Just downloaded it... But if .bit -> .ncd could be converted - it will be not difficult to decode keys from chip. OR - EXTREMELY complex self-modifying bitstream should be made for protection alone... So costs would be not justified for this SHA256 thing protection alone... I've implemented some time ago meta-translators for x86 code protection, generating morphed code & executable difficult for analysis, and with FPGA it would be even more complex.
Hrm, not too sure about that. FPGAs are pretty easy to simulate in software… it just takes a really really really long time and runs really really really slowly. But the attacker only has to do that once. The root problem is that they don't need to be able to understand your design; they only need to be able to simulate the device it runs on
and snoop the bits being written into the ICAP port.
So in -7 series they will make logic that consumes _same_ power not depending on their internal key, so correlation will not be possible ?
I believe so. I can't speak for Xilinx in particular, but I know a guy who had to design a decryption circuit with this property for some sort of wireless system. There are lots of ways to do it; some of them aren't too hard. The lazy way is to run your circuit through a transformation that turns every wire into two wires; on odd numbered clock cycles you drive both wires to zero and on even numbered clock cycles you pull high exactly one of the wires (the "left" one to represent logic-1 and the "right" one to represent logic-0). So the power consumption is perfectly uniform: for each bit there is one wire worth of capacitance discharged on each odd-numbered cycle and one wire worth of capacitance charged on each even-numbered cycle. Of course this makes your circuit 2-3 times larger and twice as slow, but for something tiny like an AES core it's no big deal.
And I may reconsider initial licensing offer, as I still have no binding on that of course.
Probably a good idea. Here's one other reason I forgot: if you let people ship you boards that you didn't design, how do you know they don't have a microcontroller on there somewhere snooping the JTAG bus and capturing your decryption key as you send it to the device in cleartext? If the snoop wire is on one of the inner planes of a 4-layer board and the microcontroller draws power from VCCAUX you'd never notice it.
So looking again on these numbers and having troubles with protection of bitstream, all of these devices can be "on hold" in some datacenter say in Iceland in name of their owners,
I think there's a real market for that -- combined hardware and hosting sales. You can also offer to ship them the hardware but tell them you're going to wipe the bitstream and encryption key off of it before you ship it out.
And seems to be more fair play than "perpetual bonds" without significant backing, where bond issuer can go defunct half the road etc.