Owner Root Public Key Hash Programming; Aes Root Key Programming; Planned Security Features; Physically Unclonable Function (Puf) Overview - Intel Stratix 10 User Manual
Device security
Hide thumbs
Also See for Stratix 10:
- Configuration user manual (113 pages) ,
- User manual (228 pages) ,
- User manual (45 pages)
Table of Contents
Advertisement
®
®
1. Intel
Stratix
10 Device Security Overview
UG-S10SECURITY | 2020.01.15
1.3.1. Owner Root Public Key Hash Programming
You can store the owner root public key hash in virtual eFuses (volatile) or physical
eFuses (non-volatile).
You specify either virtual or physical eFuses when you program your device. Once you
program the physical eFuse key, you cannot change or reprogram the key.
1.3.2. AES Root Key Programming
You specify the storage option for the AES root key on the Security page of the
Assignments
select Battery Backup RAM (BBRAM) or eFuses. When you generate the SRAM
Object File
specify to partially encrypt the configuration bitstream.
Figure 3.
Specify Storage Location for Encryption Key
Specify Quartus
Prime Key File
Select Key
Storage Location
The Intel Quartus Prime Programmer also includes an Encryption Key Select option
with two choices: Battery Backup RAM or eFuses. This option is available for Intel
Stratix 10 and later devices that include the SDM when you program a Intel Quartus
Prime encryption key
1.4. Planned Security Features
Some Intel Stratix 10 advanced security features are not currently supported, but are
planned to be supported in a future release. These features include support for a PUF,
anti-tampering, and black key provisioning.
1.4.1. Physically Unclonable Function (PUF) Overview
The Intel Stratix 10 device provides access to the PUF as part of the device
configuration process. The PUF generates device-unique, unclonable keys based on
SRAM initialization patterns. You can use the PUF to assist with AES root key
encryption. Encrypting an AES key is also called key wrapping. You store the wrapped
AES root key in external flash memory. Using the PUF also requires storing PUF helper
data in the external flash memory.
Note:
To enable the PUF function, you must negotiate a license agreement with
Send Feedback
Device
Device and Pin Options. In the current release, you can
the Intel Quartus
.sof
.
.qek
®
Prime Pro Edition Software records the key you
®
Intel
Stratix
Intrinsic
ID.
®
10 Device Security User Guide
9
- Quick Links:
- Intel ® Stratix ® 10 Device...
- Using Efuses
Hide quick links:
Advertisement
Table of Contents
Subscribe to Our Youtube Channel
Related Manuals for Intel Stratix 10
Related Products for Intel Stratix 10
- Intel Compute Stick STK2m3W64CC
- Intel STEL-2176
- Intel SRCSATAWB - RAID Controller
- Intel SR1630BC - Server System - 0 MB RAM
- Intel SS4200-E - Entry Storage System NAS Server
- Intel SE7501WV2 - Server Chassis - SR2300
- Intel S5000PSLROMBR - Server Board With Xeon Dualcore Support
- Intel SE440BX - Desktop Board Motherboard
Need help?
Do you have a question about the Stratix 10 and is the answer not in the manual?
Questions and answers