Re: Prohibited of the Cyclone III LS FPGA configuration with an encrypted bitstream.

Altera_Forum · ‎07-22-2010

Hi,

I’m currently using the cyclone III LS FPGA development kit. I have already configured the FPGA with an encrypted bitstream. Thus, I would like to know if it is possible to prohibit the configuration of FPGA with an unencrypted bitstream when an AES key is programmed on the FPGA.

I read the Cyclone III handbook that shows available security modes but in the page 9-76 I don’t really understand the meaning of the following sentences:

--- Quote Start ---

“Secure operation with volatile key programmed and required external battery - this mode accepts both encrypted and unencrypted configuration bitstreams. Use the unencrypted configuration bitstream support for board-level testing only”.

--- Quote End ---

What do you mean “board-level testing” in my case?

Thank you for your help.

Altera_Forum · ‎07-22-2010

sounds like you should be able to use an unencrypted bitstream to configure the FPGA even when the AES key is programmed, but its only recommended during your testing/design phase, otherwise you aren't taking advantage of the security feature

Altera_Forum · ‎07-23-2010

I agree with you but what are the conditions to prohibit the configuration of FPGA with an unencrypted bitstream when the AES key is programmed ?

Altera_Forum · ‎07-23-2010

from your original quote i don't think there would be any. did you find otherwise?

Altera_Forum · ‎07-23-2010

The purpose of configuration bitstream encryption is protection of the IP. It's obviously not intentended to restrict the usage of unencrypted configuration bitstreams.

Altera_Forum · ‎07-26-2010

Ok!

Reading the Cyclone III handbook, I thought that we could prevent the configuration of FPGA with an unencrypted bitstream when the volatile key is previously programmed.

Anyway thank for your help!