Nav: Home

Vulnerability of cloud service hardware uncovered

May 31, 2019

Field-programmable gate arrays (FPGAs) are, so to say, a computer manufacturer's "Lego bricks": electronic components that can be employed in a more flexible way than other computer chips. Even large data centers that are dedicated to cloud services, such as those provided by some big technology companies, often resort to FPGAs. To date, the use of such services has been considered as relatively secure. Recently, however, scientists at Karlsruhe Institute of Technology (KIT) uncovered potential gateways for cyber criminals, as they explain in a report published in the IACR journal. (DOI: 10.13154)

While conventional computer chips mostly perform a very specific task that never changes, FPGAs are capable of assuming nearly every function of any other computer chip. This often makes them first choice for the development of new devices or systems. "FPGAs are for example built into the first product batch of a new device because, unlike special chips whose development only pays off when produced in high volumes, FPGAs can still be modified later," says Dennis Gnad, a member of the Institute of Computer Engineering (ITEC) at KIT. The computer scientist compares this to a sculpture made from reusable Lego bricks instead of a modeling compound that can no longer be modified once it has hardened.

Therefore, the fields of application of these digital multi-talents span the most diverse sectors, such as smartphones, networks, the Internet, medical engineering, vehicle electronics, or aerospace. Having said that, FPGAs stand out by their comparatively low current consumption, which makes them ideally suited for the server farms run by cloud service providers. A further asset of these programmable chips is that they can be partitioned at will. "The upper half of the FPGA can be allocated to one customer, the lower half to a second one," says Jonas Krautter, another ITEC member. Such a use scenario is highly desirable for cloud services, where tasks related e.g. to databases, AI applications, such as machine learning, or financial applications have to be performed.

Multiple-User Access Facilitates Attacks

Gnad describes the problem as follows: "The concurrent use of an FPGA chip by multiple users opens a gateway for malicious attacks." Ironically, just the versatility of FPGAs enables clever hackers to carry out so-called side-channel attacks. In a side-channel attack, cyber criminals use the energy consumption of the chip to retrieve information allowing them to break its encryption. Gnad warns that such chip-internal measurements enable a malicious cloud service customer to spy on another. What is more, hackers are not only able to track down such telltale current consumption fluctuations--they can even fake them. "This way, it is possible to tamper with the calculations of other customers or even to crash the chip altogether, possibly resulting in data losses," Krautter explains. Gnad adds that similar hazards exist for other computer chips as well. This includes those used frequently for IoT applications, such as smart heating control or lighting systems.

To solve the problem, Gnad and Krautter adopted an approach that consists in restricting the immediate access of users to the FPGAs. "The challenge is to reliably filter out malicious users without tying up the legitimate ones too much," says Gnad.
-end-
IACR publication:

Gnad, D., Krautter, J., & Tahoori, M. (2019). Leaky Noise: New Side-Channel Attack Vectors in Mixed-Signal IoT Devices. IACR Transactions on Cryptographic Hardware and Embedded Systems, 2019(3), 305-339. https://doi.org/10.13154/tches.v2019.i3.305-339

More information:

Podcast on FPGA side channels: http://modellansatz.de/fpga-seitenkanaele (in German)

More about the KIT Information · Systems · Technologies Center: http://www.kcist.kit.edu

Press contact:

Kosta Schinarakis
Editor/Press Officer
Phone: +49 721 608-21165
E-Mail: schinarakis@kit.edu

Being "the Research University in the Helmholtz Association," KIT creates and imparts knowledge for the society and the environment. It is the objective to make significant contributions to the global challenges in the fields of energy, mobility and information. For this, about 9,300 employees cooperate in a broad range of disciplines in natural sciences, engineering sciences, economics, and the humanities and social sciences. KIT prepares its 25,100 students for responsible tasks in society, industry, and science by offering research-based study programs. Innovation efforts at KIT build a bridge between important scientific findings and their application for the benefit of society, economic prosperity, and the preservation of our natural basis of life.

