As shown in This Figure, the user key is encrypted with the family key, which is embedded in the metal layers of the device. This family key is the same for all devices in the Zynq UltraScale+ MPSoC family. The result is referred to as the obfuscated key. The term obfuscated is used instead of encrypted to reflect the relative strength of the security mechanism. The obfuscated key can reside in either the authenticated boot header or eFUSEs. During boot, the CSU ROM takes the obfuscated key, decrypts it with the family key, and then uses the resulting user key to decrypt the boot images.
The Xilinx development tools (bootgen) can be used to create a boot image with the obfuscated key. The family key is not distributed with the Xilinx development tools. To receive the family key, contact firstname.lastname@example.org. For more information on generating boot images with the obfuscated key, see “Chapter 8: Security Features” in the Zynq UltraScale+ MPSoC Software Developer’s Guide (UG1137) [Ref 3].