Dynamic Fault Tolerance in FPGAs via Partial Reconfiguration
FCCM '00 Proceedings of the 2000 IEEE Symposium on Field-Programmable Custom Computing Machines
OCB: A block-cipher mode of operation for efficient authenticated encryption
ACM Transactions on Information and System Security (TISSEC)
Proceedings of the conference on Design, automation and test in Europe
A Secure Content Delivery System Based on a Partially Reconfigurable FPGA
IEICE - Transactions on Information and Systems
Authentication of FPGA bitstreams: why and how
ARC'07 Proceedings of the 3rd international conference on Reconfigurable computing: architectures, tools and applications
The security and performance of the galois/counter mode (GCM) of operation
INDOCRYPT'04 Proceedings of the 5th international conference on Cryptology in India
High-speed pipelined hardware architecture for Galois counter mode
ISC'07 Proceedings of the 10th international conference on Information Security
NetStage/DPR: a self-adaptable FPGA platform for application-level network security
ARC'11 Proceedings of the 7th international conference on Reconfigurable computing: architectures, tools and applications
A dynamically reconfigured multi-FPGA network platform for high-speed malware collection
International Journal of Reconfigurable Computing - Special issue on Selected Papers from the International Conference on Reconfigurable Computing and FPGAs (ReConFig'10)
NetStage/DPR: A self-reconfiguring platform for active and passive network security operations
Microprocessors & Microsystems
Hi-index | 0.00 |
A secure and dependable dynamic partial reconfiguration (DPR) system based on the AES-GCM cipher is developed, where the reconfigurable IP cores are protected by encrypting and authenticating their bitstreams with AES-GCM. In DPR systems, bitstream authentication is essential for avoiding fatal damage caused by inadvertent bitstreams. Although encryption-only systems can prevent bitstream cloning and reverse engineering, they cannot prevent erroneous or malicious bitstreams from being accepted as valid. If a bitstream error is detected after the system has already been partly configured, the system must be reconfigured with an errorless bitstream or at worst rebooted since the DPR changes the hardware architecture itself and the system cannot recover itself to the initial state by asserting a reset signal. In this regard, our system can recover from configuration errors without rebooting. To the authors' best knowledge, this is the first DPR system featuring both bitstream protection and error recovery mechanisms. Additionally, we clarify the relationship between the computation time and the bitstream block size, and derive the optimal internal memory size necessary to achieve the highest throughput. Furthermore, we implemented an AES-GCM-based DPR system targeting the Virtex-5 device on an off-the-shelf board, and demonstrated that all functions of bitstream decryption, verification, configuration, and error recovery work correctly. This paper clarifies the throughput, the hardware utilization, and the optimal memory configuration of said DPR system.