Top

Alcatraz (MAXREFDES34#): SHA-256 Secure Authentication Design

MAXREFDES34

Reference Design Disclaimer See the  Important Notice and Disclaimer  covering reference designs and other Maxim resources.

Description

Introduction

Smart factories, industrial and medical applications employ the flexibility and high performance of modern FPGAs. As these systems become increasingly connected, security emerges as a paramount feature to protect IP, enable system features using software and prevent counterfeiting. The Alcatraz (MAXREFDES34#) subsystem reference design uses the DS28E15 to immediately implement SHA-256 authentication on Xilinx® FPGAs. The DS28E15 communicates over the single-contact 1-Wire® bus, reducing the number of pins necessary to carry out the solution. The reference code defines a combined SHA-256 processor and 1-Wire Master on the host FPGA.

Figure 1. The Alcatraz subsystem design block diagram with development platform.

Features

Applications

  • SHA-256 authentication
  • Single-contact 1-Wire interface
  • Example source code
  • Pmod-compatible form factor

Competitive Advantages

  • Crypto-strong authentication
  • Single pin count interface
  • Fast performance with hardware acceleration
  • Counterfeit protection
  • Peripheral authentication
  • IP protection
  • License and feature management

  • 5822fig02

    5822fig02

  • 5822fig01

    5822fig01

  • 5822fig00

    5822fig00

Icon

Designed, Built, Tested

Board pictured here has been fully assembled and tested.

 

Details Section

Details Section

Introduction

Smart factories, industrial and medical applications employ the flexibility and high performance of modern FPGAs. As these systems become increasingly connected, security emerges as a paramount feature to protect IP, enable system features using software and prevent counterfeiting. The Alcatraz (MAXREFDES34#) subsystem reference design uses the DS28E15 to immediately implement SHA-256 authentication on Xilinx® FPGAs. The DS28E15 communicates over the single-contact 1-Wire® bus, reducing the number of pins necessary to carry out the solution. The reference code defines a combined SHA-256 processor and 1-Wire Master on the host FPGA.


Figure 1. The Alcatraz subsystem design block diagram with development platform.

Features

Applications

  • SHA-256 authentication
  • Single-contact 1-Wire interface
  • Example source code
  • Pmod-compatible form factor

Competitive Advantages

  • Crypto-strong authentication
  • Single pin count interface
  • Fast performance with hardware acceleration
  • Counterfeit protection
  • Peripheral authentication
  • IP protection
  • License and feature management

Detailed Description of Hardware

Alcatraz interfaces with FPGA development boards using a 6-pin Pmod connector as illustrated. When plugging Alcatraz into a host board, make sure to correctly align the pins with the host Pmod connector, as shown in Figure 2.



Figure 2. The Alcatraz subsystem design correctly inserted into the MicroZed development platform.

Table 1 shows the supported platforms and ports.

Table 1. Supported Platforms and Ports

Supported Platforms Ports
LX9 3 platform (Spartan®-6) J5
MicroZed platform (Zynq®-7000) J5

For symmetric authentication schemes like SHA-256, protection of both the secure authenticator secret key, along with the FPGA secret key, are important. Symmetric authentication implementations with poor FPGA secret key security can be risky. To this end, the DS28E15 uses DeepCover® technology to protect against invasive and noninvasive attacks on its secret key; the reference design spells out various techniques to protect the FPGA secret key.

Detailed Description of Firmware for LX9 Platform

Table 1 shows currently supported platforms and ports. Support for additional platforms may be added periodically under Firmware Files in the All Design Files section.

The firmware allows for immediate interfacing to the hardware. The firmware is written in Verilog, developed using the Xilinx SDK tool, based on the Eclipse open source standard.

The firmware program sequence is used to compute and lock the secret (CLS), write page data to the DS28E15, and authenticate the DS28E15. The complete source code speeds customer development. Code documentation resides in the corresponding firmware platform files.

Detailed Description of Firmware for MicroZed Platform

The Alcatraz firmware design also supports the MicroZed kit and targets an ARM® Cortex® -A9 processor placed inside a Xilinx Zynq system-on-chip (SoC).

