One-time programmable memories for key storage
First Claim
1. A method of preventing an unauthorized access of an integrated circuit, the method comprising:
- receiving information at a first circuit of the integrated circuit,providing the information to a memory on the integrated circuit;
asserting a write enable signal for the memory using a second circuit;
writing the information to the memory at a first input of the memory; and
thenpermanently preventing the memory from receiving, at a second input, another write enable signal after the information is stored in the memory, wherein the information is an encoding key used to de code an encrypted configuration bitstream for configuring an integrated circuit, and wherein permanently preventing the memory from receiving another write enable signal is accomplished by disabling the second circuit,determining whether the second circuit is disabled, andif the second circuit is disabled, then reading the key from the memory;
elsepreventing the integrated circuit from being configured using the encrypted configuration bitstream.
1 Assignment
0 Petitions
Accused Products
Abstract
Circuits, methods, and apparatus that store and prevent modification or erasure of stored encoding keys, serial identification numbers, or other information. An encoding key stored with an embodiment of the present invention may be used to decode a configuration bitstream on an integrated circuit, such as an FPGA. A serial number may be used to track or authenticate an integrated circuit. Embodiments of the present invention store this information in a memory such as an SRAM, DRAM, EPROM, EEPROM, flash, fuse array, or other type of memory. In order to prevent its erasure or modification, write enable circuitry for the memory is then permanently disabled, and if the memory is volatile, a continuous power supply is provided. Further refinements verify that the write enable circuitry has been disabled before allowing the device to be configured or to be operable.
41 Citations
14 Claims
-
1. A method of preventing an unauthorized access of an integrated circuit, the method comprising:
-
receiving information at a first circuit of the integrated circuit, providing the information to a memory on the integrated circuit; asserting a write enable signal for the memory using a second circuit; writing the information to the memory at a first input of the memory; and
thenpermanently preventing the memory from receiving, at a second input, another write enable signal after the information is stored in the memory, wherein the information is an encoding key used to de code an encrypted configuration bitstream for configuring an integrated circuit, and wherein permanently preventing the memory from receiving another write enable signal is accomplished by disabling the second circuit, determining whether the second circuit is disabled, and if the second circuit is disabled, then reading the key from the memory;
elsepreventing the integrated circuit from being configured using the encrypted configuration bitstream. - View Dependent Claims (2, 3, 4, 5)
-
-
6. An integrated circuit comprising:
-
a first circuit configured to receive information; a memory configured to receive the information from the first circuit and store the information when a signal on a write enable line is asserted, wherein the information is received at a first input of the memory; a second circuit configured to assert the signal on the write enable line, wherein the asserted signal is adapted to change a voltage value on the write enable line in order to turn on a component of the memory; and a third circuit configured to allow or prevent the memory from receiving, at a second input, the asserted signal on the write enable line, wherein the first input of the memory is a different input than the second input of the memory, and wherein the third circuit permanently prevents the memory from receiving an asserted signal on the write enable line after the information is stored in the memory, wherein the third circuit comprises a logic gate including; a first input that receives the asserted signal from the second circuit; a second input that is coupled with a fourth circuit having a fuse element, the second input being different than the first input; and an output coupled with the second input of the memory, wherein a state of the fuse element controls whether the memory receives the asserted signal on the write enable line. - View Dependent Claims (7, 8, 9, 10, 11, 12, 13, 14)
-
Specification