Horst Görtz Institute for IT-Security

Size: px
Start display at page:

Download "Horst Görtz Institute for IT-Security"

Transcription

1 Horst Görtz Institute for IT-Security On the Vulnerability of FPGA Bitstream Encryption against Power Analysis Attacks Extracting Keys from Xilinx Virtex-II FPGAs Amir Moradi, Alessandro Barenghi, Timo Kasper, Christof Paar Chicago, USA, 18 October 2011

2 Outline Background FPGA architecture and deployment settings Anti-counterfeiting bitstream encryption Side-channel attacks Opening the black box Bitstream structure analysis Power line analysis Decryption phase identification and sampling Relevant signal insulation (filtering) Differential power analysis 2

3 FPGAs : Reconfigurable Hardware Widely used in routers consumer products pay-tv But: Copying the configuration files makes counterfeiting easy! 3

4 Solution: Bitstream Encryption FPGA Design Secret Keys Proprietary Algorithms IP Cores Oscar:? = PCB board FPGA SRAM DEC Power-up Bitstream ENC Bitstream E2PROM Internet Satellite Firmware Update 4

5 How Secure is it?... back in the Virtex II Pro days, we issued a challenge, and more than 7 universities and research groups accepted the challenge. We provided a 2vp7 [Ed.: Virtex2 Pro VP7] pcb with usb port, and pins for access to power, that had the key battery installed (300 ma lithium coin cell), and the part was programmed with a 3DES encrypted bitstream. All 7 challengers gave up. Their basic conclusion was all the things they thought would work, differential power attack, spoofing by power glitches, attack with freeze spray, etc. FAILED. Principal engineer, Xilinx, on comp.arch.fpga, 3/5/2008 5

6 Bitstream Structural Analysis There are several documents by Xilinx on bistream structure but still some parts related to encryption stay unclear Analysis and comparison of plain and encrypted bitstream revealed that : The selection of the decryption key from the storage is readable Initialization Value of the CBC mode embedded in bitstream The decryption engine is enabled by a bitstream command Plain Encrypted 6

7 Side-Channel Attacks Existence of side-channels for crypto devices known for several decades, (e.g., Tempest ) Few concrete results / poor understanding prior to 1996 (at least outside intelligence community) 2 nd half of 1990s: golden years of SCA RSA CRT attack, 1996 Timing attacks, 1996 SPA, DPA, 1998 Since 1999: 100 s of SCA research papers, e.g. in CHES But: so far very few documented real-world attacks # of the broken commercial devices are increasing KeeLoq, DESFire, and now bitstream encryption of Xilinx FPGAs 7

8 Side-Channel Attacks Side-channel attacks aim at finding out an intermediate value of a computation (e.g. a cipher key) observing environmental parameters Differential power analysis target the power consumption of a circuit as the observed parameter A typical DPA workflow proceeds to: Collect traces for known inputs and/or output Select a small portion of the computation related to the key Guessing a key part use a model to estimate the power consumption Correlate all the estimations with the collected traces The correct key guess will report non-negligible correlation The attack is repeated until the whole key is recovered 8

9 Measurement Setup PCB board VCC-IO VCC-AUX VCC-INT Differential Probe x10 Amp Digital Oscilloscope Trigger signal 3DES Bitstream JTAG Clock JTAG Programmer Desktop PC 9

10 Our Measurement Setup 10

11 Our Measurement Setup 11

12 Our Measurement Setup 12

13 Decryption Timing Find the when the decryption takes place Must occur after at least a whole ciphertext block (64 bit) is in Should take place in less than 64 bits being sent in to match on-the-fly decryption Compare the power consumptions of encrypted and unencrypted bitstreams to reveal the time position The JTAG clock is driven by us We can freeze the programming process 13

14 Power Traces? Ciphertext i-1 Ciphertext i Decryption (Ciphertext i-1 ) 14

15 Decryption Phase Two clock cycles after a ciphertext block is in, the decryption is performed Unencrypted bitstream Encrypted bitstream 15

16 Insulating the encryption engine Encryption engine far smaller than the whole FPGA circuit The device embeds a CPU (PowerPC403) in the fabric As the PPC is not used to perform the decryption, its power consumption is irrelevant for the analysis Since the PPC is clocked at 300MHz by an internal clock source, bandblock filtering the power traces removes its contribution 16

17 Zoomed Traces/Filtering Raw Filtered Raw Timewise variance of 10k encryptions Filtered 17

18 Power consumption/architecture hypotheses To successfully perform the attack, hypotheses on the decryption engine architecture must be made Switching activity of buffers storing intermediate values are good candidates for a power model DES cipher state buffer switching activity was modeled during a cipher round Switching activity conditioned by 6 bits of the key at a time was predicted (64 key hypotheses) Consumption model: switching activity of the round buffer 18

19 Assumed Internal Architecture Round based implementation of DES Separate stage for initial and final permutation One round per crypto-engine clock cycle Internal 64 bit buffer stores cipher state 19

20 Architecture Hypothesis Validation Need to validate the architecture hypothesis before the attack Correlating to HW of Ciphertexts and output of each DES Correlating to HD of consecutive round outputs 20

21 Final Attack Results Attack on 6 bits of the 1 st DES the key (round 1) The key is recoverable with ~ decryption power measures (less than a single bitstream decryption for almost all V2Pro devices) The attack is still possible with lowpass filtered and decimated traces up to 100MSa/s A single attack to recover 6 bits of a DES key takes a couple of seconds on a common desktop Complete 3DES key recovered in 2-3 minutes of computation 21

