Programmable logic device
First Claim
1. A programmable logic device, comprising:
- a programmable array of logic elements which when loaded with a configuration program is operable to perform a process in accordance with a configuration of the logic elements by the configuration program; and
a hardware decryption processor including a register having stored therein a first secret configuration key, and a non-volatile store arranged to store the configuration program which has been encrypted with the first secret configuration key, wherein the configuration program includes therein the first secret configuration key, andthe hardware decryption processor is operable, when power is applied to the programmable logic device, to read the encrypted configuration program, to decrypt the encrypted configuration program using the first secret configuration key stored in the register, and to configure the programmable array of logic elements with the configuration program,the programmable array when configured with the configuration program being operable to read the encrypted configuration program from the non-volatile store, to decrypt the configuration program using the first secret configuration key provided with the configuration program, to generate a second secret key, to adapt the configuration program by inserting the second secret key into the configuration program, to re-encrypt the adapted configuration program using the first secret configuration key, and to replace the configuration program with the adapted and encrypted configuration program in the non-volatile store.
1 Assignment
0 Petitions
Accused Products
Abstract
A hardware decryption processor operates, when power is applied to a programmable logic device, to read an encrypted configuration program, to decrypt the encrypted configuration program using a first secret configuration key stored in a register, and to configure a programmable array of logic elements with the configuration program. The programmable array when configured with the configuration program operates to read the encrypted configuration program from a non-volatile store, to decrypt the configuration program using the first secret configuration key, which was provided with the configuration program, to generate a second secret key, to adapt the configuration program by inserting the second secret key into the configuration program, to re-encrypt the adapted configuration program using the first secret configuration key, and to replace the configuration program with the adapted and encrypted configuration program in the non-volatile store.
-
Citations
14 Claims
-
1. A programmable logic device, comprising:
-
a programmable array of logic elements which when loaded with a configuration program is operable to perform a process in accordance with a configuration of the logic elements by the configuration program; and a hardware decryption processor including a register having stored therein a first secret configuration key, and a non-volatile store arranged to store the configuration program which has been encrypted with the first secret configuration key, wherein the configuration program includes therein the first secret configuration key, and the hardware decryption processor is operable, when power is applied to the programmable logic device, to read the encrypted configuration program, to decrypt the encrypted configuration program using the first secret configuration key stored in the register, and to configure the programmable array of logic elements with the configuration program, the programmable array when configured with the configuration program being operable to read the encrypted configuration program from the non-volatile store, to decrypt the configuration program using the first secret configuration key provided with the configuration program, to generate a second secret key, to adapt the configuration program by inserting the second secret key into the configuration program, to re-encrypt the adapted configuration program using the first secret configuration key, and to replace the configuration program with the adapted and encrypted configuration program in the non-volatile store. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A transmitter for encrypting and transmitting content data, the transmitter comprising:
-
a content encryption engine operable to encrypt the content data with a content key; and a content key encryption engine operable to encrypt the content key with a public key provided by a programmable logic device, the programmable logic device comprising a programmable array of logic elements which when loaded with a configuration program is operable to perform a process in accordance with a configuration of the logic elements by the configuration program, and a hardware decryption processor including a register having stored therein a first secret configuration key, and a non-volatile store arranged to store the configuration program which has been encrypted with the first secret configuration key, wherein the configuration program includes therein the first secret configuration key, and the hardware decryption processor is operable, when power is applied to the programmable logic device, to read the encrypted configuration program, to decrypt the encrypted configuration program using the first secret configuration key stored in the register, and to configure the programmable array of logic elements with the configuration program, the programmable logic array when configured with the configuration program being operable to read the encrypted configuration program from the non-volatile store, to decrypt the configuration program using the first secret configuration key provided with the configuration program, to generate a second secret key, to adapt the configuration program by inserting the second secret key into the configuration program, to re-encrypt the adapted configuration program using the first secret configuration key, and to replace the configuration program with the adapted and encrypted configuration program in the non-volatile store.
