New demonstration have been made by German researchers that allow attacking Chips encryption mechanism, Field Programmable Gate Array (FPGA) processors used in embedded systems at military and aerospace industries, are vulnerable to attacks based on an analysis of the energy consumed in the process of integrating the chip.
Third-party attack on the encryption mechanism of the bitstream allowed the researchers to retrieve the key used to decrypt the configuration files. The technique can reveal the secret key by analyzing the energy consumed during decoding.
This approach is similar to how cracking the safe and listens for clicks that will give him clues to the safe’s combination but here they use the change in energy consumption, rather than sound.
According to researchers “Copying a configuration to use it for multiple FPGAs, makes all devices behave in exactly the same way. The whole design of an FPGA application is encoded within the configuration file the role of which can be considered similar to the role of software for microcontrollers.
On the one hand, this nature provides a means to update the configuration file of an FPGA to adapt its behavior to new requirements or to fix early design flaws. On the other hand this also simplifies copying of a design and thus stealing of IP (Intellectual Property).
Today it is even possible to reverse engineer FPGA configuration files so that the possibility of eavesdropping a bitstream – the name of the configuration data on Xilinx FPGAs – leaves doors wide open for product piracy and IP theft and makes cloning of unprotected FPGA designs easy.”
A protection measures against this attack has been implemented in some critical sectors such as banking smart card but with this attack it is a clear “feasibility” of side-channel attacks even on the most recent semiconductor technology.
You can read the full paper from here.