BugHunter Pro and the VeriLogger Simulators

6.2 Verilog Protected Envelopes (Encrypted Models)

6.2 Verilog Protected Envelopes (Encrypted Models)

Previous topic Next topic  

6.2 Verilog Protected Envelopes (Encrypted Models)

Previous topic Next topic  

The Verilog 2005 standard introduced a new feature to support protected intellectual property (IP). This feature allows IP vendors to deliver models in encrypted form. Vendors may choose to encrypt entire files, or only encrypt parts of a model. More information on protected envelopes can be found in section 28 of the IEEE Standard 1364-2005. VeriLogger Extreme supports the Protected Envelopes feature of Verilog 2005. Encrypted Verilog source files traditionally have the extension .vp.

Before encrypting your source, test the unencrypted source code with VeriLogger Extreme to ensure that it compiles without errors. Since the end-user of your IP will not have access to the source code, they will be unable to fix any problems, and error messages in encrypted sections of code will be useless.

Creating a Protected Envelope

The simplest and most common way to use protected envelopes is to encrypt your source code with VeriLogger Extreme's public key. This will allow any VeriLogger Extreme user to compile and use the encrypted model by simply adding the file to their project. VeriLogger Extreme will compile and simulate using the encrypted code, but the user will not have access to any of the encrypted source code.

To create an encrypted model file, perform the following steps:

Add `pragma protect directives to the source to delimit which sections to encrypt. Anything between a `pragma protect begin line and a `pragma protect end will be encrypted. Anything outside these directives will be copied verbatim to the output file. Here is a source file sram.v with the `pragma directives added to protect the contents of the sram module:

`timescale 1 ns/1 ps 

module sram(CSB,WRB,ABUS,DBUS);

 

input CSB;            // active low chip select

input WRB;            // active low write control

input [11:0] ABUS;    // 12-bit address bus

inout [7:0] DBUS;     //  8-bit data bus

 

`pragma protect begin

reg  [7:0] DBUS_driver;

wire [7:0] DBUS = DBUS_driver;

reg [7:0] ram[0:4095];  // memory cells

 

integer i;

initial                 // initialize all RAM cells to 0 at startup

   begin

   DBUS_driver = 8'bzzzzzzzz;

   for (i=0; i < 4095; i = i + 1)

     ram[i] = 0;

   end

 

specify

  $setup(ABUS,posedge WRB,10);

endspecify

 

always @(CSB or WRB or ABUS)

  begin

    if (CSB == 1'b0)

      begin

      if (WRB == 1'b0) //start to sram, data will be latched in on 

                       //rising edge of CSB or WRB

        begin

        DBUS_driver <= #10 8'bzzzzzzzz;

        @(posedge CSB or posedge WRB);

        $display($time," Writing %m ABUS=%h DATA=%h",ABUS,DBUS);

        ram[ABUS] = DBUS;

        end

      else if (WRB == 1'b1) //reading from sram (data becomes valid after 10ns)

        begin

        #10 DBUS_driver =  ram[ABUS];

        $display($time," Reading %m ABUS=%h DATA=%h",ABUS,DBUS_driver);

        end

      end

    else //sram unselected, stop driving bus after 10ns

      begin

      DBUS_driver <=  #10 8'bzzzzzzzz;

      end

  end

`pragma protect end

endmodule

Next, run simx using the +protect command to encrypt the source file.

simx +protect sram.v 

This will generate a file called sram.vp with contents like the code below. Notice that the code outside the `pragma protect directives is still readable, but the code between the directives is now encrypted:

`timescale 1 ns/1 ps 

module sram(CSB,WRB,ABUS,DBUS);

 

input CSB;                // active low chip select

input WRB;                // active low write control

input [11:0] ABUS;        // 12-bit address bus

inout [7:0] DBUS;         // 8-bit data bus

 

`pragma protect begin_protected

`pragma protect encrypt_agent = "SynaptiCAD VeriLogger Extreme"

`pragma protect encrypt_agent_info = "13.20a"

`pragma protect data_method = "aes128-cbc"

