Secrecy System And Decryption Method Of On-Chip Data Stream Of Nonvolatile FPGA
20180011803 ยท 2018-01-11
Assignee
Inventors
Cpc classification
G06F21/79
PHYSICS
G06F3/0679
PHYSICS
G06F3/0652
PHYSICS
G06F21/76
PHYSICS
G06F3/0619
PHYSICS
International classification
Abstract
A secrecy system and a decryption method of on-chip data stream of nonvolatile FPGA are provided in the present invention. The nonvolatile memory module of the system is configured to only allow the full erase operation. After the full erase operation is finished, the nonvolatile memory module gets into the initial state. Only the operation to the nonvolatile memory module under the initial state is effective, and thereby the encryption region unit is arranged in the nonvolatile memory module. Only the decryption data written into the encryption region unit under the initial state can make the nonvolatile memory module to be readable, so that the decryption of the system is finished, which greatly improves the secrecy precision.
Claims
1. A secrecy system of on-chip data stream of nonvolatile FPGA, characterized in that, it comprises a user-defined programmable logic module, a nonvolatile memory module, a programming control module, a programming I/O interface and a user I/O interface; the user-defined programmable logic module, the nonvolatile memory module and the programming I/O interface are all connected with the programming control module, and the user I/O interface is connected with the user-defined programmable logic module; the nonvolatile memory module comprises an encryption region unit; a full erase operation is only allowed for the nonvolatile memory module under a default state, the nonvolatile memory module gets into an initial state after the full erase operation is finished, and the operation to the nonvolatile memory module is effective only under the initial state.
2. The secrecy system of on-chip data stream of nonvolatile FPGA according to claim 1, wherein only one connecting interface is between the nonvolatile memory module and the programming control module, and the programming control module is able to perform a read-write operation to the nonvolatile memory module only by the connecting interface.
3. The secrecy system of on-chip data stream of nonvolatile FPGA according to claim 2, wherein the user-defined programmable logic module comprises a SRAM array, programming data sent by the programming control module being stored in the SRAM array, and the whole user-defined programmable logic module being real-time controlled by the SRAM array.
4. The secrecy system of on-chip data stream of nonvolatile FPGA according to claim 3, wherein the user-defined programmable logic module comprises a logic interface, user data of a user data unit of the programming control module obtained from the nonvolatile memory module being received by the logic interface.
5. The secrecy system of on-chip data stream of nonvolatile FPGA according to claim 4, wherein the nonvolatile memory module comprises several programming logic data units, several user data units and the encryption region unit; the programming logic data units, the user data units and the encryption region unit are connected with the programming control module by the connecting interface of the nonvolatile memory module; the programming data is sent to the programming logic data units of the nonvolatile memory module by the programming I/O interface via the programming control module; and the user data is sent to the programming control module from the user I/O interface via the logic interface of the user-defined programmable logic module, and then sent to the user data units of the nonvolatile memory module via the programming control module.
6. A decryption method of the secrecy system of on-chip data stream of nonvolatile FPGA as claimed in claim 5, characterized in that, it comprises following steps: S1: powering up the system, and performing a full erasing operation to a nonvolatile memory module, so that the nonvolatile memory module gets into an initial state; S2: decryption data is input by a user from a user I/O interface, and gets into a programming control module via a user-defined programmable logic module, and the decryption data input by the user is identified by the programming control module to judge its effectiveness; S3: effective decryption data is sent to an encryption region unit of the nonvolatile memory module by the programming control module to perform decryption, so that the nonvolatile memory module is in a readable state and the decryption operation is finished.
7. The decryption method of the secrecy system of on-chip data stream of nonvolatile FPGA according to claim 6, wherein after the system is decrypted, the user data in the nonvolatile memory module is initialized to a static memory module of the user by the programming control module.
8. The decryption method of the secrecy system of on-chip data stream of nonvolatile FPGA according to claim 6, wherein after decryption of the system is finished, the programming data in the nonvolatile memory module is loaded into a SRAM array of the user-defined programmable logic module by the programming control module.
9. The decryption method of the secrecy system of on-chip data stream of nonvolatile FPGA according to claim 6, wherein the decryption data can only be input when the nonvolatile memory module is under the initial state.
