Intel Stratix 10 User manual
Contents
1. Intel® Stratix® 10 Device Security Overview...................................................................4
1.1. Intel Stratix 10 Secure Device Manager (SDM).......................................................... 6
1.2. Intel Stratix 10 Base Security..................................................................................7
1.2.1. Side Channel Resistance............................................................................. 7
1.3. Owner Security Keys and Programming.................................................................... 8
1.3.1. eFuse (Volatile or Non-Volatile) AES Root Key................................................ 8
1.3.2. BBRAM (Volatile) AES Root Key....................................................................8
2. Design Authentication.....................................................................................................9
2.1. The Configuration Bitstream ...................................................................................9
2.2. Signature Block................................................................................................... 11
2.2.1. Authentication for HPS Software................................................................ 13
3. Using the Authentication Feature..................................................................................14
3.1. Step 1: Creating the Root Key............................................................................... 15
3.2. Step 2: Creating the Design Signing Key.................................................................15
3.3. Step 3: Appending the Design Signature Key to the Signature Chain...........................16
3.4. Step 4: Signing the Bitstream................................................................................17
3.4.1. Step 4a: Signing the Bitstream Using the Programming File Generator............ 17
3.4.2. Step 4b: Signing the Bitstream Using the quartus_sign Command.................. 19
3.5. Step 5: Programming the Owner Public Root Key for Authentication............................20
3.5.1. Step 5a: Programming the Owner Public Root Key Using the Intel Quartus
Prime Programmer................................................................................... 20
3.5.2. Step 5b: Calculating the Owner Public Root Key Hash................................... 22
4. Co-Signing Device Firmware Overview..........................................................................23
4.1. Using the Co-Signing Feature................................................................................ 23
4.1.1. Prerequisites for Co-Signing Device Firmware.............................................. 24
4.1.2. Generating the Owner Firmware Signing Key............................................... 24
4.1.3. Co-Signing the Firmware ..........................................................................25
4.1.4. Programming the Co-Signed Firmware eFuses .............................................25
4.1.5. Powering On In JTAG Mode After Implementing Co-Signed Firmware...............27
4.1.6. Canceling Intel Firmware ID...................................................................... 27
5. Signing Command Detailed Description........................................................................ 30
5.1. Generate Private PEM Key..................................................................................... 31
5.2. Generate Public PEM Key.......................................................................................31
5.3. Generate Root Signature Chain.............................................................................. 31
5.4. Append Key to Signature Chain..............................................................................31
5.5. Sign the Bitstream............................................................................................... 32
5.6. Calculate Public Root Key Hash from QKY................................................................ 33
6. Encryption and Decryption Overview............................................................................ 34
6.1. Using the Encryption Feature.................................................................................35
6.1.1. Step 1: Preparing the Owner Image and AES Key File................................... 36
6.1.2. Step 2a: Generating Programming Files Using the Programming File
Generator............................................................................................... 36
6.1.3. Step 2b: Generating Programming Files Using the Command Line Interface .... 38
Contents
Intel® Stratix® 10 Device Security User Guide Send Feedback
2
6.1.4. Step 3a: Specifying Keys and Configuring the Encrypted Image Using the
Intel Quartus Prime Programmer ...............................................................38
6.1.5. Step 3b: Programming the AES Key and Configuring the Encrypted Image
Using the Command Line.......................................................................... 40
7. Using eFuses ................................................................................................................ 41
7.1. Fuse Programming Input Files............................................................................... 43
7.1.1. Fuse File Format...................................................................................... 44
8. Document Revision History for Intel Stratix 10 Device Security User Guide..................45
Contents
Send Feedback Intel® Stratix® 10 Device Security User Guide
3
1. Intel® Stratix® 10 Device Security Overview
Intel® Stratix® 10 devices provide flexible and robust security features to protect
sensitive data, intellectual property, and the device itself under both remote and
physical attacks.
Intel Stratix 10 devices provide two main categories of security features:
authentication and encryption.
Authentication ensures that both the firmware and the configuration bitstream are
from a trusted source. Authentication is fundamental to Intel Stratix 10 security. You
cannot enable any other Intel Stratix 10 security features without enabling owner
authentication. Integrity checking which is part of authentication prevents accidental
bitstream change, corruption, or malicious attack.
Encryption prevents theft of intellectual property. Encryption protects confidential
information in the owner configuration bitstream.
Here are the specific security features that Intel Stratix 10 devices provide:
Authentication Category
• Elliptic Curve Based Public-Key Authentication: This feature allows the device to
authenticate Intel firmware and the configuration bitstream. Intel Stratix 10
devices always require firmware authentication for all Intel firmware that loads
into silicon. This requirement ensures that Intel is the only source that provides
the primary firmware for the Secure Device Manager (SDM) and most other
firmware that runs on other configuration processors in the Intel Stratix 10 device.
