Signature Block - Intel Stratix 10 User Manual
Device security
Hide thumbs
Also See for Stratix 10:
- Configuration user manual (113 pages) ,
- User manual (228 pages) ,
- User manual (56 pages)
Table of Contents
Advertisement
2. Design Authentication
UG-S10SECURITY | 2019.05.10
The header block contains a hash which validates hash block 0. Each hash block
contains up to 125 SHA-256 hashes or 83 SHA-384 hashes. These hashes validate
subsequent data blocks.
2.2. Signature Block
The signature block validates the contents of the header block. After successfully
validating the signatures, the SDM processes the data based on the signatures
provided.
Figure 4.
Signature Block Format
SHA-384 hash over Header Block
Offset to signature chains
Table 1.
Signature Block
Block
SHA-384 hash of
This hash function checks for accidental changes in the preceding block of the configuration
header block
bitstream, typically the header block.
Signature chains
Zero or more signature chains. Each signature chain can include up to 3 keys, including the owner
public root key. The other 2 keys support separate signatures for the firmware, core, and HPS
sections of the configuration bitstream.
The Intel Quartus Prime Software supports 2 keychains for control module firmware (CMF) signing
and up to 4 keychains for the configuration bitstream. Multiple keychains provide some flexibility. For
example, if you change your root key and want to create a design which works on devices with both
the old and new root key.
Dynamic sector
Locate the design sections for the remainder of the image when you store the image in flash
pointers
memory.
32-bit CRC
Protects the block from accidental modification. The CRC does not provide security. Software tools
can check the CRC to identify accidental modifications.
Signature Chain Details
Intel Stratix 10 FPGAs support up to four signature chains. If a signature chain is
invalid, it is ignored. The FPGA starts validating the next signature chain. This
capability allows for root key rollover. To pass authentication, at least one signature
keychain must pass.
Table 2.
Signature Chain Content
Content
Root Key
The Root Entry anchors the chain to a root key known to the FPGA. The FPGA calculates the hash of the root
Entry
entry and checks if the it matches the expected hash. You store the root key in eFuses.
Public Key
Signature chains enable flexible key management. Intel recommends one public key entry in each signature
Entry
chain. The previous public key signs the new public key. The public key entry provides following capabilities:
Send Feedback
Up to 4 Signature Chains
Dynamic Sector Pointers
32-bit CRC
1st Signature Chain
2nd Signature Chain
Public Key Entry 1 (Recommended)
3rd Signature Chain
4th Signature Chain
Description
Description
®
Intel
Stratix
Root Key
Public Key Entry 2 (Optional)
Header Block Entry
continued...
®
10 Device Security User Guide
11
Advertisement
Table of Contents
