path: root/wiki/Joachim%20Str%C3%B6mbergson.trac



= Joachim Strömbergson =
== Bio ==


== Current activities ==
* Developing coretest - a core testing framework for FPGAs.
* Implementation of UART
* Verification of SHA-256
* Verification of SHA-1
* Implementation of AES-128
* Design proposal for TRNG
* Design proposal for Curve25519 accelerator


== Work Notes ==
=== Presentations from meeting 2014-03-10 (updated and extended):
* [browser:/doc/presentations/Cryptech_HW_status_2014-03-10.pdf "Cryptech HW status 2014-03-10"]
* [browser:/doc/presentations/Cryptech_TRNG_Ideas_2014-03-17.pdf "Cryptech TRNG Ideas 2014-03-17"]

=== Open EDA Tools ===
* http://torc-isi.sourceforge.net/index.php - Torc is an open-source C++ infrastructure and tool set for reconfigurable computing


=== Curve25519 ===
We need to create an accelerator or possibly a complete implementation of the Curve25519 EC based DH-excgange.  We should be able to look at some previous work:

* http://eprint.iacr.org/2013/375 - NaCl on 8-Bit AVR Microcontrollers. Includes an iterative implementation of Curve25519
* http://cryptojedi.org/crypto/index.shtml - The code to the implementation
* http://nacl.cr.yp.to/ - The main NaCl library by DJB.
* http://cr.yp.to/ecdh/curve25519-20060209.pdf - The Curve25519 paper by DJB.


== Pre meeting notes ==

=== Stockholm 2013-12-05 - 2012-12-06 ===
Preparation notes for the OpenHSM meeting 2013-12-05 --
2013-12-06. The notes contains topics, questions and ideas
I want to bring up, check and discuss on the meeting.

Philosophy
----------
- How to build trust in the project?
  - Total openess and transparency
  - Traceability of decisions
  - Focus on simple third party validation
  - Partitioning of security functions


Project goal
------------
- Low cost vs high performance

- Scalability
  - Functionality
  - Performance
  - Security

- Target system
  - Performance
  
  - Self contained, external
    - USB, 
    - Ethernet
    
  - Integrated
    - PCIe
    - Mem module
    - SD card

- Target users
  - Single user
  - Enterprise

- Roadmap and development plan
   - Prototyp - första målplattform
   - Establish first Use cases

- Deliveries
  - Proof of concept, prototype
  - Self assembly and/or finished product
  - Source code for SW, HW
  - PCB
  - Enclosures
  - Development environment
  - Test, validation environment
  - Tool development

 - Time plan
   - Start when
   - Proto when
   - v 1.0 when


Project management
------------------
- Status financing

- Ownership

- Oveerseeing board
  - IETF, ISOC,... ?

- Advisory board
  - Reviewers, external experts
    - FPGA key extract dude
    - DJB

- Team
  - Addtiona competency needed?

- Project security
  - Communication
  - ...


Development general
-------------------
- License(s)
  - GPLv2, v3
  - BSD
  
- Methodology
  - Agile
  - Minimal functionality in PoC
  - Clear increments

- Repository
  - Github
  

Technology
----------
- Target technologies
  - FPGA (+ internal, external CPUs)
  - ASIC
  - Pure CPU based

- Target PoC board
  - Select one early

- Toolchains and languages
  - SW
  - HW
    - Verilog 2001, 2005, SystemVerilog
    - Icarus, gplcver
    - Vendor specific
    - Validation of bitstream
      - Edge of trust, dowm the Rabbit hole
  
- Security support in design
  - JTAG
  - BIST for functionality
  - BIST for security
    - KATS

  - On-line self check
    - RNG
      - Pathological problems
        - Stuck at fixed values
        - variance
        - bias

- Reuse of existing design, code?
  - Cores - OpenCores
    - OpenRISC
    - AES, SHA, RSA
  - SoftHSM - DNSSEC PKCS#11
  - Nettle
  - ...

