FPGA Central

In article <[email protected]>,
Matthew Hicks <[email protected]> wrote:
>In FPGAs, configurations can be stored in Flash in an encrypted format that
>only the FPGA to be configured has the key to . During configuration, the
>FPGA does the encryption, so even data over the Flash to FPGA channel is
>secure. How the FPGA keeps it's key secure, I don't remember. Maybe there
>is an analogue to this in MCU land.

Specifically Altera Statrix-II FPGAs have AES 128 decryption and OTP (fuse)
non-readable key storage for the configuration bitstream.

So: run Linux on a NIOS soft core in one of these FPGAs. Encrypt the code
in flash. Add decryption units with keys to the memory interfaces (or limit
yourself to the memory built into the FPGA). The decyption unit and keys
are encrypted in the Stratix-II bitstream, so they can't be read.

Even if you were able to read the fuse settings somehow, you would then have
to reverse-engineer the undocumented bit-stream format.

I think this is all bad, except for protecting nuclear weapons. There would
be no hacked iPhones if its firmware was encrypted this well. Vernor
Vinge's _Rainbow's End_ told about a computer engineer who could no longer
tinker with hardware due to her invention of a secure hardware environment.
--
/* [email protected] AB1GO */ /* Joseph H. Allen */
int a[1817];main(z,p,q,r){for(p=80;q+p-80;p-=2*a[p])for(z=9;z--q=3&(r=time(0)
+r*57)/7,q=q?q-1?q-2?1-p%79?-1:0%79-77?1:0<1659?79:0>158?-79:0,q?!a[p+q*2
]?a[p+=a[p+=q]=q]=q:0:0;for(;q++-1817printf(q%79?"%c":"%c\n"," #"[!a[q-1]]);}

Nothing's ever completely secure, it just gets more difficult to
crack.

A platform depending on an encrypted code memory interface can be
vulnerable in many ways. For example, when the code memory interface
doesn't also authenticate.

Regards,
Marc