Horst Görtz Institute for IT-Security

Size: px
Start display at page:

Download "Horst Görtz Institute for IT-Security"

Transcription

1 Horst Görtz Institute for IT-Security On the Vulnerability of FPGA Bitstream Encryption against Power Analysis Attacks Extracting Keys from Xilinx Virtex-II FPGAs Amir Moradi, Alessandro Barenghi, Timo Kasper, Christof Paar Chicago, USA, 18 October 2011

2 Outline Background FPGA architecture and deployment settings Anti-counterfeiting bitstream encryption Side-channel attacks Opening the black box Bitstream structure analysis Power line analysis Decryption phase identification and sampling Relevant signal insulation (filtering) Differential power analysis 2

3 FPGAs : Reconfigurable Hardware Widely used in routers consumer products pay-tv But: Copying the configuration files makes counterfeiting easy! 3

4 Solution: Bitstream Encryption FPGA Design Secret Keys Proprietary Algorithms IP Cores Oscar:? = PCB board FPGA SRAM DEC Power-up Bitstream ENC Bitstream E2PROM Internet Satellite Firmware Update 4

5 How Secure is it?... back in the Virtex II Pro days, we issued a challenge, and more than 7 universities and research groups accepted the challenge. We provided a 2vp7 [Ed.: Virtex2 Pro VP7] pcb with usb port, and pins for access to power, that had the key battery installed (300 ma lithium coin cell), and the part was programmed with a 3DES encrypted bitstream. All 7 challengers gave up. Their basic conclusion was all the things they thought would work, differential power attack, spoofing by power glitches, attack with freeze spray, etc. FAILED. Principal engineer, Xilinx, on comp.arch.fpga, 3/5/2008 5

6 Bitstream Structural Analysis There are several documents by Xilinx on bistream structure but still some parts related to encryption stay unclear Analysis and comparison of plain and encrypted bitstream revealed that : The selection of the decryption key from the storage is readable Initialization Value of the CBC mode embedded in bitstream The decryption engine is enabled by a bitstream command Plain Encrypted 6

7 Side-Channel Attacks Existence of side-channels for crypto devices known for several decades, (e.g., Tempest ) Few concrete results / poor understanding prior to 1996 (at least outside intelligence community) 2 nd half of 1990s: golden years of SCA RSA CRT attack, 1996 Timing attacks, 1996 SPA, DPA, 1998 Since 1999: 100 s of SCA research papers, e.g. in CHES But: so far very few documented real-world attacks # of the broken commercial devices are increasing KeeLoq, DESFire, and now bitstream encryption of Xilinx FPGAs 7

8 Side-Channel Attacks Side-channel attacks aim at finding out an intermediate value of a computation (e.g. a cipher key) observing environmental parameters Differential power analysis target the power consumption of a circuit as the observed parameter A typical DPA workflow proceeds to: Collect traces for known inputs and/or output Select a small portion of the computation related to the key Guessing a key part use a model to estimate the power consumption Correlate all the estimations with the collected traces The correct key guess will report non-negligible correlation The attack is repeated until the whole key is recovered 8

9 Measurement Setup PCB board VCC-IO VCC-AUX VCC-INT Differential Probe x10 Amp Digital Oscilloscope Trigger signal 3DES Bitstream JTAG Clock JTAG Programmer Desktop PC 9

10 Our Measurement Setup 10

11 Our Measurement Setup 11

12 Our Measurement Setup 12

13 Decryption Timing Find the when the decryption takes place Must occur after at least a whole ciphertext block (64 bit) is in Should take place in less than 64 bits being sent in to match on-the-fly decryption Compare the power consumptions of encrypted and unencrypted bitstreams to reveal the time position The JTAG clock is driven by us We can freeze the programming process 13

14 Power Traces? Ciphertext i-1 Ciphertext i Decryption (Ciphertext i-1 ) 14

15 Decryption Phase Two clock cycles after a ciphertext block is in, the decryption is performed Unencrypted bitstream Encrypted bitstream 15

16 Insulating the encryption engine Encryption engine far smaller than the whole FPGA circuit The device embeds a CPU (PowerPC403) in the fabric As the PPC is not used to perform the decryption, its power consumption is irrelevant for the analysis Since the PPC is clocked at 300MHz by an internal clock source, bandblock filtering the power traces removes its contribution 16

17 Zoomed Traces/Filtering Raw Filtered Raw Timewise variance of 10k encryptions Filtered 17

18 Power consumption/architecture hypotheses To successfully perform the attack, hypotheses on the decryption engine architecture must be made Switching activity of buffers storing intermediate values are good candidates for a power model DES cipher state buffer switching activity was modeled during a cipher round Switching activity conditioned by 6 bits of the key at a time was predicted (64 key hypotheses) Consumption model: switching activity of the round buffer 18

19 Assumed Internal Architecture Round based implementation of DES Separate stage for initial and final permutation One round per crypto-engine clock cycle Internal 64 bit buffer stores cipher state 19

20 Architecture Hypothesis Validation Need to validate the architecture hypothesis before the attack Correlating to HW of Ciphertexts and output of each DES Correlating to HD of consecutive round outputs 20

21 Final Attack Results Attack on 6 bits of the 1 st DES the key (round 1) The key is recoverable with ~ decryption power measures (less than a single bitstream decryption for almost all V2Pro devices) The attack is still possible with lowpass filtered and decimated traces up to 100MSa/s A single attack to recover 6 bits of a DES key takes a couple of seconds on a common desktop Complete 3DES key recovered in 2-3 minutes of computation 21

