FPGAs’ Reputation for Security May Belie Vulnerability in Cloud
Thanks to their flexibility, field-programmable gate arrays (FPGAs) are often a first choice during system development – however, a new report by scientists from the Karlsruhe Institute of Technology (KIT) in Germany has called their security into question.
FPGAs’ flexibility allows them to be used to assume nearly any function performed by other computer chips – most of which perform a single specific task. “FPGAs are for example built into the first product batch of a new device because, unlike special chips whose development only pays off when produced in high volumes, FPGAs can still be modified later,” said Dennis Gnad, a member of KIT’s Institute of Computer Engineering (ITEC).
FPGAs are also extremely desirable for cloud computing applications for a couple of reasons: first, they currently have comparatively low consumption, making them ideal for server farms; second, they can be partitioned at will. “The upper half of the FPGA can be allocated to one customer, the lower half to a second one,” says Jonas Krautter, another ITEC member.
That second part, it turns out, might be a double-edged sword.
“The concurrent use of an FPGA chip by multiple users opens a gateway for malicious attacks,” explained Gnad. He’s referring to side-channel attacks, whereby intruders exploit the energy consumption of the chip to obtain information that allows them to break its encryption – potentially allowing one cloud service customer to spy on any customers sharing the FPGA.
Furthermore, malicious users can imitate those fluctuations in consumption. “This way, it is possible to tamper with the calculations of other customers,” warned Krautter. “Or even to crash the chip altogether, possibly resulting in data losses.” By way of a solution, Gnad and Krautter restricted immediate user access to the FPGAs. “The challenge,” said Gnad, “is to reliably filter out malicious users without tying up the legitimate ones too much.”
These same vulnerabilities have been observed in other computer chips, particularly those used for IoT applications. Of course, hardware security gaps, and specifically side-channel attacks, have been on everyone's mind since the vulnerabilities identified as Meltdown and Spectre collectively compromised virtually all chips on the market. GPUs haven't escaped scrutiny either, as noted in this article by Sparsh Mittal -- in one case, a malicious actor hid a GPU-based bitcoin miner in video game software.
About the report
The report discussed in this article, “Leaky Noise: New Side-Channel Attack Vectors in Mixed-Signal IoT Devices,” was written by Dennis Gnad, Jonas Krautter, and Mehdi Tahoori. It was published in the May 2019 issue of IACR Transactions on Cryptographic Hardware and Embedded Systems.