Institutional Repository [SANDBOX]
Technical University of Crete
EN  |  EL

Search

Browse

My Space

Mitigating HW-Based side-channel attacks in multi-tenant FPGA environments

Karachalios Konstantinos

Full record


URI: http://purl.tuc.gr/dl/dias/BA80CCF4-002A-42D1-8FE0-DA65D352D381
Year 2024
Type of Item Diploma Work
License
Details
Bibliographic Citation Konstantinos Karachalios, "Mitigating HW-Based side-channel attacks in multi-tenant FPGA environments", Diploma Work, School of Electrical and Computer Engineering, Technical University of Crete, Chania, Greece, 2024, Chania, Greece, 2024 https://doi.org/10.26233/heallink.tuc.100753
Appears in Collections
Relations with other Items

Summary

The escalating utilization of Field-Programmable Gate Array (FPGA) at thecloud level in a multi-tenant scenario has introduced several security risks. Priorinvestigations have demonstrated that an attacker can remotely deploy sensorsto monitor the voltage fluctuations induced by the Power Distribution Network(PDN), thereby enabling successful power analysis attacks against cryptographicalgorithms.Currently, the two primary methodologies for addressing such challengesare masking and hiding. The combination of these methodologies has shownthat introducing supplementary noise into the PDN can effectively obscurethe functionality of cryptographic algorithms. To achieve enhanced security,additional cores can be integrated into a system, either running in parallel orremaining inactive, and these are placed within specific Partial Blocks (PBs).Another method involves implementing an Active Fence, which includes RingOscillator (RO) strategically positioned between adversarial entities, along withthe addition of one or more extra users.This thesis addresses the mapping of an intra-FPGA adversary scenario onthe ZedBoard platform, demonstrating the effectiveness of employing additionalusers as a defense mechanism against Side-Channel Attacks (SCAs). The testsinvolved different designs with specific partial blocks and various categoriesof cores. The experimental results highlighted the influence of extra cores asa countermeasure and the impact of the Active Fence when combined withadditional users, depending on the number of ROs. The findings indicate thatspecific categories of cores, such as cryptographic cores, inject more noise intothe design, thereby serving as effective defense mechanisms. Furthermore, theaddition of the Active Fence significantly complicates the efforts of a maliciousentity to execute a successful attack.In summary, this thesis presents quantitative results that FPGA cloudproviders can use to assess the advantages of incorporating extra cores ontheir platforms, as well as the extent to which extra users can act as defensemechanisms when conducting operations in specific PBs.

Available Files

Services

Statistics