Synplicity announced an open IP encryption standard June 19 and offered it to the industry. The methodology uses openly available, government-approved encryption methods combined with an encryption embedding mechanism proposed by Cadence Design Systems Inc. and included with the current Verilog 2005 release.

The approach "allows us to quickly build trust" with new customers, said Mark Brass, director of IP licensing at ARM. "There is a clear value in allowing the use of IP through an encrypted flow," he said.

Victor Berman, group director for language standards at Cadence Design Systems, noted that the IEEE 1364-2005 Verilog release includes IP encryption technology donated by Cadence. "It's a good thing that somebody is taking up what we did for the standard and is turning it into reality," he said. "This encryption flow makes it a lot easier for people to evaluate and use IP in the flow."

Lattice Semiconductor was the first company to implement the Synplicity encryption scheme, said Christopher Fanning, vice president of software and IP solutions at Lattice. It's been successful, he said, because it provides an encryption methodology that multiple EDA and IP vendors can use, it provides enough security to protect IP, and the methodology is "very straightforward" to implement.

"Having an ability to trust tools to operate on deep parts of the data structure, while still maintaining IP protection, has a high value," said Gary Delp, distinguished engineer with LSI Logic and CTO of the Virtual Socket Interface (VSI) Alliance. He noted that the encryption flow could possibly "piggyback" on top of the IP tagging mechanism developed by the VSI Alliance.

When Xilinx packages IP, it currently has to support at least three different formats for different tools, said Sujoy Mitra, R&D engineer at Xilinx. Thus, a common encryption scheme has great appeal for that company, he said. He also said an encryption standard will help support "entitlement" by helping make sure that those who use IP are legally entitled to use it.

Andrew Dauman, vice president of worldwide engineering at Synplicity, said that the proposed encryption scheme's "hybrid" approach combines the best of symmetric and asymmetric encryption methodologies. With this approach, the IP vendor encrypts the data using a symmetric algorithm, but encrypts the data key using an asymmetric algorithm. The data block and all of the key blocks are compiled into a single file that is provided to all EDA vendors. To decrypt, an EDA application such as synthesis uses the vendor's private key, which is embedded in the application itself. Bauman said Synplicity's goal is to get the proposal before a standards body and adopted as an official standard.

Consultant Stu Sutherland spoke from the audience to note that designers have concerns about IP encryption. "From a design engineer's perspective, IP models are black boxes, especially if they're encrypted," he said. "Design engineers don't trust black boxes. When we have debugging problems in design, we need to see what's in that black box."

ARM's Brass noted that customers can use the encrypted flow to evaluate IP, and then fully license the IP to get access to the RTL once they've made their decision. Xilinx' Mitra said most FPGA designers are not interested in the details of IP, and noted that "we have to limit visibility and we have to have some of it."

"I'm an engineer, and I want to see inside and know how it works," said LSI's Delp. With the proposed encryption scheme, he noted, "you can reveal pieces of it so it's not a black box, it's a gray box with various levels of revelation."

Related links