Complete activation scheme for FPGA-oriented IP cores design protection - Archive ouverte HAL Access content directly
Conference Papers Year : 2017

Complete activation scheme for FPGA-oriented IP cores design protection

Brice Colombier
Laboratoire Hubert Curien
CV
Ugo Mureddu
  • Function : Author
Laboratoire Hubert Curien
Marek Laban
  • Function : Author
  • PersonId : 1014775
Department of Electronics and Multimedia Communications
Oto Petura
  • Function : Author
Laboratoire Hubert Curien
Lilian Bossuet
  • Function : Author
Laboratoire Hubert Curien
Viktor Fischer
Laboratoire Hubert Curien

Abstract

Intellectual Property (IP) illegal copying is a major threat in today's integrated circuits industry which is massively based on a design-and-reuse paradigm. In order to fight this threat, a designer must track how many times an IP has been instantiated. Moreover, illegal copies of an IP must be unusable. We propose a hardware/software scheme which allows a designer to remotely activate an IP with minimal area overhead. The software modifies the IP efficiently and can handle very large netlists. Unique identification of hardware instances is achieved by integrating a TERO-PUF along with a lightweight key reconciliation module. A cryptographic core guarantees security and triggers a logic locking/masking module which makes the IP unusable unless the correct encrypted activation word is applied. I. GRAPHICAL USER INTERFACE A user interface allows one to perform the following actions: • Modify the IP, using logic masking [1] or logic locking [2] to make it controllably unusable. Several parameters can be tuned, as well as the area overhead. • Obtain the reference response from the TERO-PUF [3]. • Reconcile the key with CASCADE [4] and activate the IP. II. DEMO SCENARIO AND OBSERVABLES The typical demo scenario is the following. First, an IP in the form of a netlist is modified and the associated activation word (AW) is stored. The motherboard is then connected to the PC and the daughterboard is enrolled by obtaining a response from a PUF instantiated at a known location. This response is used to encrypt AW. The protected IP is instantiated on the enrolled daughterboard. Before activation, the IP does not operate correctly. When the activation phase starts, the key reconciliation procedure is conducted to ensure that the PUF response generated on the daughterboard is identical to the one obtained during enrollment. Then, AW is encrypted and sent to the board. It is then internally decrypted and sent to the logic masking/locking module, to make the IP fully operational. If the IP is instantiated on a different daughterboard, it does not operate correctly since the PUF response is different. Each IP is securely bound to a trusted hardware target. ACKNOWLEDGMENTS

Domains

Computer Science [cs] Embedded Systems Computer Science [cs] Cryptography and Security [cs.CR]
Fichier principal
Vignette du fichier
2017_FPL_Brice.pdf (260.26 Ko) Télécharger le fichier
Origin : Files produced by the author(s)

Nathalie Bochard  : Connect in order to contact the contributor

https://hal-ujm.archives-ouvertes.fr/ujm-01588947

Submitted on : Monday, September 18, 2017-10:08:19 AM

Last modification on : Friday, March 24, 2023-2:53:05 PM

Download

Dates and versions

ujm-01588947 , version 1 (18-09-2017)

Identifiers

  • HAL Id : ujm-01588947 , version 1

Cite

Brice Colombier, Ugo Mureddu, Marek Laban, Oto Petura, Lilian Bossuet, et al.. Complete activation scheme for FPGA-oriented IP cores design protection. 27th International Conference on Field-Programmable Logic and Applications, Sep 2017, Ghent, Belgium. ⟨ujm-01588947⟩

Export

BibTeX TEI Dublin Core DC Terms EndNote Datacite

Collections

UNIV-ST-ETIENNE IOGS CNRS PARISTECH UDL ANR
38 View
249 Download

Share

Gmail Facebook Twitter LinkedIn More