JustSTART: How to Find an RSA Authentication Bypass on Xilinx UltraScale(+) with Fuzzing
Maik Ender, Felix Hahn, Marc Fyrbiak, Amir Moradi, Christof Paar
TL;DR
This work introduces ConFuzz, a gray-box hardware fuzzing framework designed to unveil vulnerabilities in Xilinx FPGA configuration engines, focusing on 7-Series and UltraScale(+) devices. By employing structure-aware mutations across three strategies (bitstream structure, intra-command, inter-command) and a rapid prototyping workflow, the authors automatically rediscover the Starbleed attack and uncover a novel RSA-authentication bypass, JustSTART (CVE-2023-20570). They demonstrate that fuzzing can reveal undocumented behavior, such as RSA test modes and unusual crashes, even with limited documentation and restricted internal visibility, and they discuss mitigations emphasizing encryption + authentication via security fuses. The work highlights the security implications for FPGA bitstreams, stresses the importance of comprehensive documentation, and provides a reusable framework (MIT-licensed) to empower security researchers and potentially extend to other FPGA vendors. Overall, ConFuzz enables scalable, automated exploration of hardware configuration engines, contributing to hardware security analysis and guiding better design and deployment practices in FPGA-enabled systems.
Abstract
Fuzzing is a well-established technique in the software domain to uncover bugs and vulnerabilities. Yet, applications of fuzzing for security vulnerabilities in hardware systems are scarce, as principal reasons are requirements for design information access (HDL source code). Moreover, observation of internal hardware state during runtime is typically an ineffective information source, as its documentation is often not publicly available. In addition, such observation during runtime is also inefficient due to bandwidth-limited analysis interfaces (JTAG, and minimal introspection of internal modules). In this work, we investigate fuzzing for 7-Series and UltraScale(+) FPGA configuration engines, the control plane governing the (secure) bitstream configuration within the FPGA. Our goal is to examine the effectiveness of fuzzing to analyze and document the opaque inner workings of FPGA configuration engines, with a primary emphasis on identifying security vulnerabilities. Using only the publicly available chip and dispersed documentation, we first design and implement ConFuzz, an advanced FPGA configuration engine fuzzing and rapid prototyping framework. Based on our detailed understanding of the bitstream file format, we then systematically define 3 novel key fuzzing strategies for Xilinx configuration engines. Moreover, our strategies are executed through mutational structure-aware fuzzers and incorporate various novel custom-tailored, FPGA-specific optimizations. Our evaluation reveals previously undocumented behavior within the configuration engine, including critical findings such as system crashes leading to unresponsive states of the FPGA. In addition, our investigations not only lead to the rediscovery of the starbleed attack but also uncover JustSTART (CVE-2023-20570), capable of circumventing RSA authentication for Xilinx UltraScale(+). Note that we also discuss countermeasures.