Hiding data inside a FPGA

Hello,

I am working on cryptographic application over VirtexII FPGAs. I need to store a simmetric key inside a reg of the FPGA, but I dont want that someboy could read it analizyng the bitstream. The bitstream could not be encrypted. Has anybody experience about hide data inside a FPGA?. Anyone knows some papers about this topic?

Regards

Javier

Reply to
Javier Castillo
Loading thread data ...

Hiding a key should be easy if your "reg of the FPGA" is formed by a non-contiguous set of flip-flops. Unless the person reading the bitstream understands the register's usage within the FPGA, they could not determine which of the bitstream bits make up the "reg" and in what order. Try to avoid regular structures (like relational place macros) for your register and either place the flip-flops randomly by hand, or set the placement switches to ignore register ordering when you place and route.

Reply to
Gabor

I'd say force the placement of theses regs around. And you can also make a small logic block that "calculates" the key from apparently random data.

Sylvain

Reply to
Sylvain Munaut

A problem arises if you are making more than one device though if they need different keys, as an attacker could compare the bitstreams to find where the key is stored. Adding a significant amount of extra random data would make it harder. Another thing you could do is store a large block of data in a RAM element, with multiple levels of indirection, i.e. some bits determine the location of other bits, which determine the location of other bits etc., with the rest filled with random data.

Reply to
Mike Harrison

Maybe you should think about another FPGA (e.g. without bitstream).

Otherwise I would generate the key instead of hardwireing it. It depends on your apllication how save you need the key and how likely it is that an attacker has access to your bitstream.

bye Thomas

Reply to
usenet_10

Hello

bitstrea

insid

Javier

If you use the new Lattice XP devices, the need for an external PRO

is eliminated and read back can be disabled. They do this by havin the Flash internal. Just offering another way to "skin the cat"

Regards

Jeff Holle Lattice FA (yes, I work for Lattice

Reply to
jholley

Would be nice if more Lattice FAEs would participate n the discussions on this board ...

Rgds Andr=E9

Reply to
ALuPin

schrieb im Newsbeitrag news: snipped-for-privacy@g44g2000cwa.googlegroups.com... Would be nice if more Lattice FAEs would participate n the discussions on this board ...

Rgds André

there are people with Lattice and Actel experience around, but yes there seem to be no public comments from anyone directly from Lattice of Actel. This could actually be corporate policy of those companies. ?

Antti

Reply to
Antti Lukats

Hello, Thank you for your answer. I am not familiar with those type of FPGAs and I dont know the configuration mechanism. Is it possible to on-the-field reprogram a FLASH based FPGA using a external microprocessor connected to Internet as in Xilinx IRL scheme?

Best Regards

Javier Castillo

Reply to
Javier Castillo

"Javier Castillo" schrieb im Newsbeitrag news: snipped-for-privacy@4ax.com...

yes it is.

the Actel PA3 also allows non volatile secure keys for encrypted bitstream (I thínk that is not possible for LatticeXP)

Antti

Reply to
Antti Lukats

They use JTAG, so I suppose you could put a JTAG master in your micro.

-a

Reply to
Andy Peters

As a possible alternative, you might want to consider ...

formatting link
formatting link

cheers, Kris

Reply to
Kris Vorwerk

ElectronDepot website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.