The bitstream generator (write_bitstream), provided with the Vivado tools, can generate encrypted as well as non-encrypted bitstreams. For AES bitstream encryption, set the write_bitstream property to enable bitstream encryption. You can either specify a custom 256-bit key as an input to the bitstream generator, which is the Xilinx recommendation and the most secure approach, or you can have the Vivado tool generate a pseudo-random key for you (not recommended).
RECOMMENDED:
For SSI devices, you should assign a .NKY file which has unique keys for each SLR. Vivado Hardware Manager issues a critical warning when you try to assign a single AES key for all SLRs:
-Reusing the same key/IV pair across all SLRs
-Reusing the same key across all SLRs.
Both of these are security vulnerabilities. For more information, see AR:
71558
and also see AR:
000033700
for important updates on using the unique set of encryption keys.
The bitstream generator in turn generates an encrypted bitstream file (.BIT) and an encryption key file (.NKY). Table: Write_bitstream Properties identifies the write_bitstream properties available to be defined in the XDC file and their corresponding descriptions. For a Vivado GUI example of key creation and bitstream encryption, see the Vivado Design Suite User Guide: Programming and Debugging (UG908) [Ref 4] .
RECOMMENDED: See AR: 000033701 for bitstream parameters for ensuring an adequate level of Side-Channel Analysis (SCA) resistance.
The following specific XDC file code snippet shows BBRAM key storage and a custom key defined. If you want the tools to generate a pseudo-random key then you need to comment out the BITSTREAM.ENCRYPTION.KEY0 property. This also shows RSA authentication enabled and the RSA key life frames set to the default of 8. Comment out these to disable the RSA authentication features. All of the properties shown are also selectable and editable via the Edit Device Properties GUI.
#Encryption settings
set_property BITSTREAM.ENCRYPTION.ENCRYPT YES [current_design]
#set_property BITSTREAM.ENCRYPTION.ENCRYPTKEYSELECT EFUSE [current_design]
set_property BITSTREAM.ENCRYPTION.ENCRYPTKEYSELECT BBRAM [current_design]
set_property BITSTREAM.ENCRYPTION.OBFUSCATEKEY Enable [current_design]
set_property BITSTREAM.ENCRYPTION.KEYLIFE 32 [current_design]
set_property BITSTREAM.ENCRYPTION.KEY0
256'h1234567812345678123456781234567812345678123456781234567812345678 [current_design]
set_property BITSTREAM.ENCRYPTION.STARTIV0 128'h87654321876543218765432187654321
[current_design]
set_property BITSTREAM.ENCRYPTION.STARTIVOBFUSCATE
128'hABCDABCDABCDABCDABCDABCDABCDABCD[current_design]
set_property BITSTREAM.ENCRYPTION.FAMILY_KEY_FILEPATH
C:/<any directory>/familyKey_us.cfg [current_design]
#Authentication settings
set_property BITSTREAM.AUTHENTICATION.AUTHENTICATE YES [current_design]
set_property BITSTREAM.ENCRYPTION.RSAKEYLIFEFRAMES 8 [current_design]
set_property BITSTREAM.AUTHENTICATION.RSAPRIVATEKEYFILE
{C:config/ultrascale/encryption/encryption_test/encryption_test.runs/impl_1/rsa.pem}
[current_design]
The NKY file generation occurs at the same time as bitstream generation. This file takes the same top-level name as the bit file and is placed in the same implementation directory as the encrypted bitstream. The NKY file format is:
Device <type>;
EncryptKeySelect <type>;
StartIvObfuscate 00000000000000000000000000000000;
RsaPublicKeyDigest 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000;
Key0 0000000000000000000000000000000000000000000000000000000000000000;
StartIV0 00000000000000000000000000000000;
Parameter |
Vector Size (in hex) |
---|---|
StartIVObfuscate |
128'h |
RsaPublicKeyDigest |
384'h |
Key0 |
256'h |
StartIV0 |
32'h |
For example: (top.nky)
Device xcvu095;
EncryptKeySelect BBRAM;
StartIvObfuscate abcdabcdabcdabcdabcdabcdabcdabcd;
RsaPublicKeyDigest 6DF61AA1636F1FF8A35D064CED96918A6D4820D3CAEEFFA47F64F5C58AC2E539CA3A53103C86450EC576AD595AB3A528;
Key0 1234567812345678123456781234567812345678123456781234567812345678;
StartIV0 876543218765432187654321000003f8;
Key1 44a619e399910767e68cb81bcbae831bd5d10a96e5a348420e9384eb0df06111;
StartIV1 b152ef23b9481138af45a21a000003d8;
.
.
.
Key4063 ddd9955fae4847a54d10a1c06a52171cf69e3593220018c2cac4ca56bf359f5c;
StartIV4063 7d94e42bf79ab77cce1a1d8300000382;
RSA authentication PEM file, example syntax:
-----BEGIN RSA PRIVATE KEY-----
MIIEpQIBAAKCAQEAvCMmT6/MM9LxXs7ZxybE4wKACvp0S2EpWy/q+wFkjeev/oT1EZkyRkeCLWKwLaTUeGxFYeWCVFhpHH7PU9d/5HudIsVr/uJ8k/V7GASsj/8EL3O+RFoMdpsv6AFFD8desse3svR2d3yWlnrWLKfSd25DLqOg5fHMauV5DwDpsrbUvBf/ZOW5JWd4iyi0oeK1/Dw/91AYiJoRWmKt6s3IH1ZkX4OfoXMBJ+SnVgV9NIm59lOb0vd0ZZtNOqo1oX/Ekn93jwoD1UbHAWN90TfZSIAqsv2c4aeC342jKrHUq4cykK
.
.
.
xuTbhBadZaq8u8TGsXO3oPvI+p2tee5sNNoleJj3/gnkPtF9od5bqo8=
-----END RSA PRIVATE KEY-----