Intel Stratix 10 devices do not require authentication for the owner configuration
bitstream. You enable authentication for your configuration bitstream through
eFuse settings. After you program the hash of the root public key into eFuses, the
Intel Stratix 10 device only accepts an owner configuration bitstream that is
signed with corresponding private signing key.
• Anti-tampering security feature: Anti-tampering addresses physical attacks on
silicon. There are two categories of anti-tampering features: passive and active
anti-tampering.
— The passive anti-tampering feature enforces physical security features using
redundancy and interlocking systems. Passive anti-tampering is always
running on Intel Stratix 10 devices. Passive anti-tampering functions do not
operate in response to a particular function.
— Active anti-tampering responds when the silicon detects physical attacks from
the outside. By default, all active anti-tampering functions are off. When the
active anti-tampering function is on, you can select which detection functions
and responses to enable.
UG-S10SECURITY | 2019.05.10
Send Feedback
Intel Corporation. All rights reserved. Agilex, Altera, Arria, Cyclone, Enpirion, Intel, the Intel logo, MAX, Nios,
Quartus and Stratix words and logos are trademarks of Intel Corporation or its subsidiaries in the U.S. and/or
other countries. Intel warrants performance of its FPGA and semiconductor products to current specifications in
accordance with Intel's standard warranty, but reserves the right to make changes to any products and services
at any time without notice. Intel assumes no responsibility or liability arising out of the application or use of any
information, product, or service described herein except as expressly agreed to in writing by Intel. Intel
customers are advised to obtain the latest version of device specifications before relying on any published
information and before placing orders for products or services.
*Other names and brands may be claimed as the property of others.
ISO
9001:2015
Registered
Encryption Category
• Advanced Encryption Standard (AES)-256 encryption: This feature protects the
owner configuration bitstream intellectual property (IP) or confidential data as part
of root security in the owner configuration bitstream. AES-CTR (counter) mode is
the base for bitstream encryption. To reduce AES key exposure from random
attacks, AES decryption only operates on data that has already passed public key
authentication.
• Side channel protection: Side channel protection prevents AES Key and
confidential data under non-intrusive attack. Intel Stratix 10 devices include the
following functions to protect side channel leakage from silicon.
— A key update function protects the AES keys in bitstream decryption.
— The authentication first flow protects against unnecessary key exposure.
— Long route data line scrambling protects against side channel leakage over
data lines.
— A 256-bit wide direct key bus loading limits unauthorized access to keys.
— Key scrambling in the key vault protects key values.
• Multiple AES root key choices: Intel Stratix 10 devices support three different
types of root AES keys: eFuse, BBRAM, and physically unclonable function (PUF).
• Black key provisioning: Key provisioning, especially secret key provisioning, is
costly. In addition, key provisioning is the least secure step in the encryption
process. Black key provisioning creates a direct secure channel between your
custom hardware security module (HSM) and the Intel Stratix 10 device for key
provisioning. Having a secure channel ensures confidential information including
the AES key are provisioned into silicon without exposure to an intermediate party.
As a side benefit, black key provisioning also helps secure the supply chain at
contract manufacturing facilities.
Note: These security features are available in Intel Stratix 10 devices that support advanced
security. The ordering codes for Intel Stratix 10 devices that include advanced security
features includes the AS (Advanced Security) suffix. Please contact your Intel
Programmable Solutions representative to get additional information about Intel
Stratix 10 device security features.
Related Information
Intel Quartus® Prime Pro Edition User Guide Programmer
Describes operation of the Intel Quartus® Prime Pro Edition Programmer, which
allows you to configure Intel FPGA devices, and program CPLD and configuration
devices, via connection with an Intel FPGA download cable.
1. Intel® Stratix® 10 Device Security Overview
UG-S10SECURITY | 2019.05.10
Send Feedback Intel® Stratix® 10 Device Security User Guide
5
1.1. Intel Stratix 10 Secure Device Manager (SDM)
The Secure Device Manager (SDM) is a triple-redundant processor-based module that
manages the configuration and security features of Intel Stratix 10 devices. The SDM
authenticates and decrypts configuration data.
Figure 1. Secure Device Manager
Configuration
Sector
Configuration
Sector
Configurable Network Interface
SDM Pins
Secure Device Manager
Dual Purpose I/O
Intel Stratix 10 FPGA
Intel Stratix 10 SX Blocks
Intel Stratix 10 GX Blocks
Intel Stratix 10 TX Blocks
Intel Stratix 10 MX Blocks
Additional blocks in the
Intel Stratix 10 device variants:
SX: Includes Hard Processor System
MX: Includes High-Bandwidth Memory
TX: Includes High-Bandwidth XCVRs
GX: General Purpose FPGA
Configuration
Sector
Configuration
Sector
Configuration Network
Local Sector
Manager (LSM)
Local Sector
Manager (LSM)
Local Sector
Manager (LSM)
Local Sector
Manager (LSM)
Authentication includes the following steps:
1. First, the SDM performs an integrity check using SHA-256 or SHA-384. The
integrity check ensures that the bitstream is not corrupted due to an accidental
occurrence such as a bad write to flash.
