Method and circuit for secure definition and integration of cores

US 8,417,965 B1
Filed: 04/07/2010
Issued: 04/09/2013
Est. Priority Date: 04/07/2010
Status: Active Grant

First Claim

Patent Images

1. A method for the secured use of a core using a block diagram based design tool, the method comprising:

obtaining, by a processor, a core development package including;

an encrypted core; and

a decryption key for the encrypted core, the decryption key encrypted with an asymmetric cipher;

transmitting the core development package from the design tool to a trusted platform module;

decrypting the decryption key with a private key of the asymmetric cipher by the trusted platform module;

decrypting the encrypted core by the trusted platform module using the decryption key; and

performing one or more design tool operations using the decrypted core.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An embodiment of the present invention provides a method and circuit for secure definition and integration of a core into a circuit design without exposing the core. In one embodiment, a core development package is obtained. The core development package includes an encrypted core and a decryption key of the encrypted core. The decryption key is encrypted with an asymmetric cipher. The encrypted core is transmitted from the design tool to a trusted platform module. The decryption key is decrypted with a private key of the asymmetric cipher. The encrypted core is decrypted within the trusted platform module. One or more design tool operations are performed using the decrypted core.

Citations

20 Claims

1. A method for the secured use of a core using a block diagram based design tool, the method comprising:
- obtaining, by a processor, a core development package including;
  
  an encrypted core; and
  
  a decryption key for the encrypted core, the decryption key encrypted with an asymmetric cipher;
  
  transmitting the core development package from the design tool to a trusted platform module;
  
  decrypting the decryption key with a private key of the asymmetric cipher by the trusted platform module;
  
  decrypting the encrypted core by the trusted platform module using the decryption key; and
  
  performing one or more design tool operations using the decrypted core.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 2. The method of claim 1, wherein the asymmetric cipher includes a public key corresponding to the trusted platform module.
  - 3. The method of claim 2, further comprising transmitting the private key corresponding to the public key from the design tool to the trusted platform module.
  - 4. The method of claim 1, wherein the core development package further includes a blackbox interface module defining input and output pins of the core.
  - 5. The method of claim 4, further comprising incorporating the blackbox interface module into a block diagram design model.
  - 6. The method of claim 1, further comprising:
    - generating a blackbox interface module within the trusted platform module from the decrypted core, the blackbox interface module including a definition of input and output pins of the core;
      
      transmitting the blackbox interface module to the design tool; and
      
      incorporating the blackbox interface module into the block diagram design model.
  - 7. The method of claim 1, wherein the one or more design tool operations are performed within the trusted platform module.
  - 8. The method of claim 1, further comprising performing co-simulation of the core within the trusted platform module.
  - 9. The method of claim 8, wherein performing co-simulation includes:
    - transmitting simulation input corresponding to input pins of the core to the trusted platform module;
      
      simulating the core within the trusted platform module to produce an output; and
      
      transmitting the output to the design tool.
  - 10. The method of claim 9, wherein the performing co-simulation further includes performing timing simulation of the core within the design tool.
  - 11. The method of claim 1, wherein performing one or more design tool operations using the decrypted core includes:
    - transmitting the decrypted core to the design tool over a secure communication channel; and
      
      incorporating the decrypted core into a netlist of a block level design model.
  - 12. The method of claim 1, wherein performing one or more design tool operations using the decrypted core includes:
    - transmitting a netlist of a block level design model to the trusted platform module over a secure communication channel;
      
      incorporating the decrypted core into the netlist; and
      
      transmitting the netlist, after incorporating the decrypted core, to the design tool over the secure communication channel.
  - 13. The method of claim 12, further comprising creating an encrypted bitstream from the netlist after incorporating the decrypted core.
  - 14. The method of claim 1, wherein performing one or more design tool operations using the decrypted core includes:
    - transmitting a netlist of a block level design model to the trusted platform module over a secure communication channel;
      
      incorporating the decrypted core into the netlist;
      
      creating an encrypted bitstream from the netlist after incorporating the decrypted core; and
      
      transmitting the encrypted bitstream to the design tool over the secure communication channel.
  - 15. The method of claim 1, wherein the trusted platform module is an external device coupled to interact with the design tool through an I/O interface.
  - 16. The method of claim 1, wherein the trusted platform module is an onboard secure processing device.
  - 17. The method of claim 1, wherein the trusted platform module is an external server.

18. A system for core distribution, comprising:
- a first processor, a second processor, and a storage unit coupled to a common bus;
  
  wherein;
  
  an asymmetric private key is stored in the storage unit;
  
  the first processor is configured to receive a secure core development package including an encrypted core and a decryption key for the encrypted core, the decryption key encrypted with an asymmetric public key corresponding to the private key; and
  
  the second processor is configured to;
  
  decrypt the decryption key with the private key; and
  
  decrypt the encrypted core with the decrypted decryption key;
  
  wherein the first processor is configured to perform one or more design tool functions using the decrypted core, in response to a signal received from a design tool, and produce an output.

19. A method for secure distribution of a core, comprising:
- receiving, by a processor, a request for a core, the request including;
  
  a core indicator; and
  
  a trusted platform module serial number;
  
  encrypting a core corresponding to the core indicator with a symmetric cipher;
  
  retrieving an asymmetric public key of an asymmetric cipher and corresponding to the serial number; and
  
  encrypting a decryption key corresponding to the symmetric cipher with the asymmetric public key;
  
  wherein the trusted platform module serial number corresponds to a trusted platform module that is configured to;
  
  receive the encrypted core and encrypted decryption key;
  
  decrypt the decryption key with a private key of the asymmetric cipher by the trusted platform module;
  
  decrypt the encrypted core by the trusted platform module; and
  
  perform one or more design tool operations using the decrypted core.
- View Dependent Claims (20)
- - 20. The method of claim 19, wherein:
    - the request for a core is received from a customer design tool; and
      
      delivering the encrypted core and encrypted decryption key includes transmitting the encrypted core and encrypted decryption key to the customer design tool.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Xilinx, Inc. (Advanced Micro Devices, Inc.)
Original Assignee
Xilinx, Inc. (Advanced Micro Devices, Inc.)
Inventors
Sundararajan, Arvind, Chan, Chi Bun, Shirazi, Nabeel
Primary Examiner(s)
KOSOWSKI, CAROLYN M

Application Number

US12/755,760
Time in Patent Office

1,098 Days
Field of Search

713/150, 713/187, 713/189
US Class Current

713/189
CPC Class Codes

G06F 11/3664   Environments for testing or...

G06F 2115/08   Intellectual property [IP] ...

G06F 30/327   Logic synthesis; Behaviour ...

G06F 30/34   for reconfigurable circuits...

G06F 30/347   Physical level, e.g. placem...

H04L 63/0478   applying multiple layers of...

H04L 9/0825   using asymmetric-key encryp...

H04L 9/0877   using additional device, e....

Method and circuit for secure definition and integration of cores

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Method and circuit for secure definition and integration of cores

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links