Memory protects FPGAs for <$1
25 July 2008
Maxim's 1-Wire secure memory
Instead of using an expensive security mechanism, FPGAs can be protected with Maxim’s 1-Wire secure memory (www.maxim-ic.com). It has already been used by Altera in its Cyclone II and III FPGAs.
The 1-wire provides, claims the company, robust FPGA security for less than $1.00.
It integrates the SHA-1 (Secure Hash Algorithms) and the 1-wire interface. The SHA-1 is the public hash protocol, developed by the National Institute of Standards and Technology. The company’s 1-wire bus signalling scheme combines data and power for device operation on a single bus and ground return. This allows designers to add memory, authentication and mixed-signal functions with minimal system interconnect.
The device provides a challenge and response authentication scheme that prevents unauthorised cloning of FPGA designs. The SHA- 1 is a public protocol and is accepted as giving more security than proprietary-based on private algorithms, believes the company. Maxim’s SHA-1-based devices can be distributed around the world as they are claimed to have significantly lower export restrictions, compared to encryption-based algorithms.
The IFF (identify friend or foe) authentication sequence between the FPGA and a 1-Wire secure memory device differentiates between an authorised and a cloned environment. Only an authorised environment has the 1-wire secure memory with the OEM secret key. Once the FPGA is able to verify that it is communicating with an authorised environment, it transitions to normal operation by enabling all the functions defined by the customer-specific configuration code, stored in the SRAM.
However, if authentication fails, the FPGA can disable the system operation or set it to reduced functionality.
The FPGA security reference design is available at www.altera.com.
Contact Details and Archive...