2. Then, the authentication process guarantees that a trusted source, the device
owner, created the configuration bitstream.
3. If successful, and you have enabled AES Encryption, the SDM then decrypts the
data. The SDM drives the decrypted data on the configuration network to Local
Sector Managers (LSM) on the configuration network. Each LSM parses the sector
configuration block data and configures the logic elements in the sector that it
manages.
Related Information
Intel Stratix 10 Configuration User Guide: Secure Device Manager
1. Intel® Stratix® 10 Device Security Overview
UG-S10SECURITY | 2019.05.10
Intel® Stratix® 10 Device Security User Guide Send Feedback
6
1.2. Intel Stratix 10 Base Security
To enable base security features, you must program the hash of the owner public root
key eFuse into Intel Stratix 10. As soon as you program the owner root key you have
created an Intel Stratix 10 device with basic security. Your configuration bitstream
must be signed.
Note: The fusing process automatically computes the hash of the owner public root key.
When you program the owner public root key, the programmer automatically
programs the hash value, not the full key.
You can enable the following additional security options to further enhance the
security level:
• Advanced Encryption Standard (AES) Encryption protects your IP and secures your
data. This option includes multiple sub-options relating to side channel mitigation.
• Configuration firmware joint signature capability allows you to sign the version of
configuration firmware to run on your device. At all times, the device only loads
firmware that Intel has authenticated. An eFuse on the Intel Stratix 10 device
enables this feature.
eFuse programming sets a minimum-security strength. All eFuse enforced security
options are permanent. In contrast to permanent security features, Intel Stratix 10
devices include some dynamic security options that you can control without using
eFuses. JTAG Secure is one example of a dynamic security feature. Intel Stratix 10
devices control dynamic security options by setting optional fields in the configuration
bitstream. Intel recommends using the optional fields in the configuration bitstream to
enforce security options when available. The optional fields provide a similar security
level as the eFuse setting with more flexibility.
1.2.1. Side Channel Resistance
Side channel resistance technology helps prevent secret leakage from the
Intel Stratix 10 device. Side channel mitigation is not limited to the AES engine. Any
circuit which could transport secret key material has its associated mitigation. Long
data transmission lines in silicon also implement security control agreement
mitigation.
The following side channel mitigation features are available in Intel Stratix 10 devices:
• AES side channel mitigation
— Key update: Limits to the amount of data encrypted by each key. The default
limit each key can encrypt is 4 KB.
— Authentication first: The device authenticates the bitstream before decrypting
it. Attackers cannot perform differential attacks on the AES before breaking
authentication.
• Datapath random number scrambling
• Physically unclonable function (PUF) enrollment and extraction scrambling
• 256-bit point-to-point Key bus
1. Intel® Stratix® 10 Device Security Overview
UG-S10SECURITY | 2019.05.10
Send Feedback Intel® Stratix® 10 Device Security User Guide
7
1.3. Owner Security Keys and Programming
Intel Stratix 10 devices support two types of security keys:
• Owner public root key hash: Programming this key enables the base security
features. The Intel Stratix 10 stores the SHA-256 or SHA-384 hash of this key in
eFuses or virtual eFuses. This key authenticates the final owner design signing key
through the public signature chain.
• Owner AES key: This optional key decrypts the encrypted owner image during the
configuration process. You can store the AES key in virtual or physical eFuses, a
BBRAM, or a PUF. You program the AES key using JTAG. The configuration
bitstream specifies the owner AES key location. For extra security, you can
program fuses to enforce eFuse key selection. For example, if your design stores
the AES key in eFuses, you can disable the BBRAM root key fuse for additional
security. Intel Stratix 10 devices support both red key (unencrypted) and black
key (encrypted) programming.
Note: You program or blow eFuses by flowing a large current for a specific amount of time.
This process is irreversible.
1.3.1. eFuse (Volatile or Non-Volatile) AES Root Key
Virtual eFuses are volatile. Physical eFuses are non-volatile. Once you program the
physical eFuse key, you cannot change or reprogram the key. The value stored in
eFuses is a device-unique scrambled version of the original owner key.
The Intel Quartus® Prime Programmer includes a Device security key storage
option. This option is available for Intel Stratix 10 and later devices that include the
SDM when you program a Intel Quartus Prime encryption key .qek.
Note: The current release only support the battery-backed RAM (BBRAM) storage location.