22 Final Attack Results Successful Side Channel attack estimating a very small part of the active digital logic Correlation power analysis is scale invariant, as long as there are correlated variations No explicit SCA countermeasures present, sheer size of the platform thought to be enough Proper filtering of the obtained signal removes non-relevant consumption Mainly security through obscurity Methodic reverse engineering leads to figuring out the structure 22

23 Questions?

Side Channel Analysis and Embedded Systems Impact and Countermeasures

Side Channel Analysis and Embedded Systems Impact and Countermeasures Side Channel Analysis and Embedded Systems Impact and Countermeasures Job de Haas Agenda Advances in Embedded Systems Security From USB stick to game console Current attacks Cryptographic devices Side

More information

Application of Physical Attacks

Application of Physical Attacks Application of Physical Attacks to Real World Systems Workshop Provable Security against Physical Attacks Lorentz Center, Leiden February 17, 2010 Christof Paar Timo Kasper Embedded Security Group Horst

More information

AES1. Ultra-Compact Advanced Encryption Standard Core. General Description. Base Core Features. Symbol. Applications

AES1. Ultra-Compact Advanced Encryption Standard Core. General Description. Base Core Features. Symbol. Applications General Description The AES core implements Rijndael encoding and decoding in compliance with the NIST Advanced Encryption Standard. Basic core is very small (start at 800 Actel tiles). Enhanced versions

More information

Open Flow Controller and Switch Datasheet

Open Flow Controller and Switch Datasheet Open Flow Controller and Switch Datasheet California State University Chico Alan Braithwaite Spring 2013 Block Diagram Figure 1. High Level Block Diagram The project will consist of a network development

More information

Hardware Trojans Detection Methods Julien FRANCQ

Hardware Trojans Detection Methods Julien FRANCQ DEFENDING WORLD SECURITY Hardware Trojans Detection Methods Julien FRANCQ 2013, December the 12th Outline c 2013 CASSIDIAN CYBERSECURITY - All rights reserved TRUDEVICE 2013, December the 12th Page 2 /

More information

FPGA Security Bit Stream Authentication. Milind M. Parelkar

FPGA Security Bit Stream Authentication. Milind M. Parelkar FPGA Security Bit Stream Authentication Milind M. Parelkar Security Issues in FPGA Remotely Re-configurable FPGAs Stealing the Bitstream in Transit Host Processor FPGA ` 110101010 Bitstream Encryption

More information

Microsemi Security Center of Excellence

Microsemi Security Center of Excellence Microsemi Security Center of Excellence Sales and FAE Training August 24, 2015 1 Outline What is the Security Center of Excellence (SCoE)? Overview of Microsemi s Security capabilities and expertise Threat

More information

Enabling Security in ProASIC 3 FPGAs with Hardware and Software Features

Enabling Security in ProASIC 3 FPGAs with Hardware and Software Features Enabling Security in ProASIC 3 FPGAs with Hardware and Software Features Hans Schmitz Area Technical Manager / Field Applications Engineer September 2, 2009 Abstract Two types of security features available

More information

Pertinent Side Channel Attacks on Elliptic Curve Cryptographic Systems

Pertinent Side Channel Attacks on Elliptic Curve Cryptographic Systems Pertinent Side Channel Attacks on Elliptic Curve Cryptographic Systems Stanford University CS259c/MATH250: Elliptic Curves in Cryptography December 15, 2011 1 Introduction Elliptic curve cryptosystems

More information

Unknown Plaintext Template Attacks

Unknown Plaintext Template Attacks Unknown Plaintext Template Attacks Neil Hanley, Michael Tunstall 2, and William P. Marnane Department of Electrical and Electronic Engineering, University College Cork, Ireland. neilh@eleceng.ucc.ie, l.marnane@ucc.ie

More information

Cryptographic Rights Management of FPGA Intellectual Property Cores

Cryptographic Rights Management of FPGA Intellectual Property Cores Cryptographic Rights Management of FPGA Intellectual Property Cores Tom Kean Algotronix Ltd. PO Box 23116 Edinburgh EH8 8YB United Kingdom tom@algotronix.com ABSTRACT As the capacity of FPGA s increases

More information

SecureDoc Disk Encryption Cryptographic Engine

SecureDoc Disk Encryption Cryptographic Engine SecureDoc Disk Encryption Cryptographic Engine FIPS 140-2 Non-Proprietary Security Policy Abstract: This document specifies Security Policy enforced by SecureDoc Cryptographic Engine compliant with the

More information

OPTIMIZE DMA CONFIGURATION IN ENCRYPTION USE CASE. Guillène Ribière, CEO, System Architect

OPTIMIZE DMA CONFIGURATION IN ENCRYPTION USE CASE. Guillène Ribière, CEO, System Architect OPTIMIZE DMA CONFIGURATION IN ENCRYPTION USE CASE Guillène Ribière, CEO, System Architect Problem Statement Low Performances on Hardware Accelerated Encryption: Max Measured 10MBps Expectations: 90 MBps

More information

FPGAs for Trusted Cloud Computing

FPGAs for Trusted Cloud Computing FPGAs for Trusted Cloud Computing Traditional Servers Datacenter Cloud Servers Datacenter Cloud Manager Client Client Control Client Client Control 2 Existing cloud systems cannot offer strong security

More information

Securing Passive RFID Tags Using Strong Cryptographic Algorithms

Securing Passive RFID Tags Using Strong Cryptographic Algorithms Securing Passive RFID Tags Using Strong Cryptographic Algorithms 4th European Workshop on RFID Systems and Technologies 10-11 June, 2008, Freiburg, Germany Martin Feldhofer IAIK Graz University of Technology