-
-
11. A method of programming a programmable logic device, the programmable logic device comprising a programmable array of logic elements and a hardware decryption processor including a register having stored therein a first secret configuration key, and a non-volatile store being arranged to store a configuration program which has been encrypted with the first secret configuration key, the method comprising:
-
providing the configuration program with the first secret configuration key; reading the encrypted configuration program from the non-volatile store; decrypting the encrypted configuration program using the first secret configuration key stored in the register; configuring the programmable array of logic elements with the configuration program; reading the encrypted configuration program from the non-volatile store; decrypting the configuration program using the first secret configuration key provided with the configuration program; generating a second secret key; adapting the configuration program by inserting the second secret key into the configuration program with the programmable array; re-encrypting the adapted configuration program using the first secret configuration key; and replacing the configuration program with the adapted and encrypted configuration program in the non-volatile store.
-
-
12. A computer-readable storage medium encoded with a configuration program for programming an array of logic elements of a programmable logic device, the programmable logic device comprising the array of logic elements, which when loaded with the configuration program is operable to perform a process in accordance with a configuration of the logic elements by the configuration program, and a hardware decryption processor including a register having stored therein a first secret configuration key, and a non-volatile store arranged to store the configuration program which has been encrypted with the first secret configuration key, wherein the configuration program includes therein the first secret configuration key, the configuration program when executed by the array of logic elements causing the array of logic elements to perform the operations of:
-
reading the encrypted configuration program from the non-volatile store; decrypting the configuration program using the first secret configuration key provided with the configuration program; generating a second secret key; adapting the configuration program by inserting the second secret key into the configuration program; re-encrypting the adapted configuration program using the first secret configuration key; and replacing the configuration program with the adapted and encrypted configuration program in the non-volatile store.
-
-
13. A manufacturing jig arranged for use with a programmable logic device, the programmable logic device comprising a programmable array of logic elements which when loaded with a configuration program is operable to perform a process in accordance with a configuration of the logic elements by the configuration program, and a hardware decryption processor including a register having stored therein a first secret configuration key, and a non-volatile store arranged to store the configuration program which has been encrypted with the first secret configuration key, wherein the configuration program includes therein the first secret configuration key, and
the hardware decryption processor is operable, when power is applied to the programmable logic device, to read the encrypted configuration program, to decrypt the encrypted configuration program using the first secret configuration key stored in the register, and to configure the programmable array of logic elements with the configuration program, the programmable array when configured with the configuration program being operable to read the encrypted configuration program from the non-volatile store, to decrypt the configuration program using the first secret configuration key provided with the configuration program, to generate a second secret key, to adapt the configuration program by inserting the second secret key into the configuration program, to re-encrypt the adapted configuration program using the first secret configuration key, and to replace the configuration program with the adapted and encrypted configuration program in the non-volatile store, the manufacturing jig being arranged in use: -
to generate the first secret configuration key; to encrypt the configuration program with the first secret configuration key; to load the encrypted configuration program into the non-volatile store of the programmable logic device; and to load the register of the programmable logic device with the first secret configuration key.
-
-
14. An apparatus for programming a programmable logic device, the programmable logic device comprising a programmable array of logic elements, and a hardware decryption processor including a register having stored therein a first secret configuration key, and a non-volatile store being arranged to store a configuration program which has been encrypted with the first secret configuration key, the apparatus comprising:
-
means for providing the configuration program with the first secret configuration key; means for reading the encrypted configuration program from the non-volatile store; means for decrypting the encrypted configuration program using the first secret configuration key stored in the register; and means for configuring the programmable array of logic elements with the configuration program, the programmable array when configured with the configuration program including means for reading the encrypted configuration program from the non-volatile store, means for decrypting the configuration program using the first secret configuration key provided with the configuration program, means for generating a second secret key, means for adapting the configuration program by inserting the second secret key into the configuration program, means for re-encrypting the adapted configuration program using the first secret configuration key, and means for replacing the configuration program with the adapted and encrypted configuration program in the non-volatile store.
-
Specification