Confidentiality and integrity of bitstreams and authenticated update of FPGA configurations are fundamental to trusted computing on reconfigurable technology. In this paper, we propose to provide these security services for digital content broadcast to FPGA-based devices. To that end, we introduce a new property we call forward security, which ensures that broadcast content can only be accessed by FPGA chips configured with the latest bitstream version. We describe the hardware architecture and communication protocols supporting this security property, and we evaluate the associated cost.
David Champagne, Reouven Elbaz, Catherine H. Gebot