- On chip 32-bit or 64 bit CPU core
  - OpenRISC
    - LGPL
    - http://openrisc.net/
    - http://opencores.org/or1k/Main_Page
    - https://en.wikipedia.org/wiki/OpenRISC

- RNG
  - More than one entropy source
    - Just external sources
      - User/vendor/implemented supplied 
    - One external, one internal
      - YubiHSM entropy source: https://www.yubico.com/products/yubihsm/
      - Haveged: http://www.issihosts.com/haveged/
      - DakaRand: http://dankaminsky.com/2012/08/15/dakarand/
      - Jytter a userspace RNG: http://www.chronox.de/
      - CPU Jitter RNG: http://www.chronox.de/
    - CSPRNG based on Linux, OpenBSD, Fortuna, NIST etc.
      - NIST SP 800-90. CTR_DRBG
      - Fortuna https://en.wikipedia.org/wiki/Fortuna_PRNG
        - Schneier, Ferguson. No estimator needed.
      - OpenBSD arc4random: http://www.openbsd.org/cgi-bin/man.cgi?query=arc4random&sektion=3
    - Raw read access in test mode to collected entropy pre whitening
    - Write access in test mode to CSPRNG
    - No key generation etc allowed during test mode.
    

Technical requirements
----------------------
- Functional requirements
  - TLS 1.x
  - Need roadmap for functions
    - AES, SHA-256, DH, RSA first iteration
  - Why GOST?
  - Why MD5?
  - Curves supported?
    - Curve25519
    - NIST, IEEE, RFC 4xxx

- HW/SW partitioning
  - Modularity

- API
  - DMA, buffering, formats
  - PKCS#11
  - Observability and control

- Security requirements
  - Common Criteria - EAL
  - FIPS 140-2 level 3-4

- Performance
  - Operations/s
  - Packets per second
  - Latency


Validaiton
----------
- Methodology
  - Unit tests, KATs
  
- Documentation
  - What to document
  - How
  
- Reviews
  - Plan for them
  - Who to ask
  
- Tools
  - Valgrind, Purify, linters
  

Documentation
-------------
- Meetings
  - Discussions, MoMs
  - Decisiona - motivation
  
   - Design
   - Test and validation
= Joachim Strömbergson =
== Bio ==


== Current activities ==
* Developing coretest - a core testing framework for FPGAs.
* Implementation of UART
* Verification of SHA-256
* Verification of SHA-1
* Implementation of AES-128
* Design proposal for TRNG
* Design proposal for Curve25519 accelerator


== Work Notes ==
=== Presentations from meeting 2014-03-10 (updated and extended):
* [browser:/doc/presentations/Cryptech_HW_status_2014-03-10.pdf "Cryptech HW status 2014-03-10"]
* [browser:/doc/presentations/Cryptech_TRNG_Ideas_2014-03-17.pdf "Cryptech TRNG Ideas 2014-03-17"]

=== Open EDA Tools ===
* http://torc-isi.sourceforge.net/index.php - Torc is an open-source C++ infrastructure and tool set for reconfigurable computing


=== Curve25519 ===
We need to create an accelerator or possibly a complete implementation of the Curve25519 EC based DH-excgange.  We should be able to look at some previous work:

* http://eprint.iacr.org/2013/375 - NaCl on 8-Bit AVR Microcontrollers. Includes an iterative implementation of Curve25519
* http://cryptojedi.org/crypto/index.shtml - The code to the implementation
* http://nacl.cr.yp.to/ - The main NaCl library by DJB.
* http://cr.yp.to/ecdh/curve25519-20060209.pdf - The Curve25519 paper by DJB.


== Pre meeting notes ==

=== Stockholm 2013-12-05 - 2012-12-06 ===
Preparation notes for the OpenHSM meeting 2013-12-05 --
2013-12-06. The notes contains topics, questions and ideas
I want to bring up, check and discuss on the meeting.

