Community
cancel
Showing results for 
Search instead for 
Did you mean: 
TMayd
Beginner
1,425 Views

Can you use the non-volatile key from the FPGA (Cyclone V) in a design?

Jump to solution

So we would like to use the fused non-volatile key in the Cyclone V to provide our application with a seed for an SHA-256 algorithm. It's not clear to me if you can set this fuse and then access the value internally in the FPGA design? Primarily it would be nice to have a permanent secret key so that when we update the devices it doesn't need a specific bitstream file for each FPGA. Or am I misunderstanding the encrypted FPGA programming?

0 Kudos
1 Solution
Nooraini_Y_Intel
Employee
134 Views
Hi TMayd, Yes, the programmed non-volatile key is use to decrypt the configuration bitstream during the configuration process. The general process flow is shown in figure 1 from AN556. Once you program the non-volatile key, is it OTP, there is no way to repogram with a different value. You can generate multiple key files and encrypted image files . However once you program the non-volatile key into Cyclone V, the decryption engine can only decrypt the matching encrypted image. Regards, Nooraini

View solution in original post

3 Replies
Nooraini_Y_Intel
Employee
134 Views
Hi TMayd, Yes, you can program a non-volatile key into the Cyclone V device. However the programmed key information cannot be read out since it is program into the polyfuse and not a register. For detials, you can refer to AN556:Using the Design Security Features in Intel® FPGAs document in the following link: https://www.intel.com/content/dam/www/programmable/us/en/pdfs/literature/an/an556.pdf Regards, Nooraini
TMayd
Beginner
134 Views

Hi, so since the value is not a register it's only primary use is de-encrypting the bit file? I can't use this value in a design to have a fixed value that won't change with a new bit file?

Nooraini_Y_Intel
Employee
135 Views
Hi TMayd, Yes, the programmed non-volatile key is use to decrypt the configuration bitstream during the configuration process. The general process flow is shown in figure 1 from AN556. Once you program the non-volatile key, is it OTP, there is no way to repogram with a different value. You can generate multiple key files and encrypted image files . However once you program the non-volatile key into Cyclone V, the decryption engine can only decrypt the matching encrypted image. Regards, Nooraini

View solution in original post

Reply