Improved FPGA-security by Partial Reconfiguration

FPGA implementations need special security means as cryptographic algorithms are particularly vulnerable against side-channel attacks. Other algorithms often encapsulate valuable IP that are not meant for public display so that reverse engineering supported by side-channel attacks can turn out to be a big problem. Using partial reconfiguration, the effort needed by the attacker can be increased remarkably. Thus, during the design synthesis, a multitude of functionally equivalent logic variants for the IP to be protected, are generated and stored in partial bitfiles. At runtime, those can be chosen by a controller and placed. The attacker cannot easily distinguish which variant is active during the process of the side channel measurement resulting in an increased overall effort. Therefore, Mixed Mode is developing a tool-based workflow that creates partial bitfiles automatically as part of the research project SecRec. Its configuration is done directly by annotations in the source code.