Abstracts

 
 
 
 
 
 
 
 
 
 
 

  Confidentiality and Integrity of FPGA Bitstreams

  B. Badrignans, R. Elbaz, L. Torres

 
Remote update of hardware systems is a convenient service enabled by Field Programmable Gate Arrays (FPGA) based systems. This service turns out to be essential in applications like Space-based FPGA systems or Set-top Boxes. However, the remote characteristic allows for a set of attacks that may challenge the confidentiality and the integrity of the FPGA configuration, the bitstream. Existing schemes propose to encrypt and to authenticate the bitstream to thwart those attacks. However we show in this paper that they do not prevent the replay of old bitstream versions, and thus give the opportunity to an adversary to downgrade the system. Thus we propose a new technique that, in addition to ensuring bitstream confidentiality and integrity, precludes replay of old bitstreams. This technique also includes a protocol for the System Designer to remotely monitor the running configuration of the FPGA.