> On these devices, the bitstream encryption provides authenticity by using an SHA-256 based HMAC and also provides
confidentiality by using CBC-AES-256 for encryption
> We identified two roots leading to the attacks. First, the decrypted bitstream data are interpreted by the configuration
logic before the HMAC validates them. Second, the HMAC
key is stored inside the encrypted bitstream
> On these devices, the bitstream encryption provides authenticity by using an SHA-256 based HMAC and also provides confidentiality by using CBC-AES-256 for encryption
> We identified two roots leading to the attacks. First, the decrypted bitstream data are interpreted by the configuration logic before the HMAC validates them. Second, the HMAC key is stored inside the encrypted bitstream