[kens]

Some FPGAs such as the Xilinx 7 series support bitstream encryption, so that's a new layer of complexity.

Modern FPGAs also have much more in each CLB, and have multiple types of CLBs, so the bit stream is more complex in that way. See e.g. https://www.xilinx.com/support/documentation/user_guides/ug3...

I don't know a whole lot about modern FPGA bitstreams, so I'd be interested in anyone has more details. Is the bitstream still essentially a pile of raw bits controlling things, or is there more structure inside?

[anfilt]

I would like to also add if your curious about more modern FPGA bit-streams there are these two projects which reverse-engineered bit streams for open source synthesis.

https://github.com/SymbiFlow/prjxray https://github.com/SymbiFlow/icestorm

[anfilt]

The bitstream is probably decrypted as it enters the chip. After that at best you might have some simple xoring at each CLB to make someone probing with needles life harder.

Also making sure each data line is not on the top or bottom layer to make non-destructive access harder. At which point you going to need careful application of acid or focused ion beam ablation.

[trollied]

The encryption has been broken. You can read about it here https://news.ycombinator.com/item?id=22915831

[anfilt]

I was not saying anything about that, but if you look at that paper or video you can see the bitstream is passed through an AES decryption stage before programing the logic fabric. This break found a way to read the data after that AES stage.

However, I was just explaining how encryption generally works for these things. Weather or not breaks exist for some chips.