`pragma protect key_keyowner = "SynaptiCAD" 

`pragma protect key_keyname = "syncad", key_method = "rsa"

`pragma protect key_block encoding = (enctype = "base64")

K0c+W1GDd9YcMBiX3ZqvpyTdb9sTWK06w75CLxQWVrmc3L9rzWMKgZ8vZhFcBsMT

t9K7aZTd7cJidH5kbBZbCRAZmn1xvTgmkTY7OZYtejMKStrp2bweOCxNgujIrPqo

S7Sn8oFlbG9tPn7jMCdKpyWg+20EH74G9ss7MXAJey8=

`pragma protect data_block encoding = (enctype = "base64", bytes = 1059)

Y1XAstZb24qy35cVbs13JwZp8GncAXhU4FpR2dX1rBlg0zECK0A1CNN6sPhox8ty

ZJZucCjN8EE5cbAhhw16W230HmPtWM8mQu5PwIUN/Te5Cd9CJSjIGvgJWFqJStUk

a+YBiWOT3cYXjh15krCRpeZvvqdRwvfa+yY57UeLyggomvqPScSGtmnS3S+5hQur

...

yP4QT/S4ATdx2eku9kx0Sew9EVMCA69huZN1ZIfpsKQXPMvIb/DSZnsnZhlQicCK

wqPfzxcOB1x9OK5yvgaxUf6XVvW2IFk2+kLqwL5Uc5IT/BF1fRmQQh63Bo/XA6Eu

M6sxuyIlXqvHkcZROqkyg52e/pq6yaVd0JvXkQBlaIdaa5Ebu4WkBWkPtk368KIc

2HEBVaus9ZQyGYVleOZbQA==

`pragma protect end_protected

`pragma reset protect

endmodule

About Encryption Keys

Public Key Encryption (RSA Keys)

VeriLogger Extreme uses RSA public key encryption to protect the source code. Each RSA key is composed of a public key, which is used for encrypting the model, and a private key, which is used for decrypting the model. VeriLogger Extreme keeps a database of keys, each uniquely identified by a "key owner", "key name", and an encryption method. VeriLogger Extreme's default RSA key is identified with the key owner string "SynaptiCAD" and the key name string "syncad". As in the first example, if you don't specify a key to use for encryption, VeriLogger Extreme will automatically use its own encryption key. So you could generate the same result as above by explicitly giving the key owner, name, and method, replacing the `pragma protect begin directive with:

`pragma protect key_keyowner = "SynaptiCAD" 

`pragma protect key_keyname = "syncad"

`pragma protect key_method = "rsa" 

`pragma protect begin

Optionally Encrypt Models with Your Own RSA Keys

You can also use your own encryption keys. VeriLogger Extreme will load RSA keys from the directory pointed to by the environment variable SYNCAD_KEY_DATABASE. Keys are stored in the Privacy Enhanced Mail (PEM) format. First-level directories under SYNCAD_KEY_DATABASE give the "key owner" string. Each key file is named with its "key name" plus the extension .pem.

For example, if you set the SYNCAD_KEY_DATABASE environment variable to C:\key_database and placed the key you wish to use in the file C:\key_database\my_key_owner\my_key_name.pem, you could encrypt your Verilog source code with the directive below (note that the key_method string must be lowercase):

`pragma protect key_keyowner = "my_key_owner"

`pragma protect key_keyname = "my_key_name", key_method = "rsa" 

`pragma protect begin

Creating a New RSA Key

To generate a key pair in the  (PEM) format, you will need the OpenSSL toolkit available at http://www.openssl.org. Generate the public/private key pair with the command:

openssl genrsa -out my_key_name.pem 1024 

which will print out something like:

Generating RSA private key, 1024 bit long modulus 

..................................................++++++

...........++++++

e is 65537 (0x10001)

and generate the key file that looks something like:

