPGAs to control everything from the Joint Strike Fighter to the Mars Rover. In 2005 alone, an estimated 80,000 different commercial FPGA design projects began.3 because major IC manufacturers outsource most of their operations, 4 IP theft from a foundry is a serious concern. FPGAs provide a viable solution to this problem because the sensitive IP is not loaded onto the device until after it has been manufactured and delivered, making it harder for adversaries to target a specific application or user. Furthermore, modern FPGAs use bitstream encryption and other methods to protect IP once it is loaded onto the FPGA or external memory. However, techniques beyond bitstream encryption are necessary to ensure FPGA design security. To save time and money, FPGA systems are typically cobbled together from a collection of existing computational cores, often obtained from third parties. These cores can be subverted during the design phase, by tampering with the tools used to translate the design to the cores or by tampering with the cores themselves. Building every core and tool from scratch is not economically feasible in most cases, and subversion can affect both third-party cores and cores developed inhouse. Therefore, embedded designers need methods for securely composing systems comprising both trusted and untrusted components. Braeken et al (2009) describes an overview of contemporary FPGA-related technologies and techniques that can be used for data and system security [8]. As such we will give an overview of the currently available features in commonly used FPGAs and link these features to established security techniques. The main goal is to evaluate the pros and contras of the different techniques and technologies in order to give directions on the security strategy. The incredible growth of FPGA capabilities in recent years and the new included features have made them more and more attractive for numerous embedded systems. There is however an important shortcoming concerning security of data and design. Data security implies the protection of the FPGA application in the sense that the data inside the circuit and the data transferred to/from the peripheral circuits during the communication are protected. System security concerns the protection of the design against cloning, reverse engineering and intellectual property (IP) theft. This pyramid consists of 5 levels. Protocol level includes the type of protocol used between user and system. Algorithm level consists of the algorithm described in the protocols. Architecture level consists of secure HW/SW partitioning. Micro-architecture level deals with the HW design of the modules. Circuit level describes implementation techniques on transistor and package level It mainly focuses on the security obtained in the architecture level. Nevertheless, we want to stress that security in all other levels needs to be obtained in order to design a sound and secure system. For example, a very secure IDcheck function could be bypassed or fooled due to vulnerability in another layer. Most of the FPGA manufacturers anticipated on this problem of security by providing on-chip cryptographic hardware and the possibility to send encrypted configurations over the internet to the FPGA. The main goal of this paper is to present a survey of the contemporary FPGA-related technologies and techniques that are nowadays used for data and system security. As a consequence, we want to create awareness of the pros and contras when choosing a specific device/design. Schaumont et al (2009) proposes that an FPGA is a collection of programmable gates embedded in a flexible interconnect network that can contain several hard or soft microprocessors [9]. In order to implement logic gates, flipflops for timing and registers, switchable interconnects to route logic signals between different units, and I/O blocks for transferring data between the devices, FPGAs use truth tables or lookup tables (LUTs). A circuit can be mapped to an FPGA by using the method of loading the LUTs and switch boxes with a configuration, that is analogous to the way a traditional circuit might be mapped to a set of AND and OR gates. A bitstream is used to programme an FPGA. This binary data, loaded into the FPGA through specific I/O ports on the device, defines how the internal resources are used for performing logic operations. The architecture works together to separate cores. A successful approach must combine life-cycle management and coherent security architecture for policy enforcement. The security architecture we describe here uses a set of primitives that complement one another, including a reference monitor for memory protection and a separation strategy that uses spatial isolation and interconnect tracing. Designing any trustworthy complex system is challenging, and given the relative immaturity of current FPGA design approaches in which multiple computational cores from different sources are combined using commercial tools, the current state of embedded systems security leaves much to be desired. Industry and its customers can no longer take hardware security for granted. Clearly, embedded-design practitioners must become acquainted with these problems and with related new developments from the computer security research field, such as the security primitives we ve described here. Practitioners must also adapt the rich body of life-cycle management tools and techniques that have been created for trustworthy software development and apply them to hardware design. A path toward ensuring the security of the tools and the resulting product is necessary to provide accountability throughout the development process. The holistic approach to system design we ve described here is a significant step in that direction. 127

