Method and apparatus for securing programming data of a programmable logic device

US 5,768,372 A
Filed: 03/13/1996
Issued: 06/16/1998
Est. Priority Date: 03/13/1996
Status: Expired due to Term

First Claim

Patent Images

1. A method for use with an integrated circuit programmable logic device, said integrated circuit programmable logic device having working memory for storing digital programming data specifying a desired logic configuration of said integrated circuit programmable logic device and having associated therewith storage memory from which said digital programming data are loaded into said working memory, said method being for securing said digital programming data, said method comprising the steps of:

providing an encryption device capable of encrypting data in accordance with a plurality of encryption schemes;

selecting one of said plurality of encryption schemes and encrypting said digital programming data therewith;

storing said encrypted digital programming data in said storage memory;

storing also, in said storage memory, encryption selection data identifying said one of said plurality of encryption schemes;

providing a decryption device in said programmable logic integrated circuit device capable of executing a plurality of decryption schemes corresponding to said plurality of encryption schemes; and

reading said encrypted digital programming data from said storage memory for loading said digital programming data into said working memory, said reading step comprising the steps of;

selecting one of said plurality of decryption schemes corresponding to said one of said plurality of encryption schemes, anddecrypting said encrypted digital programming data using said selected one of said plurality of decryption schemes.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An SRAM-based programmable logic device having decompression and decryption circuits between its EPROM nonvolatile programming data storage and its SRAM programming registers is secured against copying of the programming data because a would-be copyist would need to know the compression and encryption used. In a system and method for programming the device, a user station preferably contains a plurality of possible encryptions and a plurality of possible compression schemes. An encryption and compression scheme are selected, preferably at random, by the user or by the programming software in the user station. Data indicating which encryption and compression scheme were chosen are included in the programming data to allow decompression and decryption.

Citations

41 Claims

1. A method for use with an integrated circuit programmable logic device, said integrated circuit programmable logic device having working memory for storing digital programming data specifying a desired logic configuration of said integrated circuit programmable logic device and having associated therewith storage memory from which said digital programming data are loaded into said working memory, said method being for securing said digital programming data, said method comprising the steps of:
- providing an encryption device capable of encrypting data in accordance with a plurality of encryption schemes;
  
  selecting one of said plurality of encryption schemes and encrypting said digital programming data therewith;
  
  storing said encrypted digital programming data in said storage memory;
  
  storing also, in said storage memory, encryption selection data identifying said one of said plurality of encryption schemes;
  
  providing a decryption device in said programmable logic integrated circuit device capable of executing a plurality of decryption schemes corresponding to said plurality of encryption schemes; and
  
  reading said encrypted digital programming data from said storage memory for loading said digital programming data into said working memory, said reading step comprising the steps of;
  
  selecting one of said plurality of decryption schemes corresponding to said one of said plurality of encryption schemes, anddecrypting said encrypted digital programming data using said selected one of said plurality of decryption schemes.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The method of claim 1 wherein:
    - said reading step further comprises detecting said encryption selection data; and
      
      said decryption selection step comprises selecting said one of said plurality of decryption schemes based on said encryption selection data.
  - 3. The method of claim 1 further comprising writing said decrypted digital programming data into said working memory.
  - 4. The method of claim 1 further comprising the step of compressing said encrypted digital programming data before said step of storing said encrypted digital programming data.
  - 5. The method of claim 4 wherein said compressing step comprises also compressing said encryption selection data.
  - 6. The method of claim 5 further comprising the step of decompressing said compressed data before said reading step.
  - 7. The method of claim 6 wherein:
    - said reading step further comprises detecting said encryption selection data;
      
      said decompressing step occurs prior to said detecting step; and
      
      said decryption selection step comprises selecting said one of said plurality of decryption schemes based on said encryption selection data.
  - 8. The method of claim 4 further comprising the step of decompressing said compressed data before said reading step.
  - 9. The method of claim 4 wherein said compressing step comprises:
    - providing at least one compression scheme; and
      
      selecting one of said at least one compression scheme and compressing said encrypted digital programming data therewith.
  - 10. The method of claim 9 wherein said step of storing said encrypted digital programming data comprises storing also, in said nonvolatile memory, compression selection data identifying said one of said at least one compression scheme.
  - 11. The method of claim 10 further comprising the step of decompressing said compressed data before said reading step.
  - 12. The method of claim 11 wherein said decompressing step comprises:
    - providing at least one decompression scheme corresponding to said at least one compression scheme;
      
      decoding said compression selection data; and
      
      selecting one of said at least one decompression scheme corresponding to said one of said at least one compression scheme based on said compression selection data.
  - 13. The method of claim 1 wherein said plurality of encryption schemes comprises at least one pseudo-random sequence.
  - 14. The method of claim 13 wherein said plurality of decryption schemes comprises at least one look-up table, each of said at least one look-up table corresponding to one of said at least one pseudo-random sequence.

