FPGA Anti-Copy Protection System - ALSE
FPGA Anti-Copy Protection System - ALSE
FPGA Anti-Copy Protection System - ALSE
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
June 2009 – v 1.7<br />
Advanced Logic Synthesis for Electronics<br />
www.<strong>ALSE</strong>-FR.com<br />
Introduction to <strong>ALSE</strong>'s<br />
<strong>Anti</strong>-<strong>Copy</strong> <strong>Protection</strong> Kit<br />
A.L.S.E.<br />
166, Bvd du Montparnasse<br />
75014 – PARIS<br />
Tél. : +33 (0)1 42 79 51 38<br />
http://www.alse-fr.com/english<br />
© <strong>ALSE</strong> Introduction do <strong>ALSE</strong>'s <strong>Anti</strong>-<strong>Copy</strong> <strong>Protection</strong> 1
I. INTRODUCTION<br />
Inadequate design security is emerging as one of the single largest threats to the intellectualproperty-based<br />
economies of the modern world. Consequences of inadequate design security can<br />
include lost revenue due to counterfeit products and increased liability due to product tampering.<br />
<strong>Copy</strong> protection issues do not concern ASIC designers, but most SRAM-based <strong>FPGA</strong> designers<br />
must keep in mind that the precious bitstream can very easily be cloned and reused by<br />
unauthorized parties. Some <strong>FPGA</strong> vendors offer now specific families that implement protection<br />
schemes, but we'll see that any <strong>FPGA</strong> can benefit from the simple solution developed by <strong>ALSE</strong>.<br />
<strong>ALSE</strong>'s solutions<br />
As a response to this copy protection challenge, <strong>ALSE</strong> introduced two highly cost-effective<br />
fixed-secret authentication schemes based on a cheap and secure authentication device. In<br />
both solutions, the authentication is achieved through a variable challenge-response mechanism<br />
and user secret keys. Communication with the host is achieved through a single wire interface,<br />
in order to avoid consuming precious I/Os, and to simplify the board layout.<br />
The solution is based on :<br />
1. A small footprint cryptography & verification engine inside the <strong>FPGA</strong> (~380 Logic Cells).<br />
2. An external authentication component which embed is the same crypto engine.<br />
One version of the <strong>Protection</strong> kit is based on Intersil components (ISL 6296 / ISL 9206), the<br />
other version can be fitted in any secure and inexpensive CPLD, like Altera's MaxII<br />
EPM240. For quantities, such a device should cost in the 1 € range.<br />
3. A one-wire communication protocol allowing the <strong>FPGA</strong> to challenge the external device<br />
with an interrogation code and retrieve the response to be compared with the value<br />
calculated internally.<br />
Thanks to the small <strong>FPGA</strong> area required, the one-wire communication, and the low cost and small<br />
size of the authentication engine, adding security to just any <strong>FPGA</strong> design is both easy and<br />
affordable, even if the decision to protect the design comes as an after-thought.<br />
Due to these features, it is quite easy to add this anti-copy scheme even to a design that wasn't<br />
planned initially to implement it. A small PCB area and one or two I/Os available on the <strong>FPGA</strong> are<br />
sufficient to secure a design.<br />
Important : any <strong>FPGA</strong> can be protected with our <strong>Anti</strong>-<strong>Copy</strong> Kit. The customer must specify, at time<br />
of purchase, the unique device family to protect.<br />
Any processor-based system could potentially be protected by our <strong>Anti</strong>-<strong>Copy</strong> Max II device, but<br />
<strong>ALSE</strong> will not provide the internal algorithm, as would be necessary to implement the protection in<br />
software. As a consequence, this <strong>Anti</strong>-<strong>Copy</strong> Kit is not usable for processor protection schemes,<br />
except when the processor is embedded in an Altera <strong>FPGA</strong> (SOPC).<br />
An advantage of the CPLD protection (as opposed to using a dedicated device) is that the CPLD<br />
can be reprogrammed, thus providing the possibility to update or change the protection scheme at<br />
any time on an existing board without any hardware change.<br />
Commercial model<br />
<strong>ALSE</strong> offers a single price for protecting a single but complete <strong>FPGA</strong> family for as many projects<br />
as desired within the same company, using a unique set of encryption keys.<br />
The generation of other sets for different <strong>FPGA</strong> families or different encryption keys is a (very<br />
affordable) option.<br />
Advantages<br />
This <strong>Anti</strong>-<strong>Copy</strong> <strong>Protection</strong> Kit offers many advantages :<br />
➢ Several authentication device are possible with no risk of obsolescence (CPLD).<br />
➢ Since no source code is available, the risk of leaks within the company can be easily controlled.<br />
Furthermore, there is no specific tool or development system to purchase.<br />
© <strong>ALSE</strong> Introduction do <strong>ALSE</strong>'s <strong>Anti</strong>-<strong>Copy</strong> <strong>Protection</strong> 2
➢ There is no development cost.<br />
➢ Integration in the original design is very easy and can take place very late in the project.<br />
➢ There is no cost (and no royalty) for producing or using as many authentication devices as<br />
desired, and no minimal quantity of authentication devices to purchase.<br />
➢ The protection scheme can potentially be upgraded or changed later.<br />
II.<br />
THEORY OF OPERATION<br />
The <strong>ALSE</strong> <strong>Protection</strong> IP located inside the user device (SRam-based <strong>FPGA</strong>) generates a random<br />
32 bits challenge code at randomized points in time.<br />
This challenge code is used by the internal encryption engine which produces an 8 bits<br />
authentication code, which is the expected response.<br />
