Secure external key storage for programmable ICS

US 10,044,514 B1
Filed: 09/25/2015
Issued: 08/07/2018
Est. Priority Date: 09/25/2015
Status: Active Grant

First Claim

Patent Images

1. A method of protecting a circuit design for a programmable integrated circuit (IC), comprising:

configuring programmable logic and interconnect resources of the programmable IC to implement a first instance of a Physically Unclonable Function (PUF) circuit and a registration circuit;

generating a first instance of a PUF value by the first instance of the PUF circuit;

generating a black key from an input first instance of a red key and the first instance of the PUF value by the registration circuit;

storing the black key resulting from the generating of the black key in a memory circuit external to the programmable IC;

reconfiguring the programmable logic and interconnect resources of the programmable IC to implement a second instance of the PUF circuit in a pre-configuration circuit;

generating a second instance of the PUF value by the second instance of the PUF circuit;

inputting the black key from the memory circuit to the pre-configuration circuit;

generating a second instance of the red key from the black key and the second instance of the PUF value by the pre-configuration circuit;

decrypting a ciphertext circuit design into a plaintext circuit design by the programmable IC using the second instance of the red key;

erasing the second instance of the red key from the programmable IC; and

reconfiguring the programmable IC with the plaintext circuit design.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The disclosure describes approaches for protecting a circuit design for a programmable integrated circuit (IC). A black key is generated from an input red key by a registration circuit implemented on the programmable IC, and the black key is stored in a memory circuit external to the programmable IC. The programmable IC is configured to implement a pre-configuration circuit, which inputs the black key from the memory circuit and generates the red key from the black key. A ciphertext circuit design is decrypted into a plaintext circuit design by the programmable IC using the red key, and the red key is erased from the programmable IC. The programmable IC is reconfigured with the plaintext circuit design.

22 Citations

View as Search Results

15 Claims

1. A method of protecting a circuit design for a programmable integrated circuit (IC), comprising:
- configuring programmable logic and interconnect resources of the programmable IC to implement a first instance of a Physically Unclonable Function (PUF) circuit and a registration circuit;
  
  generating a first instance of a PUF value by the first instance of the PUF circuit;
  
  generating a black key from an input first instance of a red key and the first instance of the PUF value by the registration circuit;
  
  storing the black key resulting from the generating of the black key in a memory circuit external to the programmable IC;
  
  reconfiguring the programmable logic and interconnect resources of the programmable IC to implement a second instance of the PUF circuit in a pre-configuration circuit;
  
  generating a second instance of the PUF value by the second instance of the PUF circuit;
  
  inputting the black key from the memory circuit to the pre-configuration circuit;
  
  generating a second instance of the red key from the black key and the second instance of the PUF value by the pre-configuration circuit;
  
  decrypting a ciphertext circuit design into a plaintext circuit design by the programmable IC using the second instance of the red key;
  
  erasing the second instance of the red key from the programmable IC; and
  
  reconfiguring the programmable IC with the plaintext circuit design.
- View Dependent Claims (2, 3, 4)
- - 2. The method of claim 1, wherein the configuring the programmable IC to implement the pre-configuration circuit includes:
    - inputting a pre-configuration bitstream to the programmable IC;
      
      authenticating the pre-configuration bitstream; and
      
      halting the configuring of the programmable logic and interconnect resources of the programmable IC to implement the pre-configuration circuit in response to the pre-configuration bitstream failing the authenticating.
  - 3. The method of claim 2, further comprising:
    - inputting the ciphertext circuit design to the programmable IC;
      
      authenticating the ciphertext circuit design; and
      
      halting the reconfiguring of the programmable logic and interconnect resources of the programmable IC with the plaintext circuit design in response to the ciphertext circuit design failing the authenticating.
  - 4. The method of claim 1, wherein the generating the second instance of the red key includes:
    - authenticating the black key; and
      
      halting the generating of the second instance of the red key, the decrypting, the erasing and the reconfiguring in response to the black key failing the authenticating.

5. A method of protecting a circuit design for a programmable integrated circuit (IC), comprising:
- configuring programmable logic resources and programmable interconnect resources of the programmable IC to implement a registration circuit that includes a first instance of a Physically Unclonable Function (PUF) circuit and a wrapper circuit;
  
  generating a first instance of a PUF value by the first instance of the PUF circuit;
  
  inputting a first instance of a red key to the wrapper circuit;
  
  generating a black key by the wrapper circuit as a function of the first instance of the PUF value and the first instance of the red key;
  
  storing the black key resulting from the generating of the black key in a memory circuit external to the programmable IC;
  
  reconfiguring the programmable logic resources and programmable interconnect resources of the programmable IC to implement a pre-configuration circuit that includes a second instance of the PUF circuit and an unwrapper circuit;
  
  generating a second instance of the PUF value by the second instance of the PUF circuit;
  
  inputting the black key from the external memory circuit to the unwrapper circuit;
  
  generating a second instance of the red key by the unwrapper circuit as a function of the black key and the second instance of the PUF value;
  
  inputting a ciphertext circuit design to the programmable IC;
  
  decrypting the ciphertext circuit design into a plaintext circuit design by a decryption circuit of the programmable IC using the second instance of the red key;
  
  erasing the second instance of the red key from the programmable IC; and
  
  reconfiguring the programmable logic resources and programmable interconnect resources of the programmable IC with the plaintext circuit design.
- View Dependent Claims (6, 7, 8, 9, 10)
- - 6. The method of claim 5, wherein:
    - the generating of the black key includes;
      
      encrypting the first instance of the red key using the first instance of the PUF value as an encryption key; and
      
      the generating of the second instance of the red key includes;
      
      decrypting the black key using the second instance of the PUF value as a decryption key.
  - 7. The method of claim 5, wherein:
    - the generating of the black key includes;
      
