UPGRADE YOUR BROWSER

We have detected your current browser version is not the latest one. Xilinx.com uses the latest web technologies to bring you the best online experience possible. Please upgrade to a Xilinx.com supported browser:Chrome, Firefox, Internet Explorer 11, Safari. Thank you!

cancel
Showing results for 
Search instead for 
Did you mean: 
Adventurer
Adventurer
12,731 Views
Registered: ‎08-17-2009

Is it possible to encrypt an existing .bit file?

Jump to solution

As far as I understood bitfile encryption is usually done by bitgen, which requires the .ncd as input file.

However, if I already have a .bit file, is there any tool which can create an encrypted .bit file from an unencrypted .bit file?

I'm using ISE 13.1

 

Thanks,

Stefan

 

0 Kudos
1 Solution

Accepted Solutions
Scholar austin
Scholar
19,001 Views
Registered: ‎02-27-2008

Re: Is it possible to encrypt an existing .bit file?

Jump to solution

s,

 

Nope.  If you still have the .ncd file, read it into Impact and then create the encrypted bitfile.

 

It is no secret how we take a .bin file, and create the AES256 encrypted version of it, so one could write their own progam to do it if they so wished, and some folks have done exactly that, as they do not trust our software.

 

Of course, once they see that our software is implementing the proper AES256, they then just use their conversion program to verify that we conform to the AES256 in every release of our tools.

 

There are start characters, and the preamble, which are not encrypted, and the postamble to the bitstream which all need to be dealt with.  And, the internal binary must be aligned into the proper size blocks, and extended if need be to encrypt.

 

 

Austin Lesea
Principal Engineer
Xilinx San Jose
20 Replies
Scholar austin
Scholar
19,002 Views
Registered: ‎02-27-2008

Re: Is it possible to encrypt an existing .bit file?

Jump to solution

s,

 

Nope.  If you still have the .ncd file, read it into Impact and then create the encrypted bitfile.

 

It is no secret how we take a .bin file, and create the AES256 encrypted version of it, so one could write their own progam to do it if they so wished, and some folks have done exactly that, as they do not trust our software.

 

Of course, once they see that our software is implementing the proper AES256, they then just use their conversion program to verify that we conform to the AES256 in every release of our tools.

 

There are start characters, and the preamble, which are not encrypted, and the postamble to the bitstream which all need to be dealt with.  And, the internal binary must be aligned into the proper size blocks, and extended if need be to encrypt.

 

 

Austin Lesea
Principal Engineer
Xilinx San Jose
Adventurer
Adventurer
12,721 Views
Registered: ‎08-17-2009

Re: Is it possible to encrypt an existing .bit file?

Jump to solution

Hi Austin,

 

unfortunately I don't have the .ncd of this special version anymore, but nevertheless thank you for the explanation.

I will have to reconstruct the .ncd out of old sources, this should be easier than writing my own encryption tool.

 

Thanks,

Stefan

 

0 Kudos
Scholar austin
Scholar
12,714 Views
Registered: ‎02-27-2008

Re: Is it possible to encrypt an existing .bit file?

Jump to solution

s,


Maybe someone who already wrote it would volunteer it?

 

I suppose it isn't very useful (just implementing the AES256, which has free code from NIST, combined with the formatting of our bitstream)?

 

It isn't like that code is very useful for anything other than verification.


Good luck.  Re-creating the design is a good idea, as I have not found a design yet that had no bugs that ever needed fixing.

 

 

Austin Lesea
Principal Engineer
Xilinx San Jose
0 Kudos
Observer jpavany
Observer
12,129 Views
Registered: ‎11-10-2013

Re: Is it possible to encrypt an existing .bit file?

Jump to solution

Hi,

 

A possible application for a bit file only encryption program would be for encrytping a bit file after data2mem has updated BRAMs in a non-encrypted bit file.

 

In other words, how would one update a BRAM (with data2mem, I presume) after P&R when using encrypted bitstreams? What is the flow for that scenario? (I can't seem tofigure it out after reading the various manuals. I am using ISE14.7.)

 

Thanks,

 

John Pavan

0 Kudos
Adventurer
Adventurer
12,127 Views
Registered: ‎08-17-2009

Re: Is it possible to encrypt an existing .bit file?

Jump to solution

Hi,

 

this would indeed be useful.

However, you can update BRAMs without rerunning P&R with existing tools, bitgen can update them before encrypting the .bit file (option -bd).

(You need to have the .ncd file, though, which I didn't have anymore for this old version of my design in my original problem).

 

Best,

Stefan

 

0 Kudos
Observer jpavany
Observer
12,117 Views
Registered: ‎11-10-2013

Re: Is it possible to encrypt an existing .bit file?

Jump to solution

Hi,

 

Yes...I just got it working before seeing your answer....It's so obvious.....I was being dense.

 

I specified a .bmm file to ngdbuild using the -bm command line option. This seemed to put something in the NCD so that later when bitgen ran it new where (which BRAM in the design) to put the new BRAM initialization data (specified in a .mem file).

