Skip to main content
What can we help you with?

Search

User Guide: DSim IEEE 1735 Encryption In Verilog

  • Updated

IEEE 1735 Encryption In Verilog

dvlencrypt is an encryption tool developed by Metrics to protect Verilog or SystemVerilog code using IEEE1735 encryption. The encryption strength is similar to that provided by SSL, and is considered to be the strongest publicly available.

Usage:

DSim Cloud CLI

 

mdc dvlencrypt -a '<input_plain.sv> -i <default_encryption> -o <output_encrypted.sv>'

 

DSim

 

dvlencrypt <input_plain.sv> -i <default_encryption> -o <output_encrypted.sv>

 

  • IMPORTANT: Always hand-inspect the output to ensure that all sections intended to be encrypted are actually encrypted. If you fail to specify the parameters for a section properly, it may not be encrypted.
  • Requirements:
    • OpenSSL must be installed
    • Every input file requires an encryption pragma protect pattern marking up the secret sections.
    • Every instance within the file that needs to be encrypted, requires the encryption pragma protect pattern of each of the secret sections.

Example

Take this SV code marked with the required pragma protect patterns for the secret sections.

input_plain.sv:

 

module top;
`pragma protect begin
    initial $display("this is secret stuff 1");
`pragma protect end

initial $display("this is not secret stuff");

`pragma protect begin
    initial $display("this is secret stuff 2");
`pragma protect end
endmodule

 

Save this common encryption default file, which has the public encryption key for DSim.

default_encryption:

 

`pragma protect version=1
`pragma protect author="author-a", author_info="author-a-details"
`pragma protect data_method="aes256-cbc"
`pragma protect key_keyowner="Metrics Technologies Inc.", key_keyname="DSim", key_method="rsa"
`pragma protect key_public_key
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArsfGAnCMz18WP8MOmyn+
uhTTgXH6A4qu2AJddn/KuatLVKkZjRLui2uSI2QUiXGpDasXFQbwsOXspJh6GgKg
0miwqHWh4bnBPa8nZPGjZ8nEXWP1lSGxg4oBmKdAD0wOnsxHoNaC5jSaAC4f3ibf
n/rmWSU8GqkqvuJyKC1o1mMSJGTJfMbLoizLGFD+/0iwU53a3CwqeOYh8v5LdMKI
zed32K0adz9nhkwMGu9U31T+merDsjpoFSmQpFBtwgnpAcKiZBqpYBT5nw/u7QVp
2y14WM+pvZnQdEL5vWJtWyW/pGxDCjhBJaftndcUQaZHBqEuN3AjVGoLsMyj+GJX
ewIDAQAB

 

  • Guidelines on using the pragma protect pattern:
    • Keep the field version=1
      • Note: version=2 is partially supported
    • The author or author_info can be provided at your discretion as they are not used in the encryption. The information there can serve to identify your copyright in a tamper proof manner.
    • The data_method should be aes128-cbc or aes256-cbc (stronger). Other ciphers are not recommended, as they may be weak by modern standards.
    • Keep the key_owner, key_name and key_public_key exactly as shown in the default encryption shown above. This is exact information needed by DSim to decrypt the protected code. Any changes here will prevent decryption.
    • You can also add public keys for other vendors here as well. These would also be specified exactly as above with their own key_owner, key_name and key_public_key. Note that data_method is common to all vendors. You may need to verify with each vendor that they can handle your intended data method.
    • Note in the default encryption above that everything inside the pragma protect begin and pragma protect end will be encrypted and everything outside will not be. This allows you to expose part of some code that allows users to be able to see unencrypted code within a file.

Run dvlencrypt:

DSim Cloud CLI

 

mdc dvlencrypt -a 'input_plain.sv -i default_encryption -o output_encrypted.sv'

 

DSim

 

dvlencrypt input_plain.sv -i default_encryption -o output_encrypted.sv

 

Output from dvlencrypt is shown below.

output_encrypted.sv:

 

module top;
`pragma protect begin_protected
`pragma protect version=1
`pragma protect encrypt_agent="dvlencrypt"
`pragma protect encrypt_agent_info="Metrics Technologies Inc. P1735 encryptor tool"
`pragma protect data_method="aes256-cbc"
`pragma protect key_keyowner="Metrics Technologies Inc."
`pragma protect key_keyname="DSim"
`pragma protect key_method="rsa"
`pragma protect key_block
nLxFPCxxVkyT/DvqONPMMYg+h6Vis3R/E7o9AqnbaaRp2q5rcmvSxZR9VBVtqhblYqmCUpMaKUzE2nBhESxh9L2DuS4iZqi+533eZJaSV2zc+IcRtpf8xEf0bTcSCxXhX74NnTyVw2t2zIBU77pVhHLdjtmyJYf3oFV/E6/qPTDYxZXhKZC9NLqG5kDJhafH9KXnI/U7sLwSIAL95IIZKLlVxE3R2vRKHI8W/DW5e1K/o4xYq/b9X+Wtm0oXTE3nLaB6mPAwfk3dpvO24CsmYK0NWPF/j4GF9z1qsR63C9nwUtZNbm3i6OJzymZEmZjxRWANiFSjZbIWL/hyQnXQ6g==
`pragma protect data_block
+YiNWGTevMSfIKvURFWw0XParcbNwS1M/lVMhOdAg/L07kuVoGbi5tB3FN1I7QXM
y2oh8ZotKk0bPYqGl25XIQ==
`pragma protect end_protected

initial $display("this is not secret stuff");

`pragma protect begin_protected
`pragma protect version=1
`pragma protect encrypt_agent="dvlencrypt"
`pragma protect encrypt_agent_info="Metrics Technologies Inc. P1735 encryptor tool"
`pragma protect data_method="aes256-cbc"
`pragma protect key_keyowner="Metrics Technologies Inc."
`pragma protect key_keyname="DSim"
`pragma protect key_method="rsa"
`pragma protect key_block
DYgwpZ5aD3d/FAykqtBSPUvDgaauyDsW+1ZZ0il81XbRLCBQyvzN0iTuWDAAwrIoMAIiPADHN96I0bwmZjuu1k1ramf/if0ujFIemVXO6kieZw/Kr3Y/RiHBsXuAYztU7EcIXNMhHklsVP16pkI9hEWnK8uyYDVSnIoMLP5bEeG1W80JhgOohBylh7UR2knE0ZCNEqKgKvIQS/KKCYP2pVCRYKfoL51FvIKuqsdoC+4nrtixq/5hBJ5LPRON9V4GXegqe9xXXfXuBq52ncTGHn4QrBnnqShgsj67KaLnbcRrkpkHT5LVZikhRcs//7xTo8TcECu12zjFMSRmynj+zQ==
`pragma protect data_block
tuVLCwDBfmOmDet/3x5Vnebj0ANP1cASMUM3vZA+6Ac3tR/a2Ec6GkrTjX8x/y91
1gocx5q2zTi3HYbCL5Cu7w==
`pragma protect end_protected

endmodule

 

Articles in this section

See more

Related articles

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request
Return to top