A method of randomizing a part of an FPGA configuration bitstream

Abstract

FPGAs are widely used recently, and security on configuration bitstreams is of concern to both users and suppliers of configuration bitstreams (e.g., intellectual property vendors). In order to protect configuration bitstreams against the threats such as FPGA viruses, piracy and reverse engineering, configuration bitstreams need to be encrypted and authenticated before loaded into FPGAs. We previously proposed a configuration scheme that protects configuration bitstreams, which uses a part of a target circuit (i.e., a part of a configuration bitstream of a target circuit) as a secret key. Our proposed scheme has an advantage of using public-key cryptography, while other known methods can use only symmetric-key cryptography. However, ideally, the secret key should not be a part of a configuration bitstream but a random bit string. In this paper, we propose a method that randomizes a part of a configuration bitstream, so that it can be used as a one-time pad for our configuration scheme.