1.3.2. BBRAM (Volatile) AES Root Key
In contrast to eFuse keys, BBRAM keys are reprogrammable. The BBRAM key vault
holds a single key. Programming a new key deletes the previously programmed key.
The BBRAM key vault includes a built-in function to perform periodic key flipping to
prevent key imprinting.
The BBRAM AES key has its own power supply. VCCBAT powers the BBRAM AES key.
The allowed voltage range is 1.2V - 1.8V.
Related Information
Recommended Operating Conditions for VCCBAT in Stratix 10 Device Datasheet
1. Intel® Stratix® 10 Device Security Overview
UG-S10SECURITY | 2019.05.10
Intel® Stratix® 10 Device Security User Guide Send Feedback
8
2. Design Authentication
For networked systems, every power up or remote system upgrade to an
unauthenticated bitstream is vulnerable to attack. Malicious attacks can occur because
the FPGA does not verify that configuration bitstream is from a trusted source. Intel
Stratix 10 FPGAs include a feature to authenticate the bitstream, guaranteeing that
the bitstream is from a trusted source. Authentication uses signature keys to validate
the content of a bitstream, preventing the Intel Stratix 10 FPGA from configuring with
an unauthorized configuration bitstream.
When you use authentication, your manufacturing process programs the hash digest
of the Elliptic Curve Digital Signature Algorithm (ECDSA) public signature key into
FPGA eFuses. The configuration bitstream contains the public signature key. The SDM
compares the hash digest of configuration bitstream public signature key to the hash
digest stored in eFuses. The SDM only loads the bitstream if the values match.
You can choose either ECDSA256 or ECDSA384. The ECDSA256 and ECDSA384 use
the SHA-256 and SHA-384 cryptographic hash function to create the secure hash.
Intel recommends that you use 384-bit algorithm. The 256-bit algorithm is weaker
than the algorithm and consequently more likely to become vulnerable to attack. Use
the 256-bit algorithm if you have a custom hardware security module (HSM) that does
not accept SHA-384 hashes. SHA-384 generates a bitstream that is larger than
SHA-256. SHA-384 hashes result in longer configuration times.
2.1. The Configuration Bitstream
The figure below shows an Intel Stratix 10 configuration bitstream that includes an
FPGA and HPS. The firmware section is static and is dependent on the Intel Quartus
Prime version.
The SDM always authenticates the firmware configuration bitstream whether you
choose to authenticate the other dynamic sections of the bitstream. To create an
additional level of security, you may request joint signing for the configuration
bitstream by programming the Joint Signature fuse on the device. When the Joint
Signature fuse is programmed, the device checks for an owner signature on the
firmware section of the configuration bitstream. The device only runs firmware with
both signatures.
UG-S10SECURITY | 2019.05.10
Send Feedback
Intel Corporation. All rights reserved. Agilex, Altera, Arria, Cyclone, Enpirion, Intel, the Intel logo, MAX, Nios,
Quartus and Stratix words and logos are trademarks of Intel Corporation or its subsidiaries in the U.S. and/or
other countries. Intel warrants performance of its FPGA and semiconductor products to current specifications in
accordance with Intel's standard warranty, but reserves the right to make changes to any products and services
at any time without notice. Intel assumes no responsibility or liability arising out of the application or use of any
information, product, or service described herein except as expressly agreed to in writing by Intel. Intel
customers are advised to obtain the latest version of device specifications before relying on any published
information and before placing orders for products or services.
*Other names and brands may be claimed as the property of others.
ISO
9001:2015
Registered
Figure 2. Example of an Intel Stratix 10 Configuration Bitstream Structure
Firmware Section
Firmware section
is static and
Quartus Prime
version dependent
Design Section
(IO Configuration)
Design Section
(FPGA Core Configuration)
Design Section
(HPS boot code)
The I/O, HPS, and FPGA sections are dynamic and contain the device configuration
information based on your design. Each dynamic section of the configuration bitstream
stores information in the same format. Each section begins with a 4 kilobyte (KB)
header block, followed by a signature block, hash blocks, and data.
Figure 3. Configuration Bitstream Layout
Header Block
Hash for Hash Block 0
Hash in the
Header Block
validates
Hash Block 0
Hash and signature
over Header Block
Signature Block
Hash Block 0 (SHA-384 or SHA-256)
Data Block 0
Data Block 1
Data Block 83 or 125
Hash Block 1 (SHA-384 or SHA-256)
Data Block 83 or 125
Hash Block N
Data Block 0
Data Block 1
Hash Block 0
validates
Hash Block 1,
and so on
2. Design Authentication
UG-S10SECURITY | 2019.05.10
Intel® Stratix® 10 Device Security User Guide Send Feedback
10
The header block contains a hash which validates hash block 0. Each hash block
contains up to 125 SHA-256 hashes or 83 SHA-384 hashes. These hashes validate
subsequent data blocks.
