Method of securing programmable logic configuration data

US 7,197,647 B1
Filed: 09/30/2002
Issued: 03/27/2007
Est. Priority Date: 09/30/2002
Status: Expired due to Fees

First Claim

Patent Images

1. A secure method of distributing programmable logic configuration data, comprising:

encrypting said configuration data using a first key to generate encrypted configuration data;

encrypting a second key using a third key to generate an encrypted second key, said second key cryptographically related to said first key;

transferring said encrypted configuration data and said encrypted second key to a programmable logic device;

within said programmable logic device, decrypting said encrypted second key with said third key to recover said second key, wherein said third key is incorporated into a hardware design of said programmable logic device; and

within said programmable logic device, decrypting said encrypted configuration data with said second key to recover said configuration data.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention relates to a secure method of distributing configuration data for a programmable logic device (PLD). The configuration data is encrypted to generate encrypted configuration data. A decryption key is encrypted using a silicon key. The encrypted configuration data and the encrypted decryption key are transferred to a PLD. Within the PLD, the encrypted decryption key is decrypted using the silicon key. Then, also within the PLD, the encrypted configuration data is decrypted using the decryption key to recover the configuration data. The PLD is then configured using the configuration data. The silicon key may be communicated to the PLD by tying predetermined input pins to an active high voltage level or signal ground, to form a binary code.

Citations

62 Claims

1. A secure method of distributing programmable logic configuration data, comprising:
- encrypting said configuration data using a first key to generate encrypted configuration data;
  
  encrypting a second key using a third key to generate an encrypted second key, said second key cryptographically related to said first key;
  
  transferring said encrypted configuration data and said encrypted second key to a programmable logic device;
  
  within said programmable logic device, decrypting said encrypted second key with said third key to recover said second key, wherein said third key is incorporated into a hardware design of said programmable logic device; and
  
  within said programmable logic device, decrypting said encrypted configuration data with said second key to recover said configuration data.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1 wherein said first key and said second key are the same.
  - 3. The method of claim 1 wherein said first key, said second key, and said third key are the same.
  - 4. The method of claim 1 wherein said first key and said second key are different.
  - 5. The method of claim 4 wherein said first key is a public key and said second key is a corresponding private key.
  - 6. The method of claim 1 further comprising supplying said third key to said programmable logic device by setting the logic state of predetermined input connectors on said programmable logic device.
  - 7. The method of claim 6 wherein said input connectors are inaccessible at the time of transferring said encrypted configuration data and said encrypted second key to said programmable logic device.
  - 8. The method of claim 7 wherein said programmable logic device is packaged in a ball grid array.

9. A digital system, comprising:
- at least one data storage memory;
  
  a programmable logic device having a plurality of input pins;
  
  an interconnect medium logically connecting said programmable logic device and said memory in data transfer relationship;
  
  configuration data operative to configure said programmable logic device into at least one predetermined logical configuration, said configuration data contained in at least one said memory in an encrypted format and transferred to said programmable logic device in said encrypted format;
  
  a first decryption key operative to decrypt said encrypted configuration data, said first decryption key contained in at least one said memory in an encrypted format and transferred to said programmable logic device in said encrypted format; and
  
  a plurality of logical connections between a predetermined plurality of said input pins and said interconnect medium operative to form a binary code, said binary code comprising a second decryption key operative to decrypt said encrypted first decryption key.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17)
- - 10. The system of claim 9 wherein said plurality of input pins is not accessible.
  - 11. The system of claim 10 wherein said programmable logic device is packaged in a ball grid array.
  - 12. The system of claim 11 wherein said programmable logic device is permanently affixed to said interconnect medium.
  - 13. The system of claim 9 wherein said interconnect medium comprises a printed circuit board having at least one internal signal layer.
  - 14. The system of claim 13 wherein said plurality of logical connections comprises each of said corresponding predetermined input pins being tied to an active high operating voltage or to signal ground through said internal signal layer, so as to form said binary code.
  - 15. The system of claim 9 further comprising a connector logically connected to said plurality of predetermined input pins in data transfer relationship via said interconnect medium.
  - 16. The system of claim 15 further comprising a data source logically connected to said connector, said data source operative to alter said digital code present at said plurality of predetermined input pins.
  - 17. The system of claim 16, wherein said data source is a wireless communication receiver.

18. A method of securely fielding a digital system containing at least one programmable logic device having a predetermined plurality of input pins, comprising:
- compiling configuration data operative to configure said programmable logic device;
  
  generating a public key and a cryptographically related private key;
  
  encrypting said configuration data with said public key to generate encrypted configuration data;
  
  encrypting said private key with a silicon key to generate an encrypted private key;
  
  modifying a circuit board interconnection netlist to connect said predetermined plurality of input pins to active high voltage level or to signal ground so as to present said silicon key in binary code at said predetermined plurality of input pins; and
  
  distributing said encrypted configuration data and said encrypted private key.
- View Dependent Claims (19, 20)
- - 19. The method of claim 18 wherein said predetermined plurality of input pins and the circuit board signal traces connected thereto are inaccessible in field-deployed systems.
  - 20. The method of claim 18, further comprising maintaining said circuit board interconnection netlist in secrecy.