22 Final Attack Results Successful Side Channel attack estimating a very small part of the active digital logic Correlation power analysis is scale invariant, as long as there are correlated variations No explicit SCA countermeasures present, sheer size of the platform thought to be enough Proper filtering of the obtained signal removes non-relevant consumption Mainly security through obscurity Methodic reverse engineering leads to figuring out the structure 22

23 Questions?

Side Channel Analysis and Embedded Systems Impact and Countermeasures

Side Channel Analysis and Embedded Systems Impact and Countermeasures Side Channel Analysis and Embedded Systems Impact and Countermeasures Job de Haas Agenda Advances in Embedded Systems Security From USB stick to game console Current attacks Cryptographic devices Side

More information

Application of Physical Attacks

Application of Physical Attacks Application of Physical Attacks to Real World Systems Workshop Provable Security against Physical Attacks Lorentz Center, Leiden February 17, 2010 Christof Paar Timo Kasper Embedded Security Group Horst

More information

AES1. Ultra-Compact Advanced Encryption Standard Core. General Description. Base Core Features. Symbol. Applications

AES1. Ultra-Compact Advanced Encryption Standard Core. General Description. Base Core Features. Symbol. Applications General Description The AES core implements Rijndael encoding and decoding in compliance with the NIST Advanced Encryption Standard. Basic core is very small (start at 800 Actel tiles). Enhanced versions

More information

Open Flow Controller and Switch Datasheet

Open Flow Controller and Switch Datasheet Open Flow Controller and Switch Datasheet California State University Chico Alan Braithwaite Spring 2013 Block Diagram Figure 1. High Level Block Diagram The project will consist of a network development

More information

Hardware Trojans Detection Methods Julien FRANCQ

Hardware Trojans Detection Methods Julien FRANCQ DEFENDING WORLD SECURITY Hardware Trojans Detection Methods Julien FRANCQ 2013, December the 12th Outline c 2013 CASSIDIAN CYBERSECURITY - All rights reserved TRUDEVICE 2013, December the 12th Page 2 /

More information

Microsemi Security Center of Excellence

Microsemi Security Center of Excellence Microsemi Security Center of Excellence Sales and FAE Training August 24, 2015 1 Outline What is the Security Center of Excellence (SCoE)? Overview of Microsemi s Security capabilities and expertise Threat

More information

Enabling Security in ProASIC 3 FPGAs with Hardware and Software Features

Enabling Security in ProASIC 3 FPGAs with Hardware and Software Features Enabling Security in ProASIC 3 FPGAs with Hardware and Software Features Hans Schmitz Area Technical Manager / Field Applications Engineer September 2, 2009 Abstract Two types of security features available

More information

Pertinent Side Channel Attacks on Elliptic Curve Cryptographic Systems

Pertinent Side Channel Attacks on Elliptic Curve Cryptographic Systems Pertinent Side Channel Attacks on Elliptic Curve Cryptographic Systems Stanford University CS259c/MATH250: Elliptic Curves in Cryptography December 15, 2011 1 Introduction Elliptic curve cryptosystems

More information

Unknown Plaintext Template Attacks

Unknown Plaintext Template Attacks Unknown Plaintext Template Attacks Neil Hanley, Michael Tunstall 2, and William P. Marnane Department of Electrical and Electronic Engineering, University College Cork, Ireland. neilh@eleceng.ucc.ie, l.marnane@ucc.ie

More information

SecureDoc Disk Encryption Cryptographic Engine

SecureDoc Disk Encryption Cryptographic Engine SecureDoc Disk Encryption Cryptographic Engine FIPS 140-2 Non-Proprietary Security Policy Abstract: This document specifies Security Policy enforced by SecureDoc Cryptographic Engine compliant with the

More information

IJESRT. [Padama, 2(5): May, 2013] ISSN: 2277-9655

IJESRT. [Padama, 2(5): May, 2013] ISSN: 2277-9655 IJESRT INTERNATIONAL JOURNAL OF ENGINEERING SCIENCES & RESEARCH TECHNOLOGY Design and Verification of VLSI Based AES Crypto Core Processor Using Verilog HDL Dr.K.Padama Priya *1, N. Deepthi Priya 2 *1,2

More information

Cryptographic Rights Management of FPGA Intellectual Property Cores

Cryptographic Rights Management of FPGA Intellectual Property Cores Cryptographic Rights Management of FPGA Intellectual Property Cores Tom Kean Algotronix Ltd. PO Box 23116 Edinburgh EH8 8YB United Kingdom tom@algotronix.com ABSTRACT As the capacity of FPGA s increases

More information

Interfacing Credit Card-sized PCs to Board Level Electronics

Interfacing Credit Card-sized PCs to Board Level Electronics 10th ICALEPCS Int. Conf. on Accelerator & Large Expt. Physics Control Systems. Geneva, 10-14 Oct 2005, PO2.062-4 (2005) Interfacing Credit Card-sized PCs to Board Level Electronics Flavio Fontanelli 1,

More information

OPTIMIZE DMA CONFIGURATION IN ENCRYPTION USE CASE. Guillène Ribière, CEO, System Architect

OPTIMIZE DMA CONFIGURATION IN ENCRYPTION USE CASE. Guillène Ribière, CEO, System Architect OPTIMIZE DMA CONFIGURATION IN ENCRYPTION USE CASE Guillène Ribière, CEO, System Architect Problem Statement Low Performances on Hardware Accelerated Encryption: Max Measured 10MBps Expectations: 90 MBps

