Table Of Contents - Intel Stratix 10 User Manual

Device security

Hide thumbs Also See for Stratix 10:

Configuration user manual (113 pages)

User manual (228 pages)

User manual (56 pages)

Table Of Contents

Table of Contents

Contents

1. Intel

Stratix

10 Device Security Overview...................................................................4

1.1. Intel Stratix 10 Secure Device Manager (SDM).......................................................... 6

1.2. Intel Stratix 10 Base Security..................................................................................7

1.2.1. Side Channel Resistance............................................................................. 7

1.3. Owner Security Keys and Programming.................................................................... 8

1.3.1. eFuse (Volatile or Non-Volatile) AES Root Key................................................ 8

1.3.2. BBRAM (Volatile) AES Root Key....................................................................8

2. Design Authentication.....................................................................................................9

2.1. The Configuration Bitstream ...................................................................................9

2.2. Signature Block................................................................................................... 11

2.2.1. Authentication for HPS Software................................................................ 13

3. Using the Authentication Feature..................................................................................14

3.1. Step 1: Creating the Root Key............................................................................... 15

3.2. Step 2: Creating the Design Signing Key................................................................. 15

3.3. Step 3: Appending the Design Signature Key to the Signature Chain...........................16

3.4. Step 4: Signing the Bitstream................................................................................17

3.4.1. Step 4a: Signing the Bitstream Using the Programming File Generator............ 17

3.4.2. Step 4b: Signing the Bitstream Using the quartus_sign Command.................. 19

3.5. Step 5: Programming the Owner Public Root Key for Authentication............................20

3.5.1. Step 5a: Programming the Owner Public Root Key Using the Intel Quartus

Prime Programmer................................................................................... 20

3.5.2. Step 5b: Calculating the Owner Public Root Key Hash................................... 22

4. Co-Signing Device Firmware Overview..........................................................................23

4.1. Using the Co-Signing Feature................................................................................ 23

4.1.1. Prerequisites for Co-Signing Device Firmware.............................................. 24

4.1.2. Generating the Owner Firmware Signing Key............................................... 24

4.1.3. Co-Signing the Firmware ..........................................................................25

4.1.4. Programming the Co-Signed Firmware eFuses .............................................25

4.1.5. Powering On In JTAG Mode After Implementing Co-Signed Firmware...............27

4.1.6. Canceling Intel Firmware ID...................................................................... 27

5. Signing Command Detailed Description........................................................................ 30

5.1. Generate Private PEM Key..................................................................................... 31

5.2. Generate Public PEM Key.......................................................................................31

5.3. Generate Root Signature Chain.............................................................................. 31

5.4. Append Key to Signature Chain..............................................................................31

5.5. Sign the Bitstream............................................................................................... 32

5.6. Calculate Public Root Key Hash from QKY................................................................ 33

6. Encryption and Decryption Overview............................................................................ 34

6.1. Using the Encryption Feature.................................................................................35

6.1.1. Step 1: Preparing the Owner Image and AES Key File................................... 36

6.1.2. Step 2a: Generating Programming Files Using the Programming File

Generator............................................................................................... 36

6.1.3. Step 2b: Generating Programming Files Using the Command Line Interface .... 38

Intel

Stratix

10 Device Security User Guide

Contents

Send Feedback

Table of Contents

Table Of Contents - Intel Stratix 10 User Manual

Related Manuals for Intel Stratix 10

Related Content for Intel Stratix 10

Table of Contents