Generating Encrypted and Authenticated Files for UltraScale and UltraScale+ - 2022.2 English

Vivado Design Suite User Guide: Programming and Debugging (UG908)

Document ID
UG908
Release Date
2022-10-19
Version
2022.2 English
Note: For additional information refer to Using Encryption and Authentication to Secure an UltraScale/UltraScale+ FPGA Bitstream (XAPP1267).

To generate an encrypted bitstream, open an implemented design in Vivado IDE. From the main toolbar select Flow > Bitstream Settings to make the Settings dialog box appear. At the top of the dialog box, click Configure Additional Bitstream Settings.

Figure 1. UltraScale and UltraScale+ Configure Additional Bitstream Settings

This brings up the Edit Device Properties dialog box. Select Encryption in the left-hand pane.

Figure 2. UltraScale Configure Encryption Settings

In the Edit Device Properties dialog box, specify the Encryption Settings and Key Settings as follows.

Encryption Settings

  • Set Enable Bitstream Encryption to YES.
  • Set Select location of encryption key to either BBRAM or EFUSE.
    • The key location is embedded in the encrypted bitstream.
    • When the encrypted bitstream is downloaded to the device, it instructs the FPGA to use the key loaded into the BBR or the eFUSE key register to decrypt the encrypted bitstream.

Key Settings

  • Specify the Starting AES encryption key (key0) to use when encrypting the bitstream. You can use up to 64 hex characters to specify the 256-bit key.
    • The key will be written to a file with an .nky file extension. Use this file when loading the key into the BBR or when programming the key into the eFUSE key register.
    Note: This value will be stored in the current project constraints file unless an input encryption file is specified. To avoid storing this value in the constraints file, specify the input encryption file.
  • Specify Input encryption file: Specify an existing .nky file to obtain the encryption key settings. This field is optional and can be omitted if specifying the AES, HMAC, and CBC manually.
  • Specify Starting AES initial vector (IV0) value. Select initialization vector for the first key.
    Note: Each key needs a separate initialization vector value that can be supplied through the input encryption file.
    Note: This value will be stored in the current project constraints file. To avoid storing this value in the constraints file, specify the input encryption file.
  • Specify the Starting obfuscate initial vector (Obfuscate IV0) value. Select the initialization vector for the obfuscated key.
    Note: This value will be stored in the current project constraints file. To avoid storing this value in the constraints file, specify the input encryption file.

Key Rolling Settings

  • Specify if a debug file to report all the keys generated in KDF mode should be generated.
  • Specify a Fixed Input Data for KDF key rolling. This is an optional 60 byte fixed input value, specified as a 120-digit hexadecimal value. This 60-Byte input along with the 4-Byte counter serves as the 64 byte input to the KDF pseudo-random fixed input value via RAND_bytes.
  • Specify Seed for KDF Key rolling. This is an optional 32 byte seed value for the KDF, specified as a 64 digit hexadecimal value.
  • Specify Number of encryption blocks per key and Number of frames per AES-256 key. The number of encryption blocks and frames are used to specify how many sections a bitstream will be broken into with distinct keys.

For authentication settings select Authentication in the left-hand pane

Figure 3. Edit Device Properties - Authentication

In the Edit Device Properties-Authentication dialog box, specify the encryption and key settings as follows:

Authentication Settings

  • Set Enable Bitstream Authentication to YES.
  • Specify the Input file containing RSA Private Key.
  • Provide an RSA private key file after specifying the encryption and authentication settings, Click OK to apply the settings to the project. Re-run Implementation and regenerate the bitstream file. Upon successful completion of the write_bitstream operation, the generated .nky encryption key file appears in the same directory as the encrypted bitstream file.

You can protect IP in bitstreams by encrypting the bitstreams with a 256-bit Advanced Encryption Standard (AES) key, and downloading the bitstreams to run only on authorized FPGAs. Do this by programming the 256-bit key into the BBR register of the authorized FPGAs before downloading the encrypted bitstream.