AES Encryption and Decryption
The Intel® Arria® 10 SoC device family supports secure boot with Advanced Encryption Standard (AES) encryption with a 256 bit key length. AES is a symmetric-key algorithm. AES decryption support is provided by the CSS in the FPGA portion of the device. AES decryption is enabled through user fuse settings and software programming.
For information about the CSS, refer to the SoC Security chapter in the Intel® Arria® 10 Hard Processor System Technical Reference Manual.
The FPGA portion of the secured device has a dedicated decryption block that uses the AES algorithm to decrypt the boot loader image with a 256 bit AES key that you define. Before receiving the encrypted data, you must write the 256 bit key that you define into the device.
The AES algorithm is a symmetrical block cipher that encrypts and decrypts data in blocks of 256 bits. The decryption block uses the AES algorithm to decrypt the boot loader image and configuration data before configuring the FPGA portion of the device. If encryption is not used, the AES decryptor is bypassed.
Did you find the information on this page useful?