2.2. Signature Block
The signature block validates the contents of the header block. After successfully
validating the signatures, the SDM processes the data based on the signatures
provided.
Figure 4. Signature Block Format
SHA-384 hash over Header Block 1st Signature Chain
2nd Signature Chain
3rd Signature Chain
4th Signature Chain
Root Key
Public Key Entry 1 (Recommended)
Public Key Entry 2 (Optional)
Header Block Entry
Offset to signature chains
Up to 4 Signature Chains
Dynamic Sector Pointers
32-bit CRC
Table 1. Signature Block
Block Description
SHA-384 hash of
header block
This hash function checks for accidental changes in the preceding block of the configuration
bitstream, typically the header block.
Signature chains Zero or more signature chains. Each signature chain can include up to 3 keys, including the owner
public root key. The other 2 keys support separate signatures for the firmware, core, and HPS
sections of the configuration bitstream.
The Intel Quartus Prime Software supports 2 keychains for control module firmware (CMF) signing
and up to 4 keychains for the configuration bitstream. Multiple keychains provide some flexibility. For
example, if you change your root key and want to create a design which works on devices with both
the old and new root key.
Dynamic sector
pointers
Locate the design sections for the remainder of the image when you store the image in flash
memory.
32-bit CRC Protects the block from accidental modification. The CRC does not provide security. Software tools
can check the CRC to identify accidental modifications.
Signature Chain Details
Intel Stratix 10 FPGAs support up to four signature chains. If a signature chain is
invalid, it is ignored. The FPGA starts validating the next signature chain. This
capability allows for root key rollover. To pass authentication, at least one signature
keychain must pass.
Table 2. Signature Chain Content
Content Description
Root Key
Entry
The Root Entry anchors the chain to a root key known to the FPGA. The FPGA calculates the hash of the root
entry and checks if the it matches the expected hash. You store the root key in eFuses.
Public Key
Entry
Signature chains enable flexible key management. Intel recommends one public key entry in each signature
chain. The previous public key signs the new public key. The public key entry provides following capabilities:
continued...
2. Design Authentication
UG-S10SECURITY | 2019.05.10
Send Feedback Intel® Stratix® 10 Device Security User Guide
11
Content Description
• Key bit fields to limit the areas a public key entry can sign. The following permissions values are valid:
— Bit 0: Firmware
— Bit 1: FPGA I/O, core sections, and PR sections
— Bit 2: HPS I/O and first stage bootloader sections (FSBL)
• If more than one bit field is on, the key can sign more than one section. For example, if both bits 1 and 2
are on, the key can sign the FPGA I/O, score, PR, HPS I/O, and FSBL sections of the design.
• Cancellation ID: Specifies the number that cancels a key that is no longer valid. Intel Stratix 10 devices
include 32 cancellation IDs. Cancellation IDs 0-31 cancel owner keys. Once you cancel a key, any
previous designs using the canceled key are unusable. You can use this feature to prevent older designs
from running on a device or as part of recovery from a compromised key. Firmware controls the order in
which eFuses are blown.
Second- or third-level keys typically sign data. Intel Stratix 10 devices support signature chains containing
up to three keys, including up to 2 public key entries.
Header
Block Entry
The final entry in a signature chain signs the actual data. The Block0 Entry authenticates the first block of
the section, and thus authenticates the whole section.
Understanding Permissions and Cancellation IDs
You use permissions to specify the sections that a key can sign. You can use the same
or different cancellation key for the different sections. If you use the same cancellation
ID for more than one section, canceling any section with that cancellation ID cancels
all sections using that cancellation ID. For example, if you assign the same
cancellation ID to both the FPGA and HPS sections, canceling the HPS section also
invalidates the FPGA section. The root signature key does not have a cancellation ID.
Consequently, you cannot cancel the root key. However, you can cancel a signature
chain that includes two or more signature levels. Intel strongly recommends that you
create a signature chain with at least two levels to retain the ability to update your
signature keychain. The following figure shows a signature chain with a root key and
two level one signature keys. The level one keys have different permissions and
cancellation IDs.
Figure 5. Three-Key Signature Chain
Create 1st Level
Signature Chain Signature Chain
Root Keychain
Permission = 4 (HPS, FSBL)
Cancellation ID = 33
Level Public Key
1st
Permission = 2 (Core, I/O, PR)
Cancellation ID = 32
1st Level
Level Public Key
1st
Here are some reasons that you may need to cancel a signature key:
• A private key is accidentally released
• You find a vulnerability in your design
• You find a bug in the design after having created the signed configuration
bitstream
• You want to update the current design as part of a normal release cycle
2. Design Authentication
UG-S10SECURITY | 2019.05.10
Intel® Stratix® 10 Device Security User Guide Send Feedback
12
2.2.1. Authentication for HPS Software
If you are using an SoC device, the HPS Boot Code is part of the bitstream that is
authenticated by the SDM during configuration.
