FPGA Lock IP


The FPGA Lock is a small FPGA IP core that uses the $0.52 Microchip ATSHA204A hardened crypto authentication IC and one FPGA pin to lock down FPGAs and hardware
to stop IP theft and prevent CEM hardware counterfeiting. It can also be used to guarantee hardware integrity in Military/Defence or Medical applications.

When triggered the core reads the ATSHA204a unique ID then generates a random 256 bit ‘challenge’ and sends this to the device. The IC performs an SHA256
hash on the challenge, a 256 bit secret key that has been programmed into it and its unique ID. The result of this hash is then returned to the FPGA Lock core.

The core then internally performs the same SHA256 hash with the challenge, secret key (which it knows) and the device ID.

If the hash result returned from the ATSHA204a matches the values calculated by the core, then an ATSHA204a programmed with the correct secret key is present
and full FPGA functionality is enabled. If not then FPGA functionality is disabled.

Counterfeit protection is provided by providing a CEM with the correct number of pre-programmed devices. Alternatively an FPGA could delay the ‘check’ trigger to allow full
manufacturing test to be performed before functionality is disabled (the internal ‘Enable’ defaults to ‘1’ at power on). When assembled boards are received from the CEM
the on board ATSHA204a devices are programmed (with the Key Write core) to permanently enable full functionality.

The FPGA Lockcore has a small logic footprint (~720 registers) and only uses one FPGA pin for communication with the ATSHA204A. Communication is via a bidirectional
‘open drain’ link to the device that just requires a pull up to VCC IO.

The entire hardware implementation is the SOT23-3 ATSHA204a, a pull up resistor on the interface and capacitor across the ATSHA204a power pins if required.

The Core is provided in clear VHDL so customers have complete functional visibility, a simple VHDL testbench is provided, this illustrates two consecutive HASH tests.

nial-stewart-developments-FPGA_Lock_Overview

An accompanying Key Writer core is provided separately to allow users to program their custom secret keys into the ATSHA204A device in assembled boards.
An FPGA image with the Key Writer will program the device in a fraction of a second when programmed into the FPGA.

Example designs targeted at the Cyclone10 LP Evaluation Kit and the Digilent ‘ARTY’ Artix 7 evaluation boards are provided.
The cores use generic Intel altsyncram and Xilinx 7 series Blockram macros so should be easily built into almost any Intel FPGA or Xilinx 7 series FPGA.

These example designs include the FPGA Lock and Key Writer cores, this allows a device to be programmed then an FPGA Lock test performed to
verify the key has been programmed correctly.

A short 2 minute video demonstrating the Lock and Key writer functionality can be seen here.

The User Guide describing Altera and Xilinx implementation details can be downloaded here.

An Efinix version of the FPGA Lock IP has been developed, this is marketed and distributed in collaboration with TRS Star. A Webinar is being run to ourline the FPGA Lock IP functionality and implementation in Efinix devices, registration is here.

The User Guide describing the Efinix implementation can be downloaded here.

Please contact us for licensing and pricing details (contact details are in the user guide or Contact page).