21. A secure method of distributing virtual silicon data for the dynamic virtualization of a virtual hardware architecture integrated circuit, comprising:
- encrypting said virtual silicon data using a first key to generate cipher silicon data;
  
  encrypting a second key using a silicon key to generate a system key, said second key cryptographically related to said first key;
  
  transferring said cipher silicon data and said system key to said virtual hardware architecture integrated circuit;
  
  within said virtual hardware architecture integrated circuit, decrypting said system key with said silicon key to recover said second key, wherein said silicon key is incorporated into a hardware design of said virtual hardware architecture; and
  
  within said virtual hardware architecture integrated circuit, decrypting said cipher silicon data with said second key to recover said virtual silicon data.
- View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41)
- - 22. The method of claim 21 wherein decrypting said cipher silicon data with said second key to recover said virtual silicon data comprises decrypting said cipher silicon data in a substantially continuous stream during the operation of said virtual hardware architecture integrated circuit.
  - 23. The method of claim 21 wherein said virtual silicon data comprises a plurality of virtual stripes, and wherein encrypting said virtual silicon data using a first key to generate cipher silicon data comprises encrypting said plurality of virtual stripes to generate a corresponding plurality of cipher stripes, said cipher silicon data comprising said plurality of cipher stripes.
  - 24. The method of claim 23 wherein decrypting said cipher silicon data with said second key to recover said virtual silicon data comprises decrypting said plurality of cipher stripes with said second key to recover a corresponding plurality of said virtual stripes.
  - 25. The method of claim 24 wherein said virtual hardware architecture integrated circuit includes a reconfigurable fabric comprising a plurality of physical stripes, and wherein each said cipher stripe is decrypted as necessary to virtualize a corresponding physical stripe in advance of data arriving at the virtualized stripe.
  - 26. The method of claim 21 wherein said first key and said second key are the same.
  - 27. The method of claim 21 wherein said first key, said second key, and said third key are the same.
  - 28. The method of claim 21 wherein said first key and said second key are different.
  - 29. The method of claim 28 wherein said first key is a public key and said second key is a corresponding private key.
  - 30. The method of claim 21 further comprising supplying said silicon key to said virtual hardware architecture integrated circuit by setting the logic state of predetermined input conductors on said virtual hardware architecture integrated circuit.
  - 31. The method of claim 30 wherein said input conductors are inaccessible when said virtual hardware architecture integrated circuit is field deployed in a system.
  - 32. The method of claim 31 wherein said virtual hardware architecture integrated circuit is packaged in a ball grid array.
  - 33. The method of claim 32 wherein said predetermined input conductors are connected to corresponding predetermined input pins of said ball grid array.
  - 34. The method of claim 32 wherein each of said predetermined input pins of said ball grid array is connected to an active high operating voltage or to signal ground so as to form said binary code.
  - 35. The method of claim 30 wherein setting the logic state of predetermined input conductors on said virtual hardware architecture integrated circuit comprises setting the logic state of conductors on a connector logically connected to said predetermined input conductors.
  - 36. The method of claim 35 wherein a data source is logically connected to said connector, said data source operative to alter said digital code present at said plurality of predetermined input conductors.
  - 37. The method of claim 36, wherein said data source is a wireless communication receiver.
  - 38. The method of claim 21 wherein decrypting said cipher silicon data with said second key to recover said virtual silicon data comprises decrypting said cipher silicon data with both said second key and a manufacturer key, said manufacturer key cryptographically related to said first and second keys such that both said second key and said manufacturer key together are required to decrypt data encrypted with said first key.
  - 39. The method of claim 38 wherein said manufacturer key is embedded in said virtual hardware architecture integrated circuit.
  - 40. The method of claim 21 whereinencrypting a second key using a silicon key to generate a system key comprises encrypting said second key using both a silicon key and a manufacturer key to generate a system key;
    - and whereindecrypting said system key with said silicon key to recover said second key comprises decrypting said system key with both said silicon key and said manufacturer key to recover said second key.
  - 41. The method of claim 38 wherein a fourth key is embedded in said virtual hardware architecture integrated circuit.

