summaryrefslogtreecommitdiff
path: root/raw-wiki-dump/GitRepositories%2Fcore%2Futil%2Fmkmif
diff options
context:
space:
mode:
authorRob Austein <sra@hactrn.net>2020-09-13 23:04:30 +0000
committerRob Austein <sra@hactrn.net>2020-09-13 23:04:30 +0000
commitb092ffbcbe2c9398494f7dc9db6f0796971633e0 (patch)
tree6fabf690f1ebf485a9fea9af5298e44ad2a59a3e /raw-wiki-dump/GitRepositories%2Fcore%2Futil%2Fmkmif
parent9d927e49d9c10fc16c6dfa4a2a96cdb6216e4e2b (diff)
Import Cryptech wiki dump
Diffstat (limited to 'raw-wiki-dump/GitRepositories%2Fcore%2Futil%2Fmkmif')
-rw-r--r--raw-wiki-dump/GitRepositories%2Fcore%2Futil%2Fmkmif131
1 files changed, 131 insertions, 0 deletions
diff --git a/raw-wiki-dump/GitRepositories%2Fcore%2Futil%2Fmkmif b/raw-wiki-dump/GitRepositories%2Fcore%2Futil%2Fmkmif
new file mode 100644
index 0000000..b109e97
--- /dev/null
+++ b/raw-wiki-dump/GitRepositories%2Fcore%2Futil%2Fmkmif
@@ -0,0 +1,131 @@
+{{{
+#!htmlcomment
+
+This page is maintained automatically by a script. Don't modify this page by hand,
+your changes will just be overwritten the next time the script runs. Talk to your
+Friendly Neighborhood Repository Maintainer if you need to change something here.
+
+}}}
+
+{{{
+#!html
+<h1>Master Key Memory Interface</h1>
+
+<p>This core provides a 32-bit interface to a master key memory (MKM)
+implemented using an external volatile memory. The memory targeted is
+<a href="https://www.microchip.com/wwwproducts/en/23K640">Microchip 23K640</a>, a
+serial SRAM with a SPI interface.</p>
+
+<h2>Purpose and Functionality</h2>
+
+<p>The Master Key Memory is where a cryptographic master key is stored. The
+key is used (for example) to cryptographically wrap other keys and
+secrets. By wiping the MKM and thus the master key, the wrapped secrets
+are protected against leakage to a local attacker that physically breaks
+an active tamper detect shield.</p>
+
+<p>The core will in future versions provide functionality to autonomously
+protect against memory remanence effects by rotating bits in stored data,
+and moving data to different addresses in the external memory. The core
+will also be able to autonomously zeroise the memory when given an alarm
+signal.</p>
+
+<p>The current version however simply provides an interface to the slower,
+serial memory including initializing the memory in the correct mode. The
+core supports three commands: read word, write word, and initialize
+memory.</p>
+
+<h2>Limitations</h2>
+
+<p>The SPI clock is generated by the core clock (clk) divided by the
+SPI clock divisor * 2 (the divisor is the half period in cycles). The
+default divisor is set to generate an SPI clock of less than 1 MHz when
+the core clock is 50 MHz. For other speeds and other
+core frequencies, the divisor will have to be adjusted.</p>
+
+<p>The core will only read and write complete 32-bit words.</p>
+
+<p>Commands given while the core is performing a read, write or
+initialization operation will silently be ignored.</p>
+
+<h2>Implementation</h2>
+
+<p>The implementation is divided into three parts:</p>
+
+<ul>
+<li><p>A SPI interface able to transmit a given number of bits at a given SPI
+clock rate. Data received are simultaneously collected and provided as
+read data. The SPI interface also generates the SPI clock and chip
+enable.</p></li>
+<li><p>A Microchip-specific command handler that sends the read, write, and
+init commands to the memory using the SPI interface.</p></li>
+<li><p>An API interface that provides the ability to configure the SPI clock
+speed, set the address to read or write, and data access.</p></li>
+</ul>
+
+<p>The current implementation will initiate the Microchip memory directly
+after reset and set the memory in sequential mode. This means that it
+would actually be possible to write a stream of data to the memory, but
+since the API only handles a single 32-bit word, the mode is only used
+to remove the need to update the address between bytes.</p>
+
+<h3>Implementation Results</h3>
+
+<p><strong>Altera Cyclone IV E</strong></p>
+
+<ul>
+<li>Registers: 212</li>
+<li>Logic Elements: 289</li>
+<li>Fmax: 250 MHz</li>
+</ul>
+
+<p><strong>Altera Cyclone V</strong></p>
+
+<ul>
+<li>Registers: 221</li>
+<li>ALMs: 113</li>
+<li>Fmax: 194 MHz</li>
+</ul>
+
+<p><strong>Xilinx Spartan 6</strong></p>
+
+<ul>
+<li>Slice Registers: 206</li>
+<li>Slice LUTs: 185</li>
+<li>Fmax: 200 MHz</li>
+</ul>
+
+<p><strong>Xilinx Artix 7</strong></p>
+
+<ul>
+<li>Slice Registers: 205</li>
+<li>Slice LUTs: 176</li>
+<li>Fmax: 383 MHz</li>
+</ul>
+
+<h2>Status</h2>
+
+<p><strong>(2016-05-10)</strong></p>
+
+<p>The core has now been verified in a Xilinx Spartan-6 FPGA and the target
+Microchip memory connected to the FPGA memory. Read and write access has
+successfully been performed with SPI clock speeds from 300 Hz to 10 MHz.</p>
+
+<p><strong>(2016-05-02)</strong></p>
+
+<p>Functional development completed. Simulation based debugging
+completed. Built design for both Altera and Xilinx FPGAs.</p>
+
+<p><strong>(2016-04-25)</strong></p>
+
+<p>Refactored core into top_-, core- and spi-modules. Made the design much
+simpler. First implementation almost completed.</p>
+
+<p><strong>(2016-04-21)</strong></p>
+
+<p>Core implementation started.</p>
+}}}
+
+[[RepositoryIndex(format=table,glob=core/util/mkmif)]]
+
+|| Clone `https://git.cryptech.is/core/util/mkmif.git` ||