Hello PPl, is there a way of locking a design (NGC) to a particular FPGA board?

Why Ngc? And is it necessary to stay on S3? Maybe you should think about Flash based Fpgas (Actel, Lattice,..).

bye Thomas

Aust> Why Ngc?

Thanks, xapp780 is good food for the mind, and I think we would have to design our own (Vanilla microcontroller) that would mimic a DS2432 secure controller-key. One thing though, would xilinx enhance the security feature of their S3 line? And finally, in case of a virtex2, can a design gain access to the registers that hold the encryption keys.

In response to Thomas, all our products are X based, so we dont have many choices. And as we dont want to provide our customers access to the high level code, the only way to give them a usable core is to have the design in a compiled obfuscated netlist file.

JA

Aust>

Hi,

This Dallas part does look pretty good, it makes it hard enough to hack;

Do you have an idea of small quantity prices...? It's lasered with a unique number, hopefully they have samples with 'not a unique' number for customers that only need to give it a whirl...

Thx in advance,

-- Ignacio Ulises Hernandez " I'm not normally a praying man, but if you're up there, please save me, Superman!" - Homer Simpson ;O)

"I. Ulises Hernandez" schrieb im Newsbeitrag news:dnm98l$lsm$ snipped-for-privacy@nwrdmz02.dmz.ncs.ea.ibs-infra.bt.com...

all 1-wire products *must* have unique number, it is IMPOSSIBLE to something else

Antti

Well, not impossible. The codes are customized to the customer. IIRC, it is a 48 bit code, and part of that number is a unique number assigned to the customer, and part is a range of numbers assigned to that customer. You can (or at least you used to be able to) get duplicate numbers within your range. The codes, as I understand it, are added after the silicon is manufactured.

The problem with using these in attempt to secure a bitstream is that the code is not secure...anyone with a data sheet and an oscilloscope or logic analyzer can extract the serial number easily. Once you have the serial number, it is nearly trivial to create a circuit that will mimic the dallas part using what ever serial number you want to use. These parts are intended for electronic serial numbers, not for secure encryption keys.

Actel are probably your best choice, in present technology. They are doing something similar for their ARM7 marketing efforts.

FPGA vendors COULD add a Factory-Unique Serial number, but don't currently bother. (Surprising given the customer bases ) Intel does this, but that's for revenue protection.... :)

Have you looked at the Rolling code security systems for CAR Alarms ? That's designed to avoid simple record-playback hacking, and 'protects' something worth a few 10K from theft.

If you have your own boards, you could add a small uC, that decrypts the bitstream - improves security of shipping, and if you use BGA packages, physical probe of the loading stream can be hiked to require package removal. That same small uC could have a mapped virtual memory, where some areas acted as RAM, some as ROM, and some as Rolling-Code echo - and only you know which does what, and the rules used. If the repeat cycles are long enough, it makes hacking by sniffing impractical. The attack method then is probably to try and hack the uC..

And you only really have to elevate it above the cost of bribing one of your employees :)

-jg

I have the impression as you have mentioned, that the hardware protection would be vulnerable to these kind of modifications at that level, changing the BRAM code to something else. Wouldnt it be that XAPP780 provides some kind of hardware check that is done in order to verify for the sanity of the software. Like calculating the checksum. This should be done in hardware though....

I really think that there isnt any ideal solution to that problem and sooner or later, the design would be broken.

I was thinking to enclose it in a box, but now, someone told me that some ppl can go up to EM radiation patterns detection. Guys, is this a myth or reality?

JA

henk wrote:

Jim, That's a key insight! I read Kevin Mitnick's books recently. Although the security breaches he writes about involved an amount of technical engineering knowledge, the social engineering undertaken was usually the key to unlock the first door! Cheers, Syms.

Hi Jax, After 5 days of discussion on how to protect the IP, could you say what it is you want to protect? If it's valuable enough for someone to want to copy, it may also be valuable enough for someone to want to buy...

"JustJohn" schrieb im Newsbeitrag news: snipped-for-privacy@f14g2000cwb.googlegroups.com...

I wondering as well, there are hardly any IP that could make sense to be valued at 100,000 USD for single FPGA netlist license. I cant imagine what it could be that is valued at such high price.

If such an IP exist that really is so valueable, then I bet a clean room engineering would be done almost instantly and there is no way to protect against that. Of course in case that the clean room RE is possible without some deep secret know how.

humm..

Antti

But you don't want to make it so hard that your competitors resort to rubber-hose cryptanalysis.

"The Art of Deception" should be required reading for anyone involved in security.