{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T04:29:29Z","timestamp":1750307369507,"version":"3.41.0"},"reference-count":37,"publisher":"Association for Computing Machinery (ACM)","issue":"2","license":[{"start":{"date-parts":[[2010,5,1]],"date-time":"2010-05-01T00:00:00Z","timestamp":1272672000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Reconfigurable Technol. Syst."],"published-print":{"date-parts":[[2010,5]]},"abstract":"<jats:p>\n            Remote update of hardware platforms or embedded systems is a convenient service enabled by Field Programmable Gate Array (FPGA)-based systems. This service is often essential in applications like space-based FPGA systems or set-top boxes. However, having the source of the update be remote from the FPGA system opens the door to a set of attacks that may challenge the confidentiality and integrity of the FPGA configuration, the bitstream. Existing schemes propose to encrypt and authenticate the bitstream to thwart these attacks. However, we show that they do not prevent the replay of old bitstream versions, and thus give adversaries an opportunity for downgrading the system. In this article, we propose a new architecture called\n            <jats:sc>sarfum<\/jats:sc>\n            that, in addition to ensuring bitstream confidentiality and integrity, precludes the replay of old bitstreams.\n            <jats:sc>sarfum<\/jats:sc>\n            also includes a protocol for the system designer to remotely monitor the running configuration of the FPGA. Following our presentation and analysis of the security protocols, we propose an example of implementation with the CCM (Counter with CBC-MAC) authenticated encryption standard. We also evaluate the impact of our architecture on the configuration time for different FPGA devices.\n          <\/jats:p>","DOI":"10.1145\/1754386.1754389","type":"journal-article","created":{"date-parts":[[2010,6,22]],"date-time":"2010-06-22T12:20:45Z","timestamp":1277209245000},"page":"1-29","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":4,"title":["SARFUM"],"prefix":"10.1145","volume":"3","author":[{"given":"Beno\u00eet","family":"Badrignans","sequence":"first","affiliation":[{"name":"S.A.S. Netheos and University of Montpellier"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"David","family":"Champagne","sequence":"additional","affiliation":[{"name":"Princeton University"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Reouven","family":"Elbaz","sequence":"additional","affiliation":[{"name":"Intel Corporation"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Catherine","family":"Gebotys","sequence":"additional","affiliation":[{"name":"University of Waterloo"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Lionel","family":"Torres","sequence":"additional","affiliation":[{"name":"University of Montpellier"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2010,5]]},"reference":[{"key":"e_1_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1147\/sj.302.0206"},{"key":"e_1_2_1_2_1","volume-title":"Advanced Encryption Standard","author":"AES","year":"2001","unstructured":"AES , Advanced Encryption Standard . 2001 . Federal information processing standards publication 197 (FIPS- 197) http:\/\/www.csrc.nist.gov\/publications\/fips\/fips197\/fips-197.pdf. AES, Advanced Encryption Standard. 2001. Federal information processing standards publication 197 (FIPS-197) http:\/\/www.csrc.nist.gov\/publications\/fips\/fips197\/fips-197.pdf."},{"key":"e_1_2_1_3_1","unstructured":"Actel. 2008. ProASIC\u00ae3 handbook. http:\/\/www.actel.com\/documents\/PA3_HB.pdf.  Actel. 2008. ProASIC\u00ae3 handbook. http:\/\/www.actel.com\/documents\/PA3_HB.pdf."},{"key":"e_1_2_1_4_1","unstructured":"Altera. 2006. Design security in Stratix III devices. White paper. www.altera.com\/literature\/wp\/wp-01010.pdf.  Altera. 2006. Design security in Stratix III devices. White paper. www.altera.com\/literature\/wp\/wp-01010.pdf."},{"key":"e_1_2_1_5_1","unstructured":"Altera. 2007. Error detection and recovery using CRC in Altera FPGA devices. Application Note 357. http:\/\/www.altera.com\/literature\/an\/an357.pdf.  Altera. 2007. Error detection and recovery using CRC in Altera FPGA devices. Application Note 357. http:\/\/www.altera.com\/literature\/an\/an357.pdf."