Abstract
True random Number Generators (TRNGs) are important
sources of randomness necessary in several cryptographic algorithms
and protocols. We describe an attack on a practical
Field Programmable Gate Array (FPGA) based TRNG that
severely affects the randomness of its output bitstream. In
particular, we develop, mathematically analyze and demonstrate
an “in-field”, post-deployment Hardware Trojan Horse
(HTH) insertion technique that exploits the Dynamic Partial
Reconfiguration (DPR) capability of modern FPGAs.
The attack can be launched from a remote device connected
to the FPGA over a standard network connection. The inserted
HTH operates by adversely affecting the source of entropy
of the TRNG, which results in the probability of zero
in the output bitstream to increase to about 0.75 (instead
of the ideal value of 0.5). Our experimental results demonstrate
that the Trojan is extremely effective, with very low
hardware and resource footprint, making its detection very
challenging.
sources of randomness necessary in several cryptographic algorithms
and protocols. We describe an attack on a practical
Field Programmable Gate Array (FPGA) based TRNG that
severely affects the randomness of its output bitstream. In
particular, we develop, mathematically analyze and demonstrate
an “in-field”, post-deployment Hardware Trojan Horse
(HTH) insertion technique that exploits the Dynamic Partial
Reconfiguration (DPR) capability of modern FPGAs.
The attack can be launched from a remote device connected
to the FPGA over a standard network connection. The inserted
HTH operates by adversely affecting the source of entropy
of the TRNG, which results in the probability of zero
in the output bitstream to increase to about 0.75 (instead
of the ideal value of 0.5). Our experimental results demonstrate
that the Trojan is extremely effective, with very low
hardware and resource footprint, making its detection very
challenging.
Original language | English |
---|---|
Title of host publication | WESS'15 Proceedings of the WESS'15 |
Subtitle of host publication | Workshop on Embedded Systems Security |
Publisher | ACM |
ISBN (Print) | 9781450336673 |
DOIs | |
Publication status | Published - 4 Oct 2015 |