More information

IJESRT. [Padama, 2(5): May, 2013] ISSN: 2277-9655

IJESRT. [Padama, 2(5): May, 2013] ISSN: 2277-9655 IJESRT INTERNATIONAL JOURNAL OF ENGINEERING SCIENCES & RESEARCH TECHNOLOGY Design and Verification of VLSI Based AES Crypto Core Processor Using Verilog HDL Dr.K.Padama Priya *1, N. Deepthi Priya 2 *1,2

More information

Interfacing Credit Card-sized PCs to Board Level Electronics

Interfacing Credit Card-sized PCs to Board Level Electronics 10th ICALEPCS Int. Conf. on Accelerator & Large Expt. Physics Control Systems. Geneva, 10-14 Oct 2005, PO2.062-4 (2005) Interfacing Credit Card-sized PCs to Board Level Electronics Flavio Fontanelli 1,

More information

CoProcessor Design for Crypto- Applications using Hyperelliptic Curve Cryptography

CoProcessor Design for Crypto- Applications using Hyperelliptic Curve Cryptography CoProcessor Design for Crypto- Applications using Hyperelliptic Curve Cryptography 28. Februar 2008 Alexander Klimm, Oliver Sander, Jürgen Becker Institut für Technik der Informationsverarbeitung Sylvain

More information

H.264 AVC Encoder IP Core Datasheet V.4.2, 2015

H.264 AVC Encoder IP Core Datasheet V.4.2, 2015 SOC H.264 AVC Video/Audio Encoder IP Core Datasheet Standard version I-Frame Version Slim Version Low-Bit-rate Version (with B frame) Special version for Zynq-7020 1. Product Overview (Integration information

More information

SECURE USB FLASH DRIVE. Non-Proprietary Security Policy

SECURE USB FLASH DRIVE. Non-Proprietary Security Policy SECURE USB FLASH DRIVE Non-Proprietary Security Policy FIPS 140-2 SECURITY POLICY VERSION 9 Page 1 of 10 Definitions and Acronyms AES Advanced Encryption Standard CBC Cipher Block Chaining CRC Cyclic Redundancy

More information

All Programmable Logic. Hans-Joachim Gelke Institute of Embedded Systems. Zürcher Fachhochschule

All Programmable Logic. Hans-Joachim Gelke Institute of Embedded Systems. Zürcher Fachhochschule All Programmable Logic Hans-Joachim Gelke Institute of Embedded Systems Institute of Embedded Systems 31 Assistants 10 Professors 7 Technical Employees 2 Secretaries www.ines.zhaw.ch Research: Education:

More information

Hardware Attacks on Cryptographic Devices

Hardware Attacks on Cryptographic Devices Hardware Attacks on Cryptographic Devices Implementation Attacks on Embedded Systems and Other Portable Hardware Jem Berkes University of Waterloo Prepared for ECE 628, Winter 2006 1. Introduction to hardware

More information

7a. System-on-chip design and prototyping platforms

7a. System-on-chip design and prototyping platforms 7a. System-on-chip design and prototyping platforms Labros Bisdounis, Ph.D. Department of Computer and Communication Engineering 1 What is System-on-Chip (SoC)? System-on-chip is an integrated circuit

More information

Using FPGAs to Design Gigabit Serial Backplanes. April 17, 2002

Using FPGAs to Design Gigabit Serial Backplanes. April 17, 2002 Using FPGAs to Design Gigabit Serial Backplanes April 17, 2002 Outline System Design Trends Serial Backplanes Architectures Building Serial Backplanes with FPGAs A1-2 Key System Design Trends Need for.

More information

Secure application programming in the presence of side channel attacks. Marc Witteman & Harko Robroch Riscure 04/09/08 Session Code: RR-203

Secure application programming in the presence of side channel attacks. Marc Witteman & Harko Robroch Riscure 04/09/08 Session Code: RR-203 Secure application programming in the presence of side channel attacks Marc Witteman & Harko Robroch Riscure 04/09/08 Session Code: RR-203 Attacks in the field Survey 2007*, Hong Kong: Asia-Pacific Pay-TV

More information

Secure Network Communications FIPS 140 2 Non Proprietary Security Policy

Secure Network Communications FIPS 140 2 Non Proprietary Security Policy Secure Network Communications FIPS 140 2 Non Proprietary Security Policy 21 June 2010 Table of Contents Introduction Module Specification Ports and Interfaces Approved Algorithms Test Environment Roles

More information

E246: Electronics & Instrumentation. Lecture: Microprocessors and DSPs

E246: Electronics & Instrumentation. Lecture: Microprocessors and DSPs E246: Electronics & Instrumentation Lecture: Microprocessors and DSPs Microprocessor It is an integrated circuit that is the fundamental building block of a digital computer, controlled by software programs

More information

Is your design leaking keys? Efficient testing for sidechannel

Is your design leaking keys? Efficient testing for sidechannel Is your design leaking keys? Efficient testing for sidechannel leakage Benjamin Jun Cryptography Research Inc Pankaj Rohatgi Cryptography Research Inc Session ID: ASEC-R35B Session Classification: Advanced

More information

Confidentio. Integrated security processing unit. Including key management module, encryption engine and random number generator

Confidentio. Integrated security processing unit. Including key management module, encryption engine and random number generator Confidentio Integrated security processing unit Including key management module, encryption engine and random number generator Secure your digital life Confidentio : An integrated security processing unit

More information

What is LOG Storm and what is it useful for?

