UPGRADE YOUR BROWSER

We have detected your current browser version is not the latest one. Xilinx.com uses the latest web technologies to bring you the best online experience possible. Please upgrade to a Xilinx.com supported browser:Chrome, Firefox, Internet Explorer 11, Safari. Thank you!

cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Contributor
Contributor
2,940 Views
Registered: ‎09-13-2016

Risks of using eFUSE

Jump to solution

Hello,

 

I'm using Zynq 7000 board called Z-turn board and implemented secure boot with AES encryption. I'm still considering between using BBRAM or eFUSE as key storage.

 

In the link below @austin said "The efuse key can be read back, until you also blow the "cannot read back " bit."

https://forums.xilinx.com/t5/Spartan-Family-FPGAs/The-use-of-BBRAM-encryption/m-p/386473#M23296

 

  1. Could anyone tell me more about this risk? It seems using BBRAM is more safe for us than eFUSE. If somebody break the "cannot read back" bit, can the key in eFUSE be read out? How can I blow the bit?
  2. Since Z-turn board has no on-board battery for BBRAM I use 1.5v AAA battery to make it work but if the battery is gone I have to replace it and program the key into the BBRAM again. This process will take so long time if I provide the board to someone abroad. Any suggestions? 
  3. I have read xapp1278(eFUSE Programming on a Device Programmer). So can I write eFUSE bits multiple times unless I set XSK_EFUSEPL_DISABLE_FUSE_CNTRL_WRITE? Also, is it possible change the eFUSE bits after I set?

 

Thank you.

0 Kudos
1 Solution

Accepted Solutions
Scholar austin
Scholar
2,951 Views
Registered: ‎02-27-2008

Re: Risks of using eFUSE

Jump to solution

Efuse:

 

Once blown, never can change.  Blow the test enable (readback) and you can never see the key after that.  You can strip down the device, remove the layers, and look at all the efuses under a microscope and polarized light to see which are blown.  As there are 4000 efuses, of which 288 are used for the 256 bit key, that might be a puzzle which may take some time to reverse engineer (but not likely to slow down grad students and/or state security engineers).

 

BBRAM:

 

Alive while the battery is > 1 volt.  It is ~ 10nA load when the power is off.  Battery should last a very long time (many years).  As it is SRAM, no way to find the key.  Never breaks anything (cleared by removing power).  If experimenting, or dealing with small volume, or for best security, use BBRAM.  For production (large quantities) EFUSE has advantages (distributor will program for you for a small fee).

 

You do not use a $1000 lock on a $100 bicycle.  Use the right lock for the application.  Look at what you wish to protect and choose.

Austin Lesea
Principal Engineer
Xilinx San Jose
0 Kudos
1 Reply
Scholar austin
Scholar
2,952 Views
Registered: ‎02-27-2008

Re: Risks of using eFUSE

Jump to solution

Efuse:

 

Once blown, never can change.  Blow the test enable (readback) and you can never see the key after that.  You can strip down the device, remove the layers, and look at all the efuses under a microscope and polarized light to see which are blown.  As there are 4000 efuses, of which 288 are used for the 256 bit key, that might be a puzzle which may take some time to reverse engineer (but not likely to slow down grad students and/or state security engineers).

 

BBRAM:

 

Alive while the battery is > 1 volt.  It is ~ 10nA load when the power is off.  Battery should last a very long time (many years).  As it is SRAM, no way to find the key.  Never breaks anything (cleared by removing power).  If experimenting, or dealing with small volume, or for best security, use BBRAM.  For production (large quantities) EFUSE has advantages (distributor will program for you for a small fee).

 

You do not use a $1000 lock on a $100 bicycle.  Use the right lock for the application.  Look at what you wish to protect and choose.

Austin Lesea
Principal Engineer
Xilinx San Jose
0 Kudos