回到顶部

ALCATRAZ (MAXREFDES34#):SHA-256安全认证设计

MAXREFDES34

参考设计免责声明 参照  重要声明和免责声明  涵盖参考设计和其他Maxim资源

描述

概述

SHA-256安全认证设计

智能工厂、工业医疗应用充分利用了现代FPGA的灵活性和高性能。随着这些系统的互联性越来越强,保护IP、利用软件支持系统特性以及防止造假等安全性问题也日益突出。Alcatraz (MAXREFDES34#)子系统参考设计利用DS28E15直接实现Xilinx® FPGA上的SHA-256安全认证。DS28E15通过单触点1-Wire®总线通信,减少实施方案所需的引脚数量。参考代码在FPGA上定义混合SHA-256处理器和1-Wire主机。

Alcatraz子系统设计方框图

图1. Alcatraz子系统设计方框图,含开发平台。

特征

  • SHA-256安全认证
  • 单触点1-Wire接口
  • 示例源代码
  • Pmod™兼容规格
  • 竞争优势

    • 强加密安全认证
    • 单引脚接口
    • 带硬件加速,实现快速性能

    • 5822fig02

      5822fig02

    • 5822fig01

      5822fig01

    • 5822fig00

      5822fig00

    Icon

    设计, 制作, 测试

    图中的电路板已经完成封装和测试。

     

    细节部分

    细节部分

    Introduction

    Smart factories, industrial and medical applications employ the flexibility and high performance of modern FPGAs. As these systems become increasingly connected, security emerges as a paramount feature to protect IP, enable system features using software and prevent counterfeiting. The Alcatraz (MAXREFDES34#) subsystem reference design uses the DS28E15 to immediately implement SHA-256 authentication on Xilinx® FPGAs. The DS28E15 communicates over the single-contact 1-Wire® bus, reducing the number of pins necessary to carry out the solution. The reference code defines a combined SHA-256 processor and 1-Wire Master on the host FPGA.


    Figure 1. The Alcatraz subsystem design block diagram with development platform.

    Features

    Applications

    • SHA-256 authentication
    • Single-contact 1-Wire interface
    • Example source code
    • Pmod-compatible form factor

    Competitive Advantages

    • Crypto-strong authentication
    • Single pin count interface
    • Fast performance with hardware acceleration
    • Counterfeit protection
    • Peripheral authentication
    • IP protection
    • License and feature management

    Detailed Description of Hardware

    Alcatraz interfaces with FPGA development boards using a 6-pin Pmod connector as illustrated. When plugging Alcatraz into a host board, make sure to correctly align the pins with the host Pmod connector, as shown in Figure 2.



    Figure 2. The Alcatraz subsystem design correctly inserted into the MicroZed development platform.

    Table 1 shows the supported platforms and ports.

    Table 1. Supported Platforms and Ports

    Supported Platforms Ports
    LX9 3 platform (Spartan®-6) J5
    MicroZed platform (Zynq®-7000) J5

    For symmetric authentication schemes like SHA-256, protection of both the secure authenticator secret key, along with the FPGA secret key, are important. Symmetric authentication implementations with poor FPGA secret key security can be risky. To this end, the DS28E15 uses DeepCover® technology to protect against invasive and noninvasive attacks on its secret key; the reference design spells out various techniques to protect the FPGA secret key.

    Detailed Description of Firmware for LX9 Platform

    Table 1 shows currently supported platforms and ports. Support for additional platforms may be added periodically under Firmware Files in the All Design Files section.

    The firmware allows for immediate interfacing to the hardware. The firmware is written in Verilog, developed using the Xilinx SDK tool, based on the Eclipse open source standard.

    The firmware program sequence is used to compute and lock the secret (CLS), write page data to the DS28E15, and authenticate the DS28E15. The complete source code speeds customer development. Code documentation resides in the corresponding firmware platform files.

    Detailed Description of Firmware for MicroZed Platform

    The Alcatraz firmware design also supports the MicroZed kit and targets an ARM® Cortex® -A9 processor placed inside a Xilinx Zynq system-on-chip (SoC).