What is LOG Storm and what is it useful for? What is LOG Storm and what is it useful for? LOG Storm is a high-speed digital data logger used for recording and analyzing the activity from embedded electronic systems digital bus and data lines. It

More information

Best Practises for LabVIEW FPGA Design Flow. uk.ni.com ireland.ni.com

Best Practises for LabVIEW FPGA Design Flow. uk.ni.com ireland.ni.com Best Practises for LabVIEW FPGA Design Flow 1 Agenda Overall Application Design Flow Host, Real-Time and FPGA LabVIEW FPGA Architecture Development FPGA Design Flow Common FPGA Architectures Testing and

More information

Malicious Off-chip Leakage Enabled by Side-channels

Malicious Off-chip Leakage Enabled by Side-channels MOLES: Malicious Off-chip Leakage Enabled by Side-channels Lang Lin* Wayne Burleson* Christof Paar* # *University of Massachusetts Amherst, USA # Ruhr University Bochum, Germany ICCAD, November 2009 This

More information

COPYRIGHT AND CITATION CONSIDERATIONS FOR THIS THESIS/ DISSERTATION

COPYRIGHT AND CITATION CONSIDERATIONS FOR THIS THESIS/ DISSERTATION COPYRIGHT AND CITATION CONSIDERATIONS FOR THIS THESIS/ DISSERTATION o Attribution You must give appropriate credit, provide a link to the license, and indicate if changes were made. You may do so in any

More information

Offline HW/SW Authentication for Reconfigurable Platforms

Offline HW/SW Authentication for Reconfigurable Platforms Offline HW/SW Authentication for Reconfigurable Platforms Eric Simpson Virginia Tech esimpson@vt.edu Patrick Schaumont Virginia Tech schaum@vt.edu Abstract Many Field-Programmable Gate Array (FPGA) based

More information

Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur

Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur Lecture No. # 11 Block Cipher Standards (DES) (Refer Slide

More information

Reviving smart card analysis

Reviving smart card analysis Reviving smart card analysis Christopher Tarnovsky Karsten Nohl chris@flylogic.net nohl@srlabs.de Executive summary Modern smart cards should be analyzed 1. Smart card chips provide the trust base for

More information

Seeking Opportunities for Hardware Acceleration in Big Data Analytics

Seeking Opportunities for Hardware Acceleration in Big Data Analytics Seeking Opportunities for Hardware Acceleration in Big Data Analytics Paul Chow High-Performance Reconfigurable Computing Group Department of Electrical and Computer Engineering University of Toronto Who

More information

Strengthening your knowledge about sequential circuits: latches and flip-flops;

Strengthening your knowledge about sequential circuits: latches and flip-flops; Laboratory 7 Flip-Flops 7.1 Objectives The objectives of this lab class are the following: Strengthening your knowledge about sequential circuits: latches and flip-flops; Exercising the usage of the oscilloscope

More information

MXMedia CipherStream. Preliminary Assessment. Copyright 2012 Farncombe 1.0. Author: T +44 1256 844161 F +44 1256 844162 www.farncombe.

MXMedia CipherStream. Preliminary Assessment. Copyright 2012 Farncombe 1.0. Author: T +44 1256 844161 F +44 1256 844162 www.farncombe. MXMedia CipherStream Preliminary Assessment 1.0 Author: T +44 1256 844161 F +44 1256 844162 www.farncombe.com Copyright 2012 Farncombe Belvedere Basing View Basingstoke RG21 4HG This document and the information

More information

ELECTRONIC COMMERCE OBJECTIVE QUESTIONS

ELECTRONIC COMMERCE OBJECTIVE QUESTIONS MODULE 13 ELECTRONIC COMMERCE OBJECTIVE QUESTIONS There are 4 alternative answers to each question. One of them is correct. Pick the correct answer. Do not guess. A key is given at the end of the module

More information

Testing Framework for estream Profile II Candidates

Testing Framework for estream Profile II Candidates Testing Framework for estream Profile II Candidates L. Batina 1, S. Kumar 2, J. Lano 1, K. Lemke 2, N. Mentens 1, C. Paar 2, B. Preneel 1, K. Sakiyama 1 and I. Verbauwhede 1 1 Katholieke Universiteit Leuven,

More information

Testing and Programming:

Testing and Programming: Testing and Programming: JTAG handles latest memories and flash devices XJTAG Inc. 1 What is JTAG? JTAG is a serial communication protocol: Designed to allow connectivity testing of PCBs Gives set + read

More information

POCKET SCOPE 2. The idea 2. Design criteria 3

POCKET SCOPE 2. The idea 2. Design criteria 3 POCKET SCOPE 2 The idea 2 Design criteria 3 Microcontroller requirements 3 The microcontroller must have speed. 3 The microcontroller must have RAM. 3 The microcontroller must have secure Flash. 3 The

More information

Hardware Security for FPGAs using Cryptography

Hardware Security for FPGAs using Cryptography Hardware Security for FPGAs using Cryptography Jens Hüttemann, Microsemi Corporation Senior Field Applications Engineer Power Matters. Definitions: Design Security vs. Data Security FPGA Design/Device

More information

Reverse engineering hardware for software reversers: studying an encrypted external HDD

Reverse engineering hardware for software reversers: studying an encrypted external HDD Reverse engineering hardware for software reversers: studying an encrypted external HDD Joffrey Czarny & Raphaël Rigo / AGI / TX5IT 2015-10-02 / Hardwear.io 2015-10-02 / Hardwear.io 2 Introduction Why

