FPGAs in cryptanalysis: Key search engine 1 interface
20 Oct 2003


The interface allows the following operations to be performed:


The controller provides a number of registers which allow the computer to access the machine’s resources.

0STATUSStatus registerRead only
1NEXTKEYRetrieves the next potential key from the bufferRead only
2CTEXTSets the known ciphertextWrite only
3PTEXTSets the known plaintextWrite only
4SUSELSelect a search unitWrite only
5SUKEYSet or retrieve the current value of the key generatorRead/write
6IVSets the initialisation vectorWrite only
Initial key search machine registers

Only the least significant 3 bits are decoded. All transfers are 64 bits wide. This makes supporting key lengths greater than 64 bits difficult.

When reading the STATUS register, the least significant word contains the following bits:

0–3VERSIONDescribed below
4BUFFER_FULLSet when the key buffer is full
5DVALIDSet when the machine is ready for a new command
6SU_PRESENTSet when the currently selected search unit exists
7SU_RUNNINGSet when the currently selected search unit is running
8BUFFER_EMPTYSet when the key buffer is empty
Initial key search machine STATUS register

VERSION specifies the version of the communication protocol. For this iteration of the design, the version is “0001”. It is also used to detect whether the board is programmed and operating properly. As such, it should never be “0000”. This catches the case where the FPGA has not been correctly programmed.

DVALID is set when the machine is ready for a new command, and cleared when a command is currently executing. Results from a write command should not be read until DVALID is set.

When written to, the SUSEL register selects a search unit. Any subsequent commands that operate on a specific search unit operate on the search unit specified in SUSEL. Writing to SUSEL also updates the value of the SUKEY register and the SU_PRESENT and SU_RUNNING bits in the STATUS register. The SUSEL register must be repeatedly written to in order to keep this data up to date.

SU_RUNNING is set when the last selected search unit is running, and cleared when the search unit is halted. A search unit might be halted if it has found a key and is waiting to have the key read, or if no initial key has been set.


  1. Software checks presence and version of board by reading STATUS register
  2. If VERSION is 0, program complains that FPGA has not been programmed
  3. If VERSION is not 1, program complains that software version does not match or FPGA is incorrectly programmed
  4. For each address where a search unit is believed to exist

    1. Software writes the address to SUSEL
    2. Software polls STATUS until DVALID goes high
    3. If SU_PRESENT is 1, the search unit exists and can be used; if 0, search unit does not exist
  5. Software writes CTEXT, PTEXT and IV registers

  6. For each search unit:

    1. Software waits for DVALID flag to go high
    2. Software selects a search unit (sets SUSEL register)
    3. Software writes initial key into search unit (writes SUKEY register)
  7. Until correct key is located:

    1. Software polls STATUS register to determine if any potential keys have been located
    2. If there is a pending key, read it out of the buffer

The key that is written into the key buffer is always the key that was in the key generator at the time the search unit was halted, not the key that caused the search unit to halt. The software must be aware of the number of clock cycles required to process a single key, and subtract that value from the value stored in the key buffer. This value is algorithm dependent.

comments powered by Disqus