Abstract: In some examples, a programmable device may load configuration data into a configuration storage to configure programmable logic of the programmable device. The programmable device may include a key generation logic that may read at least a portion of the configuration data from the configuration storage. The key generation logic may generate a cryptographic key based at least in part on the at least a portion of the configuration data read from the configuration storage.

Abstract: Contents of a memory may be authenticated using redundant encryption. In some examples, data to be stored by a memory is encrypted with two unique encryption keys—a first encryption key is used generate a cipher text and a second encryption key (different than the first encryption key) is used to generate an authentication tag. The cipher text and authentication tag are stored by the memory. At a later time, the cipher text and authentication tag may be retrieved from the memory and decrypted using the respective encryption keys. After decrypting the cipher text and the authentication tag, the data retrieved from the memory may be authenticated by comparing the plaintext generated by decrypting the cipher text and with the plaintext generated by decrypting the authentication tag. A match between the plaintext indicates the data was not corrupted or modified during storage in the memory.

Abstract: A system may encrypt the contents of a memory using an encryption key that is generated based on an entropy-based key derivation function. The system may generate a random value as a key split associated with an instance of writing data to memory. The system may generate an encryption key for encrypting the data using an entropy-based key derivation function based at least in part on the key split. The system may encrypt the data using the encryption key. The system may store the encrypted data and the key split to the memory.

Abstract: In some examples, a programmable device may load configuration data into a configuration storage to configure programmable logic of the programmable device. The programmable device may include a key generation logic that may read at least a portion of the configuration data from the configuration storage. The key generation logic may generate a cryptographic key based at least in part on the at least a portion of the configuration data read from the configuration storage.

Abstract: Spread spectrum clocking circuitry may be configured to produce a spread spectrum clock signal that coordinates the actions of functional circuitry. Spread spectrum clocking circuitry may be configured to include delay circuitry configured to generate a random delay signal based on a random input value and generate the spread spectrum clock signal based on the random delay signal. By introducing true randomness into the delay signal, spread spectrum clocking signal may be able to generate a truly random, as opposed to a merely pseudo random, clock signal.

Abstract: Spread spectrum clocking circuitry may be configured to produce a spread spectrum clock signal that coordinates the actions of functional circuitry. Spread spectrum clocking circuitry may be configured to include delay circuitry configured to generate a random delay signal based on a random input value and generate the spread spectrum clock signal based on the random delay signal. By introducing true randomness into the delay signal, spread spectrum clocking signal may be able to generate a truly random, as opposed to a merely pseudo random, clock signal.

Abstract: A system may encrypt the contents of a memory using an encryption key that is generated based on an entropy-based key derivation function. The system may generate a random value as a key split associated with an instance of writing data to memory. The system may generate an encryption key for encrypting the data using an entropy-based key derivation function based at least in part on the key split. The system may encrypt the data using the encryption key. The system may store the encrypted data and the key split to the memory.

Abstract: Contents of a memory are encrypted using an encryption key that is generated based on a random number and a memory location at which the contents are stored. Each of a plurality of locations of a memory can be associated with a respective unique pointer value, and an encryption key may be generated based on the unique pointer value and the random number. In some examples, the random number is unique to a power-up cycle of a system comprising the memory or is generated based on a time at which the data to be stored by the memory at the selected memory location is written to the memory.

Abstract: Contents of a memory may be authenticated using redundant encryption. In some examples, data to be stored by a memory is encrypted with two unique encryption keys—a first encryption key is used generate a cipher text and a second encryption key (different than the first encryption key) is used to generate an authentication tag. The cipher text and authentication tag are stored by the memory. At a later time, the cipher text and authentication tag may be retrieved from the memory and decrypted using the respective encryption keys. After decrypting the cipher text and the authentication tag, the data retrieved from the memory may be authenticated by comparing the plaintext generated by decrypting the cipher text and with the plaintext generated by decrypting the authentication tag. A match between the plaintext indicates the data was not corrupted or modified during storage in the memory.

Abstract: Contents of a memory are encrypted using an encryption key that is generated based on a random number and a memory location at which the contents are stored. Each of a plurality of locations of a memory can be associated with a respective unique pointer value, and an encryption key may be generated based on the unique pointer value and the random number. In some examples, the random number is unique to a power-up cycle of a system comprising the memory or is generated based on a time at which the data to be stored by the memory at the selected memory location is written to the memory.