A programmable logic device (PLD) is an electronic component used to build reconfigurable digital circuits. Examples of PLDs include field programmable gate arrays (FPGAs), erasable programmable logic devices (EPLDs), and so forth. Unlike a logic gate, which has a fixed function, a PLD has an undefined function at the time of manufacture. Thus, before a PLD can be used in a circuit it must be programmed, or configured. Typically, such PLDs are based on volatile technology in which a PLD loses its configuration when power is removed. Therefore, the PLD is reconfigured on power-up by reloading a configuration data bitstream which is held in non-volatile memory. Once the configuration data from the bitstream is reloaded, the PLD then performs the function of the circuit design.
Reprogrammable logic has been growing in acceptance for cryptographic processing due to its ubiquity, and great achievements have been seen in cryptographic performance, reprogrammability, low developmental costs, and flexibility. PLDs have been equipped to provide encryption of configuration data bitstreams to provide confidentiality for the PLD design. However, there are no known methods for providing the remaining functions of secure startup, including trusted authentication, functional verification of the configured circuit design, reloading of internal (i.e., configuration keys), loading of operational (i.e., traffic keys), isolation of key and control flow domains, or comparison of internal redundant physical regions for proper operations.
Consequently, although typical PLD designs are adequate in conventional reconfigurable digital circuit design, they cannot currently be implemented in cryptographic systems that meet NSA Type 1 certification rules.