After you successfully load the HPS Boot Code on the Intel Stratix 10 device, you may
need to ensure that the following boot stages of the HPS Software are also
authenticated.
The Rocketboards web page includes an example that uses U-boot to authenticate
the subsequent boot stages of the HPS software.
Related Information
Intel Stratix 10 SoC Secure Boot Demo Design
2. Design Authentication
UG-S10SECURITY | 2019.05.10
Send Feedback Intel® Stratix® 10 Device Security User Guide
13
3. Using the Authentication Feature
To authenticate an Intel Stratix 10 FPGA configuration bitstream, you prepare an
authentication signature chain which includes root and public keys.
Starting with version 18.1 of the Intel Quartus Prime software, you can use the
quartus_sign command to create a signature chain.
The following figure provides an overview of the steps to create an authentication
signature chain. It shows the steps for the following operations:
1. make_root (light yellow)
2. fuse_info (darker yellow)
3. append_key (light blue)
4. sign (light gray)
The make_private_pem and make_public_pem (top right of figure) prepare the
public and private keys that are inputs to the four operations listed above.
Figure 6. Steps to Create a Signature Chain
Operation: fuse_info Operation: sign
Operation: make_private_pem
Operation: make_public_pem
Operation: append_keyOperation: make_root Signed
Bitstream
Write Hash
to Fuses
Create Root
Signature Chain
Create 1st Level
Signature Chain
1st Level
Signature Chain
2nd Level
Signature Chain
Create 2nd Level
Signature Chain
Bitstream
Add Signature
to Bitstream
2nd Level
Public Key
1st Level
Public Key
Root
Keychain
2nd Level
Private Key
Root
Public Key
Root
Private Key
1st Level
Private Key
UG-S10SECURITY | 2019.05.10
Send Feedback
Intel Corporation. All rights reserved. Agilex, Altera, Arria, Cyclone, Enpirion, Intel, the Intel logo, MAX, Nios,
Quartus and Stratix words and logos are trademarks of Intel Corporation or its subsidiaries in the U.S. and/or
other countries. Intel warrants performance of its FPGA and semiconductor products to current specifications in
accordance with Intel's standard warranty, but reserves the right to make changes to any products and services
at any time without notice. Intel assumes no responsibility or liability arising out of the application or use of any
information, product, or service described herein except as expressly agreed to in writing by Intel. Intel
customers are advised to obtain the latest version of device specifications before relying on any published
information and before placing orders for products or services.
*Other names and brands may be claimed as the property of others.
ISO
9001:2015
Registered
3.1. Step 1: Creating the Root Key
The root key includes public and private components. These keys are in the Privacy
Enhanced Mail Certificate (PEM) format and have the .pem extension.
Complete the following steps to generate the root private and public keys:
1. Bring up a Nios® II command shell.
Option Description
Windows On the Start menu, point to Programs ➤ Intel FPGA ➤ Nios II EDS ➤
<version> and click Nios II <version> Command Shell.
Linux In a command shell change to the <install_dir>/nios2eds and run the
following command:
./nios2_command_shell.sh
2. In the Nios II command shell, change to the directory that includes your .sof file.
3. Run the following command to create the private key which you use to generate
the root public key.
Note: You can create the private key with or without passphrase protection. The
passphrase encrypts the private key. Intel recommends using a strong
passphrase because it makes the key file useless to an attacker. Intel also
recommends changing the permissions on the private .pem file to read-only
for the owner.
Option Description
With passphrase quartus_sign --family=stratix10 --operation=make_private_pem --
curve=<prime256v1 or secp384r1> <root_private.pem>
Enter the passphrase when prompted to do so.
Without passphrase quartus_sign --family=stratix10 --operation=make_private_pem --
curve=<prime256v1 or secp384r1> --no_passphrase <root_private.pem>
4. Run the following command to create the root public key which you use to
generate the root key. The root_private.pem you generated in the previous
step is an input to this command. You do not need to protect the root public key.
quartus_sign --family=stratix10 --operation=make_public_pem
<root_private.pem> <root_public.pem>
5. Convert the root key to the Intel Quartus Prime key file format (.qky) The Intel
Stratix 10 device compares the contents of .qky files to authenticate the root
public key. The .qky file is a few hundred bytes in size.
quartus_sign --family=stratix10 --operation=make_root <root public.pem>
<root_public.qky>
3.2. Step 2: Creating the Design Signing Key
You may need one or more design signing keys. Intel recommends using separate
signing keys for the HPS and FPGA in Intel Stratix 10 SX devices. Creating multiple
keys also gives you the flexibility to cancel keys if you detect an error, uncover a
vulnerability, or need to update the firmware.
