EDAboard.com | EDAboard.de | EDAboard.co.uk | WTWH Media

Encrypting verilog files

Ask a question - edaboard.com

elektroda.net NewsGroups Forum Index - Verilog Language - Encrypting verilog files

Goto page Previous  1, 2

pilokino@gmail.com
Guest

Fri Apr 01, 2005 2:03 pm   



spamtokeith_at_gmail.com wrote:
Quote:
Better to ask what the module does in this form, since it's trivial
to
convert the ugly names. There are perl scripts available on the net
to
do this:

module top ( a, b, c, d, e, result );

input a;
input b;
input c;
input [3:0] d;
input [(16-1):0] e;
output [(16-1):0] result;

wire [(16-1):0] result;
wire [(16-1):0] k;

wire j;

assign j = a ? e[16-1] : 1'b0;
assign k = b ? e : {16{j}};
assign result = (c == 1'b1) ? (e << d) : ({k, e} >> d);

endmodule


I would be interested in such a Perl script. Any pointers appreciated.

cheers,

P.

Jon Beniston
Guest

Mon Apr 04, 2005 9:41 am   



"pilokino_at_gmail.com" <pilokino_at_gmail.com> wrote in message news:<1112367835.017855.274350_at_f14g2000cwb.googlegroups.com>...
Quote:
spamtokeith_at_gmail.com wrote:
Better to ask what the module does in this form, since it's trivial
to
convert the ugly names. There are perl scripts available on the net
to
do this:

module top ( a, b, c, d, e, result );

input a;
input b;
input c;
input [3:0] d;
input [(16-1):0] e;
output [(16-1):0] result;

wire [(16-1):0] result;
wire [(16-1):0] k;

wire j;

assign j = a ? e[16-1] : 1'b0;
assign k = b ? e : {16{j}};
assign result = (c == 1'b1) ? (e << d) : ({k, e} >> d);

endmodule


I would be interested in such a Perl script. Any pointers appreciated.

An obfuscator will do the job for you! You just have to change it so
that instead of outputing obfuscated names, it outputs a, b, c etc.

Although the above is more readable, for any complicated block of
code, unless you have the original net names, it's still going to be a
hell of a struggle to understand it IMHO.

Be careful though, your IP license probably forbids you from doing
this.

Cheers,
Jon

Keith
Guest

Mon Apr 04, 2005 3:31 pm   



Jon Beniston wrote:
Quote:
"pilokino_at_gmail.com" <pilokino_at_gmail.com> wrote in message
news:<1112367835.017855.274350_at_f14g2000cwb.googlegroups.com>...
spamtokeith_at_gmail.com wrote:
Better to ask what the module does in this form, since it's
trivial
to
convert the ugly names. There are perl scripts available on the
net
to
do this:

module top ( a, b, c, d, e, result );

input a;
input b;
input c;
input [3:0] d;
input [(16-1):0] e;
output [(16-1):0] result;

wire [(16-1):0] result;
wire [(16-1):0] k;

wire j;

assign j = a ? e[16-1] : 1'b0;
assign k = b ? e : {16{j}};
assign result = (c == 1'b1) ? (e << d) : ({k, e} >> d);

endmodule


I would be interested in such a Perl script. Any pointers
appreciated.

An obfuscator will do the job for you! You just have to change it so
that instead of outputing obfuscated names, it outputs a, b, c etc.

Although the above is more readable, for any complicated block of
code, unless you have the original net names, it's still going to be
a
hell of a struggle to understand it IMHO.

Be careful though, your IP license probably forbids you from doing
this.

Cheers,
Jon

That's a twisted idea - I like it Wink You could also try vrename. It's
been a long time since I used it, but I think that it could do the job.

I think that anyone relying on obfuscation should at least give this a
shot, and make sure that they feel comfortable with the results.

Regards,
Keith

mag
Guest

Wed Mar 17, 2010 6:34 am   



On 2005-03-21 22:09:17 -0800, dont_reply said:

Quote:
"Arturi" <teen_machines_at_yahoo.com.br> wrote in message
news:1a5dc45a.0503211040.5e6dd6a1_at_posting.google.com...
Anybody has an idea how to encrypt verilog files for customer
delivery?

Most commercial IP-vendors deliver their IP-models in the form of
a binary (PLI) simulator-library. These are compiled individually
for the different target platforms (SunOS, linux, IBM, HP-UX, etc.)

Additionally, I've seen some IP-models delivered in different
"simulator flavors" (VCS, Modelsim, Nc-Sim/XL, etc.) But the normal
practice is small binary-file set. Configurability is up to the
vendor. Some vendors let you pass configuration-flags to the
IP-model (through the PLI-interface), others require you to
manually manage the configuration by swapping the actual PLI-files.

Both Cadence and Synopsys offer a product that lets users
create self-contained models, for use/import into a remote (customer)
sim-environment. I think Cadence calls it's product "AMP" (Affirma
Model Packager), and it comes with the LDV/IUS product-set.

