![Institutional Repository [SANDBOX]](images/dias.logo.png "Institutional Repository [SANDBOX]"){kind=logo}
Institutional Repository [SANDBOX]
Technical University of Crete
Technical University of Crete
EN
|
EL
| URI: | http://purl.tuc.gr/dl/dias/BA80CCF4-002A-42D1-8FE0-DA65D352D381 | ||
| Year | 2024 | ||
| Type of Item | Diploma Work | ||
| License |
|
||
| Bibliographic Citation | Konstantinos Karachalios, "Mitigating HW-Based side-channel attacks in multi-tenant FPGA environments", Diploma Work, School of Electrical and Computer Engineering, Technical University of Crete, Chania, Greece, 2024, Chania, Greece, 2024 https://doi.org/10.26233/heallink.tuc.100753 | ||
| Appears in Collections | |||
| Relations with other Items | References the Item: |
The escalating utilization of Field-Programmable Gate Array (FPGA) at thecloud level in a multi-tenant scenario has introduced several security risks. Priorinvestigations have demonstrated that an attacker can remotely deploy sensorsto monitor the voltage fluctuations induced by the Power Distribution Network(PDN), thereby enabling successful power analysis attacks against cryptographicalgorithms.Currently, the two primary methodologies for addressing such challengesare masking and hiding. The combination of these methodologies has shownthat introducing supplementary noise into the PDN can effectively obscurethe functionality of cryptographic algorithms. To achieve enhanced security,additional cores can be integrated into a system, either running in parallel orremaining inactive, and these are placed within specific Partial Blocks (PBs).Another method involves implementing an Active Fence, which includes RingOscillator (RO) strategically positioned between adversarial entities, along withthe addition of one or more extra users.This thesis addresses the mapping of an intra-FPGA adversary scenario onthe ZedBoard platform, demonstrating the effectiveness of employing additionalusers as a defense mechanism against Side-Channel Attacks (SCAs). The testsinvolved different designs with specific partial blocks and various categoriesof cores. The experimental results highlighted the influence of extra cores asa countermeasure and the impact of the Active Fence when combined withadditional users, depending on the number of ROs. The findings indicate thatspecific categories of cores, such as cryptographic cores, inject more noise intothe design, thereby serving as effective defense mechanisms. Furthermore, theaddition of the Active Fence significantly complicates the efforts of a maliciousentity to execute a successful attack.In summary, this thesis presents quantitative results that FPGA cloudproviders can use to assess the advantages of incorporating extra cores ontheir platforms, as well as the extent to which extra users can act as defensemechanisms when conducting operations in specific PBs.
Copyright © DIAS 2013