1. Run the following command to create the first design signature private key. You
use the design signature private key to create the design signature public key.
3. Using the Authentication Feature
UG-S10SECURITY | 2019.05.10
Send Feedback Intel® Stratix® 10 Device Security User Guide
15
Note: Intel recommends using a passphrase because it makes the key file useless
to an attacker.
Option Description
With passphrase quartus_sign --family=stratix10 --operation=make_private_pem --
curve=<prime256v1 or secp384r1> <design0_sign_private.pem>
Enter the passphrase when prompted to do so.
Without passphrase quartus_sign --family=stratix10 --operation=make_private_pem --
curve=<prime256v1 or secp384r1> --no_passphrase
<design0_sign_private.pem>
2. Run the following command to create the design signature public key.
quartus_sign --family=stratix10 --operation=make_public_pem
<design0_sign_private.pem> <design0_sign_public.pem>
Enter your passphrase went prompted to do so.
3.3. Step 3: Appending the Design Signature Key to the Signature
Chain
This step appends design signing keys to the root signature chain. The append
command implements the following operations:
•Appends the 1st Level Public Key (design0_sign_public.pem) to the Root
Public Key (root_public.qky) and generates the 1st Level Signature Chain
(design0_sign_public.qky) that includes the chain root public key and
design0 public key.
•Signs the new 1st Level Signature Chain (design0_sign_chain.qky) using the
Root Private Key (root_private.pem).
1. Run the following command to append the first design signature key to the root
key, creating a two-level signature chain:
Setting the permission argument to 2 creates a signature that can sign the
FPGA I/O, core and PR sections. Setting the cancellation argument to 0 means
that eFuse0 can cancel this signature. eFuses 0-31 are available for owner
cancellation.
quartus_sign --family=stratix10 --operation=append_key \
--previous_pem=<root_private.pem> --previous_qky=<root_public.qky> \
--permission=2 --cancel=0 <design0_sign_public.pem> \
<design0_sign_chain.qky>
2. For designs that include both an HPS and FPGA, Intel recommends creating
separate signing keys for the two design components. Complete the following
steps to create a three-level signature chain:
a. Repeat the commands in Step 1 on page 15, to generate both
design1_sign_private.pem and design1_sign_public.pem.
b. Append design1_sign_public.pem to the signature chain.
3. Using the Authentication Feature
UG-S10SECURITY | 2019.05.10
Intel® Stratix® 10 Device Security User Guide Send Feedback
16
In the following command, setting the permission argument to 4, creates a
signature that can sign the HPS I/O and the first stage bootloader. Setting the
cancellation argument to 1, means that the second available cancellation
eFuse, eFuse 1, cancels this signature.
quartus_sign --family=stratix10 --operation=append_key \
--previous_pem=<design1_sign_private.pem> \ --
previous_qky=<design0_sign_chain.qky> --permission=4 \
--cancel=1 <design1_sign_public.pem> <design1_sign_chain.qky>
Enter the passphrase when prompted to do so.
The .qky that you create includes the private key for the signing signing certificate.
This file is critical. Track and store it securely. If these files are lost, assume that
the .qky is no longer secure.
3.4. Step 4: Signing the Bitstream
Once you generate the private PEM and .qky files, you are ready to sign the
bitstream. There are two options for bitstream signing:
• You use Intel Quartus Prime Programming File Generator to generate the signed
bitstream from a .sof file. You specify the required format for your configuration
scheme. The JTAG Indirect Configuration File (.jic) and Raw Programming Data
File (.rpd) formats are available for Active Serial (AS) configuration. The
Programmer Object File .pof and Raw Binary File .rbf are available for Avalon®
Streaming (Avalon-ST) configuration.
•Alternatively, you can use quartus_sign command to sign the bitstream. This
command requires the .rbf as the input to generate a signed .rbf file.
3.4.1. Step 4a: Signing the Bitstream Using the Programming File
Generator
The Programming File Generator requires the private key file (.pem) to sign the
configuration bitstream. You append the generated signature chain (.qky) to your
compiled design .sof. Attaching the signature chain to your .sof does not require
you to recompile your design.
Complete the following steps to append the signature chain key file to the .sof file
and generate the signed bitstream using the Programming File Generator.
1. Choose one of the following options to append the signature chain key file the
configuration bitstream:
—Specify the .qky file using the Intel Quartus Prime software. On the
Assignment tab, select Device ➤ Device and Pin Options ➤
Authentication and Encryption ➤ Quartus Key File. Then browse to you
signature key chain file.