I don't know Synopsys's offering offhand, but just lookup "SmartModel"
on their www-site.

And obviously, I'm sure the other players (Modelsim) offer a similar
product.

So how popular is encryption of IP, especially encryption of IP that is
intended to be synthesized? How open are customers to using protected
IP? What are the pros/cons of an always-encrypted silicon IP business
model?

glen herrmannsfeldt
Guest

Wed Mar 17, 2010 7:58 am   



mag <mag_at_internet.com> wrote:
(snip)

Quote:
So how popular is encryption of IP, especially encryption of IP that is
intended to be synthesized? How open are customers to using protected
IP? What are the pros/cons of an always-encrypted silicon IP business
model?

I do wonder how much it will slow down anyone.

Note that for it to be useful, the tools need to be able to
decrypt it, which means that they need the key. It can't be
that hard for someone to extract the key.

-- glen

Stephen Williams
Guest

Wed Mar 17, 2010 5:31 pm   



glen herrmannsfeldt wrote:
Quote:
mag <mag_at_internet.com> wrote:
(snip)

So how popular is encryption of IP, especially encryption of IP that is
intended to be synthesized? How open are customers to using protected
IP? What are the pros/cons of an always-encrypted silicon IP business
model?

I do wonder how much it will slow down anyone.

Note that for it to be useful, the tools need to be able to
decrypt it, which means that they need the key. It can't be
that hard for someone to extract the key.

Indeed, and the `protect/`endprotect support is defined so as to
allow for th decoding to easily work in a preprocessor, which can
then feed decrypted verilog to the main compiler. If I were to
implement `protect/`endprotect in Icarus Verilog, that is how I
would do it. But of course that would offer up a trivial way for
the user to get a decrypted version of the IP. Think DMCA.

The most exasperating application of this is Xilinx uses encryption
to distribute their *simulation* *models*. This pretty much rules
out using open source tools (Icarus Verilog / Verilator / cver) to
simulate those models.

--
Steve Williams "The woods are lovely, dark and deep.
steve at icarus.com But I have promises to keep,
http://www.icarus.com and lines to code before I sleep,
http://www.picturel.com And lines to code before I sleep."

Andy Botterill
Guest

Wed Mar 17, 2010 8:05 pm   



On 03/17/2010 04:31 PM, Stephen Williams wrote:
Quote:

The most exasperating application of this is Xilinx uses encryption
to distribute their *simulation* *models*. This pretty much rules
out using open source tools (Icarus Verilog / Verilator / cver) to
simulate those models.

I use cver and can simulate the p&r gate level netlist e.g.

XXX_timesim.v with few problems. I had had to make minor changes to the
simprim.v file to cover for some minor differences between what isim
will accept and what cver will accept. I think cver is more strict on
syntax than isim. Maybe when I am closer to finishing my design (I wish)
I will buy modelsim for a sign off simulation. I'm using webpack 10.1.02
under linux. Andy

Stephen Williams
Guest

Wed Mar 17, 2010 11:44 pm   



Andy Botterill wrote:
Quote:
On 03/17/2010 04:31 PM, Stephen Williams wrote:

The most exasperating application of this is Xilinx uses encryption
to distribute their *simulation* *models*. This pretty much rules
out using open source tools (Icarus Verilog / Verilator / cver) to
simulate those models.

I use cver and can simulate the p&r gate level netlist e.g.
XXX_timesim.v with few problems. I had had to make minor changes to the
simprim.v file to cover for some minor differences between what isim
will accept and what cver will accept. I think cver is more strict on
syntax than isim. Maybe when I am closer to finishing my design (I wish)
I will buy modelsim for a sign off simulation. I'm using webpack 10.1.02
under linux. Andy


You misunderstood me. Icarus Verilog and cver and others can
simulate all the various unisims and simprims models just fine.
In my day job we do all sorts of FPGA designs and we simulate
before and after P&R using Icarus Verilog.

The problems come with simulating using models for various other
Xilinx supplied IP cores. Those models are encrypted. (They used
to use SWIFT, but Synopsis dropped SWIFT and no one else took it
up.)


--
Steve Williams "The woods are lovely, dark and deep.
steve at icarus.com But I have promises to keep,
http://www.icarus.com and lines to code before I sleep,
http://www.picturel.com And lines to code before I sleep."

Andy Botterill
Guest

Thu Mar 18, 2010 7:39 pm   



On 03/17/2010 10:44 PM, Stephen Williams wrote:
Quote:
Andy Botterill wrote:
On 03/17/2010 04:31 PM, Stephen Williams wrote:

The most exasperating application of this is Xilinx uses encryption
to distribute their *simulation* *models*. This pretty much rules
out using open source tools (Icarus Verilog / Verilator / cver) to
simulate those models.