},{"volume-title":"Proceedings of the 18th International Conference on Field Programmable Logic and Applications (FPL\u201908)","author":"Badrignans B.","key":"e_1_2_1_6_1","unstructured":"Badrignans , B. , Elbaz , R. , and Torres , L . 2008. Secure FPGA configuration technique preventing system downgrade . In Proceedings of the 18th International Conference on Field Programmable Logic and Applications (FPL\u201908) . Badrignans, B., Elbaz, R., and Torres, L. 2008. Secure FPGA configuration technique preventing system downgrade. In Proceedings of the 18th International Conference on Field Programmable Logic and Applications (FPL\u201908)."},{"key":"e_1_2_1_7_1","unstructured":"BBC. 2002. Falun Gong breaks onto China\u2019s airwaves. http:\/\/news.bbc.co.uk\/2\/hi\/asia-pacific\/1860159.stm.  BBC. 2002. Falun Gong breaks onto China\u2019s airwaves. http:\/\/news.bbc.co.uk\/2\/hi\/asia-pacific\/1860159.stm."},{"key":"e_1_2_1_8_1","unstructured":"BBC. 2004. HK probes Falun Gong \u201chacking\u201d. http:\/\/news.bbc.co.uk\/2\/hi\/asia-pacific\/4034209.stm.  BBC. 2004. HK probes Falun Gong \u201chacking\u201d. http:\/\/news.bbc.co.uk\/2\/hi\/asia-pacific\/4034209.stm."},{"key":"e_1_2_1_9_1","volume-title":"Proceedings of the Asiacrypt Conference. Lecture Notes in Computer Science","volume":"1976","author":"Bellare M.","unstructured":"Bellare , M. and Namprempre , C . 2000. Authenticated encryption: Relations among notions and analysis of the generic construction paradigm . In Proceedings of the Asiacrypt Conference. Lecture Notes in Computer Science , vol. 1976 . Springer, 531--545. Bellare, M. and Namprempre, C. 2000. Authenticated encryption: Relations among notions and analysis of the generic construction paradigm. In Proceedings of the Asiacrypt Conference. Lecture Notes in Computer Science, vol. 1976. Springer, 531--545."},{"volume-title":"Proceedings of the 11th IEEE Reconfigurable Architectures Workshop (RAW\u201904)","author":"Bossuet L.","key":"e_1_2_1_10_1","unstructured":"Bossuet , L. , Gogniat , G. , and Burleson , W . 2004. Dynamically configurable security for SRAM FPGA bitstreams . In Proceedings of the 11th IEEE Reconfigurable Architectures Workshop (RAW\u201904) . Bossuet, L., Gogniat, G., and Burleson, W. 2004. Dynamically configurable security for SRAM FPGA bitstreams. In Proceedings of the 11th IEEE Reconfigurable Architectures Workshop (RAW\u201904)."},{"key":"e_1_2_1_11_1","volume-title":"Counter with CBC-MAC","author":"CCM","year":"2007","unstructured":"CCM , Counter with CBC-MAC . 2007 . Recommendation for block cipher modes of operation: The CCM mode for authentication and confidentiality. NIST Special Publication 800-38C. http:\/\/csrc.nist.gov\/publications\/nistpubs\/800-38C\/SP800-38C_updated-July20_2007.pdf. CCM, Counter with CBC-MAC. 2007. Recommendation for block cipher modes of operation: The CCM mode for authentication and confidentiality. NIST Special Publication 800-38C. http:\/\/csrc.nist.gov\/publications\/nistpubs\/800-38C\/SP800-38C_updated-July20_2007.pdf."},{"key":"e_1_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.5555\/1764631.1764639"},{"volume-title":"Computer Laboratory","author":"Drimer S.","key":"e_1_2_1_13_1","unstructured":"Drimer , S. 2008. Volatile FPGA design security -- A survey , Computer Laboratory , University of Cambridge . www.cl.cam.ac.uk\/~sd410\/papers\/fpga_security.pdf. Drimer, S. 2008. Volatile FPGA design security -- A survey, Computer Laboratory, University of Cambridge. www.cl.cam.ac.uk\/~sd410\/papers\/fpga_security.pdf."},{"key":"e_1_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/1314354.1314360"},{"key":"e_1_2_1_15_1","unstructured":"Feldhofer M. Lemke K. Oswald E. Standaert F. X. Wollinger T. and Wolkerstorfer J. 2005. State of the art in hardware architectures deliverable no. d.vam2 - state of the art in hardware architectures. http:\/\/www.iaik.tugraz.at\/research\/krypto\/aes\/VAM2-IAIK-17-D.VAM2-1_0.pdf.  Feldhofer M. Lemke K. Oswald E. Standaert F. X. Wollinger T. and Wolkerstorfer J. 2005. State of the art in hardware architectures deliverable no. d.vam2 - state of the art in hardware architectures. http:\/\/www.iaik.tugraz.at\/research\/krypto\/aes\/VAM2-IAIK-17-D.VAM2-1_0.pdf."},{"volume-title":"Proceedings of the 10th International Workshop on Signal Processing for Space Communications (SPSC\u201908)","author":"Ghaznavi S.","key":"e_1_2_1_16_1","unstructured":"Ghaznavi , S. and Gebotys , C . 