15. A system for securing digital programming data of an integrated circuit programmable logic device, said integrated circuit programmable logic device having working memory for storing digital programming data specifying a desired logic configuration of said integrated circuit programmable logic device and having associated therewith storage memory from which said digital programming data are loaded into said working memory, said system comprising:
- at least one encryption device, said at least one encryption device being capable of encrypting data in accordance with a plurality of encryption schemes;
  
  an encryption selector for selecting one of said plurality of encryption schemes and encrypting said digital programming data therewith;
  
  a storage controller for storing, in said storage memory, said encrypted digital programming data and encryption selection data identifying said one of said plurality of encryption schemes;
  
  at least one decryption device for decrypting each of said plurality of encryption schemes; and
  
  a programming data reader for reading said encrypted digital programming data from said storage memory for loading said encrypted digital programming data into said working memory, said programming data reader comprising;
  
  a decryption selector for selecting one of said at least one decryption device for decrypting said one of said plurality of encryption schemes, said selected decryption device decrypting said encrypted digital programming data.
- View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
- - 16. The system of claim 15 wherein:
    - said programming data reader further comprises a detector for detecting said encryption selection data; and
      
      said decryption selector selects said one of said at least one decryption device for decrypting said one of said plurality of encryption schemes based on said encryption selection data.
  - 17. The system of claim 15 further comprising a data writer for writing said decrypted digital data into said working memory.
  - 18. The system of claim 15, further comprising at least one data compressor, one of said at least one data compressor compressing said encrypted digital programming data output from said one of said at least one encryption device and outputting said compressed encrypted digital programming data for storage in said storage memory.
  - 19. The system of claim 18 wherein:
    - said storage controller stores also, in said storage memory, encryption selection data identifying said one of said at least one encryption scheme; and
      
      said one of said at least one data compressor also compresses said encryption selection data.
  - 20. The system of claim 19 wherein said programming data reader further comprises at least one data decompressor, corresponding to said at least one data compressor, for decompressing said compressed encrypted digital programming data and said compressed encryption selection data and outputting said decompressed data to said programming data reader.
  - 21. The system of claim 20 wherein:
    - said programming data reader further comprises a detector for detecting said encryption selection data; and
      
      said decryption selector selects said one of said at least one decryption device for decrypting said one of said plurality of encryption schemes based on said encryption selection data.
  - 22. The system of claim 18 further comprising at least one data decompressor, corresponding to said at least one data compressor, for decompressing said compressed data and outputting said decompressed data to said programming data reader.
  - 23. The system of claim 18 wherein said storage controller stores also, in said storage memory, compression selection data identifying said one of said at least one data compressor.
  - 24. The system of claim 23 further comprising at least one data decompressor, corresponding to said at least one data compressor, for decompressing said compressed data and outputting said decompressed data to said programming data reader.
  - 25. The system of claim 24 wherein said programming data reader further comprises:
    - a decoder for detecting said compression selection data; and
      
      a decompression selector for selecting one of said at least one data decompressor, corresponding to said one of said at least one data compressor, based on said compression selection data.
  - 26. The system of claim 15 wherein said at least one encryption device comprises at least one pseudo-random sequencer.
  - 27. The system of claim 26 wherein said at least one decryption device for decrypting said one of said plurality of encryption schemes comprises at least one look-up table, each of said at least one look-up table corresponding to one of said at least one pseudo-random sequencer.
  - 28. The system of claim 15 wherein said at least one encryption device comprises at least one look-up table.
  - 29. The system of claim 28 wherein said at least one decryption device for decrypting said one of said plurality of encryption schemes comprises at least one pseudo-random sequencer, each of said at least one pseudo-random sequencer corresponding to one of said at least one look-up table.
  - 30. The system of claim 15, further comprising a data compressor for compressing said encrypted digital programming data and outputting said compressed encrypted digital programming data for storage in said storage memory.