More information

Eli Levi Eli Levi holds B.Sc.EE from the Technion.Working as field application engineer for Systematics, Specializing in HDL design with MATLAB and

Eli Levi Eli Levi holds B.Sc.EE from the Technion.Working as field application engineer for Systematics, Specializing in HDL design with MATLAB and Eli Levi Eli Levi holds B.Sc.EE from the Technion.Working as field application engineer for Systematics, Specializing in HDL design with MATLAB and Simulink targeting ASIC/FGPA. Previously Worked as logic

More information

A DPA Attack against Asymmetric Encryption: RSA Attacks and Countermeasures

A DPA Attack against Asymmetric Encryption: RSA Attacks and Countermeasures A DPA Attack against Asymmetric Encryption: RSA Attacks and Countermeasures Lesky D.S. Anatias April 18, 2008 Abstract This paper discusses side-channel attacks based on Power Analysis. This approach utilizes

More information

CSCE 465 Computer & Network Security

CSCE 465 Computer & Network Security CSCE 465 Computer & Network Security Instructor: Dr. Guofei Gu http://courses.cse.tamu.edu/guofei/csce465/ Secret Key Cryptography (I) 1 Introductory Remarks Roadmap Feistel Cipher DES AES Introduction

More information

ChipScope Pro Tutorial

ChipScope Pro Tutorial ChipScope Pro Tutorial Using an IBERT Core with ChipScope Pro Analyzer Xilinx is disclosing this user guide, manual, release note, and/or specification (the Documentation ) to you solely for use in the

More information

Fastboot Techniques for x86 Architectures. Marcus Bortel Field Application Engineer QNX Software Systems

Fastboot Techniques for x86 Architectures. Marcus Bortel Field Application Engineer QNX Software Systems Fastboot Techniques for x86 Architectures Marcus Bortel Field Application Engineer QNX Software Systems Agenda Introduction BIOS and BIOS boot time Fastboot versus BIOS? Fastboot time Customizing the boot

More information

Lab 1: Seven Segment Decoder

Lab 1: Seven Segment Decoder CpE 487 Digital Design Lab Lab 1: Seven Segment Decoder 1. Getting Started The purpose of this lab is to introduce you to the NEXYS2 FPGA development board and a software environment that will allow you

More information

Side Channels: Hardware or Software threat?

Side Channels: Hardware or Software threat? Side Channels: Hardware or Software threat? Job de Haas Riscure Who am I Job de Haas Principal Security Analyst at Riscure Testing security on: Set-top-boxes, mobile phones, smart cards, payment terminals,

More information

Open Architecture Design for GPS Applications Yves Théroux, BAE Systems Canada

Open Architecture Design for GPS Applications Yves Théroux, BAE Systems Canada Open Architecture Design for GPS Applications Yves Théroux, BAE Systems Canada BIOGRAPHY Yves Théroux, a Project Engineer with BAE Systems Canada (BSC) has eight years of experience in the design, qualification,

More information

Lesson 7: SYSTEM-ON. SoC) AND USE OF VLSI CIRCUIT DESIGN TECHNOLOGY. Chapter-1L07: "Embedded Systems - ", Raj Kamal, Publs.: McGraw-Hill Education

Lesson 7: SYSTEM-ON. SoC) AND USE OF VLSI CIRCUIT DESIGN TECHNOLOGY. Chapter-1L07: Embedded Systems - , Raj Kamal, Publs.: McGraw-Hill Education Lesson 7: SYSTEM-ON ON-CHIP (SoC( SoC) AND USE OF VLSI CIRCUIT DESIGN TECHNOLOGY 1 VLSI chip Integration of high-level components Possess gate-level sophistication in circuits above that of the counter,

More information

AMC13 T1 Rev 2 Preliminary Design Review. E. Hazen Boston University. 2012-10-30 E. Hazen - AMC13 T1 V2 1

AMC13 T1 Rev 2 Preliminary Design Review. E. Hazen Boston University. 2012-10-30 E. Hazen - AMC13 T1 V2 1 13 T1 Rev 2 Preliminary Design Review E. Hazen Boston University 2012-10-30 E. Hazen - 13 T1 V2 1 Scope of this Review Background: 13 T1 board is being revised to support 10 GbE per request from CDAQ group

More information

Secret File Sharing Techniques using AES algorithm. C. Navya Latha 200201066 Garima Agarwal 200305032 Anila Kumar GVN 200305002

Secret File Sharing Techniques using AES algorithm. C. Navya Latha 200201066 Garima Agarwal 200305032 Anila Kumar GVN 200305002 Secret File Sharing Techniques using AES algorithm C. Navya Latha 200201066 Garima Agarwal 200305032 Anila Kumar GVN 200305002 1. Feature Overview The Advanced Encryption Standard (AES) feature adds support

More information

Network Security Technology Network Management

Network Security Technology Network Management COMPUTER NETWORKS Network Security Technology Network Management Source Encryption E(K,P) Decryption D(K,C) Destination The author of these slides is Dr. Mark Pullen of George Mason University. Permission

More information

VREFout CFG B TMS TCK TDI TDO CS ENSPI

VREFout CFG B TMS TCK TDI TDO CS ENSPI Using SPI to Control isppac80 and isppac81 October 2002 Application Note AN6037 Introduction This application note describes how to use the Serial Peripheral Interface (SPI) to adjust the gain, select

