cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Adventurer
Adventurer
5,619 Views
Registered: ‎01-18-2012

Reverse engineering on an uncrypted bitsream

Jump to solution

Hi,

 

We are planning to use a Spartan6 on one of our product. What kinf of information can be extracted from an uncrypted bitstream (stored in a SPI FLASH)??

 

Of course the design can be copied if it's not crypted, but can it be understood/reversed by someone one who want to reverse our product?

 

May be you can generate some kind of FPGA editor file with the bitstream, but who is the alien engineer that will understand the logic behind???

 

Finaly, does it worth it to crypt the bitstream to protect an IP from reverse engineering?

 

 

 

 

0 Kudos
1 Solution

Accepted Solutions
Highlighted
Scholar
Scholar
7,356 Views
Registered: ‎02-27-2008

Re: Reverse engineering on an uncrypted bitsream

Jump to solution

m,

 

For a very long time, the raw bitstream was considered somewhat 'secure' only because in the difficulty of reverse engineering.

 

For example, the bitstream is a "many to one" problem":  many different RTL sources might generate the same bitfile.  So, a concerted attacker may be able to discover how the design works, modify pieces of it, or even add some new functionality, but it is extremely difficult to re-create a high level design language description, and that description is but one of many that could be used to generate the same bitfile.

 

A determined attacker should now be considered able to do whatever they wish with an unencrypted bitstream.  If 'security' against an attacker reverse engineering is desired, then the encryption is highly recommended.

 

Remember there is no security in obscurity.


That said, if it is a matter of discouraging the attacker, so they go somewhere else and attack something easier, there are a number of well-known tricks that people have used which do not offer the security of an encrypoted bitstream, but do provide the attacker with a challenge.  Some of these are the use of the DeviceDNA(tm), putting a piece of the design in a BRAM, and then using the ICAP to reconfigure the design to load the small piece which was kept in BRAM (kept in perhaps scrambled form), and so on.

 

How much is your IP worth?  One does not lock a $100 bicycle with a $1000 lock.  No one will ever be able to reproduce your IP with its names, and constraints in verilog or VHDL from the bitstream, but they will be able to understand it, modify it, and add small bits to it, after some (perhaps difficult) work.


Note that it is a violation of our software tools use agreement to reverse engineer (unless it is for your own purposes in debugging your design -- and we are happy to help you do that).  A violation of an agreement is unlikely to hinder someone who is trying to steal your IP:  encryption is a much better barrier to that threat.

 

Austin Lesea
Principal Engineer
Xilinx San Jose

View solution in original post

0 Kudos
2 Replies
Highlighted
Scholar
Scholar
7,357 Views
Registered: ‎02-27-2008

Re: Reverse engineering on an uncrypted bitsream

Jump to solution

m,

 

For a very long time, the raw bitstream was considered somewhat 'secure' only because in the difficulty of reverse engineering.

 

For example, the bitstream is a "many to one" problem":  many different RTL sources might generate the same bitfile.  So, a concerted attacker may be able to discover how the design works, modify pieces of it, or even add some new functionality, but it is extremely difficult to re-create a high level design language description, and that description is but one of many that could be used to generate the same bitfile.

 

A determined attacker should now be considered able to do whatever they wish with an unencrypted bitstream.  If 'security' against an attacker reverse engineering is desired, then the encryption is highly recommended.

 

Remember there is no security in obscurity.


That said, if it is a matter of discouraging the attacker, so they go somewhere else and attack something easier, there are a number of well-known tricks that people have used which do not offer the security of an encrypoted bitstream, but do provide the attacker with a challenge.  Some of these are the use of the DeviceDNA(tm), putting a piece of the design in a BRAM, and then using the ICAP to reconfigure the design to load the small piece which was kept in BRAM (kept in perhaps scrambled form), and so on.

 

How much is your IP worth?  One does not lock a $100 bicycle with a $1000 lock.  No one will ever be able to reproduce your IP with its names, and constraints in verilog or VHDL from the bitstream, but they will be able to understand it, modify it, and add small bits to it, after some (perhaps difficult) work.


Note that it is a violation of our software tools use agreement to reverse engineer (unless it is for your own purposes in debugging your design -- and we are happy to help you do that).  A violation of an agreement is unlikely to hinder someone who is trying to steal your IP:  encryption is a much better barrier to that threat.

 

Austin Lesea
Principal Engineer
Xilinx San Jose

View solution in original post

0 Kudos
Highlighted
Adventurer
Adventurer
5,596 Views
Registered: ‎01-18-2012

Re: Reverse engineering on an uncrypted bitsream

Jump to solution

Hi,

 

Thank you for this clear explanation.

I'll take a closer look at the Spartan6 user guide's encryption chapter, and start thinkng how the process can be developped in a large scale.

 

Thanks

0 Kudos