Securely Coupling an FPGA to a Security IC

US 20070204170A1
Filed: 02/01/2007
Published: 08/30/2007
Est. Priority Date: 02/01/2006
Status: Active Grant

First Claim

Patent Images

1. A method for securely coupling an FPGA to a security IC comprising:

a. creating a shared secret key;

b. creating a password key;

c. generating an encrypted shared secret key by encrypting said “

shared secret key”

with said password key;

d. incorporating said “

encrypted shared secret key”

into an FPGA net list;

e. programming said FPGA using said “

FPGA net list;

”

f. transmitting said “

password key”

from said security IC to said FPGA; and

g. said FPGA;

i. obtaining said “

shared secret key”

by decrypting said “

encrypted shared secret key;

” and

ii. storing said “

shared secret key”

in at least one volatile memory location.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Disclosed is a mechanism for securely coupling a security IC and an FPGA. This mechanism creates a shared secret key; creates a password key; generates an encrypted shared secret key by encrypting the “shared secret key” with the password key; incorporates the “encrypted shared secret key” into an FPGA net list; programs the FPGA using the “FPGA net list”; transmits the “password key” from the security IC to the FPGA; allowing the FPGA to: obtain the “shared secret key” by decrypting the “encrypted shared secret key”; and store the “shared secret key” in at least one volatile memory location.

23 Citations

View as Search Results

18 Claims

1. A method for securely coupling an FPGA to a security IC comprising:
- a. creating a shared secret key;
  
  b. creating a password key;
  
  c. generating an encrypted shared secret key by encrypting said “
  
  shared secret key”
  
  with said password key;
  
  d. incorporating said “
  
  encrypted shared secret key”
  
  into an FPGA net list;
  
  e. programming said FPGA using said “
  
  FPGA net list;
  
  ”
  
  f. transmitting said “
  
  password key”
  
  from said security IC to said FPGA; and
  
  g. said FPGA;
  
  i. obtaining said “
  
  shared secret key”
  
  by decrypting said “
  
  encrypted shared secret key;
  
  ” and
  
  ii. storing said “
  
  shared secret key”
  
  in at least one volatile memory location.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method according to claim 1, wherein said “
    - shared secret key”
      
      is a plain text shared secret key.
  - 3. The method according to claim 1, wherein steps 1.a through 1.f are performed using initialization code located on said security IC.
  - 4. The method according to claim 1, wherein step 1.f is performed in response to said security IC and said FPGA transitioning from an unpowered state to a powered state.
  - 5. The method according to claim 1, further including the steps of:
    - a. erasing said “
      
      password key”
      
      on said security IC; and
      
      b. erasing said “
      
      shared secret key”
      
      on said security IC”
      
      .
  - 6. The method according to claim 1, further including the step of erasing said “
    - at least one volatile memory location”
      
      on said FPGA.
  - 7. The method according to claim 6, wherein said step in claim 6 is performed in response to a zeroization command.
  - 8. The method according to claim 6, wherein step in claim 6 is performed in response to said FPGA transitioning from a powered state to an unpowered state.

9. A module containing an FPGA securely coupled to a security IC using a method comprising the steps of:
- a. creating a shared secret key;
  
  b. creating a password key;
  
  c. generating an encrypted shared secret key by encrypting said “
  
  shared secret key”
  
  with said password key;
  
  d. incorporating said “
  
  encrypted shared secret key”
  
  into an FPGA net list;
  
  e. programming said FPGA using said “
  
  FPGA net list”
  
  ;
  
  f. transmitting said “
  
  password key”
  
  from said security IC to said FPGA; and
  
  g. said FPGA;
  
  i. obtaining said “
  
  shared secret key”
  
  by decrypting said “
  
  encrypted shared secret key”
  
  ; and
  
  ii. storing said “
  
  shared secret key”
  
  in at least one volatile memory location.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The module according to claim 9, wherein steps 9.a through 9.f are performed using initialization code located on said security IC.
  - 11. The module according to claim 9, wherein step 9.f is performed in response to said security IC and said FPGA transitioning from an unpowered state to a powered state.
  - 12. The module according to claim 9, wherein the method further includes the steps of:
    - a. erasing said “
      
      password key”
      
      on said security IC; and
      
      b. erasing said “
      
      shared secret key”
      
      on said security IC.”
  - 13. The module according to claim 9, wherein the method further includes erasing said “
    - at least one volatile memory location”
      
      on said FPGA.
  - 14. The method according to claim 13, wherein the step in claim 13 is performed in response to a zeroization command.
  - 15. The method according to claim 14, wherein said zeroization command is generated in response to tamper detection.
  - 16. The method according to claim 13, wherein step in claim 13 is performed in response to said FPGA transitioning from a powered state to an unpowered state.

17. A device for securely coupling an FPGA to a security IC comprising:
- a. an interface configured to communicate with said FPGA and said security IC; and
  
  b. a controller, said “
  
  controller”
  
  configured to perform the steps of;
  
  i. creating a shared secret key;
  
  ii. creating a password key;
  
  iii. generating an encrypted shared secret key by encrypting said “
  
  shared secret key”
  
  with said password key;
  
  iv. incorporating said “
  
  encrypted shared secret key”
  
  into an FPGA net list; and
  
  v. programming the FPGA using said “
  
  FPGA net list;
  
  ”
  
  thereby enabling;
  
  c. said security IC to transmit said “
  
  password key”
  
  to said FPGA; and
  
  d. said FPGA;
  
  i. to obtain said “
  
  shared secret key”
  
  by decrypting said “
  
  encrypted shared secret key;
  
  ” and
  
  ii. to store said “
  
  shared secret key”
  
  in at least one volatile memory location.
- View Dependent Claims (18)
- - 18. The method according to claim 17, wherein step 17.b is performed at the approximate time that said FPGA transitions from a powered state to an unpowered state.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Dolby Laboratories Licensing Corporation (Dolby Laboratories Incorporated)
Original Assignee
Dolby Laboratories Licensing Corporation (Dolby Laboratories Incorporated)
Inventors
Oren, Joseph, Sampson, Greg, Alexander, Daxon

Granted Patent

US 7,792,302 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/189
CPC Class Codes

G06F 21/72   in cryptographic circuits

G06F 21/76   in application-specific int...

H04L 9/0822   using key encryption key

H04L 9/083   involving central third par...

Securely Coupling an FPGA to a Security IC

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

23 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Securely Coupling an FPGA to a Security IC

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

23 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links