Time: 2025-04-03 15:09:27View:
Securing an FPGA bitstream is critical to protecting intellectual property (IP) and preventing unauthorized tampering or reverse engineering. Here are the key methods to secure an FPGA bitstream:
What it does: Encrypts the configuration file so it can only be decrypted by the target FPGA.
How it works:
FPGA vendors (Xilinx/Intel) provide AES (256-bit) or other encryption support.
A symmetric key is stored in the FPGA's Battery-Backed RAM (BBRAM) or eFUSE.
The bitstream is encrypted during generation and decrypted on-the-fly during configuration.
FPGA Support:
Xilinx: AES-256 (Zynq, UltraScale+, Versal)
Intel (Altera): AES-256 (Stratix, Cyclone 10 GX, Agilex)
Limitations:
If the key is extracted (e.g., via physical attacks), encryption is compromised.
What it does: Ensures the bitstream comes from a trusted source.
How it works:
The FPGA verifies a cryptographic hash (SHA-256/384) or HMAC before loading the bitstream.
Prevents malicious bitstreams from being loaded.
FPGA Support:
Xilinx: Supports HMAC (Zynq UltraScale+, Versal)
Intel: Supports SHA-256 (Stratix 10, Agilex)
Best Practice: Combine with encryption for encrypt-then-authenticate.
What it does: Ensures only signed/verified bitstreams are executed.
How it works:
FPGA checks a digital signature (RSA/ECDSA) before configuration.
Requires a root of trust (e.g., secure boot ROM or HSM).
FPGA Support:
Xilinx: RSA-4096/ECDSA (Zynq MPSoC, Versal)
Intel: ECDSA (Stratix 10, Agilex)
Advantage: Even if the bitstream is intercepted, it can't run without a valid signature.
What it does: Protects against physical attacks (e.g., probing, side-channel attacks).
Techniques:
Tamper detection: Erases keys if the enclosure is breached.
Differential Power Analysis (DPA) protection: Prevents key extraction via power analysis.
Secure key storage: Use Physically Unclonable Functions (PUF) for volatile key generation.
FPGA Support:
Xilinx: PUF (Zynq UltraScale+), DPA countermeasures.
Intel: Secure Device Manager (Stratix 10).
What it does: Prevents unauthorized access via debug ports.
How it works:
Disable or password-protect JTAG after development.
Use secure debug authentication (e.g., challenge-response).
FPGA Support:
Xilinx: JTAG lockdown via eFUSE.
Intel: JTAG Secure Mode (Stratix 10).
What it does: Makes reverse engineering harder (but not unbreakable).
How it works:
Vendor-specific scrambling (not as secure as encryption).
Used in older FPGAs without AES support.
Limitation: Not cryptographically secure.
What it does: Ensures only authenticated updates are applied.
How it works:
Use secure protocols (HTTPS, SSH) for bitstream delivery.
FPGA verifies firmware signatures before accepting updates.
Example: Xilinx's DFX (Dynamic Function eXchange) with authentication.
| Security Feature | Xilinx | Intel (Altera) |
|---|---|---|
| Encryption | AES-256 (BBRAM/eFUSE) | AES-256 (Key stored in eFUSE) |
| Authentication | HMAC (SHA-384) | SHA-256 |
| Secure Boot | RSA-4096, ECDSA | ECDSA |
| Anti-Tamper | PUF, DPA protection | Secure Device Manager |
| JTAG Security | eFUSE lockdown | Secure JTAG mode |
Use AES-256 + HMAC/SHA (encrypt and authenticate).
Store keys in eFUSE (not BBRAM, which loses power).
Enable secure boot with a hardware root of trust.
Disable JTAG after production.
Implement tamper detection (e.g., auto-erase on intrusion).
Secure firmware updates (signed OTA updates).
Side-channel attacks (DPA, timing analysis).
Fault injection (glitching to bypass security).
Bitstream interception (man-in-the-middle).
Physical probing (microprobing to extract keys).
