完善资料让更多小伙伴认识你,还能领取20积分哦, 立即完善>
3天内不再提示
电子发烧友论坛|
我已经阅读了Catalin Baetoniu撰写的“使用Dallas Semiconductos / Maxim DS2432安全EEPROM的FPGA IFF复制保护”,我有两个问题:
1)据我所知,为了实现本文档中描述的系统,当配置FPGA时,密钥仍然出现在从闪存到FPGA的线路上。 我对么? 2)所描述的系统提到使用外部设备的唯一序列号作为HMAC-SHA1的密钥的一部分(以及密钥和随机数)。 包含外部设备唯一的序列号(在这种情况下必须由FPGA读取)的优点是什么,而不仅仅是使用HMAC的随机数和密钥? 提前谢谢了。 回复可能引发进一步的问题! 最好的祝福, 奥利 以上来自于谷歌翻译 以下为原文 I've read through "FPGA IFF Copy Protection Using Dallas Semiconductos/Maxim DS2432 Secure EEPROMs" by Catalin Baetoniu, and I have two questions: 1) As far as I can see, to implement the system described in this document, the secret key still appears on the wire from the flash memory to the FPGA when the FPGA is configured. Am I correct? 2) The system described mentions using the unique Serial-Number of the external device as part of the key for the HMAC-SHA1 (along with the Secret Key and the Random Number). What is the advantage of including the external device's unique Serial-Number (which has to be read by the FPGA in this case), over just using the Random Number and Secret Key for the HMAC? Many thanks in advance. Responses may trigger further questions! Best regards, Ollie 
0
|
|
相关推荐
3个回答
|
|
|
虽然它没有直接解决您的问题,但您可能会发现以下内容非常有趣:http://www.eejournal.com/archives/articles/20110809-security/
------------------------------------------“如果它不起作用 模拟,它不会在板上工作。“ 以上来自于谷歌翻译 以下为原文 Although it doesn't directly address your question, you may find the following to be interesting reading: http://www.eejournal.com/archives/articles/20110809-security/ ------------------------------------------ "If it don't work in simulation, it won't work on the board." |
|
|
|
|
|
Ollie,在文章的右边说,设计很容易受到比特流攻击的逆向工程。该说明旨在说明如何建立一个更安全的系统,表面上是为了防止合同制造商过度建设或复制
由一个克隆制造商制造。它不会阻止一个协同努力的攻击者,但它会减慢他们的速度,也许会让他们更容易攻击。你不需要(或想要)1000美元的自行车锁定10,000美元! 安全解决方案成本应该遵循您想要保护的成本。具有bistream加密和HMAC身份验证的Series-7解决方案是一种更强大的解决方案,即使是带有比特流加密的Spartan 6(更大的部分)也将提供更安全的解决方案。 Austin Lesea主要工程师Xilinx San Jose 以上来自于谷歌翻译 以下为原文 Ollie, Right in the article is says that the design is vulnerable to a reverse engineering of the bitstream attack. The note is meant to show how one can make a more secure system, ostensibly to prevent over-building by a contract manufacturer, or copies built by a clone maker. It will not stop a concerted effort attacker, but it will slow them down, and perhaps cause them to attack something easier. You do not need (or want) a $10,000 lock on a $1000 bicycle! The security solution cost should follow the cost of what you want to protect. Series-7 solution with bistream encryption and HMAC authentication is a more robust solution, and even Spartan 6 (larger parts) with bitstream encrytion will provide a more secure solution. Austin Lesea Principal Engineer Xilinx San Jose |
|
|
|
|
|
奥斯汀,
感谢您的快速回复。 我知道较大的Spartan-6上的比特流加密,但我们没有使用任何这些,所以这本小册子提供的解决方案是我感兴趣的。 此外,我对这些解决方案提供的安全级别感到满意。 我只是想确保我理解它们是如何正常工作的。 我仍然不清楚问题(2)的答案 - 我想我可能误解了系统,因为我看不出包含外部设备的序列号在哈希中有何帮助? 如果不使用此序列号,系统是否同样强大? 即 在以下文章的第二个图中: http://www.maxim-ic.com/app-notes/index.mvp/id/190 包括SHA设备的序列号有什么好处? 非常感谢, 奥利 以上来自于谷歌翻译 以下为原文 Austin, Thanks for the prompt reply. I'm aware of bitstream encryption on the larger Spartan-6s, but we're not using any of these, so the solutions offered by this booklet are the ones I'm interested in. Also, I'm happy with the level of security these solutions provide. I'm just trying to make sure I understand how they work correctly. I'm still unclear on the answer to question (2) - I think I may have misunderstood the system, because I can't see how including the External Device's Serial Number in the Hash helps? Isn't the system just as robust without using this Serial Number? I.e. in the second diagram in the following article: http://www.maxim-ic.com/app-notes/index.mvp/id/190 what benefit is there of including the SHA device's serial number? Many thanks, Ollie |
|
|
|
|
只有小组成员才能发言,加入小组>>
2384 浏览 7 评论
2800 浏览 4 评论
Spartan 3-AN时钟和VHDL让ISE合成时出现错误该怎么办?
2264 浏览 9 评论
3336 浏览 0 评论
如何在RTL或xilinx spartan fpga的约束文件中插入1.56ns延迟缓冲区?
2431 浏览 15 评论
有输入,但是LVDS_25的FPGA内部接收不到数据,为什么?
757浏览 1评论
请问vc707的电源线是如何连接的,我这边可能出现了缺失元件的情况导致无法供电
547浏览 1评论
求一块XILINX开发板KC705,VC707,KC105和KCU1500
369浏览 1评论
1965浏览 0评论
684浏览 0评论
/6 
关注我们的微信
下载发烧友APP
电子发烧友观察
版权所有 © 湖南华秋数字科技有限公司
电子发烧友 (电路图) 湘公网安备 43011202000918 号 电信与信息服务业务经营许可证:合字B2-20210191
工商网监
湘ICP备2023018690号
962
评论
淘帖
8005
