Secure Boot FPGA
Most commercial mainstream FPGAs include bitstream decryption as a means of protection of the underlying design contents. However, all commercially available SRAM FPGAs on the market today are susceptible to Differential Power Analysis (DPA) and other related side-channel attacks. Side-channel attacks can expose the bitstream decryption key, leaving and the underlying FPGA design vulnerable to reverse engineering and malicious modification.
The Secure Boot FPGA solution protects against side channels with a SmartFusion 2 to ensure the confidential and authentic load of an SRAM FPGA configuration bitstream.
SmartFusion 2 as a Hardware Root-of-Trust
A robust security solution includes more than providing cryptographic processing primitives (e.g. AES-256, and authentication). It must provide an assurance of the authenticity of the underlying platform, manage keys securely and provide strong anti-tamper countermeasures to protect against unauthorized physical access and reverse engineering.
Microsemi’s flash-based SmartFusion2 SoC FPGA builds on a foundation of secure hardware.
This includes X.509 certificates to validate the authenticity of the device and secure key loading and storage techniques. In addition, SmartFusion has the Industry’s most complete set of NIST certified cryptographic primitives for design and data security, including True Random Number Generators (TRNG), Physically Unclonable Functions (PUFs), Eliptical Curve Cryptographic (ECC) acceleration, AES-256, and SHA-256 engines. Bitstreams are secured with DPA-resistant cryptographic processing, as well best in class anti-tamper which include tamper detection sensors, tamper countermeasures, and granular device level access control policies.
Using SmartFusion 2 to Secure Boot SRAM FPGA’s
Microsemi’s Secure Boot SRAM FPGA reference design enables the DPA safe-loading of SRAM FPGAs. All algorithms are performed in a DPA safe-manner, with pass-through licenses from Cryptographic research incorporated (CRI) on both host and target platforms.
Key features of the Secure Boot FPGA solution
- Most secure, reliable, and lowest power FPGA in the industry as Hardware Root-of-Trust
- Mitigate DPA/SPA configuration vulnerabilities of large SRAM FPGAs
- Minimize impacts to existing system architecture
- DPA resistance tested
- Simple pass-through license “Eligibility (self-)Certification” to use CRI DPA patents
- Option of Butterfly-PUF as biometric identifier on target FPGA
- Fully customizable solution
For more information about the Secure Boot SRAM FPGA reference design please send an e-mail to firstname.lastname@example.org. Please provide your contact information and your target SRAM FPGA. All downloads of Secure Boot SRAM FPGA Reference design files must be approved by Microsemi.
For more information about SmartFusion2 SoC FPGAs: www.microsemi.com/smartfusion2