The Verilog 2005 standard introduced a new feature to support protected intellectual property (IP). This feature allows IP vendors to deliver models in encrypted form. Vendors may choose to encrypt entire files, or only encrypt parts of a model. More information on protected envelopes can be found in section 28 of the IEEE Standard 1364-2005. VeriLogger Extreme supports the Protected Envelopes feature of Verilog 2005. Encrypted Verilog source files traditionally have the extension .vp.

Before encrypting your source, test the unencrypted source code with VeriLogger Extreme to ensure that it compiles without errors. Since the end-user of your IP will not have access to the source code, they will be unable to fix any problems, and error messages in encrypted sections of code will be useless.

Creating a Protected Envelope

The simplest and most common way to use protected envelopes is to encrypt your source code with VeriLogger Extreme's public key. This will allow any VeriLogger Extreme user to compile and use the encrypted model by simply adding the file to their project. VeriLogger Extreme will compile and simulate using the encrypted code, but the user will not have access to any of the encrypted source code.

To create an encrypted model file, perform the following steps:

•Add `pragma protect directives to the source to delimit which sections to encrypt. Anything between a `pragma protect begin line and a `pragma protect end will be encrypted. Anything outside these directives will be copied verbatim to the output file. Here is a source file sram.v with the `pragma directives added to protect the contents of the sram module:

•Next, run simx using the +protect command to encrypt the source file.

simx +protect sram.v 

•This will generate a file called sram.vp with contents like the code below. Notice that the code outside the `pragma protect directives is still readable, but the code between the directives is now encrypted:

About Encryption Keys

Public Key Encryption (RSA Keys)

VeriLogger Extreme uses RSA public key encryption to protect the source code. Each RSA key is composed of a public key, which is used for encrypting the model, and a private key, which is used for decrypting the model. VeriLogger Extreme keeps a database of keys, each uniquely identified by a "key owner", "key name", and an encryption method. VeriLogger Extreme's default RSA key is identified with the key owner string "SynaptiCAD" and the key name string "syncad". As in the first example, if you don't specify a key to use for encryption, VeriLogger Extreme will automatically use its own encryption key. So you could generate the same result as above by explicitly giving the key owner, name, and method, replacing the `pragma protect begin directive with:

Optionally Encrypt Models with Your Own RSA Keys

You can also use your own encryption keys. VeriLogger Extreme will load RSA keys from the directory pointed to by the environment variable SYNCAD_KEY_DATABASE. Keys are stored in the Privacy Enhanced Mail (PEM) format. First-level directories under SYNCAD_KEY_DATABASE give the "key owner" string. Each key file is named with its "key name" plus the extension .pem.

For example, if you set the SYNCAD_KEY_DATABASE environment variable to C:\key_database and placed the key you wish to use in the file C:\key_database\my_key_owner\my_key_name.pem, you could encrypt your Verilog source code with the directive below (note that the key_method string must be lowercase):

Creating a New RSA Key

To generate a key pair in the  (PEM) format, you will need the OpenSSL toolkit available at http://www.openssl.org. Generate the public/private key pair with the command:

which will print out something like:

and generate the key file that looks something like:

If you wish to separate out the public key into a separate file, run the command:

which will generate a file like:

This public key can be used for generating protected envelopes, but it cannot be used for decrypting these files.

Symmetric Encryption

VeriLogger Extreme supports several ciphers to be used for encrypting Verilog source code: DES, triple-DES, AES (in three key lengths), Blowfish, and CAST. If you do not specify an algorithm with the `pragma protect data_method directive, VeriLogger Extreme will default to encrypting with aes128-cbc. To select a specific encryption method, you would begin the protected section with something like this:

Supported Encoding and Encryption Methods (Implementation details)

Encoding Methods

VeriLogger Extreme supports base64 encoding of encrypted data. The uuencode format is not supported.

Ciphers

VeriLogger Extreme supports the following symmetric ciphers (a symmetric cipher uses the same key for encryption and decryption, whereas an asymmetric cipher uses two keys, one for the encryption process and another for the decryption process):

•des-cbc: Data Encryption Standard in CBC mode

•3des-cbc: Triple-DES in CBC mode

•aes128-cbc: Advanced Encryption Standard with 128-bit key

•aes192-cbc: Advanced Encryption Standard with 192-bit key

•aes256-cbc: Advanced Encryption Standard with 256-bit key

•blowfish-cbc: Blowfish in CBC mode

•cast128-cbc: CAST-128 in CBC mode

and the following asymmetric cipher:

•rsa: RSA

VeriLogger's Encryption/Decryption Process

For improved security, VeriLogger actually encrypts protected source code blocks using a symmetric cipher (which is stronger than RSA-based encryption for long blocks of text), then encrypts the symmetric key using an asymmetric RSA public key. During internal decryption of a protected block for compilation purposes, VeriLogger first decrypts the symmetric keys for the protected code blocks using the appropriate RSA private key, then it uses these symmetric keys to decrypt their associated source code blocks. Therefore, when you view the encrypted version of a protected block, you will see two separate encrypted sections, a "key block" containing the encrypted symmetric key and a "data block" containing the symmetrically encrypted source code.

Unsupported Directives

The `pragma directives related to message digests are not supported. These include digest_keyowner, digest_key_method, digest_keyname, digest_public_key, digest_decrypt_key, digest_method, and digest_block.

Advanced licensing directives that alter the available functionality of the encrypted models are NOT supported. Unsupported directives include: decrypt_license (which allows creation of encrypted models whose source code could be viewed by an end user with the proper key), runtime_license (which allows creation of models that can be compiled but not simulated), and viewport (which allows users to more advanced debugging access to protected envelopes of the code such as the ability to view or set values of signals defined in the protected envelope). Currently, encryption is an all-or-nothing proposition and the encrypted source code will never be visible to the end-user.