42. A digital system, comprising:
- a power supply providing at least one active high voltage level and a ground;
  
  at least one data storage memory;
  
  a virtual hardware architecture integrated circuit having a plurality of input conductors;
  
  an interconnect medium logically connecting said virtual hardware architecture integrated circuit and said memory in data transfer relationship, and connecting said power supply to said virtual hardware architecture integrated circuit and said memory;
  
  cipher silicon data contained in said data storage memory, said cipher silicon data comprising an encrypted form of virtual silicon data operative to dynamically virtualize said virtual hardware architecture integrated circuit;
  
  a system key contained in said data storage memory, said system key comprising an encrypted form of a decryption key operative to decrypt said cipher silicon data; and
  
  a plurality of connections, via said interconnect medium, between a predetermined plurality of said input conductors and said power supply, said connections forming a binary code constituting a silicon key operative to decrypt said system decryption key.
- View Dependent Claims (43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56)
- - 43. The system of claim 42 wherein said cipher silicon data and said system key are decrypted within said virtual hardware architecture integrated circuit.
  - 44. The system of claim 43 wherein said cipher silicon data is transferred from said memory to said virtual hardware architecture integrated circuit on an intermittent, ongoing basis for substantially the entire operating duration of said virtual hardware architecture integrated circuit.
  - 45. The system of claim 42 wherein said plurality of input conductors is not accessible.
  - 46. The system of claim 45 wherein said virtual hardware architecture integrated circuit is packaged in a ball grid array.
  - 47. The system of claim 46 wherein said plurality of input conductors is connected to a predetermined plurality of pins on said ball grid array.
  - 48. The system of claim 47 wherein said interconnect medium comprises a printed circuit board, and wherein said ball grid array is permanently affixed to said printed circuit board.
  - 49. The system of claim 48 wherein said printed circuit board includes at least one internal signal layer.
  - 50. The system of claim 49 further comprising a connector including a plurality of conductors, the conductors of said connector connected via said printed circuit board to said predetermined plurality of pins on said ball grid array.
  - 51. The system of claim 50 further comprising a data source logically connected to said connector, said data source operative to alter said digital code present at said plurality of predetermined input conductors.
  - 52. The method of claim 51, wherein said data source is a wireless communication receiver.
  - 53. The system of claim 42 wherein each of said plurality of connections comprises connecting said corresponding predetermined input conductor to said active high voltage level or said ground, so as to form said binary code.
  - 54. The system of claim 42 wherein said virtual hardware architecture integrated circuit additionally includes a manufacturer key embedded therein.
  - 55. The system of claim 54 wherein said decryption key is operative, together with said manufacturer key, to decrypt said cipher silicon data.
  - 56. The system of claim 54 wherein said silicon key is operative, together with said manufacturer key, to decrypt said system decryption key.

57. A method of securely fielding a digital system containing at least one virtual hardware architecture integrated circuit packaged for inclusion on a circuit board and having a predetermined plurality of input pins, comprising:
- compiling virtual silicon data operative to dynamically virtualize said virtual hardware architecture integrated circuit;
  
  generating a public key and a cryptographically related private key;
  
  encrypting said virtual silicon data with said public key to generate cipher silicon data;
  
  encrypting said private key with a silicon key to generate a system key;
  
  modifying a circuit board interconnection netlist to connect said predetermined plurality of input pins to active high voltage level or to signal ground so as to present said silicon key in binary code at said predetermined plurality of input pins; and
  
  distributing said cipher silicon data and said system key.
- View Dependent Claims (58, 59, 60, 61, 62)
- - 58. The method of claim 57 wherein said predetermined plurality of input pins and the circuit board signal traces connected thereto are inaccessible in field-deployed systems.
  - 59. The method of claim 57, further comprising maintaining said circuit board interconnection netlist in secrecy.
  - 60. The system of claim 57 wherein said virtual hardware architecture integrated circuit additionally includes a manufacturer key embedded therein.
  - 61. The method of claim 60 wherein said manufacturing key is cryptographically related to said public and private keys, such that both said private and said manufacturing keys together are required to decrypt data encrypted with said public key.
  - 62. The method of claim 60 wherein encrypting said private key with a silicon key to generate a system key comprises encrypting said private key with both said silicon key and said manufacturing key to generate said system key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Carnegie Mellon University
Original Assignee
Carnegie Mellon University
Inventors
Van Essen, Brian Christopher, Schmit, Herman H., Kidd, Jeffrey Wayne, Petersen, Christopher Maverick
Primary Examiner(s)
Vu; Kim
Assistant Examiner(s)
Dada; Beemnet W

Application Number

US10/260,171
Time in Patent Office

1,639 Days
Field of Search

713/189, 713/193, 713/161, 713/168, 713/164, 380/277, 380/281, 380/284
US Class Current

713/189
CPC Class Codes

H04L 2209/125   Parallelization or pipelini...

H04L 2463/062   applying encryption of the ...

H04L 63/0428   wherein the data content is...

H04L 9/0897   involving additional device...

Y04S 40/20   Information technology spec...

Method of securing programmable logic configuration data

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

62 Claims

Specification

Solutions

Use Cases

Quick Links

Method of securing programmable logic configuration data

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

62 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links