Researchers explore vulnerability in FPGAs affecting cloud services and IoTs
- By allocating a single FPGA to multiple users, researchers at KIT have noted this can facilitate malicious attacks.
- The versatile use of FPGAs can enable hackers to carry out side-channel attacks.
In the computer world, Field-Programmable Gate Array plays an important role. This electronic component can be employed in a more flexible way than other computer chips. Even companies that do most of their businesses through cloud services also resort to FPGAs.
Up till now, the use of such services was considered secure and safe. However, researchers have recently uncovered a potential gateway that can be misused by cybercriminals.
What’s the matter?
A group of scientists from Karlsruhe Institute of Technology (KIT) has explained that unlike the conventional computer chips, FPGAs are capable of assuming nearly every function of any other computer chip. Due to its flexibility, FPGAs are always the first choices for the development of new devices or systems.
Further, the electronic component stands out due to its comparatively low current consumption and its usage capabilities. This makes it ideal for the server farms run by cloud service providers.
Citing the versatile use of the FPGA, Jonas Krautter, a member of the Institute of Computer Engineering (ITEC) at KIT has said, “The upper half of the FPGA can be allocated to one customer, the lower half to a second one.”
By allocating a single FPGA to multiple users, researchers at KIT have noted this can facilitate malicious attacks.
Dennis Gnad, another member of ITEC, has described the problem as follows: “The concurrent use of an FPGA chip by multiple users opens a gateway for malicious attacks.”
What is the impact?
This versatility of FPGAs can enable hackers to carry out side-channel attacks. In a side-channel attack, attacks take advantage of energy consumption of the chip to retrieve information allowing them to break its encryption. This, in turn, can allow a malicious cloud service customer to spy on other users.
“This way, it is possible to tamper with the calculations of other customers or even to crash the chip altogether, possibly resulting in data losses,” Krautter explains, HelpNetSecurity reported.
The flaw impacts the IoT applications that use FPGA in smart heating control and lighting systems.
Solving the issue
To solve the problem, Gnad and Krautter adopted an approach that includes restricting the immediate access of attackers to the FPGAs. However, there is a challenge to this.
“The challenge is to reliably filter out malicious users without tying up the legitimate ones too much,” said Gnad.