 

Then I ran bitgen with the -bd option (to pick up the new .mem file) and the appropriate encyption options and it seems to have worked.

 

Just what I needed.

 

Thanks!

0 Kudos
Visitor uncleld1
Visitor
10,070 Views
Registered: ‎03-12-2010

Re: Is it possible to encrypt an existing .bit file?

Jump to solution

Austin,

Can you provide documentation on the specifications of the bitfile format?  I am looking for the information I need to develop a utility to parse the bitfile for encryption.  Does the format vary per device/family?

 

Thank you

L

0 Kudos
Scholar austin
Scholar
10,065 Views
Registered: ‎02-27-2008

Re: Is it possible to encrypt an existing .bit file?

Jump to solution

u,

 

The configuration userrs guide is the document.

 

Some families have different formats, yes.  Different size devices in a family are slightly different (in terms of number of framesz, or what types, etc.).

 

We do not support customer bitfile "hacking" per se (far too difficult to deal with, and is of no value to Xilinx).


We do support our tools, our IP cores, etc.

 

 

 

 

Austin Lesea
Principal Engineer
Xilinx San Jose
0 Kudos
Highlighted
Visitor adewale
Visitor
6,702 Views
Registered: ‎01-02-2016

Re: Is it possible to encrypt an existing .bit file?

Jump to solution

We have a special use case that demands that we apply our own AES encryption to an unenecrypted bitstream.  However, we still require the use of the internal decryption logic, we are not planning to implement a dedicated decryption circuit.  As a first step towards achieving this, we generated an encrypted bitstream in Vivado and decrypted it using the AES key and Start CBC in the NKY file but the decrypted result was no where close to being meaningful.  Our understanding is that the encrypted words are right after the decrypt word count and we had hoped that by decrypting these words we would have an insight into the bitstream content, especialy about the adding of the MAC and the HMAC key.  Is there something obvious we are missing? I understand that Xilinx does not "really" support customers prying into bitstreams, but this is a research and help from anyone will be appreciated. Below are the contents of the key file and a snap shot of the attempted decryption of the first 8 blocks of 128 bits. The Vivado-generated encrypted bitstream has also been attached.  Thanks.

 

Key File Content:

 

Device xc7a35t;
Key 0 89AD3494A7433871939810FC3E11054749423B0080974044A962FCF71CC49EE6;
Key StartCBC BC09788A61BBCBC74261E66708D47201;
Key HMAC 16DE38D7DC674172B46807CD19CF87F0E0122169A07DA1EE572B7BDCEF47B088;

 

Encrypted Text:

 encrypted.JPG

 

Attempted decrypted text

decrypted.JPG

 

Tags (1)
0 Kudos
Visitor adewale
Visitor
6,023 Views
Registered: ‎01-02-2016

Re: Is it possible to encrypt an existing .bit file?

Jump to solution

Hi Austin,

 

I am just wondering if I can get some comments on this question.

 

Thanks.

0 Kudos
Scholar austin
Scholar
6,019 Views
Registered: ‎02-27-2008

Re: Is it possible to encrypt an existing .bit file?

Jump to solution

a,

 

We have users who do not trust us to create thew encypted bit file, so they do it themselves.

 

We document exactly what we are doing (following the AES standard), and you are easily able to see what we generate.

 

If you do not trust Xilinx to encrypt, then you write it yourself, from scratch, as anything "provided" on line is certainly not at the level of absolute trust.

 

The algorithm is public (NIST), and that may be safely trusted (it is what everyone uses), but the rest is up to you.

 

Most look at what we do, and conclude "yes, they followed the standard" and that is the end of it (they just use our tools).

 

We have every interest in being open about our encryption/decryption, as we only gain by being a trusted party.

 

Go ahead and ask your questions, and if I am able I will direct you to the answer.

 

But, I will not do the work for you:  it is up to you to write and debug any code.  It is the debugging that takes 99% of the time, especially when it comes to anything in the world of encryption and decryption.

 

 

 

 

Austin Lesea
Principal Engineer
Xilinx San Jose
0 Kudos
Visitor adewale
Visitor
6,012 Views
Registered: ‎01-02-2016

Re: Is it possible to encrypt an existing .bit file?

Jump to solution

Hi Austin,

 

Thank you for your response.  I actually posted the question earlier in the thread. As I am new here, I did not I needed to make the post new for it to be visible (sort of).

 

It is really not about trust, I have been using Xilinx FPGAs and tools for my research and I am satisfied with the services so far. It is just that I have a research problem (I cannot really disclose the nature of the research) that requires me to encrypt the bitstream myself since Vivado will not accept user's BIN file for encryption (by the way, I think this is a feature that some users will find useful, but maybe the request for it is not strong enough for Xilinx to consider it).

 

I have actually implemented the AES algorithm in software using C# and I have confirmed that it works (to the best of my knowledge) by encrypting a BIN file with it and using an online decryption tool to decrypt it and compare with the original BIN file.

