Gelöst: Re: Re:Arria 10 flash security

Giz2020 · ‎09-15-2022

Hello,

We're using Arria 10 with EPCQ device, and looking for solutions to protect the EPCQ content.

The EPCQ is used for holding both the configuration bitstream and also other data.

Configuration bitstream can be encrypted using the Design secure feature. Is there an option to use the same key for encrypting the other data that we store on the EPCQ?

Thanks!

YuanLi_S_Intel · ‎09-22-2022

Regarding to question 2, no we cant access to the AES modules.

Lösung in ursprünglichem Beitrag anzeigen

YuanLi_S_Intel · ‎09-19-2022

Hi, yes you may encrypt the new design file with the same key. In fact, you can only program the design file encrypted with the same key.

Giz2020 · ‎09-19-2022

Hi,

Thank you for your reply.

I didn't mean a new design file, but other data that we store on the flash.

During operation, nios read/write data from/to the flash. Is there an option to encrypt this data using the existing mechanism that deals with flash encryption (Design secure feature), or we need to use another encryption block to be in the middle between nios and flash?

YuanLi_S_Intel · ‎09-20-2022

Are you saying that you want to write the encrypted bitstream using NIOS into flash? If it so, need to use the existing mechanism.

Giz2020 · ‎09-21-2022

No, I'm not talking about the bitstream.

I'll try to be more clear.

Our flash contains the following 2 logical sections:

1. Configuration bitstream (i.e. FPGA image / the bitstream that is loaded into flash at power on)

2. Our proprietary data (parameters that nios is using during operation, log events, etc.)

All clear regarding section 1:

We can use the Design secure feature - AES algorithm modules built in the FPGA.

Questions regarding section 2:

Is there an option to use the AES modules, that are already exist inside the FPGA, for encryption/decryption of arbitrary data?

Do we have access to the AES modules?

YuanLi_S_Intel · ‎09-22-2022

Regarding to question 2, no we cant access to the AES modules.