AN 556: Using the Design Security Features in Intel FPGAs

ID 683269
Date 5/21/2021
Public
Document Table of Contents

Step 1: Generating .ekp File and Encrypting Configuration File

To use the design security feature in the FPGAs, you must encrypt your 20-nm design using the Qcrypt tool, or generate an .ekp file and encrypt your configuration files using the Intel® Quartus® Prime software. The key is not saved into any Intel® Quartus® Prime-generated configuration files and the actual 256-bit key is generated from the bit sequences.

To enable the design security feature, you can obtain a license file from Intel® FPGA Technical Support.

The .ekp file has different formats, depending on the hardware and system used for programming. There are three file formats supported by the Intel® Quartus® Prime software:

  • JAM Byte Code (.jbc) file
  • JAM™ Standard Test and Programming Language (STAPL) Format (.jam) file
  • Serial Vector Format (.svf) file

Only the .ekp file type is generated automatically from the Intel® Quartus® Prime software. You must create the .jam and .svf files using the Intel® Quartus® Prime software if these files are required in the key programming. The Intel® Quartus® Prime software generates the JBC format of the .ekp file in the same project directory.

Note: Intel® recommends that you keep the .ekp file confidential.

Use the .ekp file with the Intel® FPGA Ethernet Cable communications cable or Intel® FPGA Download Cable and the Intel® Quartus® Prime software. The Intel® FPGA Ethernet Cable communications cable can support both volatile and non-volatile key programming whereas the Intel® FPGA Download Cable is used only for volatile key programming. The .jam file format is generally used with third-party programming vendors and JTAG programmer vendors. The .svf file format is used with JTAG programmer vendors.