 

The problem arose when I tried to use the same online tool to decrypt an encrypted bitstream generated in Vivado. The result seemed incorrect. That was why I asked in my first post if there was anything obviously wrong. I understand that the encryption  works on bytes and I have ensured this in my experiments. I also know about the padding and required FPGA setup commands.

 

It may probably be necessary for me to state at this point that what I am really after is to decrypt the Vivado-encrypted bitstream and find out exactly how the MAC code and the HMAC key among other things are packed in the bitstream before encryption.

 

Once again, thank you for your response.

0 Kudos
Scholar austin
Scholar
6,010 Views
Registered: ‎02-27-2008

Re: Is it possible to encrypt an existing .bit file?

Jump to solution

a,

 

I got that (from your original post).  I understand what you are trying to do, and I understand it isn't doing what you think it should be doing.

 

It isn't anything undocumented:  the configuration users guide should describe what is going on (what we are doing).

 

There is also XAPP1239 with useful information.

 

That, and a hex (binary) editor, the diff command, etc. should lead to you being able to verify exactly what is happening.

 

Where exactly are you 'stuck'?

 

 

 

 

 

 

Austin Lesea
Principal Engineer
Xilinx San Jose
0 Kudos
Visitor adewale
Visitor
6,005 Views
Registered: ‎01-02-2016

Re: Is it possible to encrypt an existing .bit file?

Jump to solution

Thanks.

 

Okay, for now, I am able to encrypt a BIN file. To confirm that I am doing that correctly I am attempting to decrypt a Vivado-encrypted file with the known key and StartCBC. That is where I am stuck.

 

By the way, thank you for pointing me to the documents, I have seen them over and over again. I will take it that whatever isn't working is coming from my side.

 

From what I believe, my encryption algorithm is working fine. Just to clear things up a bit, I will attempt to decrypt the Vivado-encrypted file with my own decryption algorithm and see if it gives me anything different from what I obtained with the online tool.

 

I will get back here as soon as I have further meaningful results.

 

And meanwhile, do you know of any tested tool that will correctly decrypt the Vivado-generated file? Thank you.

 

Adewale.

0 Kudos
Scholar austin
Scholar
5,995 Views
Registered: ‎02-27-2008

Re: Is it possible to encrypt an existing .bit file?

Jump to solution

a,

 

Have you read Steve's article?

 

FPGA Security:Motivations,
Features, and Applications
This paper discusses all aspects of FPGA security and trust.
By Stephen M. Trimberger, Fellow IEEE, and Jason J. Moore

 

IEEE

 

This has details of the bitstream construction.

Austin Lesea
Principal Engineer
Xilinx San Jose
0 Kudos
Visitor adewale
Visitor
5,993 Views
Registered: ‎01-02-2016

Re: Is it possible to encrypt an existing .bit file?

Jump to solution

Thank you for your time. I have seen that paper before. But I will at again in more detail.

0 Kudos
Scholar austin
Scholar
5,964 Views
Registered: ‎02-27-2008

Re: Is it possible to encrypt an existing .bit file?

Jump to solution

a,

 

The following from that paper is useful:

 

 

Austin Lesea
Principal Engineer
Xilinx San Jose
format.jpg
Visitor adewale
Visitor
5,946 Views
Registered: ‎01-02-2016

Re: Is it possible to encrypt an existing .bit file?

Jump to solution

Yes, I saw the diagram and it was helpful. Thank you.

0 Kudos
Observer s-meunier
Observer
3,646 Views
Registered: ‎09-09-2016

Re: Is it possible to encrypt an existing .bit file? (or decrypt one)

Jump to solution

Hello everybody. I need also to decrypt a serie 7 bitstream : I have to read some bitstream configuration setting for sanity check and  flashing tool (USERCODE, WBSTAR ). (I could also read it in plain text and crypt it like Xilinx but decrypt is best). But I can’t !!!

I read carefully this thread, notices from Xilinx and FIPS pdf. I found by my own until DWC but I can’t go further.

To simplify some possible bit/byte swapping I work with simplest IV and Keys for HMAC and AES : 0000000000000000000…. I used C openssl AES APIs and linux tools.

I try to decrypt block after DWC but in never look like HKEY (very simple in my case) nor common Type1 packets or NOP. I try some bitstream byte swapping or bit swapping with no result.

Then as, for Xilinx, there is no secret on bitstream format and used crypto, may be Xilinx could give us a small help to Xilinx user community. I read post on this forum and others asking tips but I never found somebody succeeded (maybe but the paper about side/side …).

Again it’s not to check your work, it’s not my job, but for quality of product!

Xilinx help us !

0 Kudos
Visitor adewale
Visitor
1,531 Views
Registered: ‎01-02-2016

Re: Is it possible to encrypt an existing .bit file? (or decrypt one)

Jump to solution

For anyone still looking for a solution to this, see the answer provided here: https://forums.xilinx.com/t5/Design-Tools-Others/Decrypt-or-encrypt-serie-7-bitstream-help/m-p/723911#M9805. It basically has to do with bit swapping.

0 Kudos