This press release is available on the internet at http://www.sek.kit.edu/presse.php

Karlsruher Institut für Technologie (KIT)

Related Technology Articles:

April's SLAS Technology is now available
April's Edition of SLAS Technology Features Cover Article, 'CURATE.AI: Optimizing Personalized Medicine with Artificial Intelligence'.
Technology in higher education: learning with it instead of from it
Technology has shifted the way that professors teach students in higher education.
Post-lithium technology
Next-generation batteries will probably see the replacement of lithium ions by more abundant and environmentally benign alkali metal or multivalent ions.
Rethinking the role of technology in the classroom
Introducing tablets and laptops to the classroom has certain educational virtues, according to Annahita Ball, an assistant professor in the University at Buffalo School of Social Work, but her research suggests that tech has its limitations as well.
The science and technology of FAST
The Five hundred-meter Aperture Spherical radio Telescope (FAST), located in a radio quiet zone, with the targets (e.g., radio pulsars and neutron stars, galactic and extragalactic 21-cm HI emission).
AI technology could help protect water supplies
Progress on new artificial intelligence (AI) technology could make monitoring at water treatment plants cheaper and easier and help safeguard public health.
Transformative technology
UC Davis neuroscientists have developed fluorescence sensors that are opening a new era for the optical recording of dopamine activity in the living brain.
Do the elderly want technology to help them take their medication?
Over 65s say they would find technology to help them take their medications helpful, but need the technology to be familiar, accessible and easy to use, according to research by Queen Mary University of London and University of Cambridge.
Technology detecting RNase activity
A KAIST research team of Professor Hyun Gyu Park at Department of Chemical and Biomolecular Engineering developed a new technology to detect the activity of RNase H, a RNA degrading enzyme.
Taking technology to the next level
Physicists from the ARC Centre of Excellence for Ultrahigh bandwidth Devices for Optical Systems (CUDOS) developed a new hybrid integrated platform, promising to be a more advanced alternative to conventional integrated circuits.
More Technology News and Technology Current Events

Trending Science News

Current Coronavirus (COVID-19) News

Top Science Podcasts

We have hand picked the top science podcasts of 2020.
Now Playing: TED Radio Hour

Teaching For Better Humans 2.0
More than test scores or good grades–what do kids need for the future? This hour, TED speakers explore how to help children grow into better humans, both during and after this time of crisis. Guests include educators Richard Culatta and Liz Kleinrock, psychologist Thomas Curran, and writer Jacqueline Woodson.
Now Playing: Science for the People

#556 The Power of Friendship
It's 2020 and times are tough. Maybe some of us are learning about social distancing the hard way. Maybe we just are all a little anxious. No matter what, we could probably use a friend. But what is a friend, exactly? And why do we need them so much? This week host Bethany Brookshire speaks with Lydia Denworth, author of the new book "Friendship: The Evolution, Biology, and Extraordinary Power of Life's Fundamental Bond". This episode is hosted by Bethany Brookshire, science writer from Science News.
Now Playing: Radiolab

Dispatch 3: Shared Immunity
More than a million people have caught Covid-19, and tens of thousands have died. But thousands more have survived and recovered. A week or so ago (aka, what feels like ten years in corona time) producer Molly Webster learned that many of those survivors possess a kind of superpower: antibodies trained to fight the virus. Not only that, they might be able to pass this power on to the people who are sick with corona, and still in the fight. Today we have the story of an experimental treatment that's popping up all over the country: convalescent plasma transfusion, a century-old procedure that some say may become one of our best weapons against this devastating, new disease.   If you have recovered from Covid-19 and want to donate plasma, national and local donation registries are gearing up to collect blood.  To sign up with the American Red Cross, a national organization that works in local communities, head here.  To find out more about the The National COVID-19 Convalescent Plasma Project, which we spoke about in our episode, including information on clinical trials or plasma donation projects in your community, go here.  And if you are in the greater New York City area, and want to donate convalescent plasma, head over to the New York Blood Center to sign up. Or, register with specific NYC hospitals here.   If you are sick with Covid-19, and are interested in participating in a clinical trial, or are looking for a plasma donor match, check in with your local hospital, university, or blood center for more; you can also find more information on trials at The National COVID-19 Convalescent Plasma Project. And lastly, Tatiana Prowell's tweet that tipped us off is here. This episode was reported by Molly Webster and produced by Pat Walters. Special thanks to Drs. Evan Bloch and Tim Byun, as well as the Albert Einstein College of Medicine.  Support Radiolab today at Radiolab.org/donate.