Securely coupling an FPGA to a security IC

US 7,792,302 B2
Filed: 02/01/2007
Issued: 09/07/2010
Est. Priority Date: 02/01/2006
Status: Active Grant

First Claim

Patent Images

1. A method for securely coupling an FPGA to a security IC comprising:

a. creating a shared secret key, said shared secret key configured for the negotiation of session keys;

b. creating a password key;

c. generating an encrypted shared secret key by encrypting said shared secret key with said password key;

d. incorporating said encrypted shared secret key into an FPGA net list;

e. programming said FPGA using said FPGA net list;

f. transmitting said password key from said security IC to said FPGA; and

g. said FPGA;

i. obtaining said shared secret key by decrypting said encrypted shared secret key; and

ii. storing said shared secret key in at least one volatile memory location.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Disclosed is a mechanism for securely coupling a security IC and an FPGA. This mechanism creates a shared secret key; creates a password key; generates an encrypted shared secret key by encrypting the “shared secret key” with the password key; incorporates the “encrypted shared secret key” into an FPGA net list; programs the FPGA using the “FPGA net list”; transmits the “password key” from the security IC to the FPGA; allowing the FPGA to: obtain the “shared secret key” by decrypting the “encrypted shared secret key”; and store the “shared secret key” in at least one volatile memory location.

5 Citations

View as Search Results

18 Claims

1. A method for securely coupling an FPGA to a security IC comprising:
- a. creating a shared secret key, said shared secret key configured for the negotiation of session keys;
  
  b. creating a password key;
  
  c. generating an encrypted shared secret key by encrypting said shared secret key with said password key;
  
  d. incorporating said encrypted shared secret key into an FPGA net list;
  
  e. programming said FPGA using said FPGA net list;
  
  f. transmitting said password key from said security IC to said FPGA; and
  
  g. said FPGA;
  
  i. obtaining said shared secret key by decrypting said encrypted shared secret key; and
  
  ii. storing said shared secret key in at least one volatile memory location.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method according to claim 1, wherein said shared secret key is a plain text shared secret key.
  - 3. The method according to claim 1, wherein steps 1.a through 1.f are performed using initialization code located on said security IC.
  - 4. The method according to claim 1, wherein step 1.f is performed in response to said security IC and said FPGA transitioning from an unpowered state to a powered state.
  - 5. The method according to claim 1, further including the steps of:
    - a. erasing said password key on said security IC; and
      
      b. erasing said shared secret key on said security IC″
      
      .
  - 6. The method according to claim 1, further including the step of erasing said at least one volatile memory location on said FPGA.
  - 7. The method according to claim 6, wherein said step in claim 6 is performed in response to a zeroization command.
  - 8. The method according to claim 6, wherein step in claim 6 is performed in response to said FPGA transitioning from a powered state to an unpowered state.

9. A module containing an FPGA securely coupled to a security IC using a method comprising the steps of:
- a. creating a shared secret key, said shared secret key configured for the negotiation of session keys;
  
  b. creating a password key;
  
  c. generating an encrypted shared secret key by encrypting said shared secret key with said password key;
  
  d. incorporating said encrypted shared secret key into an FPGA net list;
  
  e. programming said FPGA using said FPGA net list;
  
  f. transmitting said password key from said security IC to said FPGA; and
  
  g. said FPGA;
  
  i. obtaining said shared secret key by decrypting said encrypted shared secret key; and
  
  ii. storing said shared secret key in at least one volatile memory location.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The module according to claim 9, wherein steps 9.a through 9.f are performed using initialization code located on said security IC.
  - 11. The module according to claim 9, wherein step 9.f is performed in response to said security IC and said FPGA transitioning from an unpowered state to a powered state.
  - 12. The module according to claim 9, wherein the method further includes the steps of:
    - a. erasing said password key on said security IC; and
      
      b. erasing said shared secret key on said security IC.
  - 13. The module according to claim 9, wherein the method further includes erasing said at least one volatile memory location on said FPGA.
  - 14. The module according to claim 13, wherein erasing said at least one volatile memory location on said FPGA is performed in response to a zeroization command.
  - 15. The module according to claim 14, wherein said zeroization command is generated in response to tamper detection.
  - 16. The module according to claim 13, wherein erasing said at least one volatile memory location on said FPGA is performed in response to said FPGA transitioning from a powered state to an unpowered state.

17. A device for securely coupling an FPGA to a security IC comprising:
- a. an interface configured to communicate with said FPGA and said security IC; and
  
  b. a controller, said controller configured to perform the steps of;
  
  i. creating a shared secret key, said shared secret key configured for the negotiation of session keys;
  
  ii. creating a password key;
  
  iii. generating an encrypted shared secret key by encrypting said shared secret key with said password key;
  
  iv. incorporating said encrypted shared secret key into an FPGA net list; and
  
  v. programming the FPGA using said FPGA net list;
  
  thereby enabling;
  
  c. said security IC to transmit said password key to said FPGA; and
  
  d. said FPGA;
  
  i. to obtain said shared secret key by decrypting said encrypted shared secret key; and
  
  ii. to store said shared secret key in at least one volatile memory location.
- View Dependent Claims (18)
- - 18. The method according to claim 17, wherein step 17.b is performed at the approximate time that said FPGA transitions from a powered state to an unpowered state.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Dolby Laboratories Licensing Corporation (Dolby Laboratories Incorporated)
Original Assignee
Dolby Laboratories Licensing Corporation (Dolby Laboratories Incorporated)
Inventors
Oren, Joseph Eugene, Sampson, Greg, Alexander, Daxon
Primary Examiner(s)
Bui; Kieu Oanh
Assistant Examiner(s)
LAUZON, THOMAS C

Application Number

US11/670,378
Publication Number

US 20070204170A1
Time in Patent Office

1,314 Days
Field of Search

380/277, 380/283, 380/284, 380/286, 713/193, 716/16, 716/17
US Class Current

380/277
CPC Class Codes

G06F 21/72   in cryptographic circuits

G06F 21/76   in application-specific int...

H04L 9/0822   using key encryption key

H04L 9/083   involving central third par...

Securely coupling an FPGA to a security IC

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

5 Citations

18 Claims

Specification

Use Cases

Quick Links

Others

Securely coupling an FPGA to a security IC

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

5 Citations

18 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others