International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Design and Implementation of a Physically Secure Open-Source FPGA and Toolchain

Authors:
Sergej Meschkov
Daniel Lammers
Mehdi B. Tahoori
Amir Moradi
Download:
DOI: 10.46586/tches.v2025.i3.542-582
URL: https://tches.iacr.org/index.php/TCHES/article/view/12227
Search ePrint
Search Google
Abstract: The increasing prevalence of security breaches highlights the importanceof robust hardware security measures. Among these breaches, physical attacks– such as Side-Channel Analysis ( SCA) and Fault Injection (FI ) attacks – posea significant challenge for security-sensitive applications. To ensure robust systemsecurity throughout its lifecycle, hardware security updates are indispensable alongsidesoftware security patches. Programmable hardware plays a pivotal role in establishinga robust hardware root-of-trust, serving to effectively mitigate various hardwaresecurity threats. In this paper, we propose a methodology for the design of areconfigurable fabric and the corresponding mapping toolchain, specifically tailoredto hardware security. This approach offers resistance to various malicious physicalattacks, including SCA and FI , addressing each threat individually. As a case study,we propose a resulting fabric that implements a combination of first-order BooleanMasking and hiding countermeasures to provide strong protection against SCA attacksand enables the detection of fault injection attempts. In particular, we present howreconfigurable secure gadgets can be realized employing a reformed variant of theLUT-based Masked Dual-Rail with Pre-charge Logic (LMDPL) hardware maskingscheme and a modified version of Wave Dynamic Differential Logic ( WDDL) tobe composed into a fabric. We also show how any basic Hardware DescriptionLanguage ( HDL) design is automatically mapped to the primitives of our fabric,embedding provable hardware security, and bypassing the necessity for hardwaresecurity proficiency in this process. It is worth mentioning that our fabric requiresapproximately 85% less area to map a secure design compared to conventional FieldProgrammable Gate Arrays ( FPGAs). A practical security evaluation of our securefabric implementation on a real FPGA target board, using Test Vector LeakageAssessment (TVLA), demonstrated no SCA leakage over 100 million traces.
BibTeX
@article{tches-2025-35789,
  title={Design and Implementation of a Physically Secure Open-Source FPGA and Toolchain},
  journal={IACR Transactions on Cryptographic Hardware and Embedded Systems},
  publisher={Ruhr-Universität Bochum},
  volume={2025},
  pages={542-582},
  url={https://tches.iacr.org/index.php/TCHES/article/view/12227},
  doi={10.46586/tches.v2025.i3.542-582},
  author={Sergej Meschkov and Daniel Lammers and Mehdi B. Tahoori and Amir Moradi},
  year=2025
}