Visible to Intel only — GUID: bhc1410500734279
Ixiasoft
Visible to Intel only — GUID: bhc1410500734279
Ixiasoft
Overview of the Design Security Feature
The design security feature for Intel FPGAs protects against unauthorized copying , reverse engineering, and tampering. The following table lists some of the design approaches to make the solution secure.
The 20-nm FPGAs have additional security features that you can enable by burning a fuse, or by setting an option bit in the configuration bit-stream by using the stand-alone Qcrypt tool or the Intel® Quartus® Prime Convert Programming File tool. Tamper-protection bit and JTAG Secure mode can be enabled separately in 20-nm FPGAs only.
Design Security Element | 40-nm FPGA | 28-nm FPGA 1 |
---|---|---|
Non-Volatile key | The non-volatile key is securely stored in fuses within the device. Proprietary security features make it difficult to determine this key. | |
Volatile Key | The volatile key is securely stored in battery-backed RAM within the device. Proprietary security features make it difficult to determine this key. | |
Key Generation | Two user provided 256-bit strings are processed to generate a 256-bit key that is programmed into the device. | A user provided 256-bit key is processed by a one-way function before being programmed into the device. |
Key Choice | User only set either 1 security key type (non-volatile key or volatile key) into the device. | |
Tamper Protection Mode | Tamper protection mode prevents the FPGA from being loaded with an unencrypted configuration file. When you enable this mode, the FPGA can only be loaded with a configuration that has been encrypted with your key. Unencrypted configurations and configurations encrypted with the wrong key result in a configuration failure. You can enable this mode by setting a fuse within the device. | |
Configuration Readback | These devices do not support a configuration readback feature which makes readback of your unencrypted configuration data infeasible. |
Design Security Element | Description |
---|---|
Non-Volatile key | The non-volatile key is securely stored in fuses within the device. Proprietary security features make it difficult to determine this key. |
Volatile Key | The volatile key is securely stored in battery-backed RAM within the device. Proprietary security features make it difficult to determine this key. |
Key Generation | A user provided 256-bit key is processed by a one-way function before being programmed into the device. |
Key Choice | Both volatile and non-volatile key can exist in a device. User can choose which key to use by setting the option bits in encrypted configuration file through the Convert Programming File tool or the Qcrypt tool. |
Tamper Protection Mode | Tamper protection mode prevents the FPGA from being loaded with an unencrypted configuration file. When you enable this mode, the FPGA can only be loaded with a configuration that has been encrypted with your key. Unencrypted configurations and configurations encrypted with the wrong key result in a configuration failure. You can enable this mode by setting a fuse within the device. |
Configuration Readback | These devices do not support a configuration readback feature. From a security perspective, this makes readback of your unencrypted configuration data infeasible. |
Security Key Control | By using different JTAG instructions and the security option in the Qcrypt tool, you have the flexibility to permanently or temporarily disable the use of the non-volatile or volatile key. You can also choose to lock the volatile key to prevent it from being overwritten or reprogrammed. |
JTAG Access Control | You can enable various levels of JTAG access control by setting the OTP fuses or option bits in the configuration file using the Qcrypt tool:
|
Section Content
Security Encryption Algorithm
Non-Volatile and Volatile Key Storage
Key Programming
Intel Arria 10 and Intel Cyclone 10 GX Qcrypt Security Tool