UPGRADE YOUR BROWSER

We have detected your current browser version is not the latest one. Xilinx.com uses the latest web technologies to bring you the best online experience possible. Please upgrade to a Xilinx.com supported browser:Chrome, Firefox, Internet Explorer 11, Safari. Thank you!
  1. Xilinx - Adaptable. Intelligent.
  2. Support
  3. AR# 70622: Design Advisory for Zynq UltraScale+ MPSoC: 2017.x Xilinx Development tools and software re-use the same AES Key and IV pair across multiple partitions.

AR# 70622

Design Advisory for Zynq UltraScale+ MPSoC: 2017.x Xilinx Development tools and software re-use the same AES Key and IV pair across multiple partitions.

Description

This Design Advisory is targeted at users who encrypt their configuration files during Secure Boot, and impacts Bootgen, FSBL, XILSECURE and XILFPGA.

In versions prior to 2018.1, Xilinx Development tools and software re-use the same AES Key and IV pair across multiple partitions.

This re-use violates the NIST 800-38D standard which states the following:

"The probability that the authenticated encryption function ever will be invoked with the same IV and the same key on two (or more) distinct sets of input data shall be no greater than 2 ^ -32."

Solution

This issue is resolved in the 2018.1 release.

Please, reference (UG1137) (v7.0) May 4, 2018 Chapter 8 "Security Features" for more details.

AR# 70622
Date 05/30/2018
Status Active
Type Design Advisory
Devices
  • Zynq UltraScale+ MPSoC
Tools
  • Vivado Design Suite - 2017.4
  • Vivado Design Suite - 2017.3
  • Vivado Design Suite - 2017.2
  • Vivado Design Suite - 2017.1
Page Bookmarked