Secure extension of FPGA general purpose processors for symmetric key cryptography with partial reconfiguration capabilities

Abstract : In data security systems, general purpose processors (GPPs) are often extended by a cryptographic accelerator. The paper presents three ways of extending GPPs for symmetric key cryptography applications. Proposed extensions guarantee secure key storage and management even if the system is facing protocol, software and cache memory attacks. The system is partitioned into processor, cipher, and key memory zones. The three security zones are separated at protocol, system, architecture and physical levels. The proposed principle was validated on Altera NIOS II, Xilinx MicroBlaze and Microsemi Cortex M1 soft core processor extensions. We show that stringent separation of the cipher zone is helpful for partial reconfiguration of the security module, if the enciphering algorithm needs to be dynamically changed. However, the key zone including reconfiguration controller must remain static in order to maintain the high level of security required. We demonstrate that the principle is feasible in partially reconfigurable field programmable gate arrays (FPGAs) such as Altera Stratix V or Xilinx Virtex 6 and also to some extent in FPGAs featuring hardwired general purpose processors such as Cortex M3 in Microsemi SmartFusion FPGA. Although the three GPPs feature different data interfaces, we show that the processors with their extensions reach the required high security level while maintaining partial reconfiguration capability.
Complete list of metadatas

Cited literature [21 references]  Display  Hide  Download

https://hal-ujm.archives-ouvertes.fr/ujm-00755152
Contributor : Nathalie Bochard <>
Submitted on : Tuesday, November 20, 2012 - 3:29:30 PM
Last modification on : Wednesday, July 25, 2018 - 2:05:31 PM
Long-term archiving on : Thursday, February 21, 2013 - 12:20:38 PM

File

ACM_TRETS_2012.pdf
Files produced by the author(s)

Identifiers

Collections

Citation

Lubos Gaspar, Viktor Fischer, Lilian Bossuet, Robert Fouquet. Secure extension of FPGA general purpose processors for symmetric key cryptography with partial reconfiguration capabilities. ACM Transactions on Reconfigurable Technology and Systems (TRETS), ACM, 2012, 9 (4), pp.27. ⟨10.1145/2362374.2362380⟩. ⟨ujm-00755152⟩

Share

Metrics

Record views

277

Files downloads

676