Encrypting verilog files

[Stephen Williams]

glen herrmannsfeldt wrote:

mag <mag@internet.com> wrote:
(snip)

So how popular is encryption of IP, especially encryption of IP that is
intended to be synthesized? How open are customers to using protected
IP? What are the pros/cons of an always-encrypted silicon IP business
model?

I do wonder how much it will slow down anyone.

Note that for it to be useful, the tools need to be able to
decrypt it, which means that they need the key. It can't be
that hard for someone to extract the key.

Indeed, and the `protect/`endprotect support is defined so as to
allow for th decoding to easily work in a preprocessor, which can
then feed decrypted verilog to the main compiler. If I were to
implement `protect/`endprotect in Icarus Verilog, that is how I
would do it. But of course that would offer up a trivial way for
the user to get a decrypted version of the IP. Think DMCA.

The most exasperating application of this is Xilinx uses encryption
to distribute their *simulation* *models*. This pretty much rules
out using open source tools (Icarus Verilog / Verilator / cver) to
simulate those models.

--
Steve Williams "The woods are lovely, dark and deep.
steve at icarus.com But I have promises to keep,
http://www.icarus.com and lines to code before I sleep,
http://www.picturel.com And lines to code before I sleep."

 

[Andy Botterill]

On 03/17/2010 04:31 PM, Stephen Williams wrote:

The most exasperating application of this is Xilinx uses encryption
to distribute their *simulation* *models*. This pretty much rules
out using open source tools (Icarus Verilog / Verilator / cver) to
simulate those models.

I use cver and can simulate the p&r gate level netlist e.g.

XXX_timesim.v with few problems. I had had to make minor changes to the
simprim.v file to cover for some minor differences between what isim
will accept and what cver will accept. I think cver is more strict on
syntax than isim. Maybe when I am closer to finishing my design (I wish)
I will buy modelsim for a sign off simulation. I'm using webpack 10.1.02
under linux. Andy

 

[Stephen Williams]

Andy Botterill wrote:

On 03/17/2010 04:31 PM, Stephen Williams wrote:

The most exasperating application of this is Xilinx uses encryption
to distribute their *simulation* *models*. This pretty much rules
out using open source tools (Icarus Verilog / Verilator / cver) to
simulate those models.

I use cver and can simulate the p&r gate level netlist e.g.
XXX_timesim.v with few problems. I had had to make minor changes to the
simprim.v file to cover for some minor differences between what isim
will accept and what cver will accept. I think cver is more strict on
syntax than isim. Maybe when I am closer to finishing my design (I wish)
I will buy modelsim for a sign off simulation. I'm using webpack 10.1.02
under linux. Andy

You misunderstood me. Icarus Verilog and cver and others can
simulate all the various unisims and simprims models just fine.
In my day job we do all sorts of FPGA designs and we simulate
before and after P&R using Icarus Verilog.

The problems come with simulating using models for various other
Xilinx supplied IP cores. Those models are encrypted. (They used
to use SWIFT, but Synopsis dropped SWIFT and no one else took it
up.)


--
Steve Williams "The woods are lovely, dark and deep.
steve at icarus.com But I have promises to keep,
http://www.icarus.com and lines to code before I sleep,
http://www.picturel.com And lines to code before I sleep."

 

[Andy Botterill]

On 03/17/2010 10:44 PM, Stephen Williams wrote:

Andy Botterill wrote:
On 03/17/2010 04:31 PM, Stephen Williams wrote:

The most exasperating application of this is Xilinx uses encryption
to distribute their *simulation* *models*. This pretty much rules
out using open source tools (Icarus Verilog / Verilator / cver) to
simulate those models.

I use cver and can simulate the p&r gate level netlist e.g.
XXX_timesim.v with few problems. I had had to make minor changes to the
simprim.v file to cover for some minor differences between what isim
will accept and what cver will accept. I think cver is more strict on
syntax than isim. Maybe when I am closer to finishing my design (I wish)
I will buy modelsim for a sign off simulation. I'm using webpack 10.1.02
under linux. Andy


You misunderstood me. Icarus Verilog and cver and others can
simulate all the various unisims and simprims models just fine.
In my day job we do all sorts of FPGA designs and we simulate
before and after P&R using Icarus Verilog.

The problems come with simulating using models for various other
Xilinx supplied IP cores. Those models are encrypted. (They used
to use SWIFT, but Synopsis dropped SWIFT and no one else took it
up.)

I haven't needed to use encrypted models. It's against my concept for my
home project. Sorry for misunderstanding. Andy

 

[Ira Baxter]

"mag" <mag@internet.com> wrote in message
news:2010031622340816807-mag@internetcom...

On 2005-03-21 22:09:17 -0800, dont_reply said:

"Arturi" <teen_machines@yahoo.com.br> wrote in message
news:1a5dc45a.0503211040.5e6dd6a1@posting.google.com...
Anybody has an idea how to encrypt verilog files for customer
delivery?

Most commercial IP-vendors deliver their IP-models in the form of
a binary (PLI) simulator-library. These are compiled individually
for the different target platforms (SunOS, linux, IBM, HP-UX, etc.)

An alternative is IP obfuscation, which doesn't require any decryption
at the recieving end. It doesn't offer perfect protection, but then
nothing does; the argument is does it provide enough for your purposes
and only you can decide that.

See
http://www.semanticdesigns.com/Products/Obfuscators/VerilogObfuscator.html


--
Ira Baxter, CTO
www.semanticdesigns.com

 

[David Rogoff]

On 2010-03-22 07:56:19 -0700, Ira Baxter said:

"mag" <mag@internet.com> wrote in message
news:2010031622340816807-mag@internetcom...
On 2005-03-21 22:09:17 -0800, dont_reply said:

"Arturi" <teen_machines@yahoo.com.br> wrote in message
news:1a5dc45a.0503211040.5e6dd6a1@posting.google.com...
Anybody has an idea how to encrypt verilog files for customer
delivery?

Most commercial IP-vendors deliver their IP-models in the form of
a binary (PLI) simulator-library. These are compiled individually
for the different target platforms (SunOS, linux, IBM, HP-UX, etc.)


An alternative is IP obfuscation, which doesn't require any decryption
at the recieving end. It doesn't offer perfect protection, but then
nothing does; the argument is does it provide enough for your purposes
and only you can decide that.

See http://www.semanticdesigns.com/Products/Obfuscators/VerilogObfuscator.html

I've worked with lots of vendor IP that used obfuscation. All signal
and module names are 8 characters long and made up of ones, zeroes,
lower-case "l", uppercase "I", and uppcase "O". So much fun to debug

 

[Petter Gustad]

"Ira Baxter" <idbaxter@semdesigns.com> writes:

An alternative is IP obfuscation, which doesn't require any decryption
at the recieving end. It doesn't offer perfect protection, but then

Synthesis and flattening of the netlist to some simple generic library
would also be quite effective if the netnames are assigned in a
similar fashion.

Petter
--
..sig removed by request.

 

[vp]

IP author can encrypt an IP as per IEEE Std 1735™-2014 (IEEE P1735 v2) standard with IP Emcrypter tools. IP author can provide the level of protection through protect directives in common and tool blocks.

https://ipencrypter.com/wp-content/uploads/2016/11/ipe1735v2-1610-1-0-ug01.pdf

 

IP author can encrypt an IP as per IEEE Std 1735™-2014 (IEEE P1735 v2) standard with IP Encrypter tools. IP author can provide the level of protection through protect directives in common and tool blocks.

https://ipencrypter.com/wp-content/uploads/2016/11/ipe1735v2-1610-1-0-ug01.pdf