-----BEGIN RSA PRIVATE KEY----- 

MIICXQIBAAKBgQDHSC73QceXs2jtCXKXLqZPB0FdgXIT6mUBoZconAovVjBZ2UD7

YnZUU2rxrF0bfC5nRuiqcCOZ0umtGG1NpfgGdzjNjyu+URMM32s6s+IhVGks415I

...

eaMVjzPxBb4JEtSKEUgRAkAvBV+RWvlmRrMJXPUEQVlWDnHcMvrQrMdvxc+sZIBE

DTKQd2vIbM5UyP/rcc2EUxKKmjT2OLfAYBmyrLc9tUHZ

-----END RSA PRIVATE KEY-----

If you wish to separate out the public key into a separate file, run the command:

openssl rsa -in my_key_name.pem -out my_key_name_pub.pem -pubout

which will generate a file like:

-----BEGIN PUBLIC KEY----- 

MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDHSC73QceXs2jtCXKXLqZPB0Fd

gXIT6mUBoZconAovVjBZ2UD7YnZUU2rxrF0bfC5nRuiqcCOZ0umtGG1NpfgGdzjN

jyu+URMM32s6s+IhVGks415IelY0aEXmerTq/cdLxOvqQ09m5W0X+1RazZaSSYfS

WToFbukyhUoyztwlUQIDAQAB

-----END PUBLIC KEY-----

This public key can be used for generating protected envelopes, but it cannot be used for decrypting these files.

Symmetric Encryption

VeriLogger Extreme supports several ciphers to be used for encrypting Verilog source code: DES, triple-DES, AES (in three key lengths), Blowfish, and CAST. If you do not specify an algorithm with the `pragma protect data_method directive, VeriLogger Extreme will default to encrypting with aes128-cbc. To select a specific encryption method, you would begin the protected section with something like this:

`pragma protect data_method "3des-cbc" 

`pragma protect key_keyowner = "SynaptiCAD" 

`pragma protect key_keyname = "syncad", key_method = "rsa", begin

Supported Encoding and Encryption Methods (Implementation details)

Encoding Methods

VeriLogger Extreme supports base64 encoding of encrypted data. The uuencode format is not supported.

Ciphers

VeriLogger Extreme supports the following symmetric ciphers (a symmetric cipher uses the same key for encryption and decryption, whereas an asymmetric cipher uses two keys, one for the encryption process and another for the decryption process):

des-cbc: Data Encryption Standard in CBC mode

3des-cbc: Triple-DES in CBC mode

aes128-cbc: Advanced Encryption Standard with 128-bit key

aes192-cbc: Advanced Encryption Standard with 192-bit key

aes256-cbc: Advanced Encryption Standard with 256-bit key

blowfish-cbc: Blowfish in CBC mode

cast128-cbc: CAST-128 in CBC mode

and the following asymmetric cipher:

rsa: RSA

VeriLogger's Encryption/Decryption Process

For improved security, VeriLogger actually encrypts protected source code blocks using a symmetric cipher (which is stronger than RSA-based encryption for long blocks of text), then encrypts the symmetric key using an asymmetric RSA public key. During internal decryption of a protected block for compilation purposes, VeriLogger first decrypts the symmetric keys for the protected code blocks using the appropriate RSA private key, then it uses these symmetric keys to decrypt their associated source code blocks. Therefore, when you view the encrypted version of a protected block, you will see two separate encrypted sections, a "key block" containing the encrypted symmetric key and a "data block" containing the symmetrically encrypted source code.

Unsupported Directives

The `pragma directives related to message digests are not supported. These include digest_keyowner, digest_key_method, digest_keyname, digest_public_key, digest_decrypt_key, digest_method, and digest_block.

Advanced licensing directives that alter the available functionality of the encrypted models are NOT supported. Unsupported directives include: decrypt_license (which allows creation of encrypted models whose source code could be viewed by an end user with the proper key), runtime_license (which allows creation of models that can be compiled but not simulated), and viewport (which allows users to more advanced debugging access to protected envelopes of the code such as the ability to view or set values of signals defined in the protected envelope). Currently, encryption is an all-or-nothing proposition and the encrypted source code will never be visible to the end-user.