The Doctor <drwho@virtadpt.net> wrote:
More likely, dump the contents of the EPROM some FPGAs read their gate matrices out of when they power up.
But that just gives away the bitstream describing the FPGA configuration (say, a trusted CPU). Is the CPU's *design* a secret? If not, I don't see why it matters that an evil cleaner might read out the FPGA's configuration. (Obviously, don't store secret keys in there!) If we really are worried about keeping the CPU's design a secret, it's possible with many FPGAs to encrypt the configuration bitstream such that the configuration is decrypted onboard the FPGA at power-on. This is intended to handle the case where I want to sell a product that uses an FPGA without revealing the contents of that FPGA's configuration to my customers or competitors. Of course, this doesn't really provide useful security guarantees against a sophisticated adversary. First, since the FPGA contains or automatically derives the secret key to decrypt this encrypted bitstream, the manufacturer of the FPGA likely also knows the key or how to derive it (as does anyone with sufficient dedication and a well-equipped lab). Second, we have no idea how well this system is designed or implemented, since the bitstream security system is itself a proprietary secret. And third, even if it's competently built, as I pointed out above, the threat model is "customer reads out my proprietary design," which means that, practically speaking, the technological barrier is only there to support a more comprehensive framework of legal recourse in the case that my customer or competitor tries to steal the secret sauce. Probably a reasonable evil cleaner attack against an FPGA-based "trusted" CPU is to overwrite the contents of the configuration ROM with a similar but subtly bugged design. This is more or less isomorphic to "the NSA signs bugged microcode for my Intel CPU." Cue the OTP / epoxy / physical security arms race, I guess. -=rsw