Maxim
Design
Technical Documents
Application Notes
Secure Your FPGA System Using a DeepCover Secure Authenticator
DS1371/DS1372/DS1374 32-Bit Binary Counter Time Conversion
Tech Brief 11: Using the DS1075K Development Kit to Program SOIC and TO-92 Packages
Silicon Timed Circuits: Frequently Asked Questions
Using the New Features of the 73M2901CE
73M2901CE Canal+ Compatibility
73M2901CE SMS and Half Duplex V.23 Operation
73M2901CE Caller ID Support
Implementing Host Based HDLC Using Quasi-Synchronous Mode
Optimizing Transmission Levels with the 73M2901CE
POS Fast Connect Operation
73M2901CE Quasi-Synchronous Operation
V.42-LAPM Operation
V.23 Operation Including PAVI
Lithium Battery Content in Maxim Products
Precise Frequency Detector Modification and Special Tone Generation
Test Results for Energy and Voltage Parallel Pick-Up and Line-In-Use Detection
Programming the 73M2901CE Call Progress Monitor Filter
Software-Based Ring/LIU/PPU Detection
Application of Serializers with Camera Chips
ISM Transmitter Has Constant Transmitter Power for Varying Supply Voltage
78M661x Sensor Selection Guide
Designing a Proximity Sensor into a Handheld Touch-Screen Application
Voltage Monitoring in Complex Systems
Add a \"Black Box\" Fault Logger to Your \"Big (or Small) Box\" System
Implementing Nonvolatile, Nonresettable Counters for Embedded Systems
Using 2.5Gbps SerDes with Built-In Bit-Error Rate Test Circuitry Makes Measuring Link Quality Easy
78M6612 Split-Phase Firmware V1.0 Description Document
5A Step-Down Regulator Has I²C-Programmable Voltage Output
Access 16-Bit I²C Peripheral Register Addresses Through the GMSL SerDes Remote-Side I²C Interface
Sterilization Methods and Their Impact on Medical Devices Containing Electronics
Measure Multiple Temperatures in Battery-Management Systems, and Save Power Too
Snubber Design for the MAX13256
Accurate High-Side Current-Sense Amplifier Monitors PWM Load Current
Implementing an ADC with a Microcontroller, an Op Amp, and Resistors
Migrating from the 71M6513 to the 71M6533/6534
New Features of the 71M6543F/H and 71M6543G/GH
A Low-Current Power Supply for the 71M65XX Metering ICs
Field Download of Code to the 71M653x ICs
CE31A06 - Harmonic Analysis
The SPI Interfaces of the 71M65xx
Return to Mission Mode under Battery Power
Digital-to-Analog Converter Fine-Tunes Reference Output
Circuit Detects and Locates Hidden RF Bugs
Measure the Input Capacitance of an Op Amp
Reach Farther with Your Proximity Sensor
Green LED Replaces LDO Regulator
Improve Magnetic Card Reading in the Presence of Noise
DC Error Budget Calculator Simplifies Selection of Optimal Current-Sense Amplifiers
Alarm Sounds When RF Transmitter is Out of Range
Using a DDR3 Memory Module with the DS34S132
Using the V3 Pin on the 71M6513 3-Phase Energy Meter IC
VCO Enables a Hands-Free Car Kit for Cell Phones
SPI Interface User Manual for the MAX1441 Automotive, Two-Channel Proximity and Touch Sensor
Stabilize Your Transimpedance Amplifier
Maxim Addresses High-Voltage Needs in Industrial Ultrasound Applications
Implementing an Isolated 1-Wire Bus
Interface, Happy or Sad Face?
An Improved and Simple Cable Simulation Model
Radio Link-Budget Calculations for ISM-RF Products
Modular-Exponentiation Timing with MAXQ30 Microcontrollers
Device Configuration for Skype Long-Range Speakerphone and TV Applications
Adding Autorestart Capability to the MAX16046 EEPROM-Programmable System Manager
Special Considerations for Mode Changes During Active Operation of MAX14820/MAX14821 Sensor/Actuator Transceivers
78M6618 PDU1 Hardware Design Guidelines
Energy Harvesting Systems Power the Powerless
Design Considerations for a Harsh Industrial Environment
Allocate Flash and SRAM Memory on a MAXQ® Microcontroller Using the IAR Compiler
Quick Reference Guide for Programming the DS1877 SFP Controller
Touching Air: Wake Your Device with a Simple Gesture
Firmware for Safe Power Mode Transitions
Selecting External Components for an Automotive Dual Remote Antenna Current-Sense LDO/Switch
Selecting External Components for an Automotive Remote Antenna Regulator and Current-Sense Amplifier
Understanding and Configuring the DS2483 1-Wire® Master
Why Honest Weigh Scales Are Application Specific
MAX1441 Proximity and Touch Sensor Programmer User Manual
Flexible Configuration of the MAX7060 ASK/FSK ISM-RF Transmitter
Process High-Voltage Input Levels into a Low-Voltage ADC Without Losing Much SNR
