EP3254403A1 - Vorrichtung und verfahren zum erzeugen eines schlüssels in einem programmierbaren hardwaremodul - Google Patents
Vorrichtung und verfahren zum erzeugen eines schlüssels in einem programmierbaren hardwaremodulInfo
- Publication number
- EP3254403A1 EP3254403A1 EP16715262.8A EP16715262A EP3254403A1 EP 3254403 A1 EP3254403 A1 EP 3254403A1 EP 16715262 A EP16715262 A EP 16715262A EP 3254403 A1 EP3254403 A1 EP 3254403A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- key
- hardware module
- bitstream
- programmable hardware
- generating
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Ceased
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0877—Generation of secret information including derivation or calculation of cryptographic keys or passwords using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/76—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in application-specific integrated circuits [ASIC] or field-programmable devices, e.g. field-programmable gate arrays [FPGA] or programmable logic devices [PLD]
-
- G—PHYSICS
- G09—EDUCATION; CRYPTOGRAPHY; DISPLAY; ADVERTISING; SEALS
- G09C—CIPHERING OR DECIPHERING APPARATUS FOR CRYPTOGRAPHIC OR OTHER PURPOSES INVOLVING THE NEED FOR SECRECY
- G09C1/00—Apparatus or methods whereby a given sequence of signs, e.g. an intelligible text, is transformed into an unintelligible sequence of signs by transposing the signs or groups of signs or by replacing them by others according to a predetermined system
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- H—ELECTRICITY
- H03—ELECTRONIC CIRCUITRY
- H03K—PULSE TECHNIQUE
- H03K19/00—Logic circuits, i.e. having at least two inputs acting on one output; Inverting circuits
- H03K19/02—Logic circuits, i.e. having at least two inputs acting on one output; Inverting circuits using specified components
- H03K19/173—Logic circuits, i.e. having at least two inputs acting on one output; Inverting circuits using specified components using elementary logic circuits as components
- H03K19/177—Logic circuits, i.e. having at least two inputs acting on one output; Inverting circuits using specified components using elementary logic circuits as components arranged in matrix form
- H03K19/17748—Structural details of configuration resources
- H03K19/17768—Structural details of configuration resources for security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/12—Details relating to cryptographic hardware or logic circuitry
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
Definitions
- the present invention relates to a device for generating a key in a programmable hardware module. Furthermore, the present invention relates to a programmable hardware module having such a device. Moreover, the present invention relates to a method for generating a key in a programmable hardware module.
- Programmable hardware modules such as Field Programmable Gate Arrays (FPGAs) use bitstreams that contain all the configuration settings of the FPGA.
- Application circuits as well as internal secrets for security applications are stored in such a bitstream.
- SRAM-based FPGAs the bitstream is stored externally and loaded during power-up. This means that an attacker can access, analyze and manipulate the bitstream. Therefore, secrets or keys are not stored in such a bit stream.
- keys can be generated by using Physical Unclonable Functions. Keys can be generated from physical properties, such as propagation time differences of signal paths, or hardware circuits.
- an object of the present invention is to provide a key for a FPGA in a simple manner. Accordingly, an apparatus for generating a key in a programmable hardware module is proposed, wherein the programmable hardware module comprises a bitstream having configuration settings of the programmable hardware module Contains hardware module.
- the apparatus comprises a readout unit for reading out at least part of the bitstream, a generation unit for generating a key based on a cryptographic function and the at least part of the bitstream, and a memory unit for storing the generated key.
- the respective unit for example read-out unit or generation unit, can be implemented in terms of hardware and / or software technology.
- the respective unit may be designed as a device or as part of a device, for example as a computer or as a microprocessor or as a control computer of a vehicle.
- the respective unit may be designed as a computer program product, as a function, as a routine, as part of a program code or as an executable object.
- the readout unit can read part of the bitstream or even the entire bitstream. This can be done directly after loading the bit stream when the programmable hardware module is turned on, or at some point in time when the configuration of the bitstream is known.
- the read-out data of the bitstream may then be converted into a key by the generating unit using a cryptographic function.
- the cryptographic function may process the at least part of the bitstream to generate the key. This generated key can be used for various cryptographic functions.
- the key may be used as a private key for encryption in combination with a public key.
- the generated key does not have to leave the device.
- the key is not present at a particular memory location or hardware circuit within the bitstream, but represents an edited version of the entire bitstream.
- the proposed device makes it possible in a simple way to obtain existing data in any case, that is to say anyway.
