Visible to Intel only — GUID: zqi1618790393314
Ixiasoft
1. HDMI Intel® FPGA IP Design Example Quick Start Guide for Intel® Stratix® 10 Devices
2. HDMI 2.1 Design Example (Support FRL = 1)
3. HDMI 2.0 Design Example
4. HDCP Over HDMI 2.0/2.1 Design Example
5. HDMI Intel® Stratix® 10 FPGA IP Design Example User Guide Archives
6. Document Revision History for the HDMI Intel® Stratix® 10 FPGA IP Design Example User Guide
2.1. HDMI 2.1 RX-TX Retransmit Design Block Diagram
2.2. Creating RX-Only or TX-Only Designs
2.3. Hardware and Software Requirements
2.4. Directory Structure
2.5. Design Components
2.6. Dynamic Range and Mastering (HDR) InfoFrame Insertion and Filtering
2.7. Design Software Flow
2.8. Running the Design in Different FRL Rates
2.9. Clocking Scheme
2.10. Interface Signals
2.11. Design RTL Parameters
2.12. Hardware Setup
2.13. Simulation Testbench
2.14. Design Limitations
2.15. Debugging Features
3.1. HDMI RX-TX Retransmit Design Block Diagram
3.2. Creating TX or RX Only Designs
3.3. Design Components
3.4. Dynamic Range and Mastering (HDR) InfoFrame Insertion and Filtering
3.5. Clocking Scheme
3.6. Interface Signals
3.7. Design RTL Parameters
3.8. Hardware Setup
3.9. Simulation Testbench
3.10. Upgrading Your Design
Visible to Intel only — GUID: zqi1618790393314
Ixiasoft
4.4. Protection of Encryption Key Embedded in FPGA Design
Many FPGA designs implement encryption, and there is often the need to embed secret keys in the FPGA bitstream. In newer device families, such as Intel® Stratix® 10 and Intel Agilex® 7, there is a Secure Device Manager block that can securely provision and manage these secret keys. Where these features do not exist, you can secure the content of the FPGA bitstream, including any embedded secret user keys, with encryption.
The user keys should be kept secure within your design environment, and ideally add to the design using an automated secure process. The following steps show how you can implement such a process with Intel® Quartus® Prime tools.
- Develop and optimize the HDL in Intel® Quartus® Prime in a non-secure environment.
- Transfer the design to a secure environment and implement an automated process to update the secret key. The on-chip memory embed the key value. When the key is updated, the memory initialization file (.mif) can change and the “quartus_cdb --update_mif” assembler flow can change the HDCP protection key without re-compiling. This step is very quick to run and preserves the original timing.
- The Intel® Quartus® Prime bitstream then encrypt with the FPGA key before transferring the encrypted bitstream back to the non-secure environment for final testing and deployment.
It is recommended to disable all debug access that can recover the secret key from the FPGA. You can disable the debug capabilities completely by disabling the JTAG port, or selectively disable and review that no debug features such as in-system memory editor or Signal Tap can recover the key. Refer to Intel Stratix 10 Device Security User Guide for further information on using FPGA security features including specific steps on how to encrypt the FPGA bitstream and configure security options such as disabling JTAG access.
Note: You can consider the additional step of obfuscation or encryption with another key of the secret key in the MIF storage.
Related Information