DEFCON 16: hardware trojans using FPGA

Posted on Tuesday, January 25th, 2011 in FPGA, hacks by the machinegeek

At the DEFCON 16 hacker conference, Fouad Kiamilev and Ryan Hoover gave a presentation on the security threat presented by hardware Trojans, extra circuitry illicitly added to hardware during its manufacture. When triggered, the hardware Trojan performs an illicit action such as leaking secret information, allowing attackers clandestine access or control, or disabling or reducing functionality of the device. While this 18 minute presentation doesn’t offer details on how to program FPGAs to compromise a system, it serves to illustrate how the growing use of programmable hardware devices means that our hardware is increasingly vulnerable to a Trojan attack.

This talk explores three possible methods that a hardware Trojan can use: thermal, optical and radio. The hardware platform for this demonstration was the Spartan-3E Starter Kit from XILINX. The objective of their Trojan was to illicitly leak the AES encryption keys from a compromised device once triggered.

The illustrations are available as a PDF download.

This entry was posted on Tuesday, January 25th, 2011 at 6:29 pm and is filed under FPGA, hacks. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.

One Response to “DEFCON 16: hardware trojans using FPGA”

  1. uhe says:

    Reminds me of the Illinois Malicious Processor from 2008:

Leave a Reply

Notify me of followup comments via e-mail. You can also subscribe without commenting.

Recent Comments

  • KH: Yeah, it's an end-user thing. Very few people would spend hundreds of hours on this kind of project and sustain it. It's more or less...
  • Max: Not quite a dinosaur if you've seen Big Hero 6 though... wait. You've watched it with your kids, didn't you? That's cheating...! ;) One of...
  • Edward Mallon: A visiting researcher dropped by our humble basement workshop with questions about the physical skill level students would need if they added one of our...
  • KH: And that looks really expensive... Only browsed the vid though, I'm an dinosaur so I had the sound off too. Nice of him to open-source...
  • Anton: I really need bus pirate!! Thanks