International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

A Power to Pulse Width Modulation Sensor for Remote Power Analysis Attacks

Authors:
Brian Udugama , School of Computer Science and Engineering, University of New South Wales, Sydney, Australia
Darshana Jayasinghe , School of Computer Science and Engineering, University of New South Wales, Sydney, Australia
Hassaan Saadat , School of Computer Science and Engineering, University of New South Wales, Sydney, Australia
Aleksandar Ignjatovic , School of Computer Science and Engineering, University of New South Wales, Sydney, Australia
Sri Parameswaran , School of Computer Science and Engineering, University of New South Wales, Sydney, Australia
Download:
DOI: 10.46586/tches.v2022.i4.589-613
URL: https://tches.iacr.org/index.php/TCHES/article/view/9832
Search ePrint
Search Google
Abstract: Field-programmable gate arrays (FPGAs) deployed on commercial cloud services are increasingly gaining popularity due to the cost and compute benefits offered by them. Recent studies have discovered security threats than can be launched remotely on FPGAs that share the logic fabric between trusted and untrusted parties, posing a danger to designs deployed on cloud FPGAs. With remote power analysis (RPA) attacks, an attacker aims to deduce secret information present on a remote FPGA by deploying an on-chip sensor on the FPGA logic fabric. Information captured with the on-chip sensor is transferred off the chip for analysis and existing on-chip sensors demand a significant amount of bandwidth for this task as a result of their wider output bit width. However, attackers are often left with the only option of using a covert communication channel and the bandwidth of such channels is generally limited. This paper proposes a novel area-efficient on-chip power sensor named PPWM that integrates a logic design outputting a pulse whose width is modulated by the power consumption of the FPGA. This pulse is used to clear a flip-flop selectively and asynchronously, and the single-bit output of the flip-flop is used to perform an RPA attack. This paper demonstrates the possibility of successfully recovering a 128-bit Advanced Encryption Standard (AES) key within 16,000 power traces while consuming just 25% of the bandwidth when compared to the state of the art. Moreover, this paper assesses the threat posed by the proposed PPWM to remote FPGAs including those that are deployed on cloud services.
BibTeX
@article{tches-2022-32378,
  title={A Power to Pulse Width Modulation Sensor for Remote Power Analysis Attacks},
  journal={IACR Transactions on Cryptographic Hardware and Embedded Systems},
  publisher={Ruhr-Universität Bochum},
  volume={2022, Issue 4},
  pages={589-613},
  url={https://tches.iacr.org/index.php/TCHES/article/view/9832},
  doi={10.46586/tches.v2022.i4.589-613},
  author={Brian Udugama and Darshana Jayasinghe and Hassaan Saadat and Aleksandar Ignjatovic and Sri Parameswaran},
  year=2022
}