UPGRADE YOUR BROWSER

We have detected your current browser version is not the latest one. Xilinx.com uses the latest web technologies to bring you the best online experience possible. Please upgrade to a Xilinx.com supported browser:Chrome, Firefox, Internet Explorer 11, Safari. Thank you!

AR# 72588

Design Advisory for Zynq UltraScale+ MPSoC/RFSoC: Encrypt Only Boot Mode - Unauthenticated Boot and Partition Headers

Description

The Encrypt Only boot mode in the Zynq UltraScale+ device requires system level protections to be resistant to Differential Power Analysis (DPA) attacks. 

This is documented in version 1.8 of the Technical Reference Manual (TRM) that introduced the Encrypt Only boot mode, (UG1085): Zynq UltraScale+ Device Technical Reference Manual, which was released 8/3/2018.

This advisory notifies customers that the system level protections referenced in the TRM should also take into consideration that the Boot and Partition Headers are not authenticated in the Encrypt Only boot mode. 


Without authentication of these headers it is possible for an adversary who has access to the boot image to modify the control fields resulting in incorrect secure boot behavior. 

One such example is modification of the destination execution address. This address represents the start instruction address for a loaded partition. 

An adversary with access to the boot image could modify the address, causing the device to jump to an arbitrary memory location to modify or bypass the secure boot process.


For more information on how to sign up to receive notifications of new Design Advisories, see (Xilinx Answer 18683).

Solution

Xilinx continues to recommend the use of the Hardware Root of Trust (HWRoT) boot mode when possible. The HWRoT boot mode does authenticate the boot and partition headers.

For systems that must use the Encrypt Only boot mode, customers are advised to consider system level protections that take into account DPA, unauthenticated boot, and partition header attack vectors.

AR# 72588
Date 08/08/2019
Status Active
Type Design Advisory
Devices
Tools
Page Bookmarked