erek
[H]F Junkie
- Joined
- Dec 19, 2005
- Messages
- 10,898
Hmm, bogus. Wonder how big of an impact this will be, or if it's limited
"To overcome the encryption, the research team took advantage of the central property of the FPGAs: the possibility of reprogramming. This is done by an update and fallback feature in the FPGA itself, which revealed itself as a weakness and gateway. The scientists were able to manipulate the encrypted bitstream during the configuration process to redirect its decrypted content to the WBSTAR configuration register, which can be read out after a reset.
Thus, the advantage of individually reprogramming the chips turns into a disadvantage, as the scientists show in their research work - with severe consequences: "If an attacker gains access to the bitstream, he also gains complete control over the FPGA. Intellectual properties included in the bitstream can be stolen. It is also possible to insert hardware Trojans into the FPGA by manipulating the bitstream. Since the security gap is located in the hardware itself, it can only be closed by replacing the chip," explains Christof Paar, adding: "Although detailed knowledge is required, an attack can eventually be carried out remotely, the attacker does not even have to have physical access to the FPGA.""
https://www.eurekalert.org/pub_releases/2020-04/rb-cv041620.php
"To overcome the encryption, the research team took advantage of the central property of the FPGAs: the possibility of reprogramming. This is done by an update and fallback feature in the FPGA itself, which revealed itself as a weakness and gateway. The scientists were able to manipulate the encrypted bitstream during the configuration process to redirect its decrypted content to the WBSTAR configuration register, which can be read out after a reset.
Thus, the advantage of individually reprogramming the chips turns into a disadvantage, as the scientists show in their research work - with severe consequences: "If an attacker gains access to the bitstream, he also gains complete control over the FPGA. Intellectual properties included in the bitstream can be stolen. It is also possible to insert hardware Trojans into the FPGA by manipulating the bitstream. Since the security gap is located in the hardware itself, it can only be closed by replacing the chip," explains Christof Paar, adding: "Although detailed knowledge is required, an attack can eventually be carried out remotely, the attacker does not even have to have physical access to the FPGA.""
https://www.eurekalert.org/pub_releases/2020-04/rb-cv041620.php