Programmable Devices
CPLDs, FPGAs, SoC FPGAs, Configuration, and Transceivers
20964 Discussions

FPGA non-volatile key and tamper bit protection

Jpascal
Beginner
1,472 Views

Hi,

To implement security feature on Cyclone V, I am following this application note :

https://www.intel.com/content/www/us/en/docs/programmable/683269/current/using-the-design-security-features-in-fpgas.html

Everything worked fine so far, then I flashed a .ekp file including a non-volatile encryption key and activation of tamper bit protection. And then I lost power supply.

When I restarted Cyclone V, I found out that at power-up, JTAG is in secure mode due to previous tamper bit activation. So I can't reprogram it through external JTAG interface.

The FPGA is connected to a EPCQ-A on my board that I can program through AS port. However, my understanding is that FPGA can now be configured only by an encrypted file. Because I am not able to store an encryption key in the FPGA (due to JTAG secure mode), I can't decrypt the file I flash in EPCQ.

It seems that I am stuck in a vicious circle. Is there a way to flash a non-volatile/volatile key to  solve this ? A way to disable JTAG secure mode ? Should I buy a new SoC ?

Thanks for helping

Labels (1)
0 Kudos
1 Solution
NurAiman_M_Intel
Employee
1,204 Views

Hi,


Apologies for the delay in response as I was checking this with our internal team.


The conclusion after discussed with engineering is when the tamper resistance bit is set, that means the device will accept only encrypted POF. Therefore, you can’t reprogram the key.


Since they key is lost and unable to reprogram the key, the device is unable to program.


Regards,

Aiman


View solution in original post

0 Kudos
9 Replies
NurAiman_M_Intel
Employee
1,421 Views

Hi,


Per my understanding, the flash has been encrypted not the FPGA?

I am checking internally if we can recover the flash without the key. I will let you know once I get the findings.


Regards,

Aiman


0 Kudos
Jpascal
Beginner
1,417 Views

Hi,

Thank you for answering.

I'm sorry if my primary post isn't clear enough. I can access the EPCQ through its serial interface so it's really not the problem here.

My problem is :

Because I activated tamper-protection, FPGA only accepts encrypted configuration file. I need to program a key on FPGA to decrypt configuration file but I can't do this because JTAG is in secure mode. So I can't program FPGA with .ekp file.

I'm looking for a way to flash a key on FPGA, to be able to program FPGA with a configuration file.

 

0 Kudos
NurAiman_M_Intel
Employee
1,386 Views

Hi,


Please try to disable JTAG secure mode by issue the UNLOCK instruction

https://www.intel.com/content/www/us/en/docs/programmable/683375/current/jtag-secure-mode-91182.html


Regards,

Aiman


0 Kudos
Jpascal
Beginner
1,365 Views

Hi,

I have a 28nm device

Considering this part of AN556 :

Jpascal_0-1692170142819.png

I can only issue UNLOCK instruction using internal JTAG interface. My understanding is that interface can only be enabled by including a specific IP in FPGA design. Since I can't configure FPGA anymore, it is the same problem...

Regards

0 Kudos
Jpascal
Beginner
1,355 Views

I just realized that I my primary post, I made a mistake. I talked about non-volatile key, which is not correct. I configured FPGA for a volatile key.

My issue still remains but I just wanted to correct my mistake  and it seems I can't edit my post.

0 Kudos
NurAiman_M_Intel
Employee
1,287 Views

Hi,


-What are the process that you can do and you cannot do now?

-Can you program JTAG, AS?

-Per my understanding, you cannot load the design into FPGA through due to you do not have the key? You can try to replace the flash and program again.


Regards,

Aiman


0 Kudos
Jpascal
Beginner
1,275 Views

Hi,

  • What are the process that you can do and you cannot do now?

What I can do : Flash FPGA configuration file in EPCQ

What I cannot do : Load a design into FPGA and program encryption key

 

  • Can you program JTAG, AS?

I can program EPCQ with AS. I cannot program FPGA with JTAG because JTAG is in secure mode.

 

  • Per my understanding, you cannot load the design into FPGA through due to you do not have the key? You can try to replace the flash and program again

Indeed I cannot load the design into FPGA but it has nothing to do with the flash.

 

My problem seems to be confusing so I will try to explain it again through a user case :

  1. I try to load an unencrypted design into FPGA but it doesn't work. Why ?
  2. Because I activated tamper bit protection (which is irreversible). What does tamper bit protection mean ?
  3. It means that only encrypted FPGA configuration files are accepted. No worry ! I just have to encrypt my design. I do it but FPGA configuration step fails. Why ?
  4. Because FPGA needs the encryption key to be able to decrypt the design. Let's try to program this key on FPGA. It fails. Why ?
  5. Because JTAG is in secure mode. What does JTAG secure mode means ?
  6. It means that I cannot program a device and I can only issue mandatory JTAG commands. Why is JTAG in secure mode ?
  7. Because I activated it when I enabled tamper bit protection. Is there a way to disable JTAG secure mode ?
  8. Yes ! There is one way : by issuing UNLOCK command. For 28nm devices (my device), you can only issue UNLOCK command through JTAG internal interface. How do I access JTAG internal interface ?
  9. By adding a specific module in my FPGA design. Let's do this and configure FPGA with this new design. Configuration fails. Why ?
  10. Back to step 1 : I cannot load a design into FPGA.

The question is : Considering this tamper bit activation, is there a way to configure FPGA ? Or a way to program a key ? Anything that could allow me to configure FPGA

 

 

 

 

 

0 Kudos
NurAiman_M_Intel
Employee
1,205 Views

Hi,


Apologies for the delay in response as I was checking this with our internal team.


The conclusion after discussed with engineering is when the tamper resistance bit is set, that means the device will accept only encrypted POF. Therefore, you can’t reprogram the key.


Since they key is lost and unable to reprogram the key, the device is unable to program.


Regards,

Aiman


0 Kudos
NurAiman_M_Intel
Employee
1,125 Views

We do not receive any response from you to the previous answer that I have provided. This thread will be transitioned to community support. If you have a new question, feel free to open a new thread to get the support from Intel experts. Otherwise, the community users will continue to help you on this thread. Thank you


0 Kudos
Reply