Electronics > FPGA

A Full Break of the Bitstream Encryption of Xilinx 7-Series FPGAs

(1/2) > >>

llkiwi2006:
https://www.usenix.org/conference/usenixsecurity20/presentation/ender


--- Quote ---3.5 Wrap-Up: What Went Wrong?

These two attacks show again that nowadays, cryptographic primitives hold their security assumptions, but their embedding in a real-world protocol is often a pitfall. Two issues lead to the success of our attacks: First, the decrypted data are interpreted by the configuration logic before the HMAC validates them. Generally, a malicious bitstream crafted by the attacker is checked at the end of the bitstream, which would prevent an altered bitstream content from running on the fabric. Nevertheless, the attack runs only inside the configuration logic, where the command execution is not secured by the HMAC.

Second, the HMAC key KHMAC is stored inside the encrypted bitstream. Hence, an attacker who can circumvent the encryption mechanism can read KHMAC and thus calculate the HMAC tag for a modified bitstream. Further, they can change KHMAC, as the security of the key depends solely on the confidentiality of the bitstream. The HMAC key is not secured by other means. Therefore, an attacker who can circumvent the encryption mechanism can also bypass the HMAC validation.

--- End quote ---

Epic fail by Xilinx?

amyk:
Epic win for everyone else. ;)

brucehoult:

--- Quote from: amyk on April 20, 2020, 02:56:59 am ---Epic win for everyone else. ;)

--- End quote ---

Would love to be able to use Open Source tools on my Arty / Zynq boards!

llkiwi2006:

--- Quote from: brucehoult on April 20, 2020, 04:39:12 am ---
Would love to be able to use Open Source tools on my Arty / Zynq boards!


--- End quote ---

There seems to be good progress on that with the SymbiFlow project, although not directly related to bitstream encryption. What we can get out of this is being able to modify / create custom bitstreams for products that employ bitstream encryption. Which I reckon is still a win for open source.

asmi:

--- Quote from: brucehoult on April 20, 2020, 04:39:12 am ---Would love to be able to use Open Source tools on my Arty / Zynq boards!

--- End quote ---
What does bitstream encryption have to do with OS tools? This is an optional feature which I'm yet to actually see used in the field.

Navigation

[0] Message Index

[#] Next page

There was an error while thanking
Thanking...
Go to full version