6.2 Verilog Protected Envelopes (Encrypted Models) |
|||
6.2 Verilog Protected Envelopes (Encrypted Models) |
The Verilog 2005 standard introduced a new feature to support protected intellectual property (IP). This feature allows IP vendors to deliver models in encrypted form. Vendors may choose to encrypt entire files, or only encrypt parts of a model. More information on protected envelopes can be found in section 28 of the IEEE Standard 1364-2005. VeriLogger Extreme supports the Protected Envelopes feature of Verilog 2005. Encrypted Verilog source files traditionally have the extension .vp.
Before encrypting your source, test the unencrypted source code with VeriLogger Extreme to ensure that it compiles without errors. Since the end-user of your IP will not have access to the source code, they will be unable to fix any problems, and error messages in encrypted sections of code will be useless.
Creating a Protected Envelope
The simplest and most common way to use protected envelopes is to encrypt your source code with VeriLogger Extreme's public key. This will allow any VeriLogger Extreme user to compile and use the encrypted model by simply adding the file to their project. VeriLogger Extreme will compile and simulate using the encrypted code, but the user will not have access to any of the encrypted source code.
To create an encrypted model file, perform the following steps:
•Add `pragma protect directives to the source to delimit which sections to encrypt. Anything between a `pragma protect begin line and a `pragma protect end will be encrypted. Anything outside these directives will be copied verbatim to the output file. Here is a source file sram.v with the `pragma directives added to protect the contents of the sram module:
`timescale 1 ns/1 ps module sram(CSB,WRB,ABUS,DBUS);
input CSB; // active low chip select input WRB; // active low write control input [11:0] ABUS; // 12-bit address bus inout [7:0] DBUS; // 8-bit data bus
`pragma protect begin reg [7:0] DBUS_driver; wire [7:0] DBUS = DBUS_driver; reg [7:0] ram[0:4095]; // memory cells
integer i; initial // initialize all RAM cells to 0 at startup begin DBUS_driver = 8'bzzzzzzzz; for (i=0; i < 4095; i = i + 1) ram[i] = 0; end
specify $setup(ABUS,posedge WRB,10); endspecify
always @(CSB or WRB or ABUS) begin if (CSB == 1'b0) begin if (WRB == 1'b0) //start to sram, data will be latched in on //rising edge of CSB or WRB begin DBUS_driver <= #10 8'bzzzzzzzz; @(posedge CSB or posedge WRB); $display($time," Writing %m ABUS=%h DATA=%h",ABUS,DBUS); ram[ABUS] = DBUS; end else if (WRB == 1'b1) //reading from sram (data becomes valid after 10ns) begin #10 DBUS_driver = ram[ABUS]; $display($time," Reading %m ABUS=%h DATA=%h",ABUS,DBUS_driver); end end else //sram unselected, stop driving bus after 10ns begin DBUS_driver <= #10 8'bzzzzzzzz; end end `pragma protect end endmodule |
•Next, run simx using the +protect command to encrypt the source file.
simx +protect sram.v
•This will generate a file called sram.vp with contents like the code below. Notice that the code outside the `pragma protect directives is still readable, but the code between the directives is now encrypted:
`timescale 1 ns/1 ps module sram(CSB,WRB,ABUS,DBUS);
input CSB; // active low chip select input WRB; // active low write control input [11:0] ABUS; // 12-bit address bus inout [7:0] DBUS; // 8-bit data bus
`pragma protect begin_protected `pragma protect encrypt_agent = "SynaptiCAD VeriLogger Extreme" `pragma protect encrypt_agent_info = "13.20a" `pragma protect data_method = "aes128-cbc" `pragma protect key_keyowner = "SynaptiCAD" `pragma protect key_keyname = "syncad", key_method = "rsa" `pragma protect key_block encoding = (enctype = "base64") K0c+W1GDd9YcMBiX3ZqvpyTdb9sTWK06w75CLxQWVrmc3L9rzWMKgZ8vZhFcBsMT t9K7aZTd7cJidH5kbBZbCRAZmn1xvTgmkTY7OZYtejMKStrp2bweOCxNgujIrPqo S7Sn8oFlbG9tPn7jMCdKpyWg+20EH74G9ss7MXAJey8= `pragma protect data_block encoding = (enctype = "base64", bytes = 1059) Y1XAstZb24qy35cVbs13JwZp8GncAXhU4FpR2dX1rBlg0zECK0A1CNN6sPhox8ty ZJZucCjN8EE5cbAhhw16W230HmPtWM8mQu5PwIUN/Te5Cd9CJSjIGvgJWFqJStUk a+YBiWOT3cYXjh15krCRpeZvvqdRwvfa+yY57UeLyggomvqPScSGtmnS3S+5hQur ... yP4QT/S4ATdx2eku9kx0Sew9EVMCA69huZN1ZIfpsKQXPMvIb/DSZnsnZhlQicCK wqPfzxcOB1x9OK5yvgaxUf6XVvW2IFk2+kLqwL5Uc5IT/BF1fRmQQh63Bo/XA6Eu M6sxuyIlXqvHkcZROqkyg52e/pq6yaVd0JvXkQBlaIdaa5Ebu4WkBWkPtk368KIc 2HEBVaus9ZQyGYVleOZbQA== `pragma protect end_protected `pragma reset protect endmodule |
About Encryption Keys
Public Key Encryption (RSA Keys)
VeriLogger Extreme uses RSA public key encryption to protect the source code. Each RSA key is composed of a public key, which is used for encrypting the model, and a private key, which is used for decrypting the model. VeriLogger Extreme keeps a database of keys, each uniquely identified by a "key owner", "key name", and an encryption method. VeriLogger Extreme's default RSA key is identified with the key owner string "SynaptiCAD" and the key name string "syncad". As in the first example, if you don't specify a key to use for encryption, VeriLogger Extreme will automatically use its own encryption key. So you could generate the same result as above by explicitly giving the key owner, name, and method, replacing the `pragma protect begin directive with:
`pragma protect key_keyowner = "SynaptiCAD" `pragma protect key_keyname = "syncad" `pragma protect key_method = "rsa" `pragma protect begin |
Optionally Encrypt Models with Your Own RSA Keys
You can also use your own encryption keys. VeriLogger Extreme will load RSA keys from the directory pointed to by the environment variable SYNCAD_KEY_DATABASE. Keys are stored in the Privacy Enhanced Mail (PEM) format. First-level directories under SYNCAD_KEY_DATABASE give the "key owner" string. Each key file is named with its "key name" plus the extension .pem.
