Forum Discussion

Altera_Forum's avatar
Altera_Forum
Icon for Honored Contributor rankHonored Contributor
15 years ago

Prohibited of the Cyclone III LS FPGA configuration with an encrypted bitstream.

Hi,

I’m currently using the cyclone III LS FPGA development kit. I have already configured the FPGA with an encrypted bitstream. Thus, I would like to know if it is possible to prohibit the configuration of FPGA with an unencrypted bitstream when an AES key is programmed on the FPGA.

I read the Cyclone III handbook that shows available security modes but in the page 9-76 I don’t really understand the meaning of the following sentences:

--- Quote Start ---

“Secure operation with volatile key programmed and required external battery - this mode accepts both encrypted and unencrypted configuration bitstreams. Use the unencrypted configuration bitstream support for board-level testing only”.

--- Quote End ---

What do you mean “board-level testing” in my case?

Thank you for your help.

5 Replies

  • Altera_Forum's avatar
    Altera_Forum
    Icon for Honored Contributor rankHonored Contributor
    15 years ago

    sounds like you should be able to use an unencrypted bitstream to configure the FPGA even when the AES key is programmed, but its only recommended during your testing/design phase, otherwise you aren't taking advantage of the security feature

  • Altera_Forum's avatar
    Altera_Forum
    Icon for Honored Contributor rankHonored Contributor
    15 years ago

    I agree with you but what are the conditions to prohibit the configuration of FPGA with an unencrypted bitstream when the AES key is programmed ?

  • Altera_Forum's avatar
    Altera_Forum
    Icon for Honored Contributor rankHonored Contributor
    15 years ago

    from your original quote i don't think there would be any. did you find otherwise?

  • Altera_Forum's avatar
    Altera_Forum
    Icon for Honored Contributor rankHonored Contributor
    15 years ago

    The purpose of configuration bitstream encryption is protection of the IP. It's obviously not intentended to restrict the usage of unencrypted configuration bitstreams.

  • Altera_Forum's avatar
    Altera_Forum
    Icon for Honored Contributor rankHonored Contributor
    15 years ago

    Ok!

    Reading the Cyclone III handbook, I thought that we could prevent the configuration of FPGA with an unencrypted bitstream when the volatile key is previously programmed.

    Anyway thank for your help!