Classifications

• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
  • H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
  • H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
  • H04L9/0877—Generation of secret information including derivation or calculation of cryptographic keys or passwords using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM]
• • G—PHYSICS
  • G06—COMPUTING; CALCULATING OR COUNTING
  • G06F—ELECTRIC DIGITAL DATA PROCESSING
  • G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
  • G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
  • G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
  • G06F21/76—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in application-specific integrated circuits [ASIC] or field-programmable devices, e.g. field-programmable gate arrays [FPGA] or programmable logic devices [PLD]
• • G—PHYSICS
  • G09—EDUCATION; CRYPTOGRAPHY; DISPLAY; ADVERTISING; SEALS
  • G09C—CIPHERING OR DECIPHERING APPARATUS FOR CRYPTOGRAPHIC OR OTHER PURPOSES INVOLVING THE NEED FOR SECRECY
  • G09C1/00—Apparatus or methods whereby a given sequence of signs, e.g. an intelligible text, is transformed into an unintelligible sequence of signs by transposing the signs or groups of signs or by replacing them by others according to a predetermined system
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
  • H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
  • H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
• • H—ELECTRICITY
  • H03—ELECTRONIC CIRCUITRY
  • H03K—PULSE TECHNIQUE
  • H03K19/00—Logic circuits, i.e. having at least two inputs acting on one output; Inverting circuits
  • H03K19/02—Logic circuits, i.e. having at least two inputs acting on one output; Inverting circuits using specified components
  • H03K19/173—Logic circuits, i.e. having at least two inputs acting on one output; Inverting circuits using specified components using elementary logic circuits as components
  • H03K19/177—Logic circuits, i.e. having at least two inputs acting on one output; Inverting circuits using specified components using elementary logic circuits as components arranged in matrix form
  • H03K19/17748—Structural details of configuration resources
  • H03K19/17768—Structural details of configuration resources for security
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
  • H04L2209/12—Details relating to cryptographic hardware or logic circuitry
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
  • H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
  • H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC

Definitions

• the present invention relates to a device for generating a key in a programmable hardware module. Furthermore, the present invention relates to a programmable hardware module having such a device. Moreover, the present invention relates to a method for generating a key in a programmable hardware module.
• Programmable hardware modules such as Field Programmable Gate Arrays (FPGAs) use bitstreams that contain all the configuration settings of the FPGA.
• Application circuits as well as internal secrets for security applications are stored in such a bitstream.
• SRAM-based FPGAs the bitstream is stored externally and loaded during power-up. This means that an attacker can access, analyze and manipulate the bitstream. Therefore, secrets or keys are not stored in such a bit stream.
• keys can be generated by using Physical Unclonable Functions. Keys can be generated from physical properties, such as propagation time differences of signal paths, or hardware circuits.
• an object of the present invention is to provide a key for a FPGA in a simple manner. Accordingly, an apparatus for generating a key in a programmable hardware module is proposed, wherein the programmable hardware module comprises a bitstream having configuration settings of the programmable hardware module Contains hardware module.
• the apparatus comprises a readout unit for reading out at least part of the bitstream, a generation unit for generating a key based on a cryptographic function and the at least part of the bitstream, and a memory unit for storing the generated key.
• the respective unit for example read-out unit or generation unit, can be implemented in terms of hardware and / or software technology.
• the respective unit may be designed as a device or as part of a device, for example as a computer or as a microprocessor or as a control computer of a vehicle.
• the respective unit may be designed as a computer program product, as a function, as a routine, as part of a program code or as an executable object.
• the readout unit can read part of the bitstream or even the entire bitstream. This can be done directly after loading the bit stream when the programmable hardware module is turned on, or at some point in time when the configuration of the bitstream is known.
• the read-out data of the bitstream may then be converted into a key by the generating unit using a cryptographic function.
• the cryptographic function may process the at least part of the bitstream to generate the key. This generated key can be used for various cryptographic functions.
• the key may be used as a private key for encryption in combination with a public key.
• the generated key does not have to leave the device.
• the key is not present at a particular memory location or hardware circuit within the bitstream, but represents an edited version of the entire bitstream.
• the proposed device makes it possible in a simple way to obtain existing data in any case, that is to say anyway.
• an already existing bitstream with configuration settings of a programmable hardware module, used to generate a key is already existing.
• a programmable hardware module can be understood as an FPGA, for example.
• the terms programmable hardware module and FPGA are used synonymously.
• the device can be realized as a processor in the FPGA.
• the device can be realized as a hardware unit in the FPGA.
• the generation unit is configured to continuously generate a key.
• the data of the bit stream is continuously fed to the generating unit, which continuously shifts it into the cryptographic function.
• the cryptographic function is a cryptographic compression function.
• the cryptographic compression function is a hash function.
• a hash function returns a hash value as the initial value, ie as a key.
• Such a hash value can also be used, for example, to check the integrity of the bit stream, as will be explained in more detail below.
• the memory unit has a volatile memory.
• the volatile memory can be deleted again at any time, for example when a manipulation is detected.
• the volatile memory can be automatically cleared each time the FPGA is turned off.
• the memory unit is configured to continuously store a generated key in the volatile memory.
• the readout unit is set up to read out the at least one part of the bit stream via an internal configuration interface.
• the FPGA has an internal configuration interface, via which the device or the readout unit can access the bit stream and read it out.
• the device comprises an encryption unit for decrypting the bitstream using a secret key.
• the external bitstream can be secured against attackers.
• an attacker accesses the bitstream If he wants to, he must first break the encryption in this case. Then he can first analyze the used key generation function or cryptographic function.
• the apparatus comprises an encryption unit for encrypting portions of the bitstream using the generated key.
• the encryption unit may also be used to decrypt portions of the bitstream.
• an unknown portion of the bitstream may be used to generate the key.
• an attacker would have to reverse engineer the entire process to detect the relevant parts of the bitstream and analyze the encryption function.
• the generation unit is configured to generate the key based on a cryptographic function, the at least part of the bitstream, and an external secret.
• the key is based on an external secret.
• secrets hidden in the bitstream may be used, further complicating reverse engineering.
• the generating unit is configured to generate a plurality of keys based on a cryptographic function and a plurality of parts of the bitstream. For example, the bit stream may be divided into multiple parts, and a key may be generated based on each part or region.
• the device comprises a checking unit for checking the integrity of the bitstream using the generated key.
• bitstream contains configuration settings of the FPGA
• an attacker can not integrate additional circuitry to read the key without changing the bitstream. Therefore, the original key is no longer generated and the attacker can no longer read the original key.
• a programmable hardware module which has a device for generating a key as explained above.
• the programmable hardware module is a Field Programmable Gate Array (FPGA).
• FPGA Field Programmable Gate Array
• the FPGA may be a static random-access memory (SRAM) -based FPGA.
• SRAM static random-access memory
• a method for generating a key in a programmable hardware module is proposed, wherein the programmable hardware module has a bit stream, which configuration settings of the contains programmable hardware module. The method comprises the steps of: reading at least a portion of the bitstream, generating a key based on a cryptographic function and the at least a portion of the bitstream, and storing the generated key.
• a computer program product such as a computer program means may, for example, be used as a storage medium, e.g.
• the embodiments and features described for the proposed device apply accordingly to the proposed method.
• FIG. 1 is a schematic block diagram of one embodiment of a device for generating a key in a programmable hardware module
• Fig. 2 is a schematic block diagram of one embodiment of an FPGA with an apparatus of Fig. 1;
• FIG. 3 shows a schematic flow diagram of a method for generating a key in a programmable hardware module.
• the programmable hardware module 1 shows a device 10 for generating a key in a programmable hardware module 1, which is shown in FIG.
• the programmable hardware module 1 has a bitstream containing configuration settings of the programmable hardware module 1
• the device 10 has a read-out unit 11, a generation unit 12, a memory unit 13, an encryption unit 14 and a checking unit 15.
• the read-out unit 11 can read out a part, several parts or also the entire bit stream via a configuration interface 20.
• the generating unit 12 may generate a key based on the read-out data of the bitstream and a cryptographic function, such as a hash function. In addition, an external secret can also be used.
• the generated key can then be stored by the memory unit 13, for example in a volatile memory. The generated key can be used for different purposes.
• the encryption unit 14 may use the generated key to encrypt or decrypt portions of the bitstream.
• the bitstream may also be encrypted by the FPGA 1 using the generated key.
• Another purpose is to verify the integrity of the bitstream.
• the checking unit 15 can check the bit stream using the generated key. When the bitstream is manipulated, the originally generated key deviates from a hashed value of the manipulated bitstream, whereby an integrity check can take place.
• the programmable hardware module may be, for example, an FPGA.
• the FPGA 1 has an (internal) configuration interface 20.
• a bitstream is loaded, which can be read out via the configuration interface 20 by the device 10.
• step 301 shows a method for generating a key in a programmable hardware module 1.
• the method comprises the steps 301 to 303.
• step 301 at least part of the bit stream of the hardware module 1 is read out.
• a key is generated based on a cryptographic function and the at least part of the bitstream.
• step 303 the generated key is stored.

Landscapes

• Engineering & Computer Science (AREA)
• Computer Security & Cryptography (AREA)
• Physics & Mathematics (AREA)
• Mathematical Physics (AREA)
• Signal Processing (AREA)
• Computer Networks & Wireless Communication (AREA)
• Theoretical Computer Science (AREA)
• Computer Hardware Design (AREA)
• General Physics & Mathematics (AREA)
• General Engineering & Computer Science (AREA)
• Computing Systems (AREA)
• Software Systems (AREA)
• Microelectronics & Electronic Packaging (AREA)
• Storage Device Security (AREA)

Applications Claiming Priority (2)

Publications (1)

Family

ID=55699615

Family Applications (1)

Country Status (6)

Cited By (1)

Families Citing this family (4)

Family Cites Families (9)

• 2015
  • 2015-04-14 DE DE102015206643.6A patent/DE102015206643A1/de not_active Withdrawn
• 2016
  • 2016-03-24 CN CN201680021752.3A patent/CN107409046A/zh active Pending
  • 2016-03-24 KR KR1020177033011A patent/KR20170138483A/ko not_active Application Discontinuation
  • 2016-03-24 WO PCT/EP2016/056620 patent/WO2016165930A1/de active Application Filing
  • 2016-03-24 US US15/565,472 patent/US20180123789A1/en not_active Abandoned
  • 2016-03-24 EP EP16715262.8A patent/EP3254403A1/de not_active Ceased

Also Published As

Similar Documents

Legal Events