- an already existing bitstream with configuration settings of a programmable hardware module, used to generate a key is already existing.
- a programmable hardware module can be understood as an FPGA, for example.
- the terms programmable hardware module and FPGA are used synonymously.
- the device can be realized as a processor in the FPGA.
- the device can be realized as a hardware unit in the FPGA.
- the generation unit is configured to continuously generate a key.
- the data of the bit stream is continuously fed to the generating unit, which continuously shifts it into the cryptographic function.
- the cryptographic function is a cryptographic compression function.
- the cryptographic compression function is a hash function.
- a hash function returns a hash value as the initial value, ie as a key.
- Such a hash value can also be used, for example, to check the integrity of the bit stream, as will be explained in more detail below.
- the memory unit has a volatile memory.
- the volatile memory can be deleted again at any time, for example when a manipulation is detected.
- the volatile memory can be automatically cleared each time the FPGA is turned off.
- the memory unit is configured to continuously store a generated key in the volatile memory.
- the readout unit is set up to read out the at least one part of the bit stream via an internal configuration interface.
- the FPGA has an internal configuration interface, via which the device or the readout unit can access the bit stream and read it out.
- the device comprises an encryption unit for decrypting the bitstream using a secret key.
- the external bitstream can be secured against attackers.
- an attacker accesses the bitstream If he wants to, he must first break the encryption in this case. Then he can first analyze the used key generation function or cryptographic function.
- the apparatus comprises an encryption unit for encrypting portions of the bitstream using the generated key.
- the encryption unit may also be used to decrypt portions of the bitstream.
- an unknown portion of the bitstream may be used to generate the key.
- an attacker would have to reverse engineer the entire process to detect the relevant parts of the bitstream and analyze the encryption function.
- the generation unit is configured to generate the key based on a cryptographic function, the at least part of the bitstream, and an external secret.
- the key is based on an external secret.
- secrets hidden in the bitstream may be used, further complicating reverse engineering.
- the generating unit is configured to generate a plurality of keys based on a cryptographic function and a plurality of parts of the bitstream. For example, the bit stream may be divided into multiple parts, and a key may be generated based on each part or region.
- the device comprises a checking unit for checking the integrity of the bitstream using the generated key.
- bitstream contains configuration settings of the FPGA
- an attacker can not integrate additional circuitry to read the key without changing the bitstream. Therefore, the original key is no longer generated and the attacker can no longer read the original key.
- a programmable hardware module which has a device for generating a key as explained above.
- the programmable hardware module is a Field Programmable Gate Array (FPGA).
- FPGA Field Programmable Gate Array
- the FPGA may be a static random-access memory (SRAM) -based FPGA.
- SRAM static random-access memory
- a method for generating a key in a programmable hardware module is proposed, wherein the programmable hardware module has a bit stream, which configuration settings of the contains programmable hardware module. The method comprises the steps of: reading at least a portion of the bitstream, generating a key based on a cryptographic function and the at least a portion of the bitstream, and storing the generated key.
- a computer program product such as a computer program means may, for example, be used as a storage medium, e.g.
- the embodiments and features described for the proposed device apply accordingly to the proposed method.
- FIG. 1 is a schematic block diagram of one embodiment of a device for generating a key in a programmable hardware module
- Fig. 2 is a schematic block diagram of one embodiment of an FPGA with an apparatus of Fig. 1;
- FIG. 3 shows a schematic flow diagram of a method for generating a key in a programmable hardware module.
- the programmable hardware module 1 shows a device 10 for generating a key in a programmable hardware module 1, which is shown in FIG.
- the programmable hardware module 1 has a bitstream containing configuration settings of the programmable hardware module 1
- the device 10 has a read-out unit 11, a generation unit 12, a memory unit 13, an encryption unit 14 and a checking unit 15.
- the read-out unit 11 can read out a part, several parts or also the entire bit stream via a configuration interface 20.
- the generating unit 12 may generate a key based on the read-out data of the bitstream and a cryptographic function, such as a hash function. In addition, an external secret can also be used.
- the generated key can then be stored by the memory unit 13, for example in a volatile memory. The generated key can be used for different purposes.
- the encryption unit 14 may use the generated key to encrypt or decrypt portions of the bitstream.
- the bitstream may also be encrypted by the FPGA 1 using the generated key.
- Another purpose is to verify the integrity of the bitstream.
- the checking unit 15 can check the bit stream using the generated key. When the bitstream is manipulated, the originally generated key deviates from a hashed value of the manipulated bitstream, whereby an integrity check can take place.