I use cver and can simulate the p&r gate level netlist e.g.
XXX_timesim.v with few problems. I had had to make minor changes to the
simprim.v file to cover for some minor differences between what isim
will accept and what cver will accept. I think cver is more strict on
syntax than isim. Maybe when I am closer to finishing my design (I wish)
I will buy modelsim for a sign off simulation. I'm using webpack 10.1.02
under linux. Andy


You misunderstood me. Icarus Verilog and cver and others can
simulate all the various unisims and simprims models just fine.
In my day job we do all sorts of FPGA designs and we simulate
before and after P&R using Icarus Verilog.

The problems come with simulating using models for various other
Xilinx supplied IP cores. Those models are encrypted. (They used
to use SWIFT, but Synopsis dropped SWIFT and no one else took it
up.)

I haven't needed to use encrypted models. It's against my concept for my
home project. Sorry for misunderstanding. Andy
Quote:



Ira Baxter
Guest

Mon Mar 22, 2010 3:56 pm   



"mag" <mag_at_internet.com> wrote in message
news:2010031622340816807-mag_at_internetcom...
Quote:
On 2005-03-21 22:09:17 -0800, dont_reply said:

"Arturi" <teen_machines_at_yahoo.com.br> wrote in message
news:1a5dc45a.0503211040.5e6dd6a1_at_posting.google.com...
Anybody has an idea how to encrypt verilog files for customer
delivery?

Most commercial IP-vendors deliver their IP-models in the form of
a binary (PLI) simulator-library. These are compiled individually
for the different target platforms (SunOS, linux, IBM, HP-UX, etc.)


An alternative is IP obfuscation, which doesn't require any decryption
at the recieving end. It doesn't offer perfect protection, but then
nothing does; the argument is does it provide enough for your purposes
and only you can decide that.

See
http://www.semanticdesigns.com/Products/Obfuscators/VerilogObfuscator.html


--
Ira Baxter, CTO
www.semanticdesigns.com

David Rogoff
Guest

Mon Mar 22, 2010 5:58 pm   



On 2010-03-22 07:56:19 -0700, Ira Baxter said:

Quote:
"mag" <mag_at_internet.com> wrote in message
news:2010031622340816807-mag_at_internetcom...
On 2005-03-21 22:09:17 -0800, dont_reply said:

"Arturi" <teen_machines_at_yahoo.com.br> wrote in message
news:1a5dc45a.0503211040.5e6dd6a1_at_posting.google.com...
Anybody has an idea how to encrypt verilog files for customer
delivery?

Most commercial IP-vendors deliver their IP-models in the form of
a binary (PLI) simulator-library. These are compiled individually
for the different target platforms (SunOS, linux, IBM, HP-UX, etc.)


An alternative is IP obfuscation, which doesn't require any decryption
at the recieving end. It doesn't offer perfect protection, but then
nothing does; the argument is does it provide enough for your purposes
and only you can decide that.

See http://www.semanticdesigns.com/Products/Obfuscators/VerilogObfuscator.html

I've worked with lots of vendor IP that used obfuscation. All signal
and module names are 8 characters long and made up of ones, zeroes,
lower-case "l", uppercase "I", and uppcase "O". So much fun to debug Smile

Petter Gustad
Guest

Mon Mar 22, 2010 6:45 pm   



"Ira Baxter" <idbaxter_at_semdesigns.com> writes:

Quote:
An alternative is IP obfuscation, which doesn't require any decryption
at the recieving end. It doesn't offer perfect protection, but then

Synthesis and flattening of the netlist to some simple generic library
would also be quite effective if the netnames are assigned in a
similar fashion.

Petter
--
..sig removed by request.

vp
Guest

Tue Dec 06, 2016 6:51 am   



IP author can encrypt an IP as per IEEE Std 1735™-2014 (IEEE P1735 v2) standard with IP Emcrypter tools. IP author can provide the level of protection through protect directives in common and tool blocks.

https://ipencrypter.com/wp-content/uploads/2016/11/ipe1735v2-1610-1-0-ug01.pdf


Guest

Tue Dec 06, 2016 8:30 am   



IP author can encrypt an IP as per IEEE Std 1735™-2014 (IEEE P1735 v2) standard with IP Encrypter tools. IP author can provide the level of protection through protect directives in common and tool blocks.

https://ipencrypter.com/wp-content/uploads/2016/11/ipe1735v2-1610-1-0-ug01.pdf

Goto page Previous  1, 2

elektroda.net NewsGroups Forum Index - Verilog Language - Encrypting verilog files

Ask a question - edaboard.com

Arabic version Bulgarian version Catalan version Czech version Danish version German version Greek version English version Spanish version Finnish version French version Hindi version Croatian version Indonesian version Italian version Hebrew version Japanese version Korean version Lithuanian version Latvian version Dutch version Norwegian version Polish version Portuguese version Romanian version Russian version Slovak version Slovenian version Serbian version Swedish version Tagalog version Ukrainian version Vietnamese version Chinese version Turkish version
EDAboard.com map