5 Stumpf F et al (2010) describes that Physical Unclonable Functions (PUFs) based on Ring Oscillators (ROs) are a promising primitive for FPGA security [10]. However, the quality of their implementation depends on several design parameters. It shows that ring oscillator frequencies mostly depend on surrounding logic. Based on these, propose a strategy for improving the quality of RO PUF designs by placing and comparing ROs in a chain-like structure. It also show that quality of a RO PUF mainly depend on an increased RO runtime and RO disabling. It implemented a RO PUF key generation system on an FPGA using this design strategy. This result shows that the proposed design strategy can significantly increase the quality of implementation a RO PUF. Field Programmable Gate Arrays (FPGAs) gain increasingly in importance as highly edible alternative to Application Specific Integrated Circuits (ASICs). Their reconfiguration property enables fast prototyping and updates for hardware devices even after market launch. A promising approach towards holistic embedded security arises through the application of PUFs. These physical structures enable the exploitation of unavoidable variations in manufacturing processes, e.g., lithographic processes. Signal properties, such as the propagation delay on metal lines of a microchip, depend on these variations. Circuits measuring and comparing these properties can extract PUF responses. These bit strings are noisy by nature and not uniformly distributed, but sufficiently unique to identify a silicon device. A PUF can be seen as a function mapping a response to a challenge input in an unpredictable way. In contrast to challenge-response authentication, where a PUF has to generate a big amount of responses to given challenges, i.e., Challenge-Response Pairs (CRPs), for the purpose of secure key generation, only a small number of challenges or even only a single one is applied. PUFs based on Ring Oscillators (ROs) currently seem to be the most reasonable PUF construction to securely identify FPGAs. Their quality has been evaluated in several analyses recently and enjoys great interest within the scientific community. MajzoobiM et al (2011) introduces a novel technique to authenticate and identify field-programmable gate arrays (FPGAs). The technique uses the reconfigurability feature of FPGAs to perform self-characterization and extract the unique timing of the FPGA building blocks over the space of possible inputs[11]. The characterization circuit is then exploited for constructing a physically unclonable function (PUF). The PUF can accept different forms of challenges including pulse width, digital binary, and placement challenges. The authentic device is the only entity which can respond within a particular time constraint. The gap between the speed of PUF evaluation on authentic hardware and simulation of its behavior the constraint. An authentication protocols is introduced based on the time-bounded mechanism. The responses should be robust to fluctuations in operational conditions such as temperature and voltage variations by employing: 1) a linear calibration mechanism that adjusts the clock frequency by a feedback from on-chip temperature and voltage sensor readings, and 2) a structure of differential PUF with real-valued responses that cancels out the common impact of variations on delays. Zhang Jet al(2013) says that, Physical Unclonable Function (PUF) makes use of the uncontrollable process variations during the production of IC to generate a unique signature for each IC[12]. It has a wide application in security such as FPGA Intellectual Property (IP) protection, digital rights management and key generation. Ring Oscillator (RO) based PUF and Arbiter-based PUF are the most popular PUFs. But these are not specially designed for FPGA. RO-based PUF incurs high resource overhead during when obtaining less challenge-response pairs, and requires hard macros to implement on FPGA. Since its structure is hard to be mapped on FPGA, the arbiter-based PUF brings low resource overhead. Anderson s PUF can address these weaknesses. However, it cannot be directly implement on the new generation FPGAs, and this lead to the scalability issue. The paper presents a delay-based PUF using the intrinsic structure of FPGA inorder to address these problems. According to Chongyan et al (2014), a new field-programmable gate array (FPGA) identification generator circuit is introduced based on physically unclonable function (PUF) technology[13]. The new identification generator is able to convert flip-flop delay path variations to unique n-bit digital identifiers (IDs), while requiring only a single slice per ID bit by using 1-bit ID cells formed as hard-macros. When an exemplary 128-bit identification generator is implemented on ten Xilinx Spartan-6 FPGA devices, the experimental results show an uniqueness of 48.52%, and reliability of 92.41% over 10% fluctuation in supply voltage and 25 C to 70 C temperature range. According to StanciuA et al, FPGA designs need tobe protected against hardware attacks [15]. The process variations in digital circuits like ring oscillators, thatappear during the physical execution of FPGA are a promisingprimitive for FPGA security. Itanalyzes the experimental results of the technique that generate a unique identifier for