This challenge code is also transmitted over the single-wire link to the external authentication<br />
device.<br />
The external device is triggered, receives the 32 bits challenge code, and starts the exact same<br />
computation as the <strong>FPGA</strong>, in parallel. At the end of calculation, the external device sends back its<br />
result to the User device over the single-wire link.<br />
The <strong>FPGA</strong> verifies some timing and receives the 8 bits response code.<br />
If the timings, response code and the expected value do not match, it means the external device is<br />
not present, a fake or that there was an error in the communication. For this reason, and for<br />
increased protection, the checker does not immediately report a cloning situation. The internal<br />
logic has some tolerance, and the cloning error will only appear after repeated mismatches.<br />
In this case, the User design can then either cease to operate or operate with diminished<br />
functionality, such as in a demo mode, or enter in a safety mode, etc...<br />
Here is below the copy protection functional diagram.<br />
User <strong>FPGA</strong><br />
User Board<br />
User Specific<br />
Design<br />
<strong>ALSE</strong>'s<br />
<strong>Protection</strong> IP<br />
Clock<br />
Reset<br />
XSDATA<br />
Single Wire<br />
Interface<br />
<strong>Anti</strong>-<strong>Copy</strong><br />
Authentication<br />
Device<br />
(CPLD or ISL)<br />
Authentication<br />
Engine<br />
© <strong>ALSE</strong> Introduction do <strong>ALSE</strong>'s <strong>Anti</strong>-<strong>Copy</strong> <strong>Protection</strong> 3
III.<br />
HARDWARE IMPLEMENTATION EXAMPLE USING A MAX II CPLD<br />
The picture below shows a board designed many years ago where the protection has been added.<br />
The protected <strong>FPGA</strong> (Cyclone 1C20) is visible in the middle-left.<br />
The anti-copy CPLD (Max II) is on the upper right corner of the picture, and the EPCS device on<br />
the lower left corner.<br />
The board was created with a few extra links between the Max II and the Cyclone <strong>FPGA</strong> beyond<br />
the two that are used (in case other functions would be desired).<br />
The Max II uses a MAXCLK signal (provided by the Cyclone chip) as a clock input .<br />
VI. OBTAINING THE ANTI-COPY KIT<br />
Upon request, <strong>ALSE</strong> will send a commercial quotation or Proforma Invoice for the acquisition of an<br />
<strong>Anti</strong>-<strong>Copy</strong> Kit.<br />
Upon purchase, the customer provides the following information to <strong>ALSE</strong> :<br />
– Whether CPLD or ISL solution is retained<br />
– <strong>FPGA</strong>'s internal system clock frequency.<br />
– In case of CPLD : retained CPLD family and reference + selected pin numbers for XSDATA,<br />
CLOCK (and optionnaly RESET).<br />
As next step, <strong>ALSE</strong> generates a unique set of parameters and encryption engine configuration,<br />
and creates the deliverables.<br />
The customized deliverables are :<br />
– Customer-specific Programming file for the selected CPLD (if not ISL).<br />
– Encrypted Netlist file for the <strong>FPGA</strong> target selected by the customer.<br />
– Quartus License feature to enable compilation of the encrypted netlist for Altera <strong>FPGA</strong>s.<br />
– Other deliverable (like sample project etc).<br />
© <strong>ALSE</strong> Introduction do <strong>ALSE</strong>'s <strong>Anti</strong>-<strong>Copy</strong> <strong>Protection</strong> 4
Special case of ISL Authentication devices<br />
When the protection scheme adopts one Intersil device, <strong>ALSE</strong> delivers a special block (to fit inside<br />
the <strong>FPGA</strong>) for in-site programming of the ISL. The use of this block is optional sicne the ISL<br />
devices can be programmed at time of purchase or by specific programmers, or with a board<br />
tester, but this function offers the user the possibility to fully control the production of the<br />
authentication device : the <strong>FPGA</strong> is temporarily loaded with the programmer, which runns for a few<br />
seconds. It also allows to program a set of secret keys at the last moment.<br />
In any case, the customer should be extremely careful to program the exact desired number of<br />
anti-copy devices and make sure this prohgramming operation is confidential and secure !<br />
The other step is to protect the <strong>FPGA</strong> by including the <strong>Protection</strong> IP's netlist file in the final<br />
compilation, then remove this file and all compilation results except the final (protected) <strong>FPGA</strong><br />
bitstream, which can be left unprotected. This step when applied to Altera <strong>FPGA</strong>s requires a<br />
specific license (feature), generated by <strong>ALSE</strong> along with the protected netlist file, to be added to<br />
the Altera license. This feature allows Quartus II to compile the project included the protection<br />
scheme and to generate the programming file(s). Generating simulation (debugging) files is not<br />
allowed by the license in order to avoid weakening the protection. This increases the security.<br />
For obvious safety reasons, <strong>ALSE</strong> does not offer to deliver either the CPLD or the <strong>FPGA</strong> anti-copy<br />
verifier as source code !<br />
SUMMARY<br />
Protecting just any <strong>FPGA</strong> design is easy and cost-effective using <strong>ALSE</strong>'s <strong>Anti</strong>-<strong>Copy</strong> <strong>Protection</strong> Kit.<br />
This protection is not as secure as other monetary grade solutions, and may not resist major<br />
tampering efforts but it is a good compromise and should be enough to discourage most<br />
counterfeiting attempts for industrial solutions.<br />
Remember : it's never too late (you don't need much PCB space and only one wire) !<br />
Bert Cuzeau<br />
CTO A.L.S.E.<br />
Tel +33 1 4279 5138<br />
© <strong>ALSE</strong> Introduction do <strong>ALSE</strong>'s <strong>Anti</strong>-<strong>Copy</strong> <strong>Protection</strong> 5