More information

Evaluating GSM A5/1 security on hopping channels

Evaluating GSM A5/1 security on hopping channels Evaluating GSM A5/1 security on hopping channels Bogdan Diaconescu v1.0 This paper is a practical approach on evaluating A5/1 stream cipher on a GSM hopping network air interface called Um. The end goal

More information

Security Policy: Key Management Facility Crypto Card (KMF CC)

Security Policy: Key Management Facility Crypto Card (KMF CC) Security Policy: Key Management Facility Crypto Card (KMF CC) Version 2.12.2 2/7/11 1.0 Introduction 3 1.1 Scope 3 1.2 Overview 3 1.3 KMF CC Implementation 4 1.4 KMF CC HW/SW version numbers 4 1.5 KMF

More information

A Tutorial on Physical Security and Side-Channel Attacks

A Tutorial on Physical Security and Side-Channel Attacks A Tutorial on Physical Security and Side-Channel Attacks François Koeune 12 and François-Xavier Standaert 1 1 UCL Crypto Group Place du Levant, 3. 1348 Louvain-la-Neuve, Belgium fstandae@dice.ucl.ac.be

More information

Secure Semi-Passive RFID Tags Prototype and Analysis

Secure Semi-Passive RFID Tags Prototype and Analysis Building Radio frequency IDentification for the Global Environment Secure Semi-Passive RFID Tags Prototype and Analysis Authors: Manfred Aigner (TU Graz), Thomas Plos (TU Graz), Antti Ruhanen (Confidex),

More information

measurement electronics platform idflex

measurement electronics platform idflex measurement electronics platform What is? is a electronics library for quick and performant instrument development Devices Power and low noise sources Analog Digital Extra high bandwith data aqcuisition

More information

ADVANCED IC REVERSE ENGINEERING TECHNIQUES: IN DEPTH ANALYSIS OF A MODERN SMART CARD. Olivier THOMAS Blackhat USA 2015

ADVANCED IC REVERSE ENGINEERING TECHNIQUES: IN DEPTH ANALYSIS OF A MODERN SMART CARD. Olivier THOMAS Blackhat USA 2015 ADVANCED IC REVERSE ENGINEERING TECHNIQUES: IN DEPTH ANALYSIS OF A MODERN SMART CARD Olivier THOMAS Blackhat USA 2015 About Texplained Texplained [Technology Explained] refers

More information

Broadcasting encryption or systematic #FAIL? Phil

Broadcasting encryption or systematic #FAIL? Phil WE 201 EK 2 42 Broadcasting encryption or systematic #FAIL? SUMMARY Intro : Broadcasting something... 1984 : Discret 11 1995 : Syster 1996 2002 : Seca 1 2002 2008 : Seca 2 Conclusion 2/49 Broadcasting

More information

Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars

Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars Srdjan Čapkun (joint work with Aurélien Francillon, Boris Danev) 1 Agenda 1. Overview of Car Key Systems 2. Previous Attacks: In

More information

Kirchhoff Institute for Physics Heidelberg

Kirchhoff Institute for Physics Heidelberg Kirchhoff Institute for Physics Heidelberg Norbert Abel FPGA: (re-)configuration and embedded Linux 1 Linux Front-end electronics based on ADC and digital signal processing Slow control implemented as

More information

Secure Embedded Systems eine Voraussetzung für Cyber Physical Systems und das Internet der Dinge

Secure Embedded Systems eine Voraussetzung für Cyber Physical Systems und das Internet der Dinge Secure Embedded Systems eine Voraussetzung für Cyber Physical Systems und das Internet der Dinge Mitgliederversammlung EIKON e.v. 26. Februar 2014 Prof. Dr.-Ing. Georg Sigl Lehrstuhl für Sicherheit in

More information

Bidirectional wireless communication using EmbedRF

Bidirectional wireless communication using EmbedRF Bidirectional wireless communication using EmbedRF 1. Tools you will need for this application note... 2 2. Introduction... 3 3. Connect EmbedRF Board to USB Interface Board... 3 4. Install and Run EmbedRF

More information

A PPENDIX H RITERIA FOR AES E VALUATION C RITERIA FOR

A PPENDIX H RITERIA FOR AES E VALUATION C RITERIA FOR A PPENDIX H RITERIA FOR AES E VALUATION C RITERIA FOR William Stallings Copyright 20010 H.1 THE ORIGINS OF AES...2 H.2 AES EVALUATION...3 Supplement to Cryptography and Network Security, Fifth Edition

More information

The Data Encryption Standard (DES)

The Data Encryption Standard (DES) The Data Encryption Standard (DES) As mentioned earlier there are two main types of cryptography in use today - symmetric or secret key cryptography and asymmetric or public key cryptography. Symmetric

More information

Sécurité des cartes à puce

Sécurité des cartes à puce : des attaques physiques aux protections logicielles P. Berthomé, K. Heydemann, X. Kauffmann-Tourkestansky, J.-F. Lalande Journée Risques - 5 juin 2012 Introduction Physical attacks Authentication for

More information

Model-based system-on-chip design on Altera and Xilinx platforms

Model-based system-on-chip design on Altera and Xilinx platforms CO-DEVELOPMENT MANUFACTURING INNOVATION & SUPPORT Model-based system-on-chip design on Altera and Xilinx platforms Ronald Grootelaar, System Architect RJA.Grootelaar@3t.nl Agenda 3T Company profile Technology

More information

Breakthrough silicon scanning discovers backdoor in military chip (DRAFT of 05 March 2012)

