During this period, researchers from Horst Gotz Institute of IT security and Max Planck Institute of network security and privacy protection of Ruhr University in Bohong discovered in a joint research project that a key security vulnerability is hidden in FPGA, which they call “starbleed”, and attackers can use this vulnerability to completely control the chip and its functions. In addition, the report also said that since the vulnerability is an integral part of the hardware, it can only make up for the security risk by replacing the chip. What is the impact of this security breach? What impact will it bring to FPGA industry?
How does starblend come into being
Sun Jianhui, a lecturer in the school of physics and Electronic Sciences of Shandong Normal University, told reporters that FPGA (field program gate array) chip, which some people call universal chip, has the hardware programmable ability of digital logic circuit, and its application scenarios cover military, civil, industrial, etc. These applications can not only use FPGA chip for fast logic implementation, but also be reconstructed into multimedia information processing codec chip, such as multimedia SOC chip codec, baseband of wireless communication.
In the view of many people, this starbleed security vulnerability is precisely due to the “omnipotence” of FPGA. Open and flexible chips will also have more security vulnerabilities. According to the analysis of this event on the official website of Xilinx, the research object of the researchers this time is based on the Xilinx 6-series and 7-series FPGA devices ten years or even more ago. Attackers will make use of the two devices to lack error expansion in aes-cbc mode. At the same time, the configuration commands represented by wbstar can be executed before the authentication is successful, so that they can successfully break through the device security barrier.
How big is the impact
Due to the wide use of FPGA, especially in the military industry, aerospace and industrial control industry with high security requirements, there is a great demand. In addition, this security vulnerability is a component of the hardware, and the repair cycle is longer than that of the software. These are the reasons for the storm caused by this starbleed security vulnerability incident.
Wang Haili, founder and CEO of Beijing micro Qili, said: “there are generally two ways to fix security vulnerabilities, starting with software or hardware repair. Compared with software repair, the cycle is short, the speed is fast and the cost is low. For example, if algorithm a is cracked, it will be encrypted by algorithm B. now, the FPGA uses aes256 bit encryption for the generated configuration code stream. Generally speaking, this algorithm is difficult to crack. At the same time, if the configuration code stream is cracked, you can also upgrade the software and complete the patch modification, which is easier to solve in general. “
However, if we fix the vulnerability from the aspect of hardware, we will spend more time and energy“ Generally speaking, in order to repair the hardware vulnerability, we need to do some special functions in the hardware circuit to judge some malicious attacks, prevent others from cracking the bit stream, or monitor the pre judgment circuit that does not work according to the original behavior. These costs can be very high, because it is often necessary to redesign the chip, re tape and re produce. This time, the researchers did not disclose the mechanism of the key security vulnerability in detail, which confirms from the side that this starbleed security vulnerability incident has a great impact, because this security vulnerability may be caused by the hardware component. ” Wang Haili said.
“After this security incident, the U.S. headquarters immediately gave design suggestions to avoid potential safety hazards,” a Xilinx spokesman told reporters. Moreover, although the vulnerability is on the hardware, it is not easy to attack through it. There is a prerequisite that the hardware must be physically contacted at close range. In other words, first, if you want to attack, you must have close physical contact, but it is not easy to achieve; Second, if you want to implement remote attacks, you need to set the interface to be externally accessible. If the interface does not set external access, this problem will not occur. “
Making good use of “waste” and turning it into treasure
In Wang Haili’s view, the tactics used by the attackers are not new: “as early as ten years ago, hackers would use the technology of controlling and configuring the code stream to invade. Over the years, the security performance of FPGA is improving, and the hacker technology is also improving. Generally speaking, open and flexible chips have more security vulnerabilities. This is often accompanied by the problem of hackers can not be completely avoided, but it is precisely because of the existence of hackers that FPGA needs to constantly update iterations and repair vulnerabilities. In a sense, it also promotes the development of FPGA technology. “
Sun Jianhui believes that although this security vulnerability event has sounded an alarm to all FPGA R & D units, it can also reverse the use of this security vulnerability and turn “waste” into treasure“ For example, we can manipulate the code stream storage based on remote wireless, reconstruct and update the logic function remotely, and if the user has private permissions, or even can set permissions to access and modify the code stream, while the malicious intruder is blocked by the strict security network, this is undoubtedly a blessing in disguise, It will also promote the development of FPGA hardware reconfiguration chips in the world, and introduce new standards or new R & D specifications. ” Sun Jianhui said.
Wang Haili said that although compared with foreign FPGAs, domestic FPGAs started late and the technology is relatively backward, China still has its own advantages. In terms of security performance, domestic FPGA can do some of its own characteristics, such as in the encryption algorithm, in some application fields, using the national secret algorithm to encrypt, it is not easy to be cracked, and the security performance is higher. In addition, domestic FPGA can learn from many foreign PFGA development experience, avoid many minefields, so that domestic FPGA can develop faster and better in security performance.
At the same time, sun Jianhui believes that the starbleed security vulnerability incident also gives domestic fpga a certain reflection, so that domestic FPGA enterprises can think about how to design FPGA universal chip, and what new physical, circuit, algorithm and configuration download process technology can be used for FPGA Reconfiguration Design with higher security? If domestic enterprises and other units seize the opportunity to launch the latest security FPGA chip, own international patents and launch new standards, it is undoubtedly a good opportunity to break through.
Security is one of the most important characteristics at present, and enterprises that attach importance to it will get better development.