System and method for secured configuration data for programmable logic devices

US 6,785,816 B1
Filed: 05/01/2000
Issued: 08/31/2004
Est. Priority Date: 05/01/2000
Status: Expired due to Term

First Claim

Patent Images

1. A system for secured configuration data for a programmable device comprising:

at least one memory device, the at least one memory device storing configuration data comprising at least one configuration bitstream and an associated authentication tag for each at least one configuration bitstream, each authentication tag created using one associated at least one configuration bitstream;

a programmable device operably connected to the at least one memory device, the programmable device receiving one of the at least one configuration bitstream, the programmable device using the associated authentication tag of the one of the at least one configuration bitstream to verify that the one of the at least one configuration bitstream is authentic, the programmable device loading the one of the at least one configuration bitstream if the one of the at least one configuration bitstream is authentic.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and systems for secured configuration data for a programmable device. One or more memory devices store configuration data that includes one or more configuration bitstreams and associated authentication tags for each configuration bitstream. Each authentication tag is created using the associated configuration bitstream. A programmable device operably connected to the one or more memory devices receives one of the configuration bitstreams. The programmable device uses the associated authentication tag of the configuration bitstream to verify that the configuration bitstream is authentic. The programmable device loads the configuration bitstream if the one of the configuration bitstream is authentic, or may discard it otherwise.

Citations

15 Claims

1. A system for secured configuration data for a programmable device comprising:
- at least one memory device, the at least one memory device storing configuration data comprising at least one configuration bitstream and an associated authentication tag for each at least one configuration bitstream, each authentication tag created using one associated at least one configuration bitstream;
  
  a programmable device operably connected to the at least one memory device, the programmable device receiving one of the at least one configuration bitstream, the programmable device using the associated authentication tag of the one of the at least one configuration bitstream to verify that the one of the at least one configuration bitstream is authentic, the programmable device loading the one of the at least one configuration bitstream if the one of the at least one configuration bitstream is authentic.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The system according to claim 1, wherein the configuration data is encrypted and stored in the at least one memory device.
  - 3. The system according to claim 1, wherein the authentication tag is created by applying a hash function to the at least one configuration bitstream.
  - 4. The system according to claim 2, wherein the configuration data is encrypted using a secret key of the programmable device.
  - 5. The system according to claim 4, wherein the secret key is hardwired on the programmable device.
  - 6. The system according to claim 1, wherein the programmable device is a programmable logic array.
  - 7. The system according to claim 2, wherein a first secret key is used to encrypt the configuration data.
  - 8. The system according to claim 7, the programmable device having a second key, wherein the second key is used to encrypt the first key.

9. A method for secured configuration data for a programmable device comprising:
- generating a bitstream, the bitstream used for configuration of a programmable device;
  
  generating an authentication tag using the bitstream, the authentication tag being appended to the bitstream forming configuration data;
  
  encrypting the configuration data using a key associated with the programmable device;
  
  receiving the encrypted configuration data at the programmable device;
  
  decrypting the encrypted configuration data using the key producing a received bitstream with appended authentication tag;
  
  separating the received bitstream from the appended authentication tag;
  
  generating a second authentication tag using the received bitstream;
  
  comparing the appended authentication tag with the second authentication tag to determine if they are equal; and
  
  configuring the programmable device using the received bitstream if the appended authentication tag and the second authentication tag are equal.
- View Dependent Claims (10, 11)
- - 10. The method according to claim 9, comprising generating the authentication tag using a hash function.
  - 11. The method according to claim 9, comprising storing the encrypted configuration data before the receiving.

12. A method for secured configuration data for a programmable device comprising:
- generating a bitstream, the bitstream used for configuration of a programmable device;
  
  generating an authentication tag using the bitstream, the authentication tag being appended to the bitstream forming configuration data;
  
  generating a secret key;
  
  encrypting the configuration data using the secret key;
  
  encrypting the secret key using a second key, the encrypted secret key being appended to the encrypted configuration data;
  
  receiving the encrypted secret key and the appended encrypted configuration data at a programmable device;
  
  separating the encrypted secret key from the appended encrypted configuration data;
  
  decrypting the encrypted secret key using the second key producing a received secret key;
  
  decrypting the encrypted configuration data using the received secret key producing a received bitstream with appended authentication tag;
  
  separating the received bitstream from the appended authentication tag;
  
  generating a second authentication tag using the received bitstream;
  
  comparing the appended authentication tag with the second authentication tag to determine if they are equal; and
  
  configuring the programmable device using the received bitstream if the appended authentication tag and the second authentication tag are equal.
- View Dependent Claims (13, 14)
- - 13. The method according to claim 12, comprising generating the authentication tag using a hash function.
  - 14. The method according to claim 12, comprising storing the encrypted configuration data before the receiving.

15. A dynamically reconfigurable mobile device connected to a Wireless Local Area Network (WLAN) comprising:
- a WLAN interface; and
  
  a programmable device, the programmable device receiving encrypted configuration data comprising a configuration bitstream with appended associated authentication tag from the WLAN, the programmable device using the associated authentication tag to verify that the configuration bitstream is authentic, the programmable device loading the configuration bitstream if the configuration bitstream is authentic thereby dynamically configuring the mobile device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nokia Internet Communications (Nokia Corporation)
Original Assignee
Nokia Corporation
Inventors
Kivimaki, Tommi, Karkkainen, Tero
Primary Examiner(s)
JUNG, DAVID YIUK

Application Number

US09/561,965
Time in Patent Office

1,583 Days
Field of Search

713/182-186, 713/187-194, 713/100, 713/150-154, 713/168-181, 380/255, 380/247
US Class Current

713/181
CPC Class Codes

G05B 2219/24163   Authentication tag in confi...

G06F 15/7867   with reconfigurable archite...

G06F 21/64   Protecting data integrity, ...

G06F 21/76   in application-specific int...

H04L 63/0428   wherein the data content is...

H04L 63/062   for key distribution, e.g. ...

H04L 63/123   received data contents, e.g...

System and method for secured configuration data for programmable logic devices

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for secured configuration data for programmable logic devices

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links