Skip to main content
What can we help you with?

Search

User Guide: DSim IEEE 1735 Encryption In VHDL

  • Updated

IEEE 1735 Encryption In VHDL

dvhencrypt is an encryption tool developed by Metrics to protect VHDL code using IEEE1735 encryption. The encryption strength is similar to that provided by SSL, and is considered to be the strongest publicly available.

Usage:

DSim Cloud CLI

 

mdc dvhencrypt -a '<input_plain.vhdl> -i <default_encryption> -o <output_encrypted.vhdl>'

 

DSim

 

dvhencrypt <input_plain.vhdl> -i <default_encryption> -o <output_encrypted.vhdl>

 

  • IMPORTANT: Always hand-inspect the output to ensure that all sections intended to be encrypted are actually encrypted. If you fail to specify the parameters for a section properly, it may not be encrypted.
  • Requirements:
    • OpenSSL must be installed
    • Every input file requires an encryption protect pattern marking up the secret sections.
    • Every instance within the file that needs to be encrypted, requires the encryption protect pattern of each of the secret sections.

Example

Take this VHDL code marked with the required protect patterns for the secret sections.

input_plain.vhdl:

 

entity test is
end entity;

architecture rtl of test is
begin
    process
    begin
`protect begin
        report "this is secret stuff" severity note;
`protect end

        report "this is not secret stuff" severity note;

`protect begin
        report "this is secret stuff 2" severity note;
`protect end

        wait;
    end process;
end rtl;

 

Save this common encryption default file, which has the public encryption key for DSim.

default_encryption:

 

`protect version=1
`protect author="author-a", author_info="author-a-details"
`protect data_method="aes256-cbc"
`protect key_keyowner="Metrics Technologies Inc.", key_keyname="DSim", key_method="rsa"
`protect key_public_key
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArsfGAnCMz18WP8MOmyn+
uhTTgXH6A4qu2AJddn/KuatLVKkZjRLui2uSI2QUiXGpDasXFQbwsOXspJh6GgKg
0miwqHWh4bnBPa8nZPGjZ8nEXWP1lSGxg4oBmKdAD0wOnsxHoNaC5jSaAC4f3ibf
n/rmWSU8GqkqvuJyKC1o1mMSJGTJfMbLoizLGFD+/0iwU53a3CwqeOYh8v5LdMKI
zed32K0adz9nhkwMGu9U31T+merDsjpoFSmQpFBtwgnpAcKiZBqpYBT5nw/u7QVp
2y14WM+pvZnQdEL5vWJtWyW/pGxDCjhBJaftndcUQaZHBqEuN3AjVGoLsMyj+GJX
ewIDAQAB

 

  • Guidelines on using the protect pattern:
    • Keep the field version=1
      • Note: version=2 is partially supported
    • The author or author_info can be provided at your discretion as they are not used in the encryption. The information there can serve to identify your copyright in a tamper proof manner.
    • The data_method should be aes128-cbc or aes256-cbc (stronger). Other ciphers are not recommended, as they may be weak by modern standards.
    • Keep the key_owner, key_name and key_public_key exactly as shown in the default encryption shown above. This is exact information needed by DSim to decrypt the protected code. Any changes here will prevent decryption.
    • You can also add public keys for other vendors here as well. These would also be specified exactly as above with their own key_owner, key_name and key_public_key. Note that data_method is common to all vendors. You may need to verify with each vendor that they can handle your intended data method.
    • Note in the default encryption above that everything inside the protect begin and protect end will be encrypted and everything outside will not be. This allows you to expose part of some code that allows users to be able to see unencrypted code within a file.

Run dvhencrypt:

DSim Cloud CLI

 

mdc dvhencrypt -a 'input_plain.vhdl -i default_encryption -o output_encrypted.vhdl'

 

DSim

 

dvhencrypt input_plain.vhdl -i default_encryption -o output_encrypted.vhdl

 

Output from dvhencrypt is shown below.

output_encrypted.vhdl:

 

entity test is
end entity;

architecture rtl of test is
begin
    process
    begin
`protect begin_protected
`protect version=1
`protect encrypt_agent="dvhencrypt"
`protect encrypt_agent_info="Metrics Technologies Inc. P1735 encryptor tool"
`protect data_method="aes256-cbc"
`protect key_keyowner="Metrics Technologies Inc."
`protect key_keyname="DSim"
`protect key_method="rsa"
`protect key_block
Kw7s33IXKua06XczrpP/AVf9j2u4pFE/+0aZNNQn26tQ1CKRHMMQGhlvIygS2bHnBsFQ+1bE0J5W3JsK8iqe7h3M5iWbSRZWJ1gzmwHvWx4wF/Bx7hWz5QzmbmBHa7bR6GCVVT8dW8pBrId9mGzPheOofFmL4/qcBZYr/6a/tvaLB7K4qno/OK1fdfOeIfy3OoNx64uPqUpGznBJ/WVI1TI/3sH2wFKiL/rX7bNViQTg50rB8E6h4QShz0vJ26/4BLdu3zNwRR6CbAKiMCoiMo6K3t13wCUTi1u7E633WdBJWtS7yGTFiV9+57SNzIAXWBxPTbWlKv+lygFhrxSeEw==
`protect data_block
t0NiyhlAOUmG13PWnb2iiIfEktb5u6CblgjpzMfFRhSnFv7VZAS7DAF+AsxlToo2
oU9wjGyfiOIwZ0OUy4+W+wxdKPLIdUcgTfO6PzrqduQ=
`protect end_protected


        report "this is not secret stuff" severity note;

`protect begin_protected
`protect version=1
`protect encrypt_agent="dvhencrypt"
`protect encrypt_agent_info="Metrics Technologies Inc. P1735 encryptor tool"
`protect data_method="aes256-cbc"
`protect key_keyowner="Metrics Technologies Inc."
`protect key_keyname="DSim"
`protect key_method="rsa"
`protect key_block
Bmp3Bfe9OQXkhyqlL3ljvaQS/xWDDeGnEs2ZqStrj71lTj+RyaHjwXLXYcU1j+57uiEByROlrwm7CtuLnh+IV/TnhI9rCYiOFo/PaPcco/T03rgqeZSAVqFJahIAkcxGw8ASJEuvhsRvjIjXy9DA0DerEDUr/pry4kUDf6AaAKThXgbs7kGUaZTluRhC82kzPMuFoEwKyVDRQYpfaScH/UeWrAz1Pp1dPFRkmzAVORsLiZEzMAgt1xPrPzUxb+BFih8qPywGqban5JJLtiDZ5oZJR3De0eKneQmYUc5pqxBWayFwd7RI47LpQe8fBR8mcVjVPXYIehX3+lTzZ8Vrqw==
`protect data_block
qEwUJ2GiQKLDxZ7rOooZXYDsb3u1ORYOic/iw7LlgC2MJ+aOJZoSSFyLCHwU+QhK
ITfKojrwxDvI64a93zpyrOJFXt9pdT9wTAzxfQv8msc=
`protect end_protected


        wait;
    end process;
end rtl;

 

Articles in this section

See more

Related articles

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request
Return to top