More information

SECURE USB FLASH DRIVE. Non-Proprietary Security Policy

SECURE USB FLASH DRIVE. Non-Proprietary Security Policy SECURE USB FLASH DRIVE Non-Proprietary Security Policy FIPS 140-2 SECURITY POLICY VERSION 9 Page 1 of 10 Definitions and Acronyms AES Advanced Encryption Standard CBC Cipher Block Chaining CRC Cyclic Redundancy

More information

All Programmable Logic. Hans-Joachim Gelke Institute of Embedded Systems. Zürcher Fachhochschule

All Programmable Logic. Hans-Joachim Gelke Institute of Embedded Systems. Zürcher Fachhochschule All Programmable Logic Hans-Joachim Gelke Institute of Embedded Systems Institute of Embedded Systems 31 Assistants 10 Professors 7 Technical Employees 2 Secretaries www.ines.zhaw.ch Research: Education:

More information

7a. System-on-chip design and prototyping platforms

7a. System-on-chip design and prototyping platforms 7a. System-on-chip design and prototyping platforms Labros Bisdounis, Ph.D. Department of Computer and Communication Engineering 1 What is System-on-Chip (SoC)? System-on-chip is an integrated circuit

More information

FPGAs for Trusted Cloud Computing

FPGAs for Trusted Cloud Computing FPGAs for Trusted Cloud Computing Traditional Servers Datacenter Cloud Servers Datacenter Cloud Manager Client Client Control Client Client Control 2 Existing cloud systems cannot offer strong security

More information

What is LOG Storm and what is it useful for?

What is LOG Storm and what is it useful for? What is LOG Storm and what is it useful for? LOG Storm is a high-speed digital data logger used for recording and analyzing the activity from embedded electronic systems digital bus and data lines. It

More information

CoProcessor Design for Crypto- Applications using Hyperelliptic Curve Cryptography

CoProcessor Design for Crypto- Applications using Hyperelliptic Curve Cryptography CoProcessor Design for Crypto- Applications using Hyperelliptic Curve Cryptography 28. Februar 2008 Alexander Klimm, Oliver Sander, Jürgen Becker Institut für Technik der Informationsverarbeitung Sylvain

More information

Best Practises for LabVIEW FPGA Design Flow. uk.ni.com ireland.ni.com

Best Practises for LabVIEW FPGA Design Flow. uk.ni.com ireland.ni.com Best Practises for LabVIEW FPGA Design Flow 1 Agenda Overall Application Design Flow Host, Real-Time and FPGA LabVIEW FPGA Architecture Development FPGA Design Flow Common FPGA Architectures Testing and

More information

COPYRIGHT AND CITATION CONSIDERATIONS FOR THIS THESIS/ DISSERTATION

COPYRIGHT AND CITATION CONSIDERATIONS FOR THIS THESIS/ DISSERTATION COPYRIGHT AND CITATION CONSIDERATIONS FOR THIS THESIS/ DISSERTATION o Attribution You must give appropriate credit, provide a link to the license, and indicate if changes were made. You may do so in any

More information

Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur

Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur Lecture No. # 11 Block Cipher Standards (DES) (Refer Slide

More information

Offline HW/SW Authentication for Reconfigurable Platforms

Offline HW/SW Authentication for Reconfigurable Platforms Offline HW/SW Authentication for Reconfigurable Platforms Eric Simpson Virginia Tech esimpson@vt.edu Patrick Schaumont Virginia Tech schaum@vt.edu Abstract Many Field-Programmable Gate Array (FPGA) based

More information

Secure Network Communications FIPS 140 2 Non Proprietary Security Policy

Secure Network Communications FIPS 140 2 Non Proprietary Security Policy Secure Network Communications FIPS 140 2 Non Proprietary Security Policy 21 June 2010 Table of Contents Introduction Module Specification Ports and Interfaces Approved Algorithms Test Environment Roles

More information

Secure application programming in the presence of side channel attacks. Marc Witteman & Harko Robroch Riscure 04/09/08 Session Code: RR-203

Secure application programming in the presence of side channel attacks. Marc Witteman & Harko Robroch Riscure 04/09/08 Session Code: RR-203 Secure application programming in the presence of side channel attacks Marc Witteman & Harko Robroch Riscure 04/09/08 Session Code: RR-203 Attacks in the field Survey 2007*, Hong Kong: Asia-Pacific Pay-TV

More information

Using FPGAs to Design Gigabit Serial Backplanes. April 17, 2002

Using FPGAs to Design Gigabit Serial Backplanes. April 17, 2002 Using FPGAs to Design Gigabit Serial Backplanes April 17, 2002 Outline System Design Trends Serial Backplanes Architectures Building Serial Backplanes with FPGAs A1-2 Key System Design Trends Need for.

More information

ELECTRONIC COMMERCE OBJECTIVE QUESTIONS

ELECTRONIC COMMERCE OBJECTIVE QUESTIONS MODULE 13 ELECTRONIC COMMERCE OBJECTIVE QUESTIONS There are 4 alternative answers to each question. One of them is correct. Pick the correct answer. Do not guess. A key is given at the end of the module

More information

Security Policy: Key Management Facility Crypto Card (KMF CC)

Security Policy: Key Management Facility Crypto Card (KMF CC) Security Policy: Key Management Facility Crypto Card (KMF CC) Version 2.12.2 2/7/11 1.0 Introduction 3 1.1 Scope 3 1.2 Overview 3 1.3 KMF CC Implementation 4 1.4 KMF CC HW/SW version numbers 4 1.5 KMF

More information

Testing Framework for estream Profile II Candidates

Testing Framework for estream Profile II Candidates Testing Framework for estream Profile II Candidates L. Batina 1, S. Kumar 2, J. Lano 1, K. Lemke 2, N. Mentens 1, C. Paar 2, B. Preneel 1, K. Sakiyama 1 and I. Verbauwhede 1 1 Katholieke Universiteit Leuven,