2008. A SEU-resistant, FPGA-based implementation of the substitution transformation in AES for security on satellites . In Proceedings of the 10th International Workshop on Signal Processing for Space Communications (SPSC\u201908) . Ghaznavi, S. and Gebotys, C. 2008. A SEU-resistant, FPGA-based implementation of the substitution transformation in AES for security on satellites. In Proceedings of the 10th International Workshop on Signal Processing for Space Communications (SPSC\u201908)."},{"key":"e_1_2_1_17_1","unstructured":"GCM Galois\/Counter Mode. 2007. Recommendation for block cipher modes of operation: Galois\/Counter mode (GCM) and GMAC NIST Special Publication 800-38D. http:\/\/csrc.nist.gov\/publications\/nistpubs\/800-38D\/SP-800-38D.pdf.  GCM Galois\/Counter Mode. 2007. Recommendation for block cipher modes of operation: Galois\/Counter mode (GCM) and GMAC NIST Special Publication 800-38D. http:\/\/csrc.nist.gov\/publications\/nistpubs\/800-38D\/SP-800-38D.pdf."},{"key":"e_1_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/1057661.1057677"},{"key":"e_1_2_1_19_1","volume-title":"Proceedings of the Conference on Selected Areas in Cryptography (SAC\u201902)","volume":"2595","author":"Jonsson J.","year":"2002","unstructured":"Jonsson , J. 2002 . On the security of CTR + CBC-MAC . In Proceedings of the Conference on Selected Areas in Cryptography (SAC\u201902) . K. Nyberg, H. Heys, Eds., Lecture Notes in Computer Science , vol. 2595 . Springer, 76--93. Jonsson, J. 2002. On the security of CTR + CBC-MAC. In Proceedings of the Conference on Selected Areas in Cryptography (SAC\u201902). K. Nyberg, H. Heys, Eds., Lecture Notes in Computer Science, vol. 2595. Springer, 76--93."},{"volume-title":"Proceedings of the 10th International Workshop on Signal Processing for Space Communications (SPSC\u201908)","author":"Juliato M.","key":"e_1_2_1_20_1","unstructured":"Juliato , M. and Gebotys , C . 2008. SEU-resistant SHA-256 design for security in satellites . In Proceedings of the 10th International Workshop on Signal Processing for Space Communications (SPSC\u201908) . Juliato, M. and Gebotys, C. 2008. SEU-resistant SHA-256 design for security in satellites. In Proceedings of the 10th International Workshop on Signal Processing for Space Communications (SPSC\u201908)."},{"volume-title":"Proceedings of the IEEE International Symposium on Broadband Multimedia Systems and Broadcasting.","author":"Kuntze N.","key":"e_1_2_1_21_1","unstructured":"Kuntze , N. and Schmidt , A. U . 2007. Protection of DVB systems by trusted computing . In Proceedings of the IEEE International Symposium on Broadband Multimedia Systems and Broadcasting. Kuntze, N. and Schmidt, A. U. 2007. Protection of DVB systems by trusted computing. In Proceedings of the IEEE International Symposium on Broadband Multimedia Systems and Broadcasting."},{"key":"e_1_2_1_22_1","unstructured":"Lattice. 2007a. Parallel flash programming and FPGA configuration application note AN8077. http:\/\/www.latticesemi.com\/documents\/an8077.pdf.  Lattice. 2007a. Parallel flash programming and FPGA configuration application note AN8077. http:\/\/www.latticesemi.com\/documents\/an8077.pdf."},{"key":"e_1_2_1_23_1","unstructured":"Lattice. 2007b. LatticeECP2\/M dual boot usage guide. Tech. note TN1148.  Lattice. 2007b. LatticeECP2\/M dual boot usage guide. Tech. note TN1148."},{"key":"e_1_2_1_24_1","unstructured":"Lattice. 2008. LatticeECP2\/M family data sheet. http:\/\/www.latticesemi.com\/documents\/DS1006.pdf.  Lattice. 2008. LatticeECP2\/M family data sheet. http:\/\/www.latticesemi.com\/documents\/DS1006.pdf."},{"key":"e_1_2_1_25_1","unstructured":"Lesea A. 2007. IP security in FPGA. White paper Virtex-4 and Virtex-5 devices. http:\/\/www.xilinx.com\/support\/documentation\/white_papers\/wp261.pdf.  Lesea A. 2007. IP security in FPGA. White paper Virtex-4 and Virtex-5 devices. http:\/\/www.xilinx.com\/support\/documentation\/white_papers\/wp261.pdf."},{"key":"e_1_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/1344671.1344729"},{"volume-title":"Proceedings of the IEEE International Conference on Field-Programmable Technology.","author":"Parelkar M.","key":"e_1_2_1_27_1","unstructured":"Parelkar , M. and Gaj , K . 