CPAmap: On the Complexity of Secure FPGA Virtualization, Multi-Tenancy, and Physical Design

  • Jonas Krautter Karlsruhe Institute of Technology, Germany
  • Dennis Gnad Karlsruhe Institute of Technology, Germany
  • Mehdi Tahoori Karlsruhe Institute of Technology, Germany
Keywords: FPGA, Virtual, Cloud, Multi-Tenant, Side-Channel Attack, Power Analysis, Internal Sensor


With virtualized Field Programmable Gate Arrays (FPGAs) on the verge of being deployed to the cloud computing domain, there is a rising interest in resolving recently identified security issues. Those issues result from different trusted and untrusted entities sharing the FPGA fabric and the Power Distribution Network. Researchers were able to perform both side-channel and fault attacks between logically isolated designs on the same FPGA fabric, compromising security of cryptographic modules and other critical implementations. Side-channel attacks specifically are enabled by the vast degree of freedom given to developers when making use of the basic FPGA resources. Both ring oscillators as well as long delay lines, implemented using low-level FPGA primitives, have been shown to provide sufficient data for simple or correlation-based power analysis attacks. In order to develop new or apply known countermeasures onto designs and implementations in a virtualized multi-tenant FPGA, we seek to fully understand the underlying mechanisms and dependencies of chip-internal side-channel attacks. Although the impact of process variation and other physical design parameters on side-channel vulnerability has been investigated in previous works, remote attacks between logically isolated partitions in multi-tenant FPGAs introduce new and unique challenges. Thus, we systematically analyze the impact of physical mapping of both attacker and victim design on the success of correlation power analysis attacks on the Advanced Encryption Standard (AES). We report our findings on a Xilinx Zynq 7000-based platform, which show that the effect of global and local placement as well as routing and process variation on the success of side-channel attacks almost exceeds the impact of hiding countermeasures. This result reveals fundamental challenges in secure virtualization of FPGAs, which have been mostly ignored so far. Eventually, our results may also help vendors and hypervisors in developing zero overhead side-channel countermeasures based on adequate global and local placement of isolated designs on a multi-tenant FPGA.

How to Cite
Krautter, J., Gnad, D., & Tahoori, M. (2020). CPAmap: On the Complexity of Secure FPGA Virtualization, Multi-Tenancy, and Physical Design. IACR Transactions on Cryptographic Hardware and Embedded Systems, 2020(3), 121-146.