Abstract
Trading intellectual property (IP) for FPGAs relies on configuring devices securely. This is achieved by using built-in security features of modern FPGAs, i.e. internal decryption engines. The disadvantage of using these features is that a trusted third party (TTP) needs to be involved for the preparation of the devices. Previously published schemes, in this area, are dependent on a TTP that mediates between core vendors (CVs) and system developers (SDs), which poses a major flaw in the chain of trust. In this paper, we propose a scheme where CV and SD can establish a licensing agreement without the participation of a TTP using off-the-shelf products. The IP is delivered in a secure format using state-of-the-art encryption methods. Decryption of the IP is handled by an application running on the FPGA that furthermore guarantees a secure configuration of the device. In order to prevent reverse engineering (RE) of the application, we rely on the progress made in hardware-assisted software (HAS) protection using a tamper and side channel attack (SCA) resistant hardware component. As a result, the application establishes a chain of trust between CVs and SDs without the need for a TTP.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Bhunia, S., Tehranipoor, M.: The Hardware Trojan War: Attacks, Myths, and Defenses. Springer, Heidelberg (2017). https://doi.org/10.1007/978-3-319-68511-3
Field Programmable Gate Array (FPGA) Market Size, Share, Report, Analysis, Trends & Forecast to 2026. https://reuters.com/brandfeatures/venture-capital/article?id=31516. Accessed 27 Nov 2018
Hofmann, O.S., Kim, S., Dunn, A.M., Lee, M.Z., Witchel, E.: Inktag: secure applications on an untrusted operating system. ACM SIGARCH Comput. Archit. News 41, 265–278 (2013)
Chen, X., et al.: Overshadow: a virtualization-based approach to retrofitting protection in commodity operating systems. ACM SI-GOPS Oper. Syst. Rev. 42(2), 2–13 (2008)
Drimer, S., Güneysu, T., Kuhn, M.G., Paar, C.: Protecting multiple cores in a single FPGA design. Unpublished
Wollinger, T., Guajardo, J., Paar, C.: Security on FPGAs: state-of-the-art implementations and attacks. ACM TECS 3(3), 534–574 (2004)
Maes, R., Schellekens, D., Verbauwhede, I.: A pay-per-use licensing scheme for hardware IP cores in recent SRAM-Based FPGAs. IEEE Trans. Inf. Forensics Secur. 7(1), 98–108 (2012)
Vliegen, J., Mentens, N., Koch, D., Schellekens, D., Verbauwhede, I.: Practical feasibility evaluation and improvement of a pay-per-use licensing scheme for hardware IP cores in Xilinx FPGAs. J. Cryptographic Eng. 5, 113–122 (2015)
Kean, T.: Cryptographic rights management of FPGA intellectual property cores. In: Proceedings ACM Conference on FPGAs, pp. 113–118 (2002)
Guneysu, T., Moller, B., Paar, C.: Dynamic intellectual property protection for reconfigurable devices. In: 2007 International Conference on Field-Programmable Technology, pp. 169–176 (2007)
Zhang, L., Chang, C.H.: A pragmatic per-device licensing scheme for hardware IP cores on SRAM-based FPGAs. IEEE Trans. Inf. Forensics Secur. 9(11), 1893–1905 (2014)
Zhang, L., Chang, C.H.: Public key protocol for usage-based licensing of FPGA IP cores. In: 2015 IEEE International Symposium on Circuits and Systems (ISCAS), pp. 25–28 (2015)
Simpson, E., Schaumont, P.: Offline Hardware/Software Authentication for Reconfigurable Platforms. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 311–323. Springer, Heidelberg (2006). https://doi.org/10.1007/11894063_25
Kumar, S.S., Guajardo, J., Maes, R., Schrijen, G.J., Tuyls, P.: Extended abstract: the butterfly PUF protecting IP on every FPGA. In: 2008 IEEE International Workshop on Hardware-Oriented Security and Trust, pp. 67–70 (2008)
Sudeendra K.K., Sahoo, S., Mahapatra, A., Swain, A.K., Mahapatra, K.K.: A flexible pay-per-device licensing scheme for FPGA IP cores. In: IEEE Computer Society Annual Symposium on VLSI (IS-VLSI), pp. 677–682 (2017)
SignOnce IP Licensing. https://www.xilinx.com/alliance/signonce.html. Accessed 17 Nov 2018
United States Central Intelligence Agency: Network Operations Division Cryptographic Requirements, Version: 1.1
Collberg, C.S., Thomborson, C.: Watermarking, tam-per-proofing, and obfuscation - tools for software protection. IEEE Trans. Softw. Eng. 28(8), 735–746 (2002)
Barak, B., et al.: On the (Im)possibility of obfuscating programs. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 1–18. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44647-8_1
Zhang, J., Lin, Y., Lyu, Y., Qu, G.: A PUF-FSM binding scheme for FPGA IP protection and pay-per-device licensing. IEEE Trans. Inf. Forensics Secur. 10(6), 1137–1150 (2015)
Abtioglu, E., et al.: Partially reconfigurable IP protection system with ring oscillator based physically unclonable functions. In: 2017 New Generation of CAS (NGCAS), pp. 65–68 (2017)
Gora, M.A., Maiti, A., Schaumont, P.: A flexible design flow for software IP binding in commodity FPGA. In: 2009 IEEE International Symposium on Industrial Embedded Systems, pp. 211–218 (2009)
Wibu Systems: Hackers Contest. https://www.wibu.com/hacker-contest.html. Accessed 29 June 2018
Measuring Linux at Runtime. http://www.unixist.com/security/measuring-linux-at-runtime/index.html. Accessed 29 June 2018
German Federal Office for Information Security: TR-02102-1 Cryptographic mechanisms: Recommendations and key lengths, Version: 2018-02 (2018)
Wibu Systems: CodeMeter Developer Guide. https://www.wibu.com/manuals-guides/file/download/4881.html. Accessed 25 June 2018
Wibu Systems: CmDongle. https://www.wibu.com/de/codemeter/cmdongle.html. Accessed 27 June 2018
Kepa, K., et al.: SeReCon: a secure reconfiguration controller for self-reconfigurable systems. Int. J. Crit. Comput.-Based Syst. 1, 86–103 (2010)
U.S. DoC/NIST: FIPS Publications 197: The Advanced Encryption Standard (AES) (2001)
NIST/U.S. Department of Commerce: Recommendation for block cipher modes of operations: Galois/Counter Mode (GCM) and GMAC, NIST Special Publication 800-38D (2007)
Acknowledgements
This work was supported by the German Federal Ministry of Education and Research (BMBF) with funding number 16KIS0662.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Khan, N., Silitonga, A., Pachideh, B., Nitzsche, S., Becker, J. (2019). Secure Local Configuration of Intellectual Property Without a Trusted Third Party. In: Hochberger, C., Nelson, B., Koch, A., Woods, R., Diniz, P. (eds) Applied Reconfigurable Computing. ARC 2019. Lecture Notes in Computer Science(), vol 11444. Springer, Cham. https://doi.org/10.1007/978-3-030-17227-5_11
Download citation
DOI: https://doi.org/10.1007/978-3-030-17227-5_11
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-17226-8
Online ISBN: 978-3-030-17227-5
eBook Packages: Computer ScienceComputer Science (R0)