Physical Cryptanalysis

Breaking the Anti-Counterfeiting Scheme of FPGAs (known as bitstream encryption)

Home FAQ More Info Contact
    The bitstream encryption feature of Xillinx FPGAs allows users to protect their designs from being copied, altered or reversed engineered. To achieve this goal, the configuration file that is loaded into the device at powere-up is stored inside the external configuration memory in an encrypted form. The encrypted file will then be read by the FPGA and internally decrypted. The secret decryption key is stored in a special battery-powered memory area of the FPGA. Removal of the battery will result in a loss of the secret key. To use the bitstream encryption, Xillinx design tools offer features to generate an encrypted bitstream with corresponding keyfile and allow to program them into the FPGA. The secret key used for encryption/decryption can be selected by the user.

    We analyzed the security of this protection mechanism and found that it can be circumvented by means of side-channel analysis. This class of methods analyze the power consumption of an electronic device to obtain insights of the internally processed data. In this case we employed a differential power analysis, or DPA, attack to extract the secret key that is used to decrypt the bitstream inside the FPGA during configuration.

    It is important to note the difference between the bitstream encryption, which is a hardwired feature of the FPGA device which can not be used by a designer for any other purpose, and a cipher implemented on the FPGA fabric by a developer. The former one can not be modified and changed by anyone else than the hardware manufacturerer (i.e., Xillinx Inc.), while responsibility for the security of the latter one is with the FPGA designer.

    We consider our attacks to be of serious interest to everyone who is responsible to ensure protection of valuable IP and sensitive secrets within FPGAs. Hardware manufacturers and users need to be aware of these attacks to find solutions to protect themselves from IP theft and security breaks.