The firmware allows for immediate interfacing to the hardware. The firmware is written in C, developed using the Xilinx SDK tool, based on the Eclipse open source standard.

The firmware program sequence is used to compute and lock the secret (CLS), write page data to the DS28E15, and authenticate the DS28E15. The complete source code speeds customer development. Code documentation resides in the corresponding firmware platform files.

Quick Start

Required equipment:

  • Windows® PC with two USB ports
  • Alcatraz (MAXREFDES34#) board
  • Alcatraz-supported platform (i.e., LX9 development kit or MicroZed kit)

Detailed setup and programming instructions are included in the README.txt file within the provided firmware files.

1-Wire is a registered trademark of Maxim Integrated Products, Inc.
ARM is a registered trademark and registered service mark of ARM Limited.
Cortex is a registered trademark of ARM Limited.
DeepCover is a registered trademark of Maxim Integrated Products, Inc.
Eclipse is a trademark of Eclipse Foundation, Inc.
HyperTerminal is a registered trademark of Hilgraeve, Incorporated.
ISE is a registered trademark of Xilinx, Inc.
Pmod is a trademark of Digilent Inc.
Spartan is a registered trademark of Xilinx, Inc.
Windows is a registered trademark and registered service mark of Microsoft Corporation.
Windows XP is a registered trademark and registered service mark of Microsoft Corporation.
Xilinx is a registered trademark and registered service mark of Xilinx, Inc.
ZedBoard is a trademark of ZedBoard.org.
Zynq is a registered trademarkof Xilinx, Inc.

Maxim Devices (6)

Part Number Name Product Family Order Design kits and evaluation modules
DS28E15 DeepCover Secure Authenticator with 1-Wire SHA-256 and 512-Bit User EEPROM Secure Authentication Buy Now Design Kits
DS28E22 DeepCover Secure Authenticator with 1-Wire SHA-256 and 2Kb User EEPROM Secure Authentication Buy Now Design Kits
DS28E25 DeepCover Secure Authenticator with 1-Wire SHA-256 and 4Kb User EEPROM Secure Authentication Buy Now Design Kits
DS28EL15 DeepCover Secure Authenticator with 1-Wire SHA-256 and 512-Bit User EEPROM Secure Authentication Buy Now Design Kits
DS28EL22 DeepCover Secure Authenticator with 1-Wire SHA-256 and 2Kb User EEPROM Secure Authentication Buy Now Design Kits
DS28EL25 DeepCover Secure Authenticator with 1-Wire SHA-256 and 4Kb User EEPROM Secure Authentication Buy Now Design Kits

Maxim Devices (6)

Part Number Product Family
Secure Authentication
DeepCover Secure Authenticator with 1-Wire SHA-256 and 512-Bit User EEPROM
Secure Authentication
DeepCover Secure Authenticator with 1-Wire SHA-256 and 2Kb User EEPROM
Secure Authentication
DeepCover Secure Authenticator with 1-Wire SHA-256 and 4Kb User EEPROM
Secure Authentication
DeepCover Secure Authenticator with 1-Wire SHA-256 and 512-Bit User EEPROM
Secure Authentication
DeepCover Secure Authenticator with 1-Wire SHA-256 and 2Kb User EEPROM
Secure Authentication
DeepCover Secure Authenticator with 1-Wire SHA-256 and 4Kb User EEPROM

Design Files (4)

Title Type Size Date
No Title PDF 46KB 2019-07-09
maxrefdes34-bom-ra PDF 43KB 2019-07-09
MAXREFDES34 HW Files.bin PDF 20KB 2019-07-09
rd34_v01_00 ZIP 87KB 2019-07-09
Date Type
2019-07-09

No Title

(PDF, 46KB)

2019-07-09

maxrefdes34-bom-ra

(PDF, 43KB)

2019-07-09

MAXREFDES34 HW Files.bin

(PDF, 20KB)

2019-07-09

rd34_v01_00

(ZIP, 87KB)

Applications

MAXREFDES34 Related Videos

View All Videos