    The firmware allows for immediate interfacing to the hardware. The firmware is written in C, developed using the Xilinx SDK tool, based on the Eclipse open source standard.

    The firmware program sequence is used to compute and lock the secret (CLS), write page data to the DS28E15, and authenticate the DS28E15. The complete source code speeds customer development. Code documentation resides in the corresponding firmware platform files.

    Quick Start

    Required equipment:

    • Windows® PC with two USB ports
    • Alcatraz (MAXREFDES34#) board
    • Alcatraz-supported platform (i.e., LX9 development kit or MicroZed kit)

    Detailed setup and programming instructions are included in the README.txt file within the provided firmware files.

    1-Wire is a registered trademark of Maxim Integrated Products, Inc.
    ARM is a registered trademark and registered service mark of ARM Limited.
    Cortex is a registered trademark of ARM Limited.
    DeepCover is a registered trademark of Maxim Integrated Products, Inc.
    Eclipse is a trademark of Eclipse Foundation, Inc.
    HyperTerminal is a registered trademark of Hilgraeve, Incorporated.
    ISE is a registered trademark of Xilinx, Inc.
    Pmod is a trademark of Digilent Inc.
    Spartan is a registered trademark of Xilinx, Inc.
    Windows is a registered trademark and registered service mark of Microsoft Corporation.
    Windows XP is a registered trademark and registered service mark of Microsoft Corporation.
    Xilinx is a registered trademark and registered service mark of Xilinx, Inc.
    ZedBoard is a trademark of ZedBoard.org.
    Zynq is a registered trademarkof Xilinx, Inc.

    Maxim设备 (6)

    器件号 名称 产品线 购买 设计套件和评估模块
    DS28E15 内置1-Wire SHA-256和512位用户EEPROM的DeepCover安全认证方案 安全认证器件 立即购买 Design Kits
    DS28E22 内置1-Wire SHA-256和2Kb用户EEPROM的DeepCover安全认证方案 安全认证器件 立即购买 Design Kits
    DS28E25 内置1-Wire SHA-256和4Kb用户EEPROM的DeepCover安全认证方案 安全认证器件 立即购买 Design Kits
    DS28EL15 DeepCover安全认证器,带有1-Wire SHA-256和512位用户EEPROM 安全认证器件 立即购买 Design Kits
    DS28EL22 DeepCover安全认证器,带有1-Wire SHA-256和2Kb用户EEPROM 安全认证器件 立即购买 Design Kits
    DS28EL25 DeepCover安全认证器,带有1-Wire SHA-256和4Kb用户EEPROM 安全认证器件 立即购买 Design Kits

    Maxim设备 (6)

    器件号 产品线
    安全认证器件
    内置1-Wire SHA-256和512位用户EEPROM的DeepCover安全认证方案
    安全认证器件
    内置1-Wire SHA-256和2Kb用户EEPROM的DeepCover安全认证方案
    安全认证器件
    内置1-Wire SHA-256和4Kb用户EEPROM的DeepCover安全认证方案
    安全认证器件
    DeepCover安全认证器,带有1-Wire SHA-256和512位用户EEPROM
    安全认证器件
    DeepCover安全认证器,带有1-Wire SHA-256和2Kb用户EEPROM
    安全认证器件
    DeepCover安全认证器,带有1-Wire SHA-256和4Kb用户EEPROM

    设计资料 (4)

    标题 类型 尺寸 日期
    No Title PDF 46KB 2019-07-09
    maxrefdes34-bom-ra PDF 43KB 2019-07-09
    MAXREFDES34 HW Files.bin PDF 20KB 2019-07-09
    rd34_v01_00 ZIP 87KB 2019-07-09
    日期 类型
    2019-07-09

    No Title

    (PDF, 46KB)

    2019-07-09

    maxrefdes34-bom-ra

    (PDF, 43KB)

    2019-07-09

    MAXREFDES34 HW Files.bin

    (PDF, 20KB)

    2019-07-09

    rd34_v01_00

    (ZIP, 87KB)

    参考指南

    MAXREFDES34 相关视频

    查看所有视频