Method of securing programmable logic configuration data
First Claim
1. A system comprising:
- a circuit board;
an integrated circuit package connected to said circuit board, said package having a plurality of input pins; and
a programmable logic device integrated circuit packaged in said integrated circuit package, said integrated circuit having a plurality of input conductors and operative to perform cryptographic calculations employing a cryptographic key,whereby said cryptographic key is provided to said programmable logic device integrated circuit via a binary code applied to a predetermined plurality of said input conductors, said binary code being inaccessible when said system is deployed;
wherein a predetermined plurality of said programmable logic device integrated circuit input conductors is connected to an active high voltage level or signal ground to form said binary code;
wherein said predetermined plurality of conductors is not connected to said integrated circuit package input pins;
wherein a predetermined plurality of said programmable logic device integrated circuit input conductors is connected to a predetermined plurality of said integrated circuit package input pins;
said predetermined plurality of said integrated circuit package input pins is connected via said circuit board to an active high voltage level or signal ground to form said binary code; and
at least said predetermined plurality of said integrated circuit package input pins is inaccessible when said system is deployed.
0 Assignments
0 Petitions
Accused Products
Abstract
The present invention relates to a secure method of distributing configuration data for a programmable logic device (PLD). The configuration data is encrypted to generate encrypted configuration data. A decryption key is encrypted using a silicon key. The encrypted configuration data and the encrypted decryption key are transferred to a PLD. Within the PLD, the encrypted decryption key is decrypted using the silicon key. Then, also within the PLD, the encrypted configuration data is decrypted using the decryption key to recover the configuration data. The PLD is then configured using the configuration data. The silicon key may be communicated to the PLD by tying predetermined input pins to an active high voltage level or signal ground, to form a binary code.
27 Citations
16 Claims
-
1. A system comprising:
-
a circuit board; an integrated circuit package connected to said circuit board, said package having a plurality of input pins; and a programmable logic device integrated circuit packaged in said integrated circuit package, said integrated circuit having a plurality of input conductors and operative to perform cryptographic calculations employing a cryptographic key, whereby said cryptographic key is provided to said programmable logic device integrated circuit via a binary code applied to a predetermined plurality of said input conductors, said binary code being inaccessible when said system is deployed; wherein a predetermined plurality of said programmable logic device integrated circuit input conductors is connected to an active high voltage level or signal ground to form said binary code; wherein said predetermined plurality of conductors is not connected to said integrated circuit package input pins; wherein a predetermined plurality of said programmable logic device integrated circuit input conductors is connected to a predetermined plurality of said integrated circuit package input pins; said predetermined plurality of said integrated circuit package input pins is connected via said circuit board to an active high voltage level or signal ground to form said binary code; and at least said predetermined plurality of said integrated circuit package input pins is inaccessible when said system is deployed. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system comprising:
-
a circuit board; an integrated circuit package connected to said circuit board, said package having a plurality of input pins; and a programmable logic device integrated circuit packaged in said integrated circuit package, said integrated circuit having a plurality of input conductors and operative to perform cryptographic calculations employing a cryptographic key, wherein a predetermined plurality of said programmable logic device integrated circuit input conductors is connected to an active high voltage level or signal ground to form said binary code and is not connected to said integrated circuit package pins; wherein another predetermined plurality of said programmable logic device integrated circuit input conductors is connected to a predetermined plurality of said integrated circuit package input pins, said another predetermined plurality of said integrated circuit package input pins is connected via said circuit board to an active high voltage level or signal ground to form said binary code, and at least said predetermined plurality of said integrated circuit package input pins is inaccessible when said system is deployed; and whereby said cryptographic key is provided to said programmable logic device integrated circuit via a binary code applied to a dedicated, predetermined plurality of said input conductors. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16)
-
Specification