2005. Implementation of EAX mode of operation for FPGA bitstream encryption and authentication . In Proceedings of the IEEE International Conference on Field-Programmable Technology. Parelkar, M. and Gaj, K. 2005. Implementation of EAX mode of operation for FPGA bitstream encryption and authentication. In Proceedings of the IEEE International Conference on Field-Programmable Technology."},{"key":"e_1_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/586110.586125"},{"key":"e_1_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-68979-9_5"},{"key":"e_1_2_1_30_1","unstructured":"Smerdon M. 2008. Security solutions using Spartan-3 generation FPGAs Xilinx white paper. http:\/\/www.xilinx.com\/support\/documentation\/white_papers\/wp266.pdf and DNA webpage. http:\/\/www.xilinx.com\/products\/design_resources\/security\/devicedna.htm.  Smerdon M. 2008. Security solutions using Spartan-3 generation FPGAs Xilinx white paper. http:\/\/www.xilinx.com\/support\/documentation\/white_papers\/wp266.pdf and DNA webpage. http:\/\/www.xilinx.com\/products\/design_resources\/security\/devicedna.htm."},{"volume-title":"Proceedings of the Aerospace Conference.","author":"Surratt M.","key":"e_1_2_1_31_1","unstructured":"Surratt , M. , Loomis , H. H. , Ross , A. A. , and Duren , R . 2005. Challenges of remote FPGA configuration for space applications . In Proceedings of the Aerospace Conference. Surratt, M., Loomis, H. H., Ross, A. A., and Duren, R. 2005. Challenges of remote FPGA configuration for space applications. In Proceedings of the Aerospace Conference."},{"key":"e_1_2_1_32_1","unstructured":"Telegraph. 1999. British hackers attack MoD satellite. http:\/\/www.telegraph.co.uk\/connected\/main.jhtml?xml=\/connected\/1999\/03\/04\/ecnhack04.xml.  Telegraph. 1999. British hackers attack MoD satellite. http:\/\/www.telegraph.co.uk\/connected\/main.jhtml?xml=\/connected\/1999\/03\/04\/ecnhack04.xml."},{"key":"e_1_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1061\/(ASCE)0893-1321(2003)16:3(129)"},{"key":"e_1_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1109\/AHS.2006.54"},{"volume-title":"Proceedings of the IEEE International Conference on Field-Programmable Technology (FPT\u201902)","author":"Williams J. A.","key":"e_1_2_1_35_1","unstructured":"Williams , J. A. Dawood , A. S. , and Visser , S. J . 2002. FPGA-based cloud detection for real-time onboard remote sensing . In Proceedings of the IEEE International Conference on Field-Programmable Technology (FPT\u201902) . Williams, J. A. Dawood, A. S., and Visser, S. J. 2002. FPGA-based cloud detection for real-time onboard remote sensing. In Proceedings of the IEEE International Conference on Field-Programmable Technology (FPT\u201902)."},{"key":"e_1_2_1_36_1","unstructured":"Xilinx. 2005. Lock your designs with the Virtex-4 security solution. Xilinx white paper. www.xilinx.com\/publications\/xcellonline\/xcell_52\/xc_pdf\/xc_v4security52.pdf.  Xilinx. 2005. Lock your designs with the Virtex-4 security solution. Xilinx white paper. www.xilinx.com\/publications\/xcellonline\/xcell_52\/xc_pdf\/xc_v4security52.pdf."},{"key":"e_1_2_1_37_1","unstructured":"Xilinx. 2008. Virtex-5 FPGA configuration user guide. http:\/\/www.xilinx.com\/support\/documentation\/user_guides\/ug191.pdf.  Xilinx. 2008. Virtex-5 FPGA configuration user guide. http:\/\/www.xilinx.com\/support\/documentation\/user_guides\/ug191.pdf."}],"container-title":["ACM Transactions on Reconfigurable Technology and Systems"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1754386.1754389","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1754386.1754389","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T11:22:50Z","timestamp":1750245770000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1754386.1754389"}},"subtitle":["Security Architecture for Remote FPGA Update and Monitoring"],"short-title":[],"issued":{"date-parts":[[2010,5]]},"references-count":37,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2010,5]]}},"alternative-id":["10.1145\/1754386.1754389"],"URL":"https:\/\/doi.org\/10.1145\/1754386.1754389","relation":{},"ISSN":["1936-7406","1936-7414"],"issn-type":[{"type":"print","value":"1936-7406"},{"type":"electronic","value":"1936-7414"}],"subject":[],"published":{"date-parts":[[2010,5]]},"assertion":[{"value":"2008-05-01","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2009-03-01","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2010-05-01","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}