Hack images, store outputs in git again for now

Easier to track what each script change does if we keep the before and
after versions of the markdown in git too.  Clean this up eventually,
but simplifies development.

1 files changed, 336 insertions, 0 deletions

diff --git a/markdown/Joachim%20Str%C3%B6mbergson.md b/markdown/Joachim%20Str%C3%B6mbergson.md
new file mode 100644
index 0000000..dcf0a94
--- /dev/null
+++ b/markdown/Joachim%20Str%C3%B6mbergson.md
@@ -0,0 +1,336 @@
+# Joachim Strömbergson
+## Bio
+
+
+## Current activities
+
+* Developing coretest - a core testing framework for FPGAs.
+* Implementation of UART
+* Verification of SHA-256
+* Verification of SHA-1
+* Implementation of AES-128
+* Design proposal for TRNG
+* Design proposal for Curve25519 accelerator
+
+
+
+## Work Notes
+### Presentations from meeting 2014-03-10 (updated and extended):
+
+* [browser:/doc/presentations/Cryptech_HW_status_2014-03-10.pdf "Cryptech HW status 2014-03-10"]
+* [browser:/doc/presentations/Cryptech_TRNG_Ideas_2014-03-17.pdf "Cryptech TRNG Ideas 2014-03-17"]
+
+
+### Open EDA Tools
+
+* http://torc-isi.sourceforge.net/index.php - Torc is an open-source C++ infrastructure and tool set for reconfigurable computing
+
+
+
+### Curve25519
+We need to create an accelerator or possibly a complete implementation of the Curve25519 EC based DH-excgange.  We should be able to look at some previous work:
+
+
+* http://eprint.iacr.org/2013/375 - NaCl on 8-Bit AVR Microcontrollers. Includes an iterative implementation of Curve25519
+* http://cryptojedi.org/crypto/index.shtml - The code to the implementation
+* http://nacl.cr.yp.to/ - The main NaCl library by DJB.
+* http://cr.yp.to/ecdh/curve25519-20060209.pdf - The Curve25519 paper by DJB.
+
+
+
+## Pre meeting notes
+
+### Stockholm 2013-12-05 - 2012-12-06
+Preparation notes for the OpenHSM meeting 2013-12-05 --
+2013-12-06. The notes contains topics, questions and ideas
+I want to bring up, check and discuss on the meeting.
+
+Philosophy
+----------
+
+- How to build trust in the project?
+    - Total openess and transparency
+    - Traceability of decisions
+    - Focus on simple third party validation
+    - Partitioning of security functions
+
+
+
+Project goal
+------------
+
+- Low cost vs high performance
+
+
+
+- Scalability
+    - Functionality
+    - Performance
+    - Security
+
+
+
+- Target system
+    - Performance
+
+
+
+    - Self contained, external
+        - USB,
+        - Ethernet
+
+
+
+    - Integrated
+        - PCIe
+        - Mem module
+        - SD card
+
+
+
+- Target users
+    - Single user
+    - Enterprise
+
+
+
+- Roadmap and development plan
+    - Prototyp - första målplattform
+    - Establish first Use cases
+
+
+
+- Deliveries
+    - Proof of concept, prototype
+    - Self assembly and/or finished product
+    - Source code for SW, HW
+    - PCB
+    - Enclosures
+    - Development environment
+    - Test, validation environment
+    - Tool development
+
+
+
+    - Time plan
+        - Start when
+        - Proto when
+        - v 1.0 when
+
+
+
+
+Project management
+------------------
+
+- Status financing
+
+
+
+- Ownership
+
+
+
+- Oveerseeing board
+    - IETF, ISOC,... ?
+
+
+
+- Advisory board
+    - Reviewers, external experts
+        - FPGA key extract dude
+        - DJB
+
+
+
+- Team
+    - Addtiona competency needed?
+
+
+
+- Project security
+    - Communication
+    - ...
+
+
+
+Development general
+-------------------
+
+- License(s)
+    - GPLv2, v3
+    - BSD
+
+
+
+- Methodology
+    - Agile
+    - Minimal functionality in PoC
+    - Clear increments
+
+
+
+- Repository
+    - Github
+
+
+
+Technology
+----------
+
+- Target technologies
+    - FPGA (+ internal, external CPUs)
+    - ASIC
+    - Pure CPU based
+
+
+
+- Target PoC board
+    - Select one early
+
+
+
+- Toolchains and languages
+    - SW
+    - HW
+        - Verilog 2001, 2005, SystemVerilog
+        - Icarus, gplcver
+        - Vendor specific
+        - Validation of bitstream
+            - Edge of trust, dowm the Rabbit hole
+
+
+
+- Security support in design
+    - JTAG
+    - BIST for functionality
+    - BIST for security
+        - KATS
+
+
+
+    - On-line self check
+        - RNG
+            - Pathological problems
+                - Stuck at fixed values
+                - variance
+                - bias
+
+
+
+- Reuse of existing design, code?
+    - Cores - OpenCores
+        - OpenRISC
+        - AES, SHA, RSA
+    - SoftHSM - DNSSEC PKCS#11
+    - Nettle
+    - ...
+
+
+
+- On chip 32-bit or 64 bit CPU core
+    - OpenRISC
+        - LGPL
+        - http://openrisc.net/
+        - http://opencores.org/or1k/Main_Page
+        - https://en.wikipedia.org/wiki/OpenRISC
+
+
+
+- RNG
+    - More than one entropy source
+        - Just external sources
+            - User/vendor/implemented supplied
+        - One external, one internal
+            - YubiHSM entropy source: https://www.yubico.com/products/yubihsm/
+            - Haveged: http://www.issihosts.com/haveged/
+            - DakaRand: http://dankaminsky.com/2012/08/15/dakarand/
+            - Jytter a userspace RNG: http://www.chronox.de/
+            - CPU Jitter RNG: http://www.chronox.de/
+        - CSPRNG based on Linux, OpenBSD, Fortuna, NIST etc.
+            - NIST SP 800-90. CTR_DRBG
+            - Fortuna https://en.wikipedia.org/wiki/Fortuna_PRNG
+                - Schneier, Ferguson. No estimator needed.
+            - OpenBSD arc4random: http://www.openbsd.org/cgi-bin/man.cgi?query=arc4random&sektion=3
+        - Raw read access in test mode to collected entropy pre whitening
+        - Write access in test mode to CSPRNG
+        - No key generation etc allowed during test mode.
+
+
+
+Technical requirements
+----------------------
+
+- Functional requirements
+    - TLS 1.x
+    - Need roadmap for functions
+        - AES, SHA-256, DH, RSA first iteration
+    - Why GOST?
+    - Why MD5?
+    - Curves supported?
+        - Curve25519
+        - NIST, IEEE, RFC 4xxx
+
+
+
+- HW/SW partitioning
+    - Modularity
+
+
+
+- API
+    - DMA, buffering, formats
+    - PKCS#11
+    - Observability and control
+
+
+
+- Security requirements
+    - Common Criteria - EAL
+    - FIPS 140-2 level 3-4
+
+
+
+- Performance
+    - Operations/s
+    - Packets per second
+    - Latency
+
+
+
+Validaiton
+----------
+
+- Methodology
+    - Unit tests, KATs
+
+
+
+- Documentation
+    - What to document
+    - How
+
+
+
+- Reviews
+    - Plan for them
+    - Who to ask
+
+
+
+- Tools
+    - Valgrind, Purify, linters
+
+
+
+Documentation
+-------------
+
+- Meetings
+    - Discussions, MoMs
+    - Decisiona - motivation
+
+
+
+    - Design
+    - Test and validation