More information

Confidentio. Integrated security processing unit. Including key management module, encryption engine and random number generator

Confidentio. Integrated security processing unit. Including key management module, encryption engine and random number generator Confidentio Integrated security processing unit Including key management module, encryption engine and random number generator Secure your digital life Confidentio : An integrated security processing unit

More information

POCKET SCOPE 2. The idea 2. Design criteria 3

POCKET SCOPE 2. The idea 2. Design criteria 3 POCKET SCOPE 2 The idea 2 Design criteria 3 Microcontroller requirements 3 The microcontroller must have speed. 3 The microcontroller must have RAM. 3 The microcontroller must have secure Flash. 3 The

More information

Strengthening your knowledge about sequential circuits: latches and flip-flops;

Strengthening your knowledge about sequential circuits: latches and flip-flops; Laboratory 7 Flip-Flops 7.1 Objectives The objectives of this lab class are the following: Strengthening your knowledge about sequential circuits: latches and flip-flops; Exercising the usage of the oscilloscope

More information

Reverse engineering hardware for software reversers: studying an encrypted external HDD

Reverse engineering hardware for software reversers: studying an encrypted external HDD Reverse engineering hardware for software reversers: studying an encrypted external HDD Joffrey Czarny & Raphaël Rigo / AGI / TX5IT 2015-10-02 / Hardwear.io 2015-10-02 / Hardwear.io 2 Introduction Why

More information

Seeking Opportunities for Hardware Acceleration in Big Data Analytics

Seeking Opportunities for Hardware Acceleration in Big Data Analytics Seeking Opportunities for Hardware Acceleration in Big Data Analytics Paul Chow High-Performance Reconfigurable Computing Group Department of Electrical and Computer Engineering University of Toronto Who

More information

CSCE 465 Computer & Network Security

CSCE 465 Computer & Network Security CSCE 465 Computer & Network Security Instructor: Dr. Guofei Gu http://courses.cse.tamu.edu/guofei/csce465/ Secret Key Cryptography (I) 1 Introductory Remarks Roadmap Feistel Cipher DES AES Introduction

More information

Side Channels: Hardware or Software threat?

Side Channels: Hardware or Software threat? Side Channels: Hardware or Software threat? Job de Haas Riscure Who am I Job de Haas Principal Security Analyst at Riscure Testing security on: Set-top-boxes, mobile phones, smart cards, payment terminals,

More information

AMC13 T1 Rev 2 Preliminary Design Review. E. Hazen Boston University. 2012-10-30 E. Hazen - AMC13 T1 V2 1

AMC13 T1 Rev 2 Preliminary Design Review. E. Hazen Boston University. 2012-10-30 E. Hazen - AMC13 T1 V2 1 13 T1 Rev 2 Preliminary Design Review E. Hazen Boston University 2012-10-30 E. Hazen - 13 T1 V2 1 Scope of this Review Background: 13 T1 board is being revised to support 10 GbE per request from CDAQ group

More information

MXMedia CipherStream. Preliminary Assessment. Copyright 2012 Farncombe 1.0. Author: T +44 1256 844161 F +44 1256 844162 www.farncombe.

MXMedia CipherStream. Preliminary Assessment. Copyright 2012 Farncombe 1.0. Author: T +44 1256 844161 F +44 1256 844162 www.farncombe. MXMedia CipherStream Preliminary Assessment 1.0 Author: T +44 1256 844161 F +44 1256 844162 www.farncombe.com Copyright 2012 Farncombe Belvedere Basing View Basingstoke RG21 4HG This document and the information

More information

Lesson 7: SYSTEM-ON. SoC) AND USE OF VLSI CIRCUIT DESIGN TECHNOLOGY. Chapter-1L07: "Embedded Systems - ", Raj Kamal, Publs.: McGraw-Hill Education

Lesson 7: SYSTEM-ON. SoC) AND USE OF VLSI CIRCUIT DESIGN TECHNOLOGY. Chapter-1L07: Embedded Systems - , Raj Kamal, Publs.: McGraw-Hill Education Lesson 7: SYSTEM-ON ON-CHIP (SoC( SoC) AND USE OF VLSI CIRCUIT DESIGN TECHNOLOGY 1 VLSI chip Integration of high-level components Possess gate-level sophistication in circuits above that of the counter,

More information

Evaluating GSM A5/1 security on hopping channels

Evaluating GSM A5/1 security on hopping channels Evaluating GSM A5/1 security on hopping channels Bogdan Diaconescu v1.0 This paper is a practical approach on evaluating A5/1 stream cipher on a GSM hopping network air interface called Um. The end goal

More information

A Tutorial on Physical Security and Side-Channel Attacks

A Tutorial on Physical Security and Side-Channel Attacks A Tutorial on Physical Security and Side-Channel Attacks François Koeune 12 and François-Xavier Standaert 1 1 UCL Crypto Group Place du Levant, 3. 1348 Louvain-la-Neuve, Belgium fstandae@dice.ucl.ac.be

More information

Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars

Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars Srdjan Čapkun (joint work with Aurélien Francillon, Boris Danev) 1 Agenda 1. Overview of Car Key Systems 2. Previous Attacks: In

More information

VREFout CFG B TMS TCK TDI TDO CS ENSPI

VREFout CFG B TMS TCK TDI TDO CS ENSPI Using SPI to Control isppac80 and isppac81 October 2002 Application Note AN6037 Introduction This application note describes how to use the Serial Peripheral Interface (SPI) to adjust the gain, select

