Encryption Key Storage

The Kintex-7 FPGA supports design security using AES decryption logic and provides two methods for encryption key memory storage. The first is a volatile memory storage supported by an external battery backup supply voltage (Vbatt). The second is a one-time programmable eFUSE register. The XEM7360 design supports both types of key storage with user-modification required for Vbatt support.

For quantity purchases of 50 or more units, please contact Opal Kelly ([email protected]) to discuss factory installation of these components.

Volatile Encryption Key Storage (Vbatt)

A small lithium rechargeable battery and a few support components can be installed to provide Vbatt to the FPGA when the XEM is unpowered. This will preserve the contents of the FPGA’s volatile key storage so long as Vbatt remains over the threshold specified in the Kintex-7 documentation. Please see the Xilinx 7-Series FPGA’s Configuration (UG470) for more details.

The applicable schematic section and components required to support this functionality are shown below.

REFDESMANUFACTURERMANUFACTURER P/NCOMMENT
BT1Seiko InstrumentsMS412FE-FL26E3V, 1mAh lithium battery
D4Micro CommercialBAS40-04-TPSchottky Diode, SOT23
R76Generic2.0 kΩ, 5%, SM-0402 
C174Generic1 uF, 6.3V, SM-0402
U35Texas InstrumentsTPS78318DDCLDO, 150 mA, 1.8v, 150 nA Iq, SOT23-5 package
C175Generic1 uF, 6.3V, SM-0402
R77Generic0 Ω, SM-0402Connects Vbatt to DGND
Installed by default. Remove if placing Vbatt components

Non-Volatile Encryption Key Storage (eFUSE)

Non-volatile storage of the encryption key is also possible by programming the Kintex-7 eFUSE register via JTAG. Please see the AMD 7-Series FPGAs Configuration (UG470) for more details.