Simple Low-Voltage High-Brightness (HB)-LED Solution for Li+ Battery-Operated Systems
ASK Transmitter/Receiver Pair Serves as an Automotive Antitheft Alert System
External Filters for the Analog Inputs of Metering ICs
An Easy-to-Understand Explanation of Calibration in Touch-Screen Systems
Selecting the Right CMOS Analog Switch
Interfacing to the MAX3108 UART
Programming Baud Rates of the MAX3108 UART
Power Sequencing the MAX14885E VGA Crossover Switch
Determining the Half-IF Spurious Requirement for an LTE Receiver and Choosing the Appropriate RF Mixer
Calibrating the ADC Internal Offset of the DS4830 Optical Microcontroller
Transforming a Smartphone Design into a Sophisticated Point-of-Sale Terminal
Implementing Flawless Designs with Accurate I²C Real-Time Clocks
Achieving Significant Power from Renewables
Employing a Single-Chip Transceiver in Femtocell Base-Station Applications
Determining the Mission Parameters for Temperature Logger <u>i</u>Button&reg; Devices
Securing the Smart Meter
Designing a Digital Satellite Equipment Control (DiSEqC)-Compatible Phantom Antenna Power-Supply System
Reduce EMI and Maintain High Efficiency with Class D Amplifiers in Portable Applications
Trade-Offs in Analog IC Performance, Or Challenges When You Integrate More Analog onto a Digital Design
Want Some Free Electricity, One Month a Year?
Power Control for Automotive Applications
Powerline Communications for Street Lighting Automation
G3-PLC Technology Finally Makes Charging an Electric Vehicle Smart
Digital Power Solution Optimizes Base-Station Operation
Using an H-Bridge Transformer Driver to Charge a Supercapacitor
Overcoming Smart Grid Communications Challenges with Orthogonal Frequency Division Multiplexing (OFDM) and IEEE 1901.2
MR16 LED Driver Makes MR16 LED Lamps Compatible with Most Electronic Transformers
Adding Intelligence to LED Lighting
Understanding Noise, ENOB, and Effective Resolution in Analog-to-Digital Converters
Getting Started with the DS8005 Evaluation Kit
Getting Started with DeepCover Secure Microcontroller (MAXQ1050) Evaluation (EV) Kit and the Rowley CrossStudio Compiler for the MAXQ30
Digital RF Modulators Provide the High Density, Agility, and Cost Benefits for a Converged Cable Access Platform (CCAP)
Dynamic Backlighting Improves Contrast Ratio and Trims Power for Small LCD Panels
Mesh Networking Extends a PLC Network to Thousands of Meters
Map Colors of a CIE Plot and Color Temperature Using an RGB Color Sensor
Ubiquity of NFC-Enabled Phones Leads to Strong Brand Protection
Total Harmonic Distortion (THD) Test Circuit Eliminates the Need for External Filters
Thermoelectric Cooler Control Using the DS4830 Optical Microcontroller
Thermoelectric Cooler Control Using the DS4830A Optical Microcontroller
Improving the Speed of Modular Exponentiation with DeepCover Secure Microcontrollers (MAXQ1050, MAXQ1850, and MAXQ1103)
Quick Start Programmer&#x27;s Guide for the MAX11800&#8211;MAX11803 and MAX11811 Touch-Screen Controllers
Intermediate Rail 2MHz Switching Power Supply Withstands Entire Automotive Input Voltage Range
Direct-Sampling DACs in Theory and Application
Choose the Right Power Supply for Your FPGA
Digital-Input Class D Amplifiers Expand the Benefits of Traditional Class D and Simplify System Design
Resolving Magnetic Issues with Pulse Transformers
Analyzing Audio DAC Jitter Sensitivity
Understanding the DSSHA1 Synthesizable SHA-1 Coprocessor
Level Shifting to Control Power MOSFETs
Heart-Rate/Fitness Monitors Go Wireless
PCB Layout Guidelines for the MAX14921 High-Accuracy 12-/16-Cell Measurement AFE
Design Porting Considerations for the MAX2870
Using a Peak-Current-Mode Controller to Design a Boost Converter
Designing Flyback Converters Using Peak-Current-Mode Controllers
Understanding the DS1WM Synthesizable 1-Wire Bus Master
Navigate the AFE and Data-Converter Maze in Mobile Wireless Terminals
Securing Critical Data with Hardware AES Engines
FAQs about the Control Channel and Operation of Serializer/Deserializer Devices
Energy Measurement and Security for the Smart Grid - Too Long Overlooked
MEMS Technology Provides Tangible Benefits for Real-Time Clocks
The Fundamentals of a SHA-256 Master/Slave Authentication System
Evaluating the DS28E05
MAX5880 Cable QAM Modulator and DUC Usage and Configuration Guide
Compact Medical Ultrasound - Advanced Analog Integration and Low-Noise System Design Make It Possible
ASIC Fixes for Noisy Analog “Oops”
