Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
tamzid
Observer
Observer

‎12-01-2017 03:00 PM

3,094 Views
Registered: ‎12-29-2015

possible method of programming eFUSE key internally

Jump to solution

Hi,

Is it possible to store the AES decryption key in eFUSE using a design mapped onto the FPGA? 

I know that one can reprogram the FPGA through the ICAP. Using this access, could we also

have some mechanism to store the key onto the eFUSE? Information about any possible alternative would be helpful.

 

Thanks. 

Tags (2)
0 Kudos
Reply
1 Solution

Accepted Solutions
barriet
Xilinx Employee
Xilinx Employee

‎12-01-2017 06:43 PM

4,151 Views
Registered: ‎08-13-2007

Jump to solution

Which device family?

 

On UltraScale & UltraScale+, you can do this internally via MASTER_JTAG.

see here for details

http://www.xilinx.com/support/documentation/application_notes/xapp1283-internalprogramming-bbram-efuses.pdf

 

On previous families, you can do it from the FPGA (e.g. MicroBlaze or statemachine) but would need an external connection (e.g. board-level) back to the JTAG pins - which may not be ideal for a variety of reasons you might imagine.

View solution in original post

Reply
5 Replies
barriet
Xilinx Employee
Xilinx Employee

‎12-01-2017 06:43 PM

4,152 Views
Registered: ‎08-13-2007

Jump to solution

Which device family?

 

On UltraScale & UltraScale+, you can do this internally via MASTER_JTAG.

see here for details

http://www.xilinx.com/support/documentation/application_notes/xapp1283-internalprogramming-bbram-efuses.pdf

 

On previous families, you can do it from the FPGA (e.g. MicroBlaze or statemachine) but would need an external connection (e.g. board-level) back to the JTAG pins - which may not be ideal for a variety of reasons you might imagine.

View solution in original post

Reply
tamzid
Observer
Observer

‎12-01-2017 07:39 PM - edited ‎12-01-2017 07:42 PM

3,060 Views
Registered: ‎12-29-2015

Jump to solution
Thanks for your reply @barriet. This is helpful. There is no particular family that I am looking at currenctly. 
 

 

On previous families, you can do it from the FPGA (e.g. MicroBlaze or statemachine) but would need an external connection (e.g. board-level) back to the JTAG pins - which may not be ideal for a variety of reasons you might imagine.

Yes, I am trying to avoid this external communication because this provides an opportunity for probing. 

 

Do you think this feature will be available on futrure FPGA families? 

 

Thank you again.  

 

0 Kudos
Reply
barriet
Xilinx Employee
Xilinx Employee

‎12-01-2017 07:53 PM

3,052 Views
Registered: ‎08-13-2007

Jump to solution

Have physical access (the external PL->JTAG) to this loopback connection may not be a problem when the e-fuses are programmed in a secure area and there are other system level protections for fielded systems.

But we added the internal method to address some concerns here - you can do this now on US/US+ via the app note I mentioned.

 

For US/US+, we also have this which is likely the best place to start for security considerations:

https://www.xilinx.com/support/documentation/application_notes/xapp1098-tamper-resist-designs.pdf

and

http://www.xilinx.com/support/documentation/application_notes/xapp1267-encryp-efuse-program.pdf

 

for 7 series:

http://www.xilinx.com/support/documentation/application_notes/xapp1084_tamp_resist_dsgns.pdf

and

http://www.xilinx.com/support/documentation/application_notes/xapp1239-fpga-bitstream-encryption.pdf

 

and for ZU+ MPSoC:

http://www.xilinx.com/support/documentation/application_notes/xapp1323-zynq-usp-tamper-resistant-designs.pdf

http://www.xilinx.com/support/documentation/application_notes/xapp1320-isolation-methods.pdf

http://www.xilinx.com/support/documentation/application_notes/xapp1319-zynq-usp-prog-nvm.pdf

 

Lots of good resources here for security... ;)

Good luck.

Reply
tamzid
Observer
Observer

‎12-03-2017 05:22 PM

2,985 Views
Registered: ‎12-29-2015

Jump to solution

@barriet wrote:

Have physical access (the external PL->JTAG) to this loopback connection may not be a problem when the e-fuses are programmed in a secure area and there are other system level protections for fielded.


If the FPGA is being programmed in an untrusted facility, what system level protection could be leveraged to secure the use of external JTAG for eFUSE programming?

 

Thanks for the resources. 

0 Kudos
Reply
tamzid
Observer
Observer

‎01-10-2018 01:14 PM

2,627 Views
Registered: ‎12-29-2015

Jump to solution

Hi @barriet

it is mentioned in the XAPP1283 the internal programmability gives the opportunity to send the eFUSE key in encrypted form. (please see the snippet). Now where the decryption key of the eFUSE key would come from? Would that be initially transferred to the FPGA through the "secure key exchange function"? I believe it would be a custom protocol developed by the users themselves? Just wanted to make sure I understood.

keyExc.PNG
0 Kudos
Reply