More information

Reviving smart card analysis

Reviving smart card analysis Reviving smart card analysis Christopher Tarnovsky Karsten Nohl chris@flylogic.net nohl@srlabs.de Executive summary Modern smart cards should be analyzed 1. Smart card chips provide the trust base for

More information

Kirchhoff Institute for Physics Heidelberg

Kirchhoff Institute for Physics Heidelberg Kirchhoff Institute for Physics Heidelberg Norbert Abel FPGA: (re-)configuration and embedded Linux 1 Linux Front-end electronics based on ADC and digital signal processing Slow control implemented as

More information

Bidirectional wireless communication using EmbedRF

Bidirectional wireless communication using EmbedRF Bidirectional wireless communication using EmbedRF 1. Tools you will need for this application note... 2 2. Introduction... 3 3. Connect EmbedRF Board to USB Interface Board... 3 4. Install and Run EmbedRF

More information

ChipScope Pro Tutorial

ChipScope Pro Tutorial ChipScope Pro Tutorial Using an IBERT Core with ChipScope Pro Analyzer Xilinx is disclosing this user guide, manual, release note, and/or specification (the Documentation ) to you solely for use in the

More information

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 6. Wireless Network Security

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 6. Wireless Network Security Security+ Guide to Network Security Fundamentals, Third Edition Chapter 6 Wireless Network Security Objectives Overview of IEEE 802.11 wireless security Define vulnerabilities of Open System Authentication,

More information

The Data Encryption Standard (DES)

The Data Encryption Standard (DES) The Data Encryption Standard (DES) As mentioned earlier there are two main types of cryptography in use today - symmetric or secret key cryptography and asymmetric or public key cryptography. Symmetric

More information

ADVANCED IC REVERSE ENGINEERING TECHNIQUES: IN DEPTH ANALYSIS OF A MODERN SMART CARD. Olivier THOMAS Blackhat USA 2015

ADVANCED IC REVERSE ENGINEERING TECHNIQUES: IN DEPTH ANALYSIS OF A MODERN SMART CARD. Olivier THOMAS Blackhat USA 2015 ADVANCED IC REVERSE ENGINEERING TECHNIQUES: IN DEPTH ANALYSIS OF A MODERN SMART CARD Olivier THOMAS Blackhat USA 2015 About Texplained Texplained [Technology Explained] refers

More information

NETASQ & PCI DSS. Is NETASQ compatible with PCI DSS? NG Firewall version 9

NETASQ & PCI DSS. Is NETASQ compatible with PCI DSS? NG Firewall version 9 NETASQ & PCI DSS Is NETASQ compatible with PCI DSS? We have often been asked this question. Unfortunately, even the best firewall is but an element in the process of PCI DSS certification. This document

More information

Open Architecture Design for GPS Applications Yves Théroux, BAE Systems Canada

Open Architecture Design for GPS Applications Yves Théroux, BAE Systems Canada Open Architecture Design for GPS Applications Yves Théroux, BAE Systems Canada BIOGRAPHY Yves Théroux, a Project Engineer with BAE Systems Canada (BSC) has eight years of experience in the design, qualification,

More information

Design and Verification of Area-Optimized AES Based on FPGA Using Verilog HDL

Design and Verification of Area-Optimized AES Based on FPGA Using Verilog HDL Design and Verification of Area-Optimized AES Based on FPGA Using Verilog HDL 1 N. Radhika, 2 Obili Ramesh, 3 Priyadarshini, 3 Asst.Profosser, 1,2 M.Tech ( Digital Systems & Computer Electronics), 1,2,3,

More information

Eli Levi Eli Levi holds B.Sc.EE from the Technion.Working as field application engineer for Systematics, Specializing in HDL design with MATLAB and

Eli Levi Eli Levi holds B.Sc.EE from the Technion.Working as field application engineer for Systematics, Specializing in HDL design with MATLAB and Eli Levi Eli Levi holds B.Sc.EE from the Technion.Working as field application engineer for Systematics, Specializing in HDL design with MATLAB and Simulink targeting ASIC/FGPA. Previously Worked as logic

More information

The next generation of knowledge and expertise Wireless Security Basics

The next generation of knowledge and expertise Wireless Security Basics The next generation of knowledge and expertise Wireless Security Basics HTA Technology Security Consulting., 30 S. Wacker Dr, 22 nd Floor, Chicago, IL 60606, 708-862-6348 (voice), 708-868-2404 (fax), www.hta-inc.com

More information

Fastboot Techniques for x86 Architectures. Marcus Bortel Field Application Engineer QNX Software Systems

Fastboot Techniques for x86 Architectures. Marcus Bortel Field Application Engineer QNX Software Systems Fastboot Techniques for x86 Architectures Marcus Bortel Field Application Engineer QNX Software Systems Agenda Introduction BIOS and BIOS boot time Fastboot versus BIOS? Fastboot time Customizing the boot

More information

Nutaq. PicoDigitizer 125-Series 16 or 32 Channels, 125 MSPS, FPGA-Based DAQ Solution PRODUCT SHEET. nutaq.com MONTREAL QUEBEC

Nutaq. PicoDigitizer 125-Series 16 or 32 Channels, 125 MSPS, FPGA-Based DAQ Solution PRODUCT SHEET. nutaq.com MONTREAL QUEBEC Nutaq PicoDigitizer 125-Series 16 or 32 Channels, 125 MSPS, FPGA-Based DAQ Solution PRODUCT SHEET QUEBEC I MONTREAL I N E W YO R K I nutaq.com Nutaq PicoDigitizer 125-Series The PicoDigitizer 125-Series

More information

Pervasive Computing und. Informationssicherheit

Pervasive Computing und. Informationssicherheit Pervasive Computing und 11. Symposium on Privacy and Security Rüschlikon, 13. September 2006 Prof. Christof Paar European Competence Center for IT Security www.crypto.rub.de Contents 1. Pervasive Computing

More information

SkyRecon Cryptographic Module (SCM)

SkyRecon Cryptographic Module (SCM) SkyRecon Cryptographic Module (SCM) FIPS 140-2 Documentation: Security Policy Abstract This document specifies the security policy for the SkyRecon Cryptographic Module (SCM) as described in FIPS PUB 140-2.

