Presentation on theme: "CoolRunner-II CPLDs in Security. Quick Start Training Agenda Some Security Basics – Security – Cryptography CoolRunner-II Security Features Securing Things."— Presentation transcript:
CoolRunner-II CPLDs in Security
Quick Start Training Agenda Some Security Basics – Security – Cryptography CoolRunner-II Security Features Securing Things with CoolRunner-II – Product theft – Intellectual property theft – A detailed example, securing an FPGA
Quick Start Training Security Basics Controlled Access – Voyager computer may be about it for true security Protocols – Less WHAT you do, more HOW you do it Most standards government developed/driven – NIST; NSA – International common criteria is new trend Military influenced Banking influenced Security attitude is critical
Quick Start Training Tamper Tamper evident – You fiddle with something, you leave tracks – Spyrus internet modules Temper resistant – Takes significant investment in time and money – Still, not impossible Tamper responsive - take action – Zero memory – Self destruct Tamper proof - mythical? Voyager computer? hmmm..
Quick Start Training A Basic Protocol Step 1: Sender places secret message into locked box Step 2: Attaches senders lock to one lock site on box Step 3: Sender transmits locked box to the receiver Step 4: Receiver attaches own lock & returns to sender Step 5: Sender sees receivers lock & removes senders lock Step 6: Sender re-sends box with only receivers lock Step 7: Receiver removes own lock and reads message Question: Where is the hole?
Quick Start Training Classic Protocol Attack Man in the Middle MiG version – Air Force jet flies over ground station transponder – Identify Friend or Foe (IFF) challenge occurs – Enemy aircraft records challenge and response – Knows correct response when challenged Used with b (laptop listener) Thief looking over shoulder at ATM for PIN Etc.
Quick Start Training Cryptography Ideas Long history going back to the ancients – Babylonians, Hebrews, Greeks, Romans, Chinese Lots of interest since WWI Concepts: confusion/diffusion (Shannon) Stream Ciphers Block Ciphers Big idea: protocols
Quick Start Training One Time Pad Plain TextKeyEncrypted Text Notes: # plain text bits equal # key bits Key must be random Key used only one time Perfect encryption if all steps followed
Quick Start Training Keep This in Mind
Quick Start Training CoolRunner-II Security What we have for security – Nonvolatility – Security protect bits Multiple bits – Reconfigurability Cracking CoolRunner-II – What will it take?
Quick Start Training Metal, Metal, Everywhere
Quick Start Training Cant Find Read Protect Bits
Quick Start Training CoolRunner-II Conceptual Idea Bits hidden here, somewhere...
Quick Start Training Cracking CoolRunner-II Security To readback you must: – Erase protect bits Cant get there with laser Must use charge pump Know where they are Issue correct subcommands Issue correct command sequence – Reverse the JEDEC file to get design Deeply buried protection resists tampering – Laser/electrical tampering locks down
Quick Start Training Additional CoolRunner-II Security Double Data Rate Operation – Data transactions less obvious DataGATE – Tamper response – Block I/O pin signals Power & Tempest attacks – Advanced state machines – CryptoBLAZE
Quick Start Training Securing an FPGA EPROM holds config file CPLD extracts bits CPLD delivers to FPGA Attacker can – Copy EPROM – Collect bitstream from FPGA Data input Classic Man in Middle attack FPGA* CoolRunner-II CPLD EPROM Data Control Address & Control Data * Non Virtex II, which has triple DES
Quick Start Training Trick #1 Encrypt EPROM Encrypt EPROM – Only be used with CoolRunner-II CPLD CPLD must decipher Attackers must catch data – Takes more time and is harder – Build hardware bit catcher If off by one bit, it wont work! FPGA* CoolRunner-II CPLD EPROM Data Control Address & Control Data
Quick Start Training CPLD Encryption D Q LFSR Clear Bits Encrypted Bits Basic idea: Stream Cipher; lots of them exist, this is a simple one Quality: Highly random within the repetition cycle Easy to build in CPLDs Lots of theory on building and using Also lots of theory on cracking them! You need to select the LFSR, then write code to encrypt the EPROM
Quick Start Training CPLD Encryption Continued Solution: Make things harder Fancier Stream Ciphers exist, we can make them, too!
Quick Start Training Trick #2 Hold Back Function Retain part of FPGA design in CPLD – Wont work without CPLD – Reverse eng. CPLD Typically control function – FPGA does data crunching and much control – CPLD does some, critical control FPGA* CoolRunner-II CPLD EPROM Data Control Address & Control Data
Quick Start Training Trick #3 Resist Blank EPROM Attack CPLD checks for blank EPROM Wont deliver FPGA stream unless – Multiple locations match internal compares Can take several actions – Do nothing – Deliver bogus bitstream – Erase the CPLD!* FPGA* CoolRunner-II CPLD EPROM Data Control Address & Control Data *details in cell phone theft design
Quick Start Training Summary CoolRunner-II Security is not perfect, but it is VERY GOOD! You can make designs substantially more expensive to reverse engineer These have been some ideas on how to use this capability, think up more of your own! See session on Cell Phone Theft & CryptoBLAZE See Security White Paper