31. An integrated circuit programmable logic device comprising:
- working memory for storing digital programming data specifying a desired logic configuration of said integrated circuit programmable logic device;
  
  a port for receiving said digital programming data in encrypted form from a storage memory associated with said programmable logic device, said encrypted form being created by one of a plurality of encryption schemes, and for receiving from said storage memory encryption selection data identifying said one of said plurality of encryption schemes;
  
  programming circuitry for reading said encrypted digital programming data received at said input port from said working memory, said programming circuitry comprising;
  
  at least one decryption device for decrypting said one of said plurality of encryption schemes, anda decryption selector for selecting one of said at least one decryption device for decrypting said one of said plurality of encryption schemes, said selected decryption device decrypting said encrypted digital programming data.
- View Dependent Claims (32, 33, 34, 35, 36, 37, 38, 39, 40, 41)
- - 32. The integrated circuit programmable logic device of claim 31 wherein:
    - said programming circuitry further comprises a detector for detecting said encryption selection data; and
      
      said decryption selector selects said one of said at least one decryption device for decrypting said one of said plurality of encryption schemes based on said encryption selection data.
  - 33. The integrated circuit programmable logic device of claim 31 wherein said at least one decryption device for decrypting said one of said plurality of encryption schemes comprises at least one look-up table, each of said at least one look-up table corresponding to one of said plurality of encryption schemes.
  - 34. The integrated circuit programmable logic device of claim 31 wherein said at least one decryption device for decrypting said one of said plurality of encryption schemes comprises at least one pseudo-random sequencer, each of said at least one pseudo-random sequencer corresponding to one of said encryption schemes.
  - 35. The integrated circuit programmable logic device of claim 31 wherein:
    - said encrypted digital programming data are received at said input port from said storage memory in compressed form; and
      
      said integrated circuit programmable logic device further comprises decompression circuitry for decompressing said compressed encrypted digital programming data and outputting said decompressed data to said decryptor selector.
  - 36. The integrated circuit programmable logic device of claim 35 wherein:
    - said encrypted digital programming data are received from said storage memory, in compressed form produced according to one of at least one compression scheme, along with compression selection data identifying said one of said at least one compression scheme; and
      
      said decompression circuitry comprises;
      
      at least one data decompressor, each said at least one data decompressor corresponding to one of said at least one compression scheme,a decoder for decoding said compression selection data, anda decompressor selector for selecting one of said at least one data decompressor based on said compression selection data.
  - 37. The integrated circuit programmable logic device of claim 35 wherein:
    - said encryption selection data also are received from said storage memory in compressed form; and
      
      said decompression circuitry further decompresses said compressed encryption selection data.
  - 38. The integrated circuit programmable logic device of claim 35 wherein said decompression circuitry is in said programming circuitry.
  - 39. The integrated circuit programmable logic device of claim 31 wherein:
    - said encrypted digital programming data are received at said input port from said storage memory in compressed form; and
      
      said programmable logic device further comprises decompression circuitry for decompressing said compressed encrypted digital programming data and outputting decompressed encrypted digital programming data.
  - 40. The integrated circuit programmable logic device of claim 39 wherein:
    - said encrypted digital programming data are received from said storage memory, in compressed form produced according to one of at least one compression scheme, along with compression selection data identifying said one of said at least one compression scheme; and
      
      said decompression circuitry comprises;
      
      at least one data decompressor, each said at least one data decompressor corresponding to one of said at least one compression scheme,a decoder for decoding said compression selection data, anda decompressor selector for selecting one of said at least one data decompressor based on said compression selection data.
  - 41. The integrated circuit programmable logic device of claim 39 wherein said decompression circuitry is in said programming circuitry.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Altera Corporation (Intel Corporation)
Original Assignee
Altera Corporation (Intel Corporation)
Inventors
Sung, Chiakang, Wang, Bonnie I.
Primary Examiner(s)
Tarcza, Thomas H.
Assistant Examiner(s)
Laufer, Pinchus M.

Application Number

US08/617,664
Time in Patent Office

825 Days
Field of Search

380/4, 380/50, 380/9, 380/3, 380/6, 257/209, 257/529, 326/8
US Class Current

713/193
CPC Class Codes

G06F 21/6209   to a single file or object,...

G06F 21/79   in semiconductor storage me...

G06F 2221/2107   File encryption

G06F 2221/2113   Multi-level security, e.g. ...

H03K 19/17768   for security

Method and apparatus for securing programming data of a programmable logic device

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

41 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for securing programming data of a programmable logic device

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

41 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links