Security News > 2020 > April > Unpatchable 'Starbleed' Bug in FPGA Chips Exposes Critical Devices to Hackers
The details of the attacks against Xilinx 7-Series and Virtex-6 Field Programmable Gate Arrays have been covered in a paper titled "The Unpatchable Silicon: A Full Break of the Bitstream Encryption of Xilinx 7-Series FPGAs" by a group of academics from the Horst Goertz Institute for IT Security and Max Planck Institute for Cyber Security and Privacy.
In contrast to other known side-channel and probing attacks against Xilinx and Altera FPGAs, the novel "Low-cost" attack aims to recover and manipulate the bitstream by leveraging the configuration interface to read back data from the FPGA device.
An automatic reset of the FPGA happens due to changes made to the bitstream in step but doesn't reset the WBSTAR contents as it's used for the MultiBoot and fallback feature.
Manually reset the FPGA device to repeat the above steps and recover the entire encrypted bitstream as 32-bit words.
In the second type of attack, the FPGA can be used to encrypt arbitrary bitstreams - once again taking advantage of the underlying CBC mode - and create a valid message authentication tag, thereby breaking the authenticity of the bitstream as well.
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/d6fjehNuuEY/fpga-chip-vulnerability.html