Scaling Power-Supply Slopes with a Reliable Power-On Reset (POR)
Integrating Power Passives and Tactical Trade-Offs for Power Efficiency: Part 1, Harmony - Design like a Symphony Conductor
Integrating Power Passives and Tactical Trade-Offs for Power Efficiency: Part 2, Balance - Work Through All the Choices
Step-by-Step Design Process for the MAX16833 High-Voltage High-Brightness LED Driver, Part 1
Challenge the Conventional - Make Unipolar DACs Bipolar
Selecting External Components and Compensation for Automotive Step-Up DC-DC Regulator with Preboost Reference Design
Industry Turns to MEMS for Accurate Real-Time Clocks
In-System Calibration with the 78M6610+PSU Energy Measurement Processor
Simulation Shows How Real Op Amps Can Drive Capacitive Loads
Robots: the “Artificial” Agents Around the House
Enhance PA Performance and System Efficiency with Bypass Mode in Hysteretic Step-Down Converters
Current Calibration Procedure for InTune Digital Power
In-System Programming Using I<sup>2</sup>C Bootloader Commands
Soldering Guidelines for MEMS Inertial Sensors
Layout Guidelines with Example Layout for the MAX20021/MAX20022
A Method of Demonstrating Transmission-Line Behavior on a Dual-Channel Oscilloscope
Optimize Battery Measurement and Cell-Stack Monitoring with Highly Accurate AFE
Ensuring the Complete Life-Cycle Security of Smart Meters
PWM Margining with the MAX34451
Step-by-Step Design Process for the MAX16833 High-Voltage High-Brightness LED Driver, Part 2
Passives Aren’t Really So Passive (Part 1): Capacitors
MAX5860/MAX5862 Usage and Configuration Guide
MAX5860/MAX5862 Thermal Model Considerations
An Overview, History, and Formation of IEEE P1901.2 for Narrowband OFDM PLC
Lithium-Ion Battery Recycling Made Easy
Protect Your Designs from Malware with the DeepCover MAXQ1050 Secure Microcontroller
Enable Automotive USB Power: Managing the Increasing Currents, Longer Cables, and Tight Portable-Device Specifications
An Accurate, Low-Impedance, Low-Dropout, Sub-1V Bandgap Reference Is Compact and Prolongs Battery Life
Simple Solutions for a Single-Device Pulse-Width Modulation (PWM) Waveform Generator
Lightning Bolts, Defibrillators, and Protection Circuitry Save Lives
Understanding Multidrop Address Assignments for Thermal Sensors
Using the DS28E35 Authenticator
Compiling Meter Code with New Computation Engine (CE) Code Images
Comparing OMU and HPL Solutions to the 78M6610+LMU
How to Replace a DS1216 SmartSocket with an Equivalent-Density Phantom Clock Module
78M6610+LMU In-System Calibration
Analog Integration Drives Factory Integration
Getting the Most Out of the MAX14920/MAX14921 High-Accuracy Battery-Measurement AFEs
Lord Kelvin’s Sensing Method Lives On in the Measurement Accuracy of Ultra-Precision Current-Shunt Monitors/Current-Sense Amplifiers
Maximize the Performance of High-Signal-to-Noise Ratio (SNR) Ultrasound Receivers with an Optimized System Design
Choosing the Right Transformer with the MAX13256
MAX14832 Customer OTP Guide
Introduction to SHA-256 Master/Slave Authentication
Designing Active-Clamp Forward Converters Using Peak-Current-Mode Controllers
The Industrial Automation Power Dilemma: Part 1 - Industrial Control Architecture
Implement Heightened Security with a SHA-256 Master/Slave Authentication System
Multiplex Boosted Class-D without Additional External Circuitry
Low-Current Charger Provides Battery Backup from USB to 1-Cell Applications
Passive Components Aren’t Really So Passive (Part 3): Printed Circuit Boards
Secure Your FPGA System Using a DeepCover Secure Authenticator
Hot-Swapping and ORing Ensure Uninterrupted Operation for a High-Availability and High-Reliability Telecom System
Simulation and Correlation of Flow-Rate Measurement in an Ultrasonic Time-of-Flight Heat Meter
Auto Infotainment - Driving the Course for Connectivity
Get a Constant +5V Output by Switching Between a +5V Input and a Single-Cell Li+ Rechargeable Cell
The Industrial Automation Power Dilemma: Part 2 - Synchronous Regulators Improve the Power System
Insightful Electronic Switch Brings Intelligence and Security to Home Energy Monitoring
Water and Power in the Internet of Everything
Auto Radio Head Units: More Demands, Harsh Environment Drive Need for Sophisticated Power-Management ICs
Overcoming Disorientation: Practical Ways to Assemble MEMS Inertial Sensors
DS2406 PIO Command Examples
Innovative Chinese Electrical Metering Technology to Save Chinese Meter Manufacturers $25M Annually<sup>1</sup>