- the programmable hardware module may be, for example, an FPGA.
- the FPGA 1 has an (internal) configuration interface 20.
- a bitstream is loaded, which can be read out via the configuration interface 20 by the device 10.
- step 301 shows a method for generating a key in a programmable hardware module 1.
- the method comprises the steps 301 to 303.
- step 301 at least part of the bit stream of the hardware module 1 is read out.
- a key is generated based on a cryptographic function and the at least part of the bitstream.
- step 303 the generated key is stored.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- Mathematical Physics (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Computing Systems (AREA)
- Software Systems (AREA)
- Microelectronics & Electronic Packaging (AREA)
- Storage Device Security (AREA)
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
DE102015206643.6A DE102015206643A1 (de) | 2015-04-14 | 2015-04-14 | Vorrichtung und Verfahren zum Erzeugen eines Schlüssels in einem programmierbaren Hardwaremodul |
PCT/EP2016/056620 WO2016165930A1 (de) | 2015-04-14 | 2016-03-24 | Vorrichtung und verfahren zum erzeugen eines schlüssels in einem programmierbaren hardwaremodul |
Publications (1)
Publication Number | Publication Date |
---|---|
EP3254403A1 true EP3254403A1 (de) | 2017-12-13 |
Family
ID=55699615
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP16715262.8A Ceased EP3254403A1 (de) | 2015-04-14 | 2016-03-24 | Vorrichtung und verfahren zum erzeugen eines schlüssels in einem programmierbaren hardwaremodul |
Country Status (6)
Country | Link |
---|---|
US (1) | US20180123789A1 (zh) |
EP (1) | EP3254403A1 (zh) |
KR (1) | KR20170138483A (zh) |
CN (1) | CN107409046A (zh) |
DE (1) | DE102015206643A1 (zh) |
WO (1) | WO2016165930A1 (zh) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
RU2735618C1 (ru) * | 2019-01-22 | 2020-11-05 | Сименс Акциенгезелльшафт | Реализуемое компьютером устройство и способ для обработки данных |
Families Citing this family (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10708073B2 (en) | 2016-11-08 | 2020-07-07 | Honeywell International Inc. | Configuration based cryptographic key generation |
EP3451573A1 (de) * | 2017-08-30 | 2019-03-06 | Siemens Aktiengesellschaft | Verfahren und system zum prüfen einer funktion einer verschlüsselungseinrichtung |
CN109635466B (zh) * | 2018-12-18 | 2023-05-23 | 上海复旦微电子集团股份有限公司 | 一种用于可配置芯片的功能仿真方法及系统 |
US11343089B2 (en) * | 2019-07-10 | 2022-05-24 | Tunnel VUE Inc. | Cryptography system and method |
Family Cites Families (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5970142A (en) * | 1996-08-26 | 1999-10-19 | Xilinx, Inc. | Configuration stream encryption |
US6654889B1 (en) * | 1999-02-19 | 2003-11-25 | Xilinx, Inc. | Method and apparatus for protecting proprietary configuration data for programmable logic devices |
US6785816B1 (en) * | 2000-05-01 | 2004-08-31 | Nokia Corporation | System and method for secured configuration data for programmable logic devices |
US6996713B1 (en) * | 2002-03-29 | 2006-02-07 | Xilinx, Inc. | Method and apparatus for protecting proprietary decryption keys for programmable logic devices |
AU2005223962C1 (en) * | 2004-03-18 | 2009-12-10 | Qualcomm Incorporated | Efficient transmission of cryptographic information in secure real time protocol |
US7500098B2 (en) * | 2004-03-19 | 2009-03-03 | Nokia Corporation | Secure mode controlled memory |
US7716497B1 (en) * | 2005-06-14 | 2010-05-11 | Xilinx, Inc. | Bitstream protection without key storage |
CN101646167A (zh) * | 2009-09-04 | 2010-02-10 | 西安电子科技大学 | 无线上网智能终端及其数据处理方法 |
CN101853051A (zh) * | 2010-04-30 | 2010-10-06 | 株洲南车时代电气股份有限公司 | 一种人机交互单元设备 |
-
2015
- 2015-04-14 DE DE102015206643.6A patent/DE102015206643A1/de not_active Withdrawn
-
2016
- 2016-03-24 CN CN201680021752.3A patent/CN107409046A/zh active Pending
- 2016-03-24 KR KR1020177033011A patent/KR20170138483A/ko not_active Application Discontinuation
- 2016-03-24 WO PCT/EP2016/056620 patent/WO2016165930A1/de active Application Filing