More information

Secure Semi-Passive RFID Tags Prototype and Analysis

Secure Semi-Passive RFID Tags Prototype and Analysis Building Radio frequency IDentification for the Global Environment Secure Semi-Passive RFID Tags Prototype and Analysis Authors: Manfred Aigner (TU Graz), Thomas Plos (TU Graz), Antti Ruhanen (Confidex),

More information

Network Security Technology Network Management

Network Security Technology Network Management COMPUTER NETWORKS Network Security Technology Network Management Source Encryption E(K,P) Decryption D(K,C) Destination The author of these slides is Dr. Mark Pullen of George Mason University. Permission

More information

Practical Invalid Curve Attacks on TLS-ECDH

Practical Invalid Curve Attacks on TLS-ECDH Practical Invalid Curve Attacks on TLS-ECDH Tibor Jager, Jörg Schwenk, Juraj Somorovsky Horst Görtz Institute for IT Security Ruhr University Bochum @jurajsomorovsky 1 1 About Me and Our Institute Security

More information

Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars (NDSS 2011) Aurélien Francillon, Boris Danev, Srdjan Čapkun (ETHZ)

Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars (NDSS 2011) Aurélien Francillon, Boris Danev, Srdjan Čapkun (ETHZ) Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars (NDSS ) Aurélien Francillon, Boris Danev, Srdjan Čapkun (ETHZ) Wednesday System Security April Group 6, 1 Agenda 1. Overview of Car

More information

Architekturen und Einsatz von FPGAs mit integrierten Prozessor Kernen. Hans-Joachim Gelke Institute of Embedded Systems Professur für Mikroelektronik

Architekturen und Einsatz von FPGAs mit integrierten Prozessor Kernen. Hans-Joachim Gelke Institute of Embedded Systems Professur für Mikroelektronik Architekturen und Einsatz von FPGAs mit integrierten Prozessor Kernen Hans-Joachim Gelke Institute of Embedded Systems Professur für Mikroelektronik Contents Überblick: Aufbau moderner FPGA Einblick: Eigenschaften

More information

Cryptography & Network-Security: Implementations in Hardware

Cryptography & Network-Security: Implementations in Hardware Kris Gaj joined ECE GMU in Fall 1998 Cryptography & Network-Security: Implementations in Hardware http://ece.gmu.edu/crypto-text.htm 6 Ph.D. Students Pawel Chodowiec Charikleia Zouridaki Chang Shu Sashisu

More information

Secure Embedded Systems eine Voraussetzung für Cyber Physical Systems und das Internet der Dinge

Secure Embedded Systems eine Voraussetzung für Cyber Physical Systems und das Internet der Dinge Secure Embedded Systems eine Voraussetzung für Cyber Physical Systems und das Internet der Dinge Mitgliederversammlung EIKON e.v. 26. Februar 2014 Prof. Dr.-Ing. Georg Sigl Lehrstuhl für Sicherheit in

More information

Breakthrough silicon scanning discovers backdoor in military chip (DRAFT of 05 March 2012)

Breakthrough silicon scanning discovers backdoor in military chip (DRAFT of 05 March 2012) Breakthrough silicon scanning discovers backdoor in military chip (DRAFT of 05 March 2012) Sergei Skorobogatov University of Cambridge Cambridge, UK sps32@cam.ac.uk Christopher Woods Quo Vadis Labs London,

More information

Broadcasting encryption or systematic #FAIL? Phil

Broadcasting encryption or systematic #FAIL? Phil WE 201 EK 2 42 Broadcasting encryption or systematic #FAIL? SUMMARY Intro : Broadcasting something... 1984 : Discret 11 1995 : Syster 1996 2002 : Seca 1 2002 2008 : Seca 2 Conclusion 2/49 Broadcasting

More information

DKWF121 WF121-A 802.11 B/G/N MODULE EVALUATION BOARD

DKWF121 WF121-A 802.11 B/G/N MODULE EVALUATION BOARD DKWF121 WF121-A 802.11 B/G/N MODULE EVALUATION BOARD PRELIMINARY DATA SHEET Wednesday, 16 May 2012 Version 0.5 Copyright 2000-2012 Bluegiga Technologies All rights reserved. Bluegiga Technologies assumes

More information

Enova X-Wall XO Frequently Asked Questions--FAQs

Enova X-Wall XO Frequently Asked Questions--FAQs Enova X-Wall XO Frequently Asked Questions--FAQs Q: What is X-Wall XO? A: X-Wall XO is the fourth generation product that encrypts and decrypts the entire volume of the hard drive. The entire volume includes

More information

A DIY Hardware Packet Sniffer

A DIY Hardware Packet Sniffer A DIY Hardware Packet Sniffer Affordable Penetration Testing for the Individual Veronica Swanson: University of California, Irvine CyberSecurity for the Next Generation North American Round, New York 15