“Come rain or come shine”<sup>1</sup> - Automotive Heads-Up Displays Must Work Everyday
Package Thermal Analysis Calculator Tutorial
Settling Time Calculator Tutorial
Guidelines for the MAX5977’s Critical Component Placement and Routing
The Sure Evolution of Static \"Smart Home\" Water Metering
Recommended Initialization Sequence for the MAX3955 and MAX3956 Devices
A Chimera of Standards, or the Challenges of Adapting Prototyping Standards
Getting Started with the MAXQ622 Evaluation Kit
Using the MAX15090/MAX15090B Hot-Swap Solution in Low-Voltage Applications for Resistive Loads
iButton Mission Data Recovery: memlog User Guide
Instructions for Compiling the OneWireViewer for Linux
Designing an Antenna for MAX66300
Battling Threats in the Smart Grid Supply Chain
Device Authentication Thwarts Counterfeiting
Fundamentals of Electronic Security: What Does Security Really Mean?
Fundamentals of Electronic Security: Tampering with the Easy Targets
Secure 3D Printing - the New Disruptive Technology - and Watch the Market Grow
Using the Simple Serial Interface for Embedded Measurement Devices: 78M6610+LMU, 78M6610+PSU, and the MAX78630+PPM
Wearable Weight Loss - Slim Down Wellness Devices with Better Energy Efficiency
MAX77387 Application Guidelines
SMT Assembly and PCB Design Guidelines for Maxim’s Flip-Chip Exposed Die QFN (No Leads) Packages
Choosing the Optimal Clock Mode for MAX116xx, MAX123x, and MAX103x SAR ADCs
Efficiency Improvement in Battery Mode - MAX1737, MAX1757, MAX1758
Welcoming Water Metering into the 21st Century
Fundamentals of Electronic Security: Security in Transit
Amplifier IC Generates a Negative Voltage Reference with the Fewest Parts and a Single Supply Rail
Setting Up UART Communication with the MAX78615+LMU and the MAXREFDES14# Isolated Energy Measurement Subsystem
Distribution Automation Needs Highly Accurate Analog Data Converters
Realizing Industry 4.0: Essential System Considerations
Understanding the Safety Certification of Digital Isolators
Need NFC/RFID? Tomorrow Is Today in This Constant State of Innovation
Choose the Right Regulator for the Job: Part 2, Primary Regulator Control Schemes
Inductorless Switching Regulator Boosts Input Voltage
Dallas Real Time Chip (RTC) Guide | Maxim Integrated
The DS80C320 as a Drop-In Replacement for the 8051/8032 Microcontroller
DS80C320 Memory Interface Timing
Crystal Considerations with Maxim Real-Time Clocks (RTCs)
5-Comparator IC Provides 3V-to-5V Regulator and &micro;P Reset
Interfacing SPI Real-Time Clocks (RTCs) with a Microcontroller
Design Considerations for Maxim Real-Time Clocks
Lithium Coin-Cell Batteries: Predicting an Application Lifetime
Recording Total On-Time and Power Cycling Information Using the DS1682
PowerCap Package Allows for Density Upgrades, Surface Mount Assembly
Using the Power-Control Functions of the DS1501/DS1511 Real-Time Clock
Using the SmartWatch/Phantom Clocks with a Microcontroller
Using the DS1672 Low-Voltage Serial Timekeeping IC
Using the Watchdog/Alarm Counter in the DS1371 and DS1374 Real-Time Clocks
Using Multiplexed Bus Clocks with a Microcontroller
Using a Nonvolatile Timekeeping RAM with a Microcontroller
Using a Watchdog Timekeeping RAM with a Microcontroller
Simple Circuit Measures Battery Drain
15V Input Converter Generates -185V at 50mA
VCO Tank Design for the MAX2310
Using Nonvolatile Static RAMs
Using the High-Speed Micro&#x27;s Watchdog Timer
5V, Non-Interruptible Power Supply Delivers 1A
Tech Brief 2: Dual-Polarity Amplifier is Controlled Digitally
Tech Brief 7: DS2152 and DS2154 8MHz System Clock Operation
Using Analog Temperature Sensors with ADCs
Interfacing the MAX195 ADC to the TMS320C3X Evaluation Module
High-Frequency Switching IC Powers Portable Telephone
New RS-485 IC Increases System Reliability and Fault Detection in Motor-Control Circuits
Bluetooth Power Amplifier: System Performance Review
Advantages of Using a MicroMonitor and a Simple Application Demonstrating the Use of a DS1232
Watchdog Timer Assumes Varied Roles
Deglitching Techniques for High-Voltage R-2R DACs
+23dBm PA and PA Predriver with 37&#37; Efficiency for 2.4GHz FHSS WLAN Applications
Block Diagram for a Radio Design Solution for a Satellite ISP Application
Block Diagram for MAX3510 Upstream CATV Amplifier Application
Multiplexer Enables Pseudomultidrop RS-232 Transmission
Maxim Telecommunications Frequently Asked Questions
Digital Potentiometers: Frequently Asked Questions