For example, if you set the SYNCAD_KEY_DATABASE environment variable to C:\key_database and placed the key you wish to use in the file C:\key_database\my_key_owner\my_key_name.pem, you could encrypt your Verilog source code with the directive below (note that the key_method string must be lowercase):
`pragma protect key_keyowner = "my_key_owner" `pragma protect key_keyname = "my_key_name", key_method = "rsa" `pragma protect begin |
Creating a New RSA Key
To generate a key pair in the (PEM) format, you will need the OpenSSL toolkit available at http://www.openssl.org. Generate the public/private key pair with the command:
openssl genrsa -out my_key_name.pem 1024 |
which will print out something like:
Generating RSA private key, 1024 bit long modulus ..................................................++++++ ...........++++++ e is 65537 (0x10001) |
and generate the key file that looks something like:
-----BEGIN RSA PRIVATE KEY----- MIICXQIBAAKBgQDHSC73QceXs2jtCXKXLqZPB0FdgXIT6mUBoZconAovVjBZ2UD7 YnZUU2rxrF0bfC5nRuiqcCOZ0umtGG1NpfgGdzjNjyu+URMM32s6s+IhVGks415I ... eaMVjzPxBb4JEtSKEUgRAkAvBV+RWvlmRrMJXPUEQVlWDnHcMvrQrMdvxc+sZIBE DTKQd2vIbM5UyP/rcc2EUxKKmjT2OLfAYBmyrLc9tUHZ -----END RSA PRIVATE KEY----- |
If you wish to separate out the public key into a separate file, run the command:
openssl rsa -in my_key_name.pem -out my_key_name_pub.pem -pubout |
which will generate a file like:
-----BEGIN PUBLIC KEY----- MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDHSC73QceXs2jtCXKXLqZPB0Fd gXIT6mUBoZconAovVjBZ2UD7YnZUU2rxrF0bfC5nRuiqcCOZ0umtGG1NpfgGdzjN jyu+URMM32s6s+IhVGks415IelY0aEXmerTq/cdLxOvqQ09m5W0X+1RazZaSSYfS WToFbukyhUoyztwlUQIDAQAB -----END PUBLIC KEY----- |
This public key can be used for generating protected envelopes, but it cannot be used for decrypting these files.
Symmetric Encryption
VeriLogger Extreme supports several ciphers to be used for encrypting Verilog source code: DES, triple-DES, AES (in three key lengths), Blowfish, and CAST. If you do not specify an algorithm with the `pragma protect data_method directive, VeriLogger Extreme will default to encrypting with aes128-cbc. To select a specific encryption method, you would begin the protected section with something like this:
`pragma protect data_method "3des-cbc" `pragma protect key_keyowner = "SynaptiCAD" `pragma protect key_keyname = "syncad", key_method = "rsa", begin |
Supported Encoding and Encryption Methods (Implementation details)
Encoding Methods
VeriLogger Extreme supports base64 encoding of encrypted data. The uuencode format is not supported.
Ciphers
VeriLogger Extreme supports the following symmetric ciphers (a symmetric cipher uses the same key for encryption and decryption, whereas an asymmetric cipher uses two keys, one for the encryption process and another for the decryption process):
•des-cbc: Data Encryption Standard in CBC mode
•3des-cbc: Triple-DES in CBC mode
•aes128-cbc: Advanced Encryption Standard with 128-bit key
•aes192-cbc: Advanced Encryption Standard with 192-bit key
•aes256-cbc: Advanced Encryption Standard with 256-bit key
•blowfish-cbc: Blowfish in CBC mode
•cast128-cbc: CAST-128 in CBC mode
and the following asymmetric cipher:
•rsa: RSA
VeriLogger's Encryption/Decryption Process
For improved security, VeriLogger actually encrypts protected source code blocks using a symmetric cipher (which is stronger than RSA-based encryption for long blocks of text), then encrypts the symmetric key using an asymmetric RSA public key. During internal decryption of a protected block for compilation purposes, VeriLogger first decrypts the symmetric keys for the protected code blocks using the appropriate RSA private key, then it uses these symmetric keys to decrypt their associated source code blocks. Therefore, when you view the encrypted version of a protected block, you will see two separate encrypted sections, a "key block" containing the encrypted symmetric key and a "data block" containing the symmetrically encrypted source code.
Unsupported Directives
The `pragma directives related to message digests are not supported. These include digest_keyowner, digest_key_method, digest_keyname, digest_public_key, digest_decrypt_key, digest_method, and digest_block.
Advanced licensing directives that alter the available functionality of the encrypted models are NOT supported. Unsupported directives include: decrypt_license (which allows creation of encrypted models whose source code could be viewed by an end user with the proper key), runtime_license (which allows creation of models that can be compiled but not simulated), and viewport (which allows users to more advanced debugging access to protected envelopes of the code such as the ability to view or set values of signals defined in the protected envelope). Currently, encryption is an all-or-nothing proposition and the encrypted source code will never be visible to the end-user.