Visible to the public Secure acceleration on cloud-based FPGAs – FPGA enclaves

TitleSecure acceleration on cloud-based FPGAs – FPGA enclaves
Publication TypeConference Paper
Year of Publication2020
AuthorsEnglund, Håkan, Lindskog, Niklas
Conference Name2020 IEEE International Parallel and Distributed Processing Symposium Workshops (IPDPSW)
KeywordsCloud Security, composability, Computational modeling, Concurrency, Confidential computing, enclaves, Encryption, FAA, field programmable gate arrays, FPGA, Hardware, hardware security, Human Behavior, Metrics, PKI Trust Models, pubcrawl, resilience, Resiliency, Scalability, security, system-on-chip
Abstract

FPGAs are becoming a common sight in cloud environments and new usage paradigms, such as FPGA-as-a-Service, have emerged. This development poses a challenge to traditional FPGA security models, as these are assuming trust between the user and the hardware owner. Currently, the user cannot keep bitstream nor data protected from the hardware owner in an FPGA-as-a-service setting. This paper proposes a security model where the chip manufacturer takes the role of root-of-trust to remedy these security problems. We suggest that the chip manufacturer creates a Public Key Infrastructure (PKI), used for user bitstream protection and data encryption, on each device. The chip manufacturer, rather than the hardware owner, also controls certain security-related peripherals. This allows the user to take control over a predefined part of the programmable logic and set up a protected enclave area. Hence, all user data can be provided in encrypted form and only be revealed inside the enclave area. In addition, our model enables secure and concurrent multi-tenant usage of remote FPGAs. To also consider the needs of the hardware owner, our solution includes bitstream certification and affirming that uploaded bitstreams have been vetted against maliciousness.

DOI10.1109/IPDPSW50202.2020.00026
Citation Keyenglund_secure_2020