10. The decryption method of the secrecy system of on-chip data stream of nonvolatile FPGA according to claim 6, wherein the decryption data comprises dynamic data.
Description
BRIEF DESCRIPTION OF THE DRAWINGS
[0030] The novel features of the present invention are set out with particularity in the appended claims, but the invention will be understood more fully and clearly from the following detailed description of the invention as set forth in the accompanying drawings in which:
[0031]
[0032]
DETAILED DESCRIPTION OF THE INVENTION
[0033] Accompanying drawings are exclusively for exemplary illustration, and shall not be understood as a limitation to the present invention.
[0034] In order to better illustrate the present embodiment, some components of the accompanying drawings would be eliminated, exaggerated or minimized, but shall not represent the size of a real product.
[0035] For those skilled in the art, it may be understood that some common structures of the accompanying drawings as well as their illustration may be eliminated.
[0036] The technical solution of the present invention will be further illustrated below, in combination with the accompanying drawings and embodiments.
Embodiment 1
[0037] As shown in
[0038] A full erase operation is only allowed for the nonvolatile memory module under a default state. The nonvolatile memory module gets into an initial state after the full erase operation is finished, and the operation to the nonvolatile memory module is effective only under the initial state.
[0039] Only one connecting interface is between the nonvolatile memory module and the programming control module. The programming control module is able to perform a read-write operation to the nonvolatile memory module only by the connecting interface.
[0040] The user-defined programmable logic module comprises a SRAM array. Programming data sent by the programming control module is stored in the SRAM array, and the whole user-defined programmable logic module is real-time controlled by the SRAM array.
[0041] The user-defined programmable logic module comprises a logic interface. The user data of a user data unit of the programming control module obtained from the nonvolatile memory module is received by the logic interface.
[0042] The nonvolatile memory module comprises several programming logic data units, several user data units and the encryption region unit. The programming logic data units, the user data units and the encryption region unit are connected with the programming control module by the connecting interface of the nonvolatile memory module. The programming data is sent to the programming logic data units of the nonvolatile memory module by the programming I/O interface via the programming control module. The user data is sent to the programming control module from the user I/O interface via the logic interface of the user-defined programmable logic module, and then sent to the user data units of the nonvolatile memory module via the programming control module.
Embodiment 2
[0043] As shown in
[0044] S1: powering up the system, and performing a full erase operation to a nonvolatile memory module, so that the nonvolatile memory module gets into an initial state;
[0045] S2: decryption data is input by a user from a user I/O interface, and gets into a programming control module via a user-defined programmable logic module, and the decryption data input by the user is identified by the programming control module to judge its effectiveness;
[0046] S3: effective decryption data is sent to an encryption region unit of the nonvolatile memory module by the programming control module to perform decryption, so that the nonvolatile memory module is in a readable state and then the decryption operation is finished.
[0047] Wherein, after the system is decrypted, the user data in the nonvolatile memory module is initialized and sent to a static memory module of the user by the programming control module.
[0048] Wherein, after decryption of the system is finished, the programming data in the nonvolatile memory module is loaded into a SRAM array of the user-defined programmable logic module by the programming control module.
[0049] Wherein, the decryption data can only be input when the nonvolatile memory module is under the initial state; and the decryption data comprises dynamic data.
[0050] The nonvolatile memory module in the present invention is configured to only allow the full erase operation. After the full erase operation is finished, the nonvolatile memory module gets into the initial state. Only the operation to the nonvolatile memory module under the initial state is effective, and thereby the encryption region unit is arranged in the nonvolatile memory module. Only the decryption data written into the encryption region unit under the initial state can make the nonvolatile memory module to be readable, so that the decryption of the system is finished, which greatly improves the secrecy precision.
[0051] The same or similar reference signs correspond to the same or similar components.
[0052] The positional relationship in the accompanying drawings is exclusively for exemplary illustration, and shall not be understood as a limitation to the present invention.
[0053] The above embodiments of the present invention are given as examples exclusively used for clearly illustrating the present invention, but not a limitation to the implementations of the present invention. For those ordinarily skilled in the art, other different forms of change or variation can be made based on the above illustration. All implementations should not and could not be exhaustively listed herein. Any modification, equivalent substitution and improvement within the spirit and principle of the present invention, should be all included in the scope of protection of the claims of the present invention.