8051 Microcontrollers: Frequently Asked Questions
HFAN-02.2.0: Extinction Ratio and Power Penalty
Add an Extra 2000mA DC Current Range to a Simple Handheld Multimeter
test
Touching Air: A Simple Way to Wake Your Device Using Basic Gesture Detection
DACs sense nonsense and loopy loops
test - ignore this too
CE43A07 - Harmonic Analysis with Phase Shift Vars
Teridian&#8482; Metering ICs in the Presence of Harmonics and Interharmonics
MAX13305 Detailed Diagnostic Procedures
Measuring the Invisible with the Old
FPGAs, Twist And Turn Tribulations Just To Connect
Smart Grid Security: Recent History Demonstrates the Dire Need
5565
Troubleshooting, how we can answer customer questions and solve issues faster
Part 15B To Be or Not to Be
Calculating Enemy Heat, Cool ICs are Happy ICs
Analog Integration Visionary
Test
5669
MAXREFDES64#: 8-Channel Digital-Input Micro PLC Card
Benefits of including LNAs in your System Design
Distribution Automation and the Smart Grid: Coming of Age with a New Set of Challenges
Interrupt handling using GMSL SerDes
Silicon, Security, and the Internet of Things
PMBus feature: Global Process Call
Accelerometer and Gyroscopes Sensors: Operation, Sensing, and Applications
MAX2982 PLC MAC API
MAX2982 Programming Guide
Optimized Design for MEMS-Based Automotive Laser Pico Projectors
Innovative Chinese Electrical Metering Technology Saves Chinese Meter Manufacturers $25M Annually
Current Calibration Procedure for InTune Digital Power – MAX15301, MAX15303
Simulation and Correlation of Flow-Rate Measurement in an Ultrasonic Time-of-Flight Heat Meter
SC1869 Thermal Noise, Residual IM’s and Spurs
Linearizing Microwave Transmission Power Amplifiers: Using SC1894 RFPAL to Improve ACP, EVM , and Efficiency
Designing a Power Amplifier Optimized for Predistortion and Scintera’s RF PA Linearizer (RFPAL)
Thermoelectric Cooler Control Using the DS4830A Optical Microcontroller
PCB DESIGN AND LAYOUT CHECKLIST FOR INTEGRATED AND MULTIPHASE VOLTAGE REGULATORS
Not Just For Logic: Programmable Analog ICs Bring FPGA-like Versatility, Virtues to Mixed-Signal World
Cleanly Elegant? Overfeatured? Too Expensive? Is a General-Purpose Analog Front-End Practical?
Proximity Detector Features Ultrasonic Transducers
Single Coax Carries Power And Signal For Remote pH Measurement
Flyback Winding Adds 12V Output to 5V Buck Regulator
Connecting the DS2119M SCSI Terminator in Typical Applications
501
SCSI Bus Configuration For MSTR/SLV Connections
Switch-Mode Supply Charges Battery While Serving Load
Dual Boost Regulator Handles Heavy Surge Currents
Battery Fuel Gauge
Feature Comparison of the DS323x Real-Time Clocks
Implementing a Direct RF Transmitter for Wireless Communications
Programming Meter ICs Guide
Passive Components Aren’t Really So Passive (Part 2): Resistors
Interface 1-Wire USB Adapter with Android
Boost Performance and Add Functionality to Portable Medical Devices Without Affecting the Power Budget
Ensure Long Lifetimes from Electrolytic Capacitors: a Case Study in LED Light Bulbs
PC-lint Manuel for MAXQ | Maxim Integrated
DeepCover Secure Microcontroller (MAXQ1050) Rowley Development Environment Setup
Using the DeepCover Security Manager (DS3645) Power-Management Mode
OneWireViewer Tips and Tricks
A Brief Guide for Using MTK3 with the DeepCover Secure Microcontroller (MAXQ1850)
Zatara Board Support Package Quick Start Guide
Linux Development Platform Quick Start Guide
Building and Running Linux on Zatara MCU
Zatara Linux System Startup
Getting Started with the DeepCover Secure Microcontroller (MAXQ1010) Evaluation Kit and the IAR Embedded Workbench
Physical Security Guidelines for DeepCover Secure Microcontroller (Zatara ZA9L0)
Physical Security Guidelines for DeepCover Secure Microcontroller (Zatara ZA9L1)
Updating External Flash from Removable Media on Zatara Platform
Creating Remote NFS File System Image for Zatara
Zatara Loadable Kernel Modules and BusyBox Utility
Creating JFFS2 File System Image
Zatara Module Signing
Zatara Boot Loader and Binary File Signing Tool
Zatara series GPIO configuration
DeepCover Secure Microcontroller (Zatara ZA9L0) ESF Modem Driver
Smart Monitoring Improves Distribution-Grid Reliability
RSA-Key Generation Using the DeepCover Secure Microcontroller (MAXQ1050)
Power Supplies Begin the Circuit Foundation, Taming Switching Power-Supply Layout
Choose the Right Regulator for the Job: Part 1, Regulator Control Schemes