3. Using the Authentication Feature
UG-S10SECURITY | 2019.05.10
Send Feedback Intel® Stratix® 10 Device Security User Guide
17
Figure 7. Specifying the Quartus Key File
Specify Quartus Prime
Key File
Authentication and
Encryption Category
— Alternatively, you can add the following assignment statement to your Intel
Quartus Prime Settings File (.qsf):
set_global_assignment -name QKY_FILE design1_sign_keychain.qky
2. To generate a .sof that includes design1_sign_keychain.qky select
Processing ➤ Start ➤ Start Assembler.
The new .sof includes the design1_sign_keychain.qky signature chain.
3. On the Intel Quartus Prime file menu, select File ➤ Programming File
Generator.
Figure 8. Programming File Generator
4. For Device family, select Intel Stratix 10
5. For Configuration mode, select the configuration mode you plan to use. This
example uses AVST x16.
3. Using the Authentication Feature
UG-S10SECURITY | 2019.05.10
Intel® Stratix® 10 Device Security User Guide Send Feedback
18
6. For Output directory click Browse and navigate to your output files directory.
7. On the Output Files tab, select Raw Binary File (.rbf).
8. On the Input Files tab, click Add Bitstream then browse and select your .sof
file.
Figure 9. Input File Properties
Properties
(for .sof)
Add
Bitstream
9. On the Input Files tab, click Add Bitstream and then browse to your bitstream.
10. On the Input Files tab, click Properties… and make the following selections
under Signing tool settings:
a. For Enable signing tool, select PEM based signing.
b. For Private key file, browse to the appropriate private PEM file. Retain the
default values for the remaining options.
Note: If your .pem is password-protected, the GUI opens a dialog box to enter
the password.
3.4.2. Step 4b: Signing the Bitstream Using the quartus_sign Command
The quartus_sign command takes the signature chain (.qky), a private signing key
(.pem), and the unsigned raw binary file (.rbf) as inputs to generate the
signed .rbf.
3. Using the Authentication Feature
UG-S10SECURITY | 2019.05.10
Send Feedback Intel® Stratix® 10 Device Security User Guide
19
You can generate the unsigned bitstream in .rbf format using the following
command:
quartus_pfg -c design.sof unsigned_bitstream.rbf
1. Run the following command to sign the bitstream using a command-line
command:
> quartus_sign --family=stratix10 --operation=sign \
--qky=design1_sign_keychain.qky --pem=design1_sign_private.pem \
unsigned_bitstream.rbf signed_bitstream.rbf
Related Information
Generating Secondary Programming Files with Programming File Generator
3.5. Step 5: Programming the Owner Public Root Key for
Authentication
Your manufacturing process programs the hash of the owner public root public key,
root_public.qky, into eFuses available on the Intel Stratix 10 device. Programming
the hash value into actual eFuses on the device is irreversible. During development,
you can validate the hash value by programming this value into virtual eFuses. The
virtual eFuses are volatile. Values stored in eFuses clear each time you power cycle
the Intel Stratix 10 device.
You can use the Intel Quartus Prime Software to program the public root key for
authentication. Alternatively, you can use a command-line command to accomplish
this task.
3.5.1. Step 5a: Programming the Owner Public Root Key Using the Intel
Quartus Prime Programmer
1. On the Tools menu, select Programmer.
2. Right click the image of the Intel Stratix 10 device and select Edit ➤ Add
QKY/QEK/Fuse file ....
3. Using the Authentication Feature
UG-S10SECURITY | 2019.05.10
Intel® Stratix® 10 Device Security User Guide Send Feedback
20
Other manuals for Stratix 10
3
Table of contents
Other Intel Computer Hardware manuals
Intel
Intel P9500 - Core 2 Duo 2.53 GHz 6M L2 Cache 1066MHz FSB Socket P Mobile... User manual
Intel
Intel NUC11ATKPE User manual
Intel
Intel SRCU42X Installation manual
Intel
Intel MX4305UE User manual
Intel
Intel Celeron 847 User manual
Intel
Intel SL7PG - Xeon 3.4 GHz/800MHz/1MB Cache CPU... Operating and safety instructions
Intel
Intel RMS25CB080 Setup guide
Intel
Intel VROC User manual
Intel
Intel Xeon 5500 Series Technical manual
Intel
Intel 865G User manual
Intel
Intel CELERON PROCESSOR P4505 - ADDENDUM User manual
Intel
Intel Xeon LV User manual
Intel
Intel QuickAssist 8920DCC User manual
Intel
Intel Core i7-2600 Gain Operating and safety instructions
Intel
Intel CELERON 1.10 GHZ User manual
Intel
Intel SRCU42E - Ultra320 SCSI PCI Express X8 RAID Storage... Installation manual
Intel
Intel NUC 11 Pro Kit NUC11TNKi3 User manual
Intel
Intel E7500 Guide
Intel
Intel RS2WC040 Installation manual
Intel
Intel X3350 - Xeon 2.66 Ghz 12M L2 Cache 1333MHz FSB LGA775 Quad-Core... User manual
