JustSTART: How to Find an RSA Authentication Bypass on Xilinx UltraScale(+) with Fuzzing

arXiv:2402.09845v1 Announce Type: new
Abstract: Fuzzing is a well-established technique in the software domain to uncover bugs and vulnerabilities. Yet, applications of fuzzing for security vulnerabilities in hardware systems are scarce, as principal reasons are requirements for design information access (HDL source code). Moreover, observation of internal hardware state during runtime is typically an ineffective information source, as its documentation is often not publicly available. In addition, such observation during runtime is also inefficient due to bandwidth-limited analysis interfaces (JTAG, …

access applications arxiv authentication authentication bypass bugs bypass code cs.cr design domain find fuzzing hardware hdl information internal requirements rsa security software source code systems uncover vulnerabilities