Philosophy
----------
- How to build trust in the project?
  - Total openess and transparency
  - Traceability of decisions
  - Focus on simple third party validation
  - Partitioning of security functions


Project goal
------------
- Low cost vs high performance

- Scalability
  - Functionality
  - Performance
  - Security

- Target system
  - Performance
  
  - Self contained, external
    - USB, 
    - Ethernet
    
  - Integrated
    - PCIe
    - Mem module
    - SD card

- Target users
  - Single user
  - Enterprise

- Roadmap and development plan
   - Prototyp - första målplattform
   - Establish first Use cases

- Deliveries
  - Proof of concept, prototype
  - Self assembly and/or finished product
  - Source code for SW, HW
  - PCB
  - Enclosures
  - Development environment
  - Test, validation environment
  - Tool development

 - Time plan
   - Start when
   - Proto when
   - v 1.0 when


Project management
------------------
- Status financing

- Ownership

- Oveerseeing board
  - IETF, ISOC,... ?

- Advisory board
  - Reviewers, external experts
    - FPGA key extract dude
    - DJB

- Team
  - Addtiona competency needed?

- Project security
  - Communication
  - ...


Development general
-------------------
- License(s)
  - GPLv2, v3
  - BSD
  
- Methodology
  - Agile
  - Minimal functionality in PoC
  - Clear increments

- Repository
  - Github
  

Technology
----------
- Target technologies
  - FPGA (+ internal, external CPUs)
  - ASIC
  - Pure CPU based

- Target PoC board
  - Select one early

- Toolchains and languages
  - SW
  - HW
    - Verilog 2001, 2005, SystemVerilog
    - Icarus, gplcver
    - Vendor specific
    - Validation of bitstream
      - Edge of trust, dowm the Rabbit hole
  
- Security support in design
  - JTAG
  - BIST for functionality
  - BIST for security
    - KATS

  - On-line self check
    - RNG
      - Pathological problems
        - Stuck at fixed values
        - variance
        - bias

- Reuse of existing design, code?
  - Cores - OpenCores
    - OpenRISC
    - AES, SHA, RSA
  - SoftHSM - DNSSEC PKCS#11
  - Nettle
  - ...

- On chip 32-bit or 64 bit CPU core
  - OpenRISC
    - LGPL
    - http://openrisc.net/
    - http://opencores.org/or1k/Main_Page
    - https://en.wikipedia.org/wiki/OpenRISC

- RNG
  - More than one entropy source
    - Just external sources
      - User/vendor/implemented supplied 
    - One external, one internal
      - YubiHSM entropy source: https://www.yubico.com/products/yubihsm/
      - Haveged: http://www.issihosts.com/haveged/
      - DakaRand: http://dankaminsky.com/2012/08/15/dakarand/
      - Jytter a userspace RNG: http://www.chronox.de/
      - CPU Jitter RNG: http://www.chronox.de/
    - CSPRNG based on Linux, OpenBSD, Fortuna, NIST etc.
      - NIST SP 800-90. CTR_DRBG
      - Fortuna https://en.wikipedia.org/wiki/Fortuna_PRNG
        - Schneier, Ferguson. No estimator needed.
      - OpenBSD arc4random: http://www.openbsd.org/cgi-bin/man.cgi?query=arc4random&sektion=3
    - Raw read access in test mode to collected entropy pre whitening
    - Write access in test mode to CSPRNG
    - No key generation etc allowed during test mode.
    

Technical requirements
----------------------
- Functional requirements
  - TLS 1.x
  - Need roadmap for functions
    - AES, SHA-256, DH, RSA first iteration
  - Why GOST?
  - Why MD5?
  - Curves supported?
    - Curve25519
    - NIST, IEEE, RFC 4xxx

- HW/SW partitioning
  - Modularity

- API
  - DMA, buffering, formats
  - PKCS#11
  - Observability and control

- Security requirements
  - Common Criteria - EAL
  - FIPS 140-2 level 3-4

- Performance
  - Operations/s
  - Packets per second
  - Latency


Validaiton
----------
- Methodology
  - Unit tests, KATs
  
- Documentation
  - What to document
  - How
  
- Reviews
  - Plan for them
  - Who to ask
  
- Tools
  - Valgrind, Purify, linters
  

Documentation
-------------
- Meetings
  - Discussions, MoMs
  - Decisiona - motivation
  
   - Design
   - Test and validation