HILL: A Hardware Isolation Framework Against Information Leakage on Multi-Tenant FPGA Long-Wires

• Published in: 2019 International Conference on Field-Programmable Technology (ICFPT) pp. 331 - 334
• Main Authors: Luo, Yukui, Xu, Xiaolin
• Format: Conference Proceeding
• Language: English
• Published: IEEE 01.12.2019
• Subjects: capacitive crosstalk; FPGA; Long wires; multi tenant; side channel
• DOI: 10.1109/ICFPT47387.2019.00060

FPGA has recently been deployed in the multi-tenant cloud to provide high-performance computing capabilities. Such deployment of FPGA creates a new attack surface for adversary. It has been recently demonstrated that the capacitive crosstalk between FPGA long-wires can be used as a side-channel to extract secret information. In this paper, we present HILL: a Hardware Isolation framework against information Leakage on multi-tenant FPGA Long-wires. As a defense framework, HILL can prioritize the placement and routing of security-critical hardware instances and isolate them from other parts and tenants. For data and communication interfaces that use FPGA long-wires, such as UART, PCIe, and AXI4, HILL employs a long-wire obfuscation technique to reduce the side-channel leakage. We evaluate the performance of HILL with Xilinx Artix-7 FPGAs using two prevalent FPGA development tools: Xilinx ISE 14.7 and Vivado 2018.3. The experimental results demonstrate that HILL can effectively reduce the crosstalk-caused side-channel leakage by 138 times. The long-wire obfuscation technique reduces the correlation between the side-channel leakage and secret key from 81.7% to 50.3%, which is close to random guess.