Breakthrough silicon scanning discovers backdoor in military chip (DRAFT of 05 March 2012) Breakthrough silicon scanning discovers backdoor in military chip (DRAFT of 05 March 2012) Sergei Skorobogatov University of Cambridge Cambridge, UK sps32@cam.ac.uk Christopher Woods Quo Vadis Labs London,

More information

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 6. Wireless Network Security

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 6. Wireless Network Security Security+ Guide to Network Security Fundamentals, Third Edition Chapter 6 Wireless Network Security Objectives Overview of IEEE 802.11 wireless security Define vulnerabilities of Open System Authentication,

More information

Linux. Reverse Debugging. Target Communication Framework. Nexus. Intel Trace Hub GDB. PIL Simulation CONTENTS

Linux. Reverse Debugging. Target Communication Framework. Nexus. Intel Trace Hub GDB. PIL Simulation CONTENTS Android NEWS 2016 AUTOSAR Linux Windows 10 Reverse ging Target Communication Framework ARM CoreSight Requirements Analysis Nexus Timing Tools Intel Trace Hub GDB Unit Testing PIL Simulation Infineon MCDS

More information

Design and Verification of Area-Optimized AES Based on FPGA Using Verilog HDL

Design and Verification of Area-Optimized AES Based on FPGA Using Verilog HDL Design and Verification of Area-Optimized AES Based on FPGA Using Verilog HDL 1 N. Radhika, 2 Obili Ramesh, 3 Priyadarshini, 3 Asst.Profosser, 1,2 M.Tech ( Digital Systems & Computer Electronics), 1,2,3,

More information

SAS Data Set Encryption Options

SAS Data Set Encryption Options Technical Paper SAS Data Set Encryption Options SAS product interaction with encrypted data storage Table of Contents Introduction: What Is Encryption?... 1 Test Configuration... 1 Data... 1 Code... 2

More information

Cisco Configuring Secure Shell (SSH) on Cisco IOS Router

Cisco Configuring Secure Shell (SSH) on Cisco IOS Router Cisco Configuring Secure Shell (SSH) on Cisco IOS Router Table of Contents Configuring Secure Shell (SSH) on Cisco IOS Routers...1 Contents...1 Introduction...1 Hardware and Software Versions...1 SSHv1

More information

Debugging a Mixed Signal Design with a Tektronix Mixed Signal Oscilloscope

Debugging a Mixed Signal Design with a Tektronix Mixed Signal Oscilloscope Debugging a Mixed Signal Design with a Tektronix Mixed Signal Oscilloscope Our thanks to Tektronix for allowing us to reprint the following article. Introduction Today s embedded design engineer is faced

More information

13. Configuring Cyclone FPGAs

13. Configuring Cyclone FPGAs 13. Configuring Cyclone FPGAs C51013-1.8 Introduction You can configure Cyclone FPGAs using one of several configuration schemes, including the active serial (AS) configuration scheme. This scheme is used

More information

NETASQ & PCI DSS. Is NETASQ compatible with PCI DSS? NG Firewall version 9

NETASQ & PCI DSS. Is NETASQ compatible with PCI DSS? NG Firewall version 9 NETASQ & PCI DSS Is NETASQ compatible with PCI DSS? We have often been asked this question. Unfortunately, even the best firewall is but an element in the process of PCI DSS certification. This document

More information

Power Spikes Isolation to avoid corruption within sensitive ICs

Power Spikes Isolation to avoid corruption within sensitive ICs Power Spikes Isolation to avoid corruption within sensitive ICs By Avinash Babu, Sr. Architect, and Harshith Kasyap, Module Lead, Mistral Solutions Pvt. Ltd. Introduction of spikes in systems during insertion

More information

Hardware Implementation of XTEA

Hardware Implementation of XTEA HI-1 1 Hardware Implementation of XTEA Steven M. Aumack, Michael D. Koontz Jr. Abstract Some very important factors to consider when designing a cryptographic system are performance, speed, size, and security.

More information

ON SUITABILITY OF FPGA BASED EVOLVABLE HARDWARE SYSTEMS TO INTEGRATE RECONFIGURABLE CIRCUITS WITH HOST PROCESSING UNIT

ON SUITABILITY OF FPGA BASED EVOLVABLE HARDWARE SYSTEMS TO INTEGRATE RECONFIGURABLE CIRCUITS WITH HOST PROCESSING UNIT 216 ON SUITABILITY OF FPGA BASED EVOLVABLE HARDWARE SYSTEMS TO INTEGRATE RECONFIGURABLE CIRCUITS WITH HOST PROCESSING UNIT *P.Nirmalkumar, **J.Raja Paul Perinbam, @S.Ravi and #B.Rajan *Research Scholar,

More information

Nutaq. PicoDigitizer 125-Series 16 or 32 Channels, 125 MSPS, FPGA-Based DAQ Solution PRODUCT SHEET. nutaq.com MONTREAL QUEBEC

Nutaq. PicoDigitizer 125-Series 16 or 32 Channels, 125 MSPS, FPGA-Based DAQ Solution PRODUCT SHEET. nutaq.com MONTREAL QUEBEC Nutaq PicoDigitizer 125-Series 16 or 32 Channels, 125 MSPS, FPGA-Based DAQ Solution PRODUCT SHEET QUEBEC I MONTREAL I N E W YO R K I nutaq.com Nutaq PicoDigitizer 125-Series The PicoDigitizer 125-Series

