Categories

DEFCON 16: hardware trojans using FPGA

Posted on Tuesday, January 25th, 2011 in FPGA, hacks by the machinegeek

At the DEFCON 16 hacker conference, Fouad Kiamilev and Ryan Hoover gave a presentation on the security threat presented by hardware Trojans, extra circuitry illicitly added to hardware during its manufacture. When triggered, the hardware Trojan performs an illicit action such as leaking secret information, allowing attackers clandestine access or control, or disabling or reducing functionality of the device. While this 18 minute presentation doesn’t offer details on how to program FPGAs to compromise a system, it serves to illustrate how the growing use of programmable hardware devices means that our hardware is increasingly vulnerable to a Trojan attack.

This talk explores three possible methods that a hardware Trojan can use: thermal, optical and radio. The hardware platform for this demonstration was the Spartan-3E Starter Kit from XILINX. The objective of their Trojan was to illicitly leak the AES encryption keys from a compromised device once triggered.

The illustrations are available as a PDF download.

This entry was posted on Tuesday, January 25th, 2011 at 6:29 pm and is filed under FPGA, hacks. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.

One Response to “DEFCON 16: hardware trojans using FPGA”

  1. uhe says:

    Reminds me of the Illinois Malicious Processor from 2008: http://www.imchris.org/wp/2008/04/14/illinois-malicious-processor-paper/

Leave a Reply

Notify me of followup comments via e-mail. You can also subscribe without commenting.

Recent Comments

  • KH: He had qualms about electrolytic cap leakage impacting sleep current. I think such leakage is very low and hard to measure using hobby equipment, so...
  • Mike: Love these! great source for makers!
  • KH: Is my eyes playing tricks on me or did he just use gobs and gobs of solder on the top side?
  • Doug: When do we find out the winner??
  • KH: Oh wowsers, you're right, now that I've looked at his page, horrors, another scary copper pour. That thing also needs a box... I hope nobody...