- 2016-03-24 US US15/565,472 patent/US20180123789A1/en not_active Abandoned
- 2016-03-24 EP EP16715262.8A patent/EP3254403A1/de not_active Ceased
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
RU2735618C1 (ru) * | 2019-01-22 | 2020-11-05 | Сименс Акциенгезелльшафт | Реализуемое компьютером устройство и способ для обработки данных |
US10872058B2 (en) | 2019-01-22 | 2020-12-22 | Siemens Aktiengesellschaft | Apparatus and method for processing data by a reconfigurable part of a digital chip |
Also Published As
Publication number | Publication date |
---|---|
WO2016165930A1 (de) | 2016-10-20 |
KR20170138483A (ko) | 2017-12-15 |
US20180123789A1 (en) | 2018-05-03 |
CN107409046A (zh) | 2017-11-28 |
DE102015206643A1 (de) | 2016-10-20 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP2899714B1 (de) | Gesichertes Bereitstellen eines Schlüssels | |
EP2367128B1 (de) | Verfahren und Vorrichtung zur elektronischen Signatur | |
WO2016165930A1 (de) | Vorrichtung und verfahren zum erzeugen eines schlüssels in einem programmierbaren hardwaremodul | |
DE102013203415B4 (de) | Erstellen eines abgeleiteten Schlüssels aus einem kryptographischen Schlüssel mittels einer physikalisch nicht klonbaren Funktion | |
DE102012220990B3 (de) | Verfahren und Anordnung zur sicheren Kommunikation zwischen Netzwerkeinrichtungen in einem Kommunikationsnetzwerk | |
DE102011010613B4 (de) | Verfahren zum Speichern und Wiederherstellen von Daten, Verwendung der Verfahren in einer Storage Cloud, Speicherserver und Computerprogrammprodukt | |
EP3683713B1 (de) | Verfahren, vorrichtungen und system zum sicherheitsgeschützten bereitstellen von datensätzen | |
DE112013007574T5 (de) | Softwareaktualisierungsvorrichtung und Software-Aktualisierungsprogramm | |
DE102014206992A1 (de) | Zufallszahlengenerator und Verfahren zum Erzeugen von Zufallszahlen | |
DE102016205289A1 (de) | Verfahren, Prozessor und Gerät zur Integritätsprüfung von Nutzerdaten | |
DE102019110501A1 (de) | Fehlerkorrekturcode-speichersicherheit | |
EP3552344B1 (de) | Bidirektional verkettete blockchainstruktur | |
DE112020001061T5 (de) | Verschlüsselte gang-programmierung | |
DE102014210282A1 (de) | Erzeugen eines kryptographischen Schlüssels | |
DE102013202322A1 (de) | Verfahren zur verschlüsselten Datenübertragung zwischen zwei Komponenten eines Steuergeräts | |
WO2006050973A1 (de) | Vorrichtung und verfahren zum detektieren einer manipulation eines informationssignals | |
DE102010045580A1 (de) | Schaltungsanordnung und Verfahren zum Betreiben einer Schaltungsanordnung | |
EP3667529B1 (de) | Verfahren und vorrichtung zum authentisieren einer fpga-konfiguration | |
EP3407181A1 (de) | Verfahren und vorrichtung zum rechnergestützten verarbeiten eines zufälligen bitmusters | |
DE102016207145A1 (de) | Steuersystem für eine Verarbeitung von Bilddaten | |
DE102014216392A1 (de) | Symmetrisches Iteriertes Blockchiffrierverfahren und entsprechende Vorrichtung | |
DE102019101213A1 (de) | Authentifizierung und Entschlüsselung programmierbarer Bauelemente | |
DE102014209037A1 (de) | Vorrichtung und Verfahren zum Schutz der Integrität von Betriebssysteminstanzen | |
DE102015214427A1 (de) | Ableitung eines Sitzungsschlüssels mit Zugriff auf eine physikalisch unklonbare Funktion | |
DE102014114222A1 (de) | Verfahren zum Verschlüsseln von Quell-Nutzdaten |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
17P | Request for examination filed |
Effective date: 20170907 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR |
|
AX | Request for extension of the european patent |
Extension state: BA ME |
|
DAV | Request for validation of the european patent (deleted) | ||
DAX | Request for extension of the european patent (deleted) | ||
17Q | First examination report despatched |
Effective date: 20190507 |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R003 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE APPLICATION HAS BEEN REFUSED |
|
18R | Application refused |
Effective date: 20200926 |