Keywords: FPGA counterfeit protection, DeepCover Secure Authenticator, challenge-and-response, IP Protection
Related Parts

APPLICATION NOTE 5803

Secure Your FPGA System Using a DeepCover Secure Authenticator

By: Michael D'Onofrio

Abstract: This application note describes how designers can secure their Xilinx® FPGA implementation, protect IP, and prevent attached peripheral counterfeiting. Designers can achieve this security by using one of the reference designs described in this application note. These designs implement either SHA-256 or ECDSA challenge-and-response secure authentication between the FPGA and a DeepCover® Secure Authenticator.

Introduction

This application note focuses on SHA-256 authentication reference designs (RDs) using MAXREFDES34# for 1-Wire and MAXREFDES43# for I2C. Each of the reference designs (RD) describes either a Verilog® implementation of a state machine or a "C" bare-metal implementation in a microcontroller. Each implementation is tested on the corresponding FPGA demo board.

For 1-Wire® designs, the reference code defines a combined SHA-256 processor and 1-Wire master on the host FPGA. For I2C designs, the reference code defines a SHA-256 processor and utilizes existing FPGA I2C protocol. The RDs use one of the following secure authenticators:

  • DS28E15 DeepCover Secure Authenticator with 1-Wire SHA-256 and 512-Bit User EEPROM
  • DS28C22 DeepCover Secure Memory with I2C SHA-256 Authentication, Encryption, and 3Kb User EEPROM
  • DS28E35 DeepCover Secure Authenticator with 1-Wire ECDSA and 1Kb User EEPROM

To interface the Maxim secure authenticator IC with the FPGA demo board, each RD ships with a compatible plugin module—a Pmod port standard developed by Digilent, Inc. The corresponding IC is soldered onto the Pmod board. Regarding the 1-Wire designs, with minor tweaking a SHA-256 authenticator with larger memory density could be used, such as the DS28E22 or DS28E25.

The section Why Apply Security to an FPGA System? details important security concerns that designers face. The following section entitled Securing Your FPGA demonstrates how authentication actually secures FPGA systems.

Why Apply Security to an FPGA System?

  1. Counterfeit Protection of a Peripheral
    Systems that use an FPGA to communicate and operate replacement peripherals, consumables, modules, or sensors are commonly targeted by counterfeiters or unauthorized aftermarket companies. These counterfeit versions of a peripheral can introduce safety concerns, reduce quality to the application and, generally, negatively impact the OEM solution. Furthermore, the OEM loses the revenue of peripherals to these counterfeiters. Introducing secure authentication into the solution enables the FPGA to assure peripheral authenticity and to take application-specific action if a counterfeit is detected. As shown in Figure 1, a challenge-and-response sequence between the system and attached peripheral is exercised to confirm authenticity.


    2. Testing for authenticity with a challenge-and-response sequence. Figure 1. Testing for authenticity with a challenge-and-response sequence.

  2. FPGA IP Protection and Implementation Protection
    Spartan 6. Static-RAM-based (SRAM) FPGAs have few safeguards to protect that IP (i.e., the configuration data or the FPGA implementation) against illegal copying and theft. The reason is that once the data is loaded, it is held in SRAM memory cells, which can easily be probed to determine their contents. In addition, without some type of security mechanism to protect the configuration data or bit file before it is loaded into the chip, that data is open to snooping. Prowling through that data is possible because the bit stream is usually stored in a separate memory chip read by the FPGA at power-up when it loads its configuration pattern. A cloner could simply copy the configuration file and create clones of the original. These types of FPGAs do not have built-in encryption that would otherwise protect the configuration file from copying.

    3. One way to make the SRAM-based FPGAs more secure is to leverage multichip packaging and mount the nonvolatile (NV) memory inside a package along with the FPGA. Yet if someone opens the package, the data interface between the memory and the FPGA is exposed and the configuration pattern can be compromised. Multichip packaging can also be an expensive endeavor.

