Leaky Wires: Information Leakage and Covert Communication Between FPGA Long Wires
نویسندگان
چکیده
Field-Programmable Gate Arrays (FPGAs) are integrated circuits that implement reconfigurable hardware. They are used in modern systems, creating specialized, highly-optimized integrated circuits without the need to design and manufacture dedicated chips. As the capacity of FPGAs grows, it is increasingly common for designers to incorporate implementations of algorithms and protocols from a range of third-party sources. The monolithic nature of FPGAs means that all on-chip circuits, including third party black-box designs, must share common on-chip infrastructure, such as routing resources. In this paper, we observe that a “long” routing wire carrying a logical 1 reduces the propagation delay of other adjacent but unconnected long wires in the FPGA interconnect, thereby leaking information about its state. We exploit this effect and propose a communication channel that can be used for both covert transmissions between circuits, and for exfiltration of secrets from the chip. We show that the effect is measurable for both static and dynamic signals, and that it can be detected using very small on-board circuits. In our prototype, we are able to correctly infer the logical state of an adjacent long wire over 99% of the time, even without error correction, and for signals that are maintained for as little as 82us. Using a Manchester encoding scheme, our channel bandwidth is as high as 6kbps. We characterize the channel in detail and show that it is measurable even when multiple competing circuits are present and can be replicated on different generations and families of Xilinx devices (Virtex 5, Virtex 6, and Artix 7). Finally, we propose countermeasures that can be deployed by systems and tools designers to reduce the impact of this information leakage.
منابع مشابه
Efficient FPGA Implementation of Dual-Rail Countermeasures using Stochastic Models
Dual-rail precharge logic (DPL) is a data hiding countermeasure against side channel attacks (SCA). Many variants of DPL have been introduced in the literature which target ASICs, FPGAs and microcontroller. A common problem which leads to failure of DPL on FPGA is imbalanced routing. FPGA designers have limited control over the FPGA placement and routing tools and therefore symmetrically routin...
متن کاملVirtual Wires: Overcoming Pin Limitations in FPGA-based Logic Emulators
Existing FPGA-based logic emulators suffer from limited inter-chip communication bandwidth, resulting in low gate utilization (10 to 20 percent). This resource imbalance increases the number of chips needed to emulate a particular logic design and thereby decreases emulation speed, since signals must cross more chip boundaries. Current emulators only use a fraction of potential communication ba...
متن کاملRole of internal gases and creep of Ag in controlling the critical current density of Ag-sheathed Bi2Sr2CaCu2Ox wires
High engineering critical current density JE of > 500A/mm 2 at 20T and 4.2K can be regularly achieved in Ag-sheathed multifilamentary Bi2Sr2CaCu2Ox (Bi-2212) round wire when the sample length is several centimeters. However, JE(20T) in Bi-2212 wires of several meters length, as well as longer pieces wound in coils, rarely exceeds 200A/mm. Moreover, long-length wires often exhibit signs of Bi-22...
متن کاملLogic emulation with virtual wires
Logic emulation enables designers to functionally verify complex integrated circuits prior to chip fabrication. However, traditional FPGA-based logic emulators have poor inter-chip communication bandwidth, commonly limiting gate utilization to less than 20 percent. Global routing contention mandates the use of expensive crossbar and PC-board technology in a system of otherwise low-cost, commodi...
متن کاملFPGA-based Logic Emulators
Virtual Wires: Overcoming Pin Limitations in FPGA-based Logic Emulators Jonathan Babb, Russell Tessier, and Anant Agarwal MIT Laboratory for Computer Science Cambridge, MA 02139 Existing FPGA-based logic emulators suffer from limited inter-chip communication bandwidth, resulting in low gate utilization (10 to U) percent). This resource imbalance increases the number of chips needed to emulate a...
متن کامل