Secure distribution infrastructure for hardware digital contents

Field-programmable gate array (FPGA) reconfigurability creates the possibility of distributing hardware cores pretty much like software digital contents, possibly on payment or on a subscription basis. In this work, the authors propose an infrastructure for the secure distribution of such hardware digital contents (HDCs). Aimed at the practical realisation of the envisioned scenario, this study analyses the security-related features of the current FPGA devices, for example, (partial) bitstream encryption, and takes them as the underlying constraints for the definition of the infrastructure. This work clearly identifies the roles involved in the secure distribution process, including a trusted third-party entity, and introduces a cryptographic protocol ensuring the confidentiality and the trustworthiness of partial bitstreams dynamically downloaded to the user´s device. This study also presents a detailed case-study application scenario, namely the secure distribution of image codec components, providing a few quantitative results and demonstrating the limited overhead incurred by the proposed solution in terms of time and area costs. The conclusive section of this study discusses the lesson learned from this work and draws a few proposals for the evolution of security-related FPGA features which may enable the full realisation of the secure HDC distribution concept.