Copy protection issues usually do not concern ASIC designers, but most SRAM-based FPGA designers must keep in mind that unauthorized parties can very easily: over-build, copy, clone and re-use their precious bitstream. Some FPGA vendors offer now specific families that implement internal protection schemes, but :
- Vendors protections are often cracked
- These protections are not available to all FPGAs anyway
So the simple solution developed by ALSE and described here can be suitable in many cases.
As a response to this copy protection challenge, ALSE has designed a cost-effective fixed-secret authentication scheme based on a cheap and secure authentication device. The authentication is achieved through a variable challenge-response mechanism and user secret keys. Communication with the host is implemented through a single wire interface, in order to avoid consuming precious I/Os, and to simplify the board layout.
The solution is based on an external Authentication Component which embeds the same crypto engine. It can be fitted in most secure and inexpensive CPLDs, like Altera’s MaxII EPM240 (eg) or other small devices. For quantities and depending on the device selected, the cost could be in the 1 $ per unit range.
In spite of its compactness, the protection includes many layers and features that complicate cracking and prevent usual known methods to be used.
So, while not offering monetary-grade security, this protection is still adequate enough for protecting most industrial applications.