    The structure of the configuration bit stream (i.e., the sequence of data elements and how they are coded and identified) is largely undocumented. The obscurity, complexity, and size of the bit stream make the reverse-engineering process difficult and time consuming, although theoretically possible. If successful, even partial reverse engineering of the configuration stream makes it possible to hack a set-top box to steal services or tamper with power-train settings in a vehicle, causing liability problems for the original manufacturer.

    Xilinx 7-Series. High-end FPGAs protect internal IP by using security keys and bit-stream encryption. These protection mechanisms greatly mitigate the risk of the IP on the bit file being snooped. Furthermore, these FPGAs do not store sensitive data in insecure SRAM. However, implementing these built-in cryptographic security mechanisms can become cumbersome. Added manufacturing steps mean greater cost. But more importantly, if these cryptographic keys are programmed during contract manufacturing, then the subcontractor will know the keys and you can no longer be assured that your IP is safe.

    Solution: In both the high- and low-end FPGAs, challenge-and-response authentication can be used to provide IP protection. An authentication sequence is added to the FPGA implementation code. If there is a Maxim secure authenticator with a valid security key on the bus, then the FPGA knows that the system is authentic. Specifically in the case of an FPGA with built-in security, using this IP protection solution could be an attractive alternative. A separate manufacturing step of programming the decryption key on an FPGA's OTP EPROM is not required; nor is a battery required to support secure BBRAM. In the Maxim alternative solution, the RD calls for the authentication key to be embedded securely into the FPGA implementation code so that the subcontractor would never know this key.

  3. Feature Management, License Management, and Overbuild Protection
    Feature Management. To decrease design time and effort, designers will create fully featured FPGA systems and de-feature certain aspects using firmware to achieve different price points or feature levels. This, however, creates a new problem: a smart customer who needs several fully featured systems could just buy one fully featured unit and several units with reduced features. Then, copying the software, the simpler units behave like the fully featured unit but for a lower price, shortchanging the system vendor.

    4. License Management. At other times, companies create and sell RDs. These are subsequently bought, licensed to, and manufactured by third parties. The RD vendors require barriers to prevent unauthorized use of the intellectual property. For revenue reasons, it is also necessary to track and confirm the number of reference uses.

    Overbuild Protection. In all cases, designers might wish to build their end product using third-party contract manufacturing. Subcontractors can be a great extension of a supply chain, and they can manufacture embedded systems efficiently and cost effectively. However, less scrupulous contract manufacturers (CMs) have been known to build more widgets than contracted. Then they can produce bootleg products of the same quality and authenticity as the originals. Indeed, by overbuilding, an unscrupulous CM freeloads on all of the R&D and marketing costs that the designer incurred.

    Solution. A practical solution for all three of these security issues is secure authentication. For Feature Management, device settings would only be stored in the user EEPROM of the secure authenticator, and a secure challenge and response would be required to read these settings. For License Management, a RD vendor would require a secure authenticator with a valid secret to be supplied to the licensee or third-party manufacturer. The RD would be made unable to operate without a secure challenge and response. Licensees would be supplied to the secure authenticator through one of two secure methods: 1) preprogrammed by the company licensing the reference, or 2) preprogrammed by Maxim per the licensing company's input and then delivered to the third-party manufacturer. In either case, the number of devices sent to the licensee or manufacturer is known and can be used to validate license fees. Overbuild Protection works just like License Management in that a contract manufacturer would only be able to build as many units as it can procure secure authenticators. A designer would be able to control how many authenticators that the CM can procure by working with Maxim.

    For more information on all the potential applications of secure authentication, refer to application note 3675, "Protect Your R&D Investment with Secure Authentication."

How Does the Authentication Work?

To implement the authentication in the most secure manner, the following are used as general guidelines:

  • Ensure that the random challenge is a cryptographically secure random number.
  • Know a secret key (called "FPGA Secret") that can be used for internal operations, but cannot be discovered from outside.
  • Compute a hash that involves the secret key, a random number and additional data, just like the secure memory.
  • Compare hash results.

In the context of the FPGA environment, the way that the challenge-and-response authentication works is shown in the following numbered statements. The letters (e.g., A, B, C) correspond to data flows in Figure 2. This section describes SHA-256 symmetric authentication.

  1. Generate a random number and send it as a challenge (A) to the secure authenticator.
  2. Instruct the authenticator to compute a hash based on its secret key, the challenge A, its unique ID, and other fixed data. The hash is the output of the algorithm block (B).
  3. Compute a hash (C), based on the same input and constants used by the secure authenticator and the FPGA's secret key.
  4. Take the hash computed by the secure authenticator (B) as the response and compare it to the expected response (C).

