Dynamic partial reconfiguration enables multi-tenancy in cloud-based FPGAs, which presents security challenges for tenants, IPs, and data. Malicious users can exploit FPGAs for remote side-channel attacks (SCAs), and shared on-chip resources can be used for attacks. Logical separation can ensure design integrity, but on-chip resources can still be exploited. Conventional SCA mitigation can help, but it requires significant effort, and bitstream checking techniques are not highly accurate. An active on-chip defense mechanism is needed for tenant confidentiality. Toward this, we propose a lightweight shielding technique utilizing ring oscillators (ROs) to protect applications against remote power SCA. Unlike existing RO-based approaches, in our methodology, an offline pre-processing stage is proposed to carefully configure power monitors and an obfuscating circuit concerning the resource constraints of the board. Detection of power fluctuations due to application execution enables the obfuscating circuit to flatten the power consumption trace. To evaluate the effectiveness of the proposed SHIELD, we implemented it on a Xilinx Zynq-7000 FPGA board executing an RSA encryption algorithm. Due to the SHIELD, the number of traces required to extract the encryption key is increased by 166x, making an attack extremely hard at run-time. Note that the proposed SHIELD does not require any modification in the target application. Our methodology also shows up to 54% less power consumption and up to 26% less area overhead than the state-of-the-art random noise-addition-based defense.

翻译：动态部分重构技术使云FPGA实现多租户成为可能，但这对租户、知识产权核及数据安全构成了挑战。恶意用户可利用FPGA实施远程侧信道攻击（SCA），共享片上资源也可能被用于攻击。逻辑隔离虽能确保设计完整性，但片上资源仍存在被利用的风险。传统SCA缓解措施虽有效但开销巨大，位流检测技术的准确性也有待提升。为保障租户机密性，亟需主动式片上防御机制。为此，我们提出一种基于环形振荡器（RO）的轻量级屏蔽技术，用于保护应用免受远程电源SCA攻击。与现有基于RO的方法不同，本文方法提出离线预处理阶段，根据板级资源约束谨慎配置功率监测器与混淆电路。通过检测应用运行时的功率波动，混淆电路能够平抑功耗迹线。为评估SHIELD的有效性，我们在执行RSA加密算法的Xilinx Zynq-7000 FPGA开发板上进行了实现。实验表明，SHIELD使提取加密密钥所需迹线数量增加166倍，极大提升了运行时攻击难度。值得注意的是，SHIELD无需对目标应用进行任何修改。与当前最先进的随机噪声注入防御方案相比，本方法功耗降低最高达54%，面积开销减少最高达26%。