FPGAs have inherent security flaws, say researchers: Page 2 of 2

May 22, 2019 //By Christoph Hammerschmidt
FPGAs have inherent security flaws, say researchers
Field Programmable Gate Arrays (FPGAs) are electronic components that can be used more flexibly than standard processors. They are also used in large data centers for cloud services. Until now, the use of such services has been considered relatively safe. But researchers at the Karlsruhe Institute of Technology (KIT) have now found potential entrance gates for cyber-criminals.

The problem: "The use of an FPGA by several users at the same time is a gateway for malicious attacks," says Gnad. Tricky hackers can use the versatility of FPGAs to perform side-channel attacks. In such a scenario, attackers use the chip's energy consumption to extract information with which they can crack its encryption. Such chip-internal measurements allow one customer of the cloud service to spy on another. In addition, hackers could not only spy out treacherous fluctuations in power consumption, they could also generate them themselves. "This could falsify the calculations of other customers or even cause the entire chip to crash, which could result in data loss," explains Krautter. Similar dangers exist with other IC architectures, Gnad continues. For example, SoCs, which are frequently used in Internet of Things applications.

Gnad and Krautter intend to solve the problem by restricting users' direct access to FPGAs. But this is not an easy task: the difficulty is to filter out malicious users without restricting benevolent users too much.

Original publication:  https://doi.org/10.13154/tches.v2019.i3.305-339

Related articles:

FPGA secures systems against a variety of threats

Quantum-safe security 'breakthrough' for existing computers, IoT devices

Researchers discover new security vulnerabilities in Intel processors


Vous êtes certain ?

Si vous désactivez les cookies, vous ne pouvez plus naviguer sur le site.

Vous allez être rediriger vers Google.