Current IP encryption methods offered by FPGA vendors use an approach where the IP is decrypted during the CAD flow, and remains unencrypted in the bitstream. Given the ease of accessing modern bitstream-to-netlist tools, encrypted IP is vulnerable to inspection and theft from the IP user. While the entire bitstream can be encrypted, this is done by the user, and is not a mechanism to protect confidentiality of 3rd party IP.

In this work we present a design methodology, along with a proof-of-concept tool, that demonstrates how IP can remain partially encrypted through the CAD flow and into the bitstream. We show how this approach can support multiple encryption keys from different vendors, and can be deployed using existing CAD tools and FPGA families. Our results document the benefits and costs of using such an approach to provide much greater protection for 3rd party IP.

FPGA 供应商提供的当前 IP 加密方法使用的方法是在 CAD 流程中对 IP 进行解密，并在比特流中保持未加密状态。鉴于访问现代比特流到网表工具的便利性，加密的 IP 很容易受到 IP 用户的检查和盗窃。虽然整个比特流可以被加密，但这是由用户完成的，并且不是保护第 3 方 IP 机密性的机制。

在这项工作中，我们提出了一种设计方法以及概念验证工具，演示了 IP 如何通过 CAD 流程并进入比特流保持部分加密。我们展示了这种方法如何支持来自不同供应商的多个加密密钥，并且可以使用现有 CAD 工具和 FPGA 系列进行部署。我们的结果记录了使用这种方法为第三方知识产权提供更大保护的好处和成本。