The present invention relates to configuring field programmable gate arrays generally, and more particularly to protecting configuration bitstreams from detection or alteration.
Field programmable gate array devices are logic or mixed signal devices that may be configured to provide a user-defined function. FPGAs are typically configured using data received from a configuration device. This data may be referred to as a configuration bitstream or program object file (POF). This bitstream opens and closes switches formed on an FPGA such that desired electrical connections are made.
Modem FPGAs contain hundreds of thousands of logic gates, as well as processors, memories, dedicated analog function blocks, and other circuits. This extensive circuitry requires a correspondingly long configuration bitstream to configure it. For example, 55 Megabits of configuration data are now needed by some FPGAs.
This configuration data represents an FPGA user design that is the outcome of a huge investment in manpower and research and development costs, often in the million dollar range. To protect this investment, configuration bitstreams are often encrypted. The encrypted bitstream is decrypted using a key stored on the FPGA, and the FPGA is then configured. When the FPGA is configured by a configuration device, the bitstream that is susceptible to detection is encrypted and thus protected.
Unfortunately, problems remain even with encryption. For example, if the encryption key can be determined, for example by examining an FPGA, the encrypted bitstream can be copied and the protected device can be cloned. Alternately, if the key is determined, the device can be reconfigured to provide a different function. This can be particularly problematic if the device is performing an important function, such as network security. Similar problems exist if other types of encoding are used.
Thus, what is needed are circuits, methods, and apparatus that provide encoding keys that cannot readily be determined.