More information

SAS Data Set Encryption Options

SAS Data Set Encryption Options Technical Paper SAS Data Set Encryption Options SAS product interaction with encrypted data storage Table of Contents Introduction: What Is Encryption?... 1 Test Configuration... 1 Data... 1 Code... 2

More information

Secret File Sharing Techniques using AES algorithm. C. Navya Latha 200201066 Garima Agarwal 200305032 Anila Kumar GVN 200305002

Secret File Sharing Techniques using AES algorithm. C. Navya Latha 200201066 Garima Agarwal 200305032 Anila Kumar GVN 200305002 Secret File Sharing Techniques using AES algorithm C. Navya Latha 200201066 Garima Agarwal 200305032 Anila Kumar GVN 200305002 1. Feature Overview The Advanced Encryption Standard (AES) feature adds support

More information

PLAS: Analog memory ASIC Conceptual design & development status

PLAS: Analog memory ASIC Conceptual design & development status PLAS: Analog memory ASIC Conceptual design & development status Ramón J. Aliaga Instituto de Física Corpuscular (IFIC) Consejo Superior de Investigaciones Científicas (CSIC) Universidad de Valencia Vicente

More information

Linux. Reverse Debugging. Target Communication Framework. Nexus. Intel Trace Hub GDB. PIL Simulation CONTENTS

Linux. Reverse Debugging. Target Communication Framework. Nexus. Intel Trace Hub GDB. PIL Simulation CONTENTS Android NEWS 2016 AUTOSAR Linux Windows 10 Reverse ging Target Communication Framework ARM CoreSight Requirements Analysis Nexus Timing Tools Intel Trace Hub GDB Unit Testing PIL Simulation Infineon MCDS

More information

Model-based system-on-chip design on Altera and Xilinx platforms

Model-based system-on-chip design on Altera and Xilinx platforms CO-DEVELOPMENT MANUFACTURING INNOVATION & SUPPORT Model-based system-on-chip design on Altera and Xilinx platforms Ronald Grootelaar, System Architect RJA.Grootelaar@3t.nl Agenda 3T Company profile Technology

More information

A PPENDIX H RITERIA FOR AES E VALUATION C RITERIA FOR

A PPENDIX H RITERIA FOR AES E VALUATION C RITERIA FOR A PPENDIX H RITERIA FOR AES E VALUATION C RITERIA FOR William Stallings Copyright 20010 H.1 THE ORIGINS OF AES...2 H.2 AES EVALUATION...3 Supplement to Cryptography and Network Security, Fifth Edition

More information

Security Analysis of the Bitstream Encryption Scheme of Altera FPGAs

Security Analysis of the Bitstream Encryption Scheme of Altera FPGAs Security Analysis of the Bitstream Encryption Scheme of Altera FPGAs Pawel Swierczynski Master s Thesis. December 6, 2012. Chair for Embedded Security Prof. Dr.-Ing. Christof Paar Advisor: Amir Moradi,

More information

MPC 4. Machinery Protection Card Type MPC 4 FEATURES. Continuous on-line Machinery Protection Card

MPC 4. Machinery Protection Card Type MPC 4 FEATURES. Continuous on-line Machinery Protection Card Machinery Protection Card Type FEATURES Continuous on-line Machinery Protection Card Real-time measurement and monitoring using state-of-the-art DSP techniques Fully VME-compatible slave interface Fully

More information

Sécurité des cartes à puce

Sécurité des cartes à puce : des attaques physiques aux protections logicielles P. Berthomé, K. Heydemann, X. Kauffmann-Tourkestansky, J.-F. Lalande Journée Risques - 5 juin 2012 Introduction Physical attacks Authentication for

More information

Data Sheet. Adaptive Design ltd. Arduino Dual L6470 Stepper Motor Shield V1.0. 20 th November 2012. L6470 Stepper Motor Shield

Data Sheet. Adaptive Design ltd. Arduino Dual L6470 Stepper Motor Shield V1.0. 20 th November 2012. L6470 Stepper Motor Shield Arduino Dual L6470 Stepper Motor Shield Data Sheet Adaptive Design ltd V1.0 20 th November 2012 Adaptive Design ltd. Page 1 General Description The Arduino stepper motor shield is based on L6470 microstepping

More information

40G MACsec Encryption in an FPGA

40G MACsec Encryption in an FPGA 40G MACsec Encryption in an FPGA Dr Tom Kean, Managing Director, Algotronix Ltd, 130-10 Calton Road, Edinburgh EH8 8JQ United Kingdom Tel: +44 131 556 9242 Email: tom@algotronix.com February 2012 1 MACsec

More information

Detecting Software Theft in Embedded Systems: A Side-Channel Approach

Detecting Software Theft in Embedded Systems: A Side-Channel Approach 1 Detecting Software Theft in Embedded Systems: A Side-Channel Approach Georg T. Becker, Daehyun Strobel, Christof Paar, Fellow, IEEE,, Wayne Burleson, Fellow, IEEE Abstract Source code plagiarism has

More information

Cisco Configuring Secure Shell (SSH) on Cisco IOS Router

Cisco Configuring Secure Shell (SSH) on Cisco IOS Router Cisco Configuring Secure Shell (SSH) on Cisco IOS Router Table of Contents Configuring Secure Shell (SSH) on Cisco IOS Routers...1 Contents...1 Introduction...1 Hardware and Software Versions...1 SSHv1

More information

Client Server Registration Protocol

Client Server Registration Protocol Client Server Registration Protocol The Client-Server protocol involves these following steps: 1. Login 2. Discovery phase User (Alice or Bob) has K s Server (S) has hash[pw A ].The passwords hashes are

More information

Secure File Transfer Appliance Security Policy Document Version 1.9. Accellion, Inc.

