Intel® Quartus® Prime Software
Intel® Quartus® Prime Design Software, Design Entry, Synthesis, Simulation, Verification, Timing Analysis, System Design (Platform Designer, formerly Qsys)
16886 Discusiones

Encrypted Key Programming file security

RVCA
Principiante
‎05-04-2023 01:16 AM
998 Vistas

During production we program a Primary Encryption Key into our Arria10-based devices using a JAM™ Standard Test and Programming Language (STAPL) Format (.jam) file, generated from an Encrypted Key Programming (.ekp) file.

These files are generated on our secure signing and encryption server. It is not workable to have the production systems contact this server to generate the files for each board we produce, so these are stored locally on a server in our production environment. The only guidance Intel provides here is a recommendation to "keep these files confidential".

As we are assessing the security of our production systems, we would like to know the impact of an attacker gaining access to these files. Would it be feasible to extract the plaintext encryption keys from them? Or is the risk limited to creation of counterfeit products using our keys?

0 kudos

Enlace copiado

4 Respuestas
NurAiman_M_Intel
Empleados
‎05-08-2023 01:42 AM
936 Vistas

Hi,


Thank you for contacting Intel community.


Keeping the ekp file secure is recommended. However, the impact of an attacker gaining access to these files are beyond our scope as this is related to your security system. If anyone has the access to the ekp file, they may have access to the programming file.


Regards,

Aiman


0 kudos
Copiar enlace
RVCA
Principiante
‎05-08-2023 07:11 AM
928 Vistas
En respuesta a NurAiman_M_Intel

That's not really answering my questions. I know you can't judge the full impact, but can you at least provide some guidance on how the .ekp file protects the keys?

En respuesta a NurAiman_M_Intel
0 kudos
Copiar enlace
NurAiman_M_Intel
Empleados
‎05-12-2023 01:51 AM
870 Vistas

Hi,


Apologize if my previous response did not answer to your question.


Th design was encrypted by enabling the design security. Hence the .ekp file is the key to decrypt the design that has been secure. That is the reason why the .ekp file must be kept confidential.


Let me know if you need further information.


Regards,

Aiman


0 kudos
Copiar enlace
NurAiman_M_Intel
Empleados
‎05-17-2023 06:16 PM
804 Vistas

We do not receive any response from you to the previous answer that I have provided. This thread will be transitioned to community support. If you have a new question, feel free to open a new thread to get the support from Intel experts. Otherwise, the community users will continue to help you on this thread. Thank you


0 kudos
Copiar enlace
Responder

La asistencia de la comunidad se proporciona de lunes a viernes. Existen otros métodos de contacto disponibles aquí.

Intel no verifica todas las soluciones, como las transferencias de archivos, entre otras, que puedan aparecer en esta comunidad. Por consiguiente, Intel renuncia a todas las garantías expresas e implícitas, incluidas, entre otras, las garantías implícitas de comerciabilidad, idoneidad para un propósito particular y cumplimiento, así como cualquier garantía derivada del transcurso de la ejecución, de la negociación o del uso en el comercio.

Para obtener información más completa sobre las optimizaciones del compilador, consulte nuestro Aviso de optimización.