If the expected response and the actual response are identical, then the FPGA knows that the authenticator is genuine. If genuine, your security goals—IP protection, counterfeit protection, etc.—are achieved.

Challenge-and-response authentication flows in greater detail. Proves authenticity of hash originator—the secure authenticator. Figure 2. Challenge-and-response authentication flows in greater detail. Proves authenticity of hash originator—the secure authenticator.

As previously mentioned, authentication between an FPGA and a secure authenticator achieves the security of points 1 through 3 of the Why Apply Security to an FPGA? section. Now, let's observe how to physically set up a security system based on the following block diagrams.

Counterfeit Protection of a Peripheral

To implement counterfeit protection, a system configuration, as shown in Figure 3, should be used. The FPGA, and its corresponding security implementation, resides in an embedded system. Some peripheral device—perhaps a sensor, disposable, consumable, or another embedded system—is the object that, as a designer, we wish to secure. The Maxim secure authentication IC resides in this peripheral device.

Block diagram for counterfeit protection of peripherals. Figure 3. Block diagram for counterfeit protection of peripherals.

IP Protection, Feature Management, License Management, and Overbuild Protection

For all other security needs described in the section entitled, Why Apply Security to an FPGA?, the hardware setup shown in Figure 4 should be used. The FPGA, and its corresponding security implementation, resides in an embedded system along with the Maxim secure authentication IC.

Block diagram for IP protection, and other applications. Figure 4. Block diagram for IP protection, and other applications.

Available Reference Designs
Reference Design FPGA Demo Board Implementation Authentication IC Used Interface of Authentication IC
MAXREFDES34# Xilinx
Spartan-6		 Avnet® Spartan-6 LX9 MicroBoard Verilog DS28E15 1-Wire
Xilinx
Zynq		 MicroZed 'C'
MAXREFDES43# Xilinx
Zynq		 ZedBoard™ 'C' DS28C22 I2C
MAXREFDES44# Xilinx
Zynq		 MicroZed 'C' DS28E35 1-Wire

Reference Design-Specific Notes

MAXREFDES43# with the DS28C22 is unique because it implements bidirectional, small-message encryption of sensitive data communicated between the FPGA and the DS28C22. This encryption feature is optional; the most common use is when the DS28C22 is inside an attached peripheral subsystem. Or, perhaps it is necessary to encrypt sensitive sensor data, calibration data, feature setting data, or personal data (e.g., patient heart rate or SSN).

For more information on the encryption feature of the DS28C22, refer to application note 5785, "Implement Heightened Security with a SHA-256 Master/Slave Authentication System."

MAXREFDES44# with the DS28E35 utilizes asymmetric ECDSA authentication instead of implementing symmetric SHA-256 authentication. For symmetric authentication, both the FPGA and authentication IC must store the same key, and therefore the sensitive secret key data resides on both sides of the system. However, with asymmetric authentication, the FPGA holds only the public key, and the DS28E35 holds the private key. The only sensitive data is the private key; the public key need not be secured.

Using asymmetric cryptography could be more attractive from two standpoints:

  • You are licensing your product to your customers or using multiple contract manufacturers. Asymmetric authentication offers a great management tool for adding new licenses or removing existing ones due to the usage of certificates. Refer to application note 5767, "The Fundamentals of an ECDSA Authentication System," for more information on certificates.
  • Implementations with poor security of FPGA configuration/bit file. Using SHA-256 symmetric authentication for these applications could be risky if the FPGA secret key is exposed; however, note that for relevant reference designs (e.g., MAXREFDES34# for Spartan-6 FPGAs), extra steps have been taken to secure the FPGA-side secret key. Indeed if you are not implementing the built-in FPGA encryption feature (on applicable FPGAs like Xilinx Zynq) or if you are using a previous generation FPGA that does not secure the configuration/bit file, then using the DS28E35 is ideal.

MAXREFDES34# with DS28E15 implements symmetric authentication using SHA-256. These authentication schemes require both the FPGA-side secret keys and secure authenticator keys to be secure. For the following reasons, the MAXREFDES34# successfully secures the FPGA-side secret keys:

  • The secret key is stored in the FPGA bit file in a FLASH device. It is very difficult to reverse the bit file from bits back to Verilog code (the Spartan-6 reference was written in Verliog). Therefore, the obscurity and unwieldiness of the bit file provide the first layer of security.
  • The secret on the bit file is not the exact same secret as that stored in the DS28E15. The FPGA computes the DS28E15 secret based on its own version of the secret.
  • There are other proprietary FPGA secret protection techniques that cannot be disclosed in this application note.

Summary

Designers of FPGA embedded systems face many potential security threats including counterfeiting of peripherals and copying of FPGA implementation, among others. Using a Maxim secure authenticator along with either of these reference designs protects FPGA systems from these potential issues.