Secure File Transfer Appliance Security Policy Document Version 1.9. Accellion, Inc. Secure File Transfer Appliance Security Policy Document Version 1.9 Accellion, Inc. November 11, 2010 Copyright Accellion, Inc. 2010. May be reproduced only in its original entirety [without revision].

More information

High-Speed Computing & Co-Processing with FPGAs

High-Speed Computing & Co-Processing with FPGAs High-Speed Computing & Co-Processing with FPGAs FPGAs (Field Programmable Gate Arrays) are slowly becoming more and more advanced and practical as high-speed computing platforms. In this talk, David will

More information

ON SUITABILITY OF FPGA BASED EVOLVABLE HARDWARE SYSTEMS TO INTEGRATE RECONFIGURABLE CIRCUITS WITH HOST PROCESSING UNIT

ON SUITABILITY OF FPGA BASED EVOLVABLE HARDWARE SYSTEMS TO INTEGRATE RECONFIGURABLE CIRCUITS WITH HOST PROCESSING UNIT 216 ON SUITABILITY OF FPGA BASED EVOLVABLE HARDWARE SYSTEMS TO INTEGRATE RECONFIGURABLE CIRCUITS WITH HOST PROCESSING UNIT *P.Nirmalkumar, **J.Raja Paul Perinbam, @S.Ravi and #B.Rajan *Research Scholar,

More information

Design of a High Speed Communications Link Using Field Programmable Gate Arrays

Design of a High Speed Communications Link Using Field Programmable Gate Arrays Customer-Authored Application Note AC103 Design of a High Speed Communications Link Using Field Programmable Gate Arrays Amy Lovelace, Technical Staff Engineer Alcatel Network Systems Introduction A communication

More information

Preventing Piracy and Reverse Engineering of SRAM FPGAs Bitstream

Preventing Piracy and Reverse Engineering of SRAM FPGAs Bitstream Approche de conception d interface de communication pour les systèmes sur puce Preventing Piracy and Reverse Engineering of SRAM FPGAs Bitstream Lilian Bossuet 1, Guy Gogniat 1, Wayne Burleson 2 1 LESTER

More information

My Arduino can beat up your hotel room lock. - Cody Brocious

My Arduino can beat up your hotel room lock. - Cody Brocious My Arduino can beat up your hotel room lock - Cody Brocious Intro This talk is all about the Onity HT lock system for hotels Over 4 million locks are installed in hotels On the market since 1993 Every

More information

基 於 SDN 與 可 程 式 化 硬 體 架 構 之 雲 端 網 路 系 統 交 換 器

基 於 SDN 與 可 程 式 化 硬 體 架 構 之 雲 端 網 路 系 統 交 換 器 基 於 SDN 與 可 程 式 化 硬 體 架 構 之 雲 端 網 路 系 統 交 換 器 楊 竹 星 教 授 國 立 成 功 大 學 電 機 工 程 學 系 Outline Introduction OpenFlow NetFPGA OpenFlow Switch on NetFPGA Development Cases Conclusion 2 Introduction With the proposal

More information

SDLC Controller. Documentation. Design File Formats. Verification

SDLC Controller. Documentation. Design File Formats. Verification January 15, 2004 Product Specification 11 Stonewall Court Woodcliff Lake, NJ 07677 USA Phone: +1-201-391-8300 Fax: +1-201-391-8694 E-mail: info@cast-inc.com URL: www.cast-inc.com Features AllianceCORE

More information

CryptoFirewall Technology Introduction

CryptoFirewall Technology Introduction CryptoFirewall Technology Introduction Cryptography Research, Inc. www.cryptography.com 575 Market St., 21 st Floor, San Francisco, CA 94105 1998-2007 Cryptography Research, Inc. Protected under issued

More information

Computer System Management: Hosting Servers, Miscellaneous

Computer System Management: Hosting Servers, Miscellaneous Computer System Management: Hosting Servers, Miscellaneous Amarjeet Singh October 22, 2012 Partly adopted from Computer System Management Slides by Navpreet Singh Logistics Any doubts on project/hypo explanation

More information

PCIe AHCI-IP Demo Instruction Rev1.0 10-Jul-15

PCIe AHCI-IP Demo Instruction Rev1.0 10-Jul-15 PCIe AHCI-IP Demo Instruction Rev1.0 10-Jul-15 This document describes the instruction to show PCIeSSD demo by using SATA AHCI-IP, SATA-IP, and PCIeIP connecting with SATA-III/II SSD on Xilinx evaluation

More information

CHASE Survey on 6 Most Important Topics in Hardware Security

CHASE Survey on 6 Most Important Topics in Hardware Security University of Connecticut CHASE Survey on 6 Most Important Topics in Hardware Security Prepared By Prof. M. Tehranipoor Charles H. Knapp Associate Professor in Engineering Innovation Topics! Counterfeit

More information

Recommended 802.11 Wireless Local Area Network Architecture

Recommended 802.11 Wireless Local Area Network Architecture NATIONAL SECURITY AGENCY Ft. George G. Meade, MD I332-008R-2005 Dated: 23 September 2005 Network Hardware Analysis and Evaluation Division Systems and Network Attack Center Recommended 802.11 Wireless

More information

Arquitectura Virtex. Delay-Locked Loop (DLL)

Arquitectura Virtex. Delay-Locked Loop (DLL) Arquitectura Virtex Compuesta de dos elementos principales configurables : CLBs y IOBs. Los CLBs se interconectan a través de una matriz general de routeado (GRM). Posse una intefaz VersaRing que proporciona

More information