More information

Design, Prototype and Deploy Embedded Systems with LabVIEW

Design, Prototype and Deploy Embedded Systems with LabVIEW Design, Prototype and Deploy Embedded Systems with LabVIEW Agenda Challenges and trends in embedded design LabVIEW for algorithm design LabVIEW for prototyping LabVIEW for deployment Growing Complexity

More information

High-Speed Computing & Co-Processing with FPGAs

High-Speed Computing & Co-Processing with FPGAs High-Speed Computing & Co-Processing with FPGAs FPGAs (Field Programmable Gate Arrays) are slowly becoming more and more advanced and practical as high-speed computing platforms. In this talk, David will

More information

Pervasive Computing und. Informationssicherheit

Pervasive Computing und. Informationssicherheit Pervasive Computing und 11. Symposium on Privacy and Security Rüschlikon, 13. September 2006 Prof. Christof Paar European Competence Center for IT Security www.crypto.rub.de Contents 1. Pervasive Computing

More information

SkyRecon Cryptographic Module (SCM)

SkyRecon Cryptographic Module (SCM) SkyRecon Cryptographic Module (SCM) FIPS 140-2 Documentation: Security Policy Abstract This document specifies the security policy for the SkyRecon Cryptographic Module (SCM) as described in FIPS PUB 140-2.

More information

PCIe AHCI-IP Demo Instruction Rev1.0 10-Jul-15

PCIe AHCI-IP Demo Instruction Rev1.0 10-Jul-15 PCIe AHCI-IP Demo Instruction Rev1.0 10-Jul-15 This document describes the instruction to show PCIeSSD demo by using SATA AHCI-IP, SATA-IP, and PCIeIP connecting with SATA-III/II SSD on Xilinx evaluation

More information

Architekturen und Einsatz von FPGAs mit integrierten Prozessor Kernen. Hans-Joachim Gelke Institute of Embedded Systems Professur für Mikroelektronik

Architekturen und Einsatz von FPGAs mit integrierten Prozessor Kernen. Hans-Joachim Gelke Institute of Embedded Systems Professur für Mikroelektronik Architekturen und Einsatz von FPGAs mit integrierten Prozessor Kernen Hans-Joachim Gelke Institute of Embedded Systems Professur für Mikroelektronik Contents Überblick: Aufbau moderner FPGA Einblick: Eigenschaften

More information

基 於 SDN 與 可 程 式 化 硬 體 架 構 之 雲 端 網 路 系 統 交 換 器

基 於 SDN 與 可 程 式 化 硬 體 架 構 之 雲 端 網 路 系 統 交 換 器 基 於 SDN 與 可 程 式 化 硬 體 架 構 之 雲 端 網 路 系 統 交 換 器 楊 竹 星 教 授 國 立 成 功 大 學 電 機 工 程 學 系 Outline Introduction OpenFlow NetFPGA OpenFlow Switch on NetFPGA Development Cases Conclusion 2 Introduction With the proposal

More information

Intel architecture. Platform Basics. White Paper Todd Langley Systems Engineer/ Architect Intel Corporation. September 2010

Intel architecture. Platform Basics. White Paper Todd Langley Systems Engineer/ Architect Intel Corporation. September 2010 White Paper Todd Langley Systems Engineer/ Architect Intel Corporation Intel architecture Platform Basics September 2010 324377 Executive Summary Creating an Intel architecture design encompasses some

More information

Cryptography & Network-Security: Implementations in Hardware

Cryptography & Network-Security: Implementations in Hardware Kris Gaj joined ECE GMU in Fall 1998 Cryptography & Network-Security: Implementations in Hardware http://ece.gmu.edu/crypto-text.htm 6 Ph.D. Students Pawel Chodowiec Charikleia Zouridaki Chang Shu Sashisu

More information

Practical Invalid Curve Attacks on TLS-ECDH

Practical Invalid Curve Attacks on TLS-ECDH Practical Invalid Curve Attacks on TLS-ECDH Tibor Jager, Jörg Schwenk, Juraj Somorovsky Horst Görtz Institute for IT Security Ruhr University Bochum @jurajsomorovsky 1 1 About Me and Our Institute Security

More information

Electromagnetic Side-Channel Analysis for Hardware and Software Watermarking

Electromagnetic Side-Channel Analysis for Hardware and Software Watermarking University of Massachusetts - Amherst ScholarWorks@UMass Amherst Masters Theses 1911 - February 2014 Dissertations and Theses 2011 Electromagnetic Side-Channel Analysis for Hardware and Software Watermarking

More information

Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars (NDSS 2011) Aurélien Francillon, Boris Danev, Srdjan Čapkun (ETHZ)

Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars (NDSS 2011) Aurélien Francillon, Boris Danev, Srdjan Čapkun (ETHZ) Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars (NDSS ) Aurélien Francillon, Boris Danev, Srdjan Čapkun (ETHZ) Wednesday System Security April Group 6, 1 Agenda 1. Overview of Car

More information

Arquitectura Virtex. Delay-Locked Loop (DLL)

Arquitectura Virtex. Delay-Locked Loop (DLL) Arquitectura Virtex Compuesta de dos elementos principales configurables : CLBs y IOBs. Los CLBs se interconectan a través de una matriz general de routeado (GRM). Posse una intefaz VersaRing que proporciona

More information

The next generation of knowledge and expertise Wireless Security Basics

The next generation of knowledge and expertise Wireless Security Basics The next generation of knowledge and expertise Wireless Security Basics HTA Technology Security Consulting., 30 S. Wacker Dr, 22 nd Floor, Chicago, IL 60606, 708-862-6348 (voice), 708-868-2404 (fax), www.hta-inc.com

More information