      XORing the first instance of the red key with the first instance of the PUF value; and
      
      the generating of the second instance of the red key includes;
      
      XORing the black key with the second instance of the PUF value.
  - 8. The method of claim 5, wherein the reconfiguring the programmable IC to implement the second instance of the PUF circuit and the unwrapper circuit includes:
    - inputting a pre-configuration bitstream to the programmable IC;
      
      authenticating the pre-configuration bitstream; and
      
      halting the reconfiguring of the programmable logic resources and programmable interconnect resources of the programmable IC to implement the second instance of the PUF circuit and the unwrapper circuit in response to the pre-configuration bitstream failing the authenticating.
  - 9. The method of claim 8, further comprising:
    - authenticating the ciphertext circuit design; and
      
      halting the reconfiguring of the programmable logic resources and programmable interconnect resources of the programmable IC with the plaintext circuit design in response to the ciphertext circuit design failing the authenticating.
  - 10. The method of claim 5, wherein the generating the second instance of the red key includes:
    - authenticating the black key; and
      
      halting the generating of the second instance of the red key, the decrypting, the erasing and the reconfiguring in response to the black key failing the authenticating.

11. An electronic system, comprising:
- a computer system;
  
  a programmable integrated circuit (IC) coupled to the computer system and including programmable logic resources, programmable interconnect resources circuitry and a key memory;
  
  a memory circuit coupled to the programmable IC and external to the programmable IC;
  
  wherein the computer system is configured to provide a registration bitstream to the programmable IC for configuring the programmable logic resources and programmable interconnect resources to implement a wrapper circuit and a first instance of a Physically Unclonable Function (PUF) circuit;
  
  wherein the first instance of the PUF circuit is configured to generate a first instance of a PUF value, and the wrapper circuit is configured to generate a black key from an input first instance of a red key and the first instance of the PUF value and store the black key resulting from generation of the black key in the memory circuit;
  
  wherein the memory circuit is configured with a pre-configuration bitstream;
  
  wherein the programmable IC is configured to input the pre-configuration bitstream and configure the programmable logic resources and programmable interconnect resources to implement a pre-configuration circuit, and the pre-configuration circuit includes a second instance of the PUF circuit and an unwrapper circuit;
  
  wherein the unwrapper circuit is configured to input the black key and generate a second instance of the red key as a function of the black key using a second instance of the PUF value from the second instance of the PUF circuit, and store the second instance of the red key in the key memory; and
  
  wherein the programmable IC is further configured to;
  
  input a ciphertext circuit design;
  
  decrypt the ciphertext circuit design into a plaintext circuit design using the second instance of the red key;
  
  erase the second instance of the red key from the key memory; and
  
  reconfigure the programmable logic resources and programmable interconnect resources with the plaintext circuit design.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The system of claim 11, wherein the unwrapper circuit is further configured and arranged to decrypt the black key using the second instance of the PUF value as a decryption key.
  - 13. The system of claim 11, wherein the unwrapper circuit is further configured and arranged to XOR the black key with the second instance of the PUF value.
  - 14. The system of claim 11, wherein the programmable IC is configured and arranged to:
    - authenticate the pre-configuration bitstream; and
      
      halt configuration of the programmable logic resources and programmable interconnect resources of the programmable IC to implement the pre-configuration circuit in response to the pre-configuration bitstream failing authentication.
  - 15. The system of claim 11, wherein:
    - the programmable IC is configured and arranged to authenticate the black key; and
      
      halt generation of the second instance of the red key in response to the black key failing authentication.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Xilinx, Inc. (Advanced Micro Devices, Inc.)
Original Assignee
Xilinx, Inc. (Advanced Micro Devices, Inc.)
Inventors
Peterson, Edward S., Wesselkamper, James D.
Primary Examiner(s)
Homayounmehr, Farid
Assistant Examiner(s)
Torres-Diaz, Lizbeth

Application Number

US14/866,712
Time in Patent Office

1,047 Days
Field of Search
US Class Current
CPC Class Codes

G09C 1/00   Apparatus or methods whereb...

H04L 2209/12   Details relating to cryptog...

H04L 2209/24   Key scheduling, i.e. genera...

H04L 9/0822   using key encryption key

H04L 9/0866   involving user or device id...

H04L 9/0894   Escrow, recovery or storing...

H04L 9/14   using a plurality of keys o...

H04L 9/3247   involving digital signatures

H04L 9/3278   using physically unclonable...

Secure external key storage for programmable ICS

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

22 Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

Secure external key storage for programmable ICS

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

22 Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links