Removing the Root of Trust: Secure Oblivious Key Establishment for FPGAs

FPGAs are widely deployed nowadays. Besides offering powerful computation capacity, contemporary FPGAs also provide many security features such as bitstream protection. The security of these features is dependent on the security of the keys embedded in the FPGA, which is usually generated by the vendor. This type of architecture has a shortcoming that the FPGA vendor knows everything and becomes the root of trust. In this work, we propose a key generation method utilizing bilinear pairing that enables the user of the FPGA to interact with the device to generate keys. The generated keys depend on both the input from the user and the device so vendor cannot learn the keys. Furthermore, we offer a method to allow the user to verify the generated keys to make sure that the keys are related to his input. Finally we conduct some experiments and indicate the effectiveness of our scheme.