FPGA security, based on a ROs securityprimitive.this paper describes how to implement an optimized andsecure technique for integrated circuits authentication, usingring oscillators. This technique may be an alternative for protecting the integrated circuits against cloning, overproducing or stealing the implemented application (bitstream) and it is based on ring oscillators which use the process variations to create a unique identifier for each FPGA device. The process of implementing an optimized and secured FPGA authentication method based on ring oscillators. This implementation is an alternative method to protect the integrated circuits against cloning and stealing of the implemented applications. The process variations which appear during the manufacturing flow of an FPGA used for authentication. According to the experimental results it succeeded to validate the use of the ring oscillators to generate a unique identifier for FPGA chips, in normal conditions. As future work it also intends to also analyze the effects of other factors that may influence integrated circuits identifier (aging, voltage and temperature fluctuations). Also the details of implementation related to the error correction and detection are presented in our paper. It optimized the process of 128

6 implementing the authentication method by: reducing the number of counters used at generating the ID, the use of the algorithm that uses minimum costs in term of hardware resource, the choice of BRAM memories to store the polynomial coefficient powers and the sequentiality of some portions of the implemented algorithm. III. CONCLUSION This paper had been presented the process of implementing an optimized and secured FPGA authentication method based on ring oscillators. This implementation is an alternative method for protection of the integrated circuits against cloning and stealing of the implemented applications. The authentication process is based on the process variations that occur during the manufacturing flow of an FPGA. According to the results of experiments it succeeded to validate the use of the ring oscillators to generate a unique identifier for FPGA chips, in normal conditions. As future work also analyzes the effects of other factors that may influence integrated circuits identifier such as aging, voltage and temperature fluctuations. Also the implementation details related to the error correction and detection are presented in this paper. It optimized the implementation process of the authentication method by: reducing the number of counters used for generating the ID, the choice of the algorithm which causes minimum costs in term of hardware resource usage, the use of BRAM memories for storing the polynomial coefficient powers and the sequentiality of some portions of the implemented algorithm. REFERENCES [1] TomKean.Secure Configuration of Field Programmable Gate Arrays. Lecture Notes in Computer Science Volume 2147, (2001), [2] J.-W. Lee, D. Lim, B. Gassend, G. E. Suh, M. van Dijk, and S. Devadas. A technique to build a secret key in integrated circuits with identification and authentication applications. Proc. IEEE conf. On VLSI Circuits Symposium, June 2004 [3] B. Skoric, P. Tuyls, and W. Ophey. Robust key extraction from physical unclonable function. Proc. Applied Cryptography and Network Security Conference 2005,3531. [4] G. Edward Suh, S. Devadas, Physical Unclonable Functions for Device Authentication and Secret Key Generation.Proc. 44th ACM/IEEEDesign Automation Conference paper, 2007 [5] Jorge Guajardo, Sandeep S. Kumar, Geert-Jan Schrijen, PimTuyls. Physical unclonable functions and publickey crypto for fpgaip Protection., [6] Michael Patterson; JosephZambreno; Chris Sabotta; SudhanshuVyas; Aaron Mills. Ring Oscillator PUF Design and Results. Report 2007 [7] Ted Huffmire, Ryan Kastner, Brett Brotherton. Managing Security in FPGA-Based Embedded Systems. Published in:design& Test of Computers, IEEE 25(6), 2008 [8] Braeken A, Kubera, S., Trouillez, F., Touhafi, A.Secure FPGA technologies and techniques. Published in Field Programmable Logic and Applications, 2009, [9] A. Maiti, P. Schaumont. Improving the quality of a physical unclonable function using configurable ring oscillators. IEEExplore, Virginia Tech, 2009 [10] D. Merli, F. Stumpf, C. Eckert. Improving the Quality of Ring Oscillator PUFs on FPGAs. Proc.5th Workshop on Embedded Systems Security. WESS 2010, Scottsdale, USA, October24, 2010 [11] Mazjoobi. FPGA Time-Bounded Unclonable Authentication. Lecture Notes in Computer Science, 6387, 2010,1-16 [12] Jiliang Zhang; Qiang Wu; YongqiangLyu; Qiang Zhou; YiciCai; Yaping Lin; Gang Qu. Design and Implementation of a Delay-based PUF for FPGA IP Protection. Proc. International Conference on Computer- Aided Design and Computer Graphics, 2013 [13] ChongyanGu, Julian Murphy and MaireO Neil.A Unique and Robust Single Slice FPGA Identification Generator.IEEE International Symposium on Circuits and Systems (ISCAS), 2014, [14] Alexandra Stanciu; Adrian Crăciun. Generating an Unique Identifier for FPGA Devices. IEEE,2014 [15] M. Gora, A.Maiti, P. Schaumont, A flexible Design Flow for Software Binding in FPGA. IEEE Transactions on Industrial Informatics, vol. 6, issue 4, November, 2010, [16] Ibrahim A.Murdas and Riyad A.Alalwany, Wireless on Line Solution to Voltage Stability Problem of Electrical Power System using Field Programmable Gate Array (FPGA) Circuit, International Journal of Advanced Research in Engineering & Technology (IJARET), Volume 5, Issue 2, 2014, pp , ISSN Print: , ISSN Online: