Securing AES Accelerator from Key-Leaking Trojans on FPGA

Securing AES Accelerator from Key-Leaking Trojans on FPGA

Manjith B.C. (National Institute of Technology, Tiruchirappalli, India) and Ramasubramanian N. (National Institute of Technology Tiruchirappalli, India)
DOI: 10.4018/IJERTCS.2020070105


Reconfigurable hardware presents a useful platform for building systems with high performance and a secured nature. A new method for protecting 128-bit AES accelerator on FPGA for embedded systems and cloud servers is proposed. One of the major issues faced by the AES accelerator is the security of the key stored inside the FPGA memory. The article proposes a masking scheme which makes the secret key unidentifiable. With the new method of masking scheme, there is no way for an attacker to leak and identify the secret key from the working device through undetected hardware unit. To work with the masked key, a modified key expansion that maintains the throughput through a properly designed multistage pipelining is proposed. The proposed method takes the advantage of reconfigurable computing for flexible and provides security against key-leaking Trojans. The efficiency of the masked AES implementation is found to be 28.5 Mbps, which is 17.87% higher than the existing best wok. The security of the proposed masked scheme is validated through correlation and hamming distance.
Article Preview


Advanced encryption standard (AES) is a widely used secure algorithm for encryption to provide privacy of data. Acceptance of cloud computing in every field causes increase in encryption load in cloud servers. To accelerate applications running on server and to reduce processor load, field programmable gate arrays (FPGAs) are integrated with the server hardware. Computation-intensive applications can be shifted to FPGAs for increasing speed and reducing power consumption. FPGAs are reconfigurable hardware units that can be customized for required applications. Hence, high parallelism can be achieved with lower frequency. Cloud benefits from FPGA in several aspects. First, it could customize the FPGAs for computation-intensive application. Second, FPGAs could run with lower frequency and hence the heat production in server can be reduced to a large amount (Hauck & Andre, 2010; Kilts, 2007; Phan 2004; Teubner & Woods 2013).

Encryption is used in cloud for the privacy of data at rest and data in motion. That means disk encryption of user’s VM, transfer of user data in encrypted form, encrypted communication between different users, encryption as a service, and so on (Amazon Web Services, 2016; Bokefode, Bhise, Satarkar, & Modani 2016; Krutz & Vines, 2010; CLOUDLINK, 2014; Cloudsigma; Encryption at Rest in Google Cloud, 2016; HP Atalla Cloud Encryption, 2013; Protecting Data in Microsoft Azure, 2014; Rahmani, Sundararajan, Ali, & Zin, 2013). FPGA accelerator can be used to speed up the encryption process for large amount of data. Use of FPGA will increase encryption speed and reduce power consumption. To get finest performance, the design should have high speed and low area consumption. Figure 1 shows the scenario in which FPGAs are used in cloud server as accelerators. The intellectual properties (IPs) can be collected from a hardware maker or from trusted third parties. When the processor assigns a job to an FPGA, the bitstream for hardware design can be loaded from bitstream storage if available or from outside cloud through external network.

Figure 1.

Usage of FPGA on cloud server


One of the main security issues faced by an AES accelerator on FPGAs that are used in cloud environment is the security of secret key used for encryption inside the FPGA (Trimberger & Moore, 2014). Several types of hardware Trojans are being inserted into the accelerator by attackers for leaking the secret key. The Trojans can be inserted in different phases in accelerator creation such as design, integration, testing, and bitstream transfer. Generally, it is difficult to find a Trojan or the triggering condition of a Trojan because the Trojan circuit will disguise as a functional circuit that is necessary for the design. Power analysis, comparing the design with a golden one (Trojan-free design), and so on are the main methods used to find a Trojan in a design. If there is a key-leaking Trojan, then it takes more power than usual (Bhasin, Danger, Guilley, Ngo, & Sauvage, 2013; Jin & Makris, 2010; Johnson, Saha, Chakraborty, Mukhopadhyay, & Gören, 2014). Detecting a Trojan in a design through power analysis is difficult because to find the triggering condition is time consuming and need to check with a large number of test inputs. Comparing with a golden design is less efficient as there is a need to store more than two golden designs (Mal-Sarkar, Krishna, Ghosh, & Bhunia, 2014; Mal-Sarkar, Karam et al., 2016).

In the proposed work, security for key stored inside FPGA for AES accelerator is provided through a masking scheme. The secret key and expanded key for each round of AES are masked to avoid leakage. A new key expansion (KE) module that produces exact round key from the masked key for each AES round is proposed. To provide high throughput, a multistage pipelining is designed for Key Expansion. Secured AES FPGAs can be applied in all security critical areas such as banking, aerospace and defense, consumer electronics, distributed monetary system etc.

Complete Article List

Search this Journal:
Open Access Articles: Forthcoming
Volume 12: 4 Issues (2021): Forthcoming, Available for Pre-Order
Volume 11: 4 Issues (2020): 3 Released, 1 Forthcoming
Volume 10: 4 Issues (2019)
Volume 9: 2 Issues (2018)
Volume 8: 2 Issues (2017)
Volume 7: 2 Issues (2016)
Volume 6: 2 Issues (2015)
Volume 5: 4 Issues (2014)
Volume 4: 4 Issues (2013)
Volume 3: 4 Issues (2012)
Volume 2: 4 Issues (2011)
Volume 1: 4 Issues (2010)
View Complete Journal Contents Listing