summaryrefslogtreecommitdiff
path: root/tracwiki/OpenCryptoChip.trac
diff options
context:
space:
mode:
authorRob Austein <sra@hactrn.net>2021-02-14 16:01:15 +0000
committerRob Austein <sra@hactrn.net>2021-02-14 16:01:15 +0000
commite18e5b3d2559f5f0395ffe79416cdca3abc89310 (patch)
tree340bdc43c4bfa7bcc3c048eea4db848cabe470de /tracwiki/OpenCryptoChip.trac
parentad1cc0517983e599897929b4c94463bf2af78f7c (diff)
Start restructuring for Pelican
Diffstat (limited to 'tracwiki/OpenCryptoChip.trac')
-rw-r--r--tracwiki/OpenCryptoChip.trac143
1 files changed, 0 insertions, 143 deletions
diff --git a/tracwiki/OpenCryptoChip.trac b/tracwiki/OpenCryptoChip.trac
deleted file mode 100644
index d924ccf..0000000
--- a/tracwiki/OpenCryptoChip.trac
+++ /dev/null
@@ -1,143 +0,0 @@
-[[PageOutline]]
-
-= An Open Crypto Chip =
-
-== The Layer Cake Architecture Picture ==
-\\
-[[Image(layer-cake.jpg)]]
-
-\\
-\\
-== Use Cases ==
-* RPKI/DNSSEC Signing
-* Transport VPNs
-* Routers and TCP/AO
-* Email
-* Federations, Identity Systems, SSO etc
-* Password Stretching & HMAC:ing
-* PGP and SSH Keys on a Stick
-* High Quality Entropy Randomness
-* A Communications Terminal Doing One Thing Well, Like Jabber w/o X11
-* HSM for Pond, OTR identity keys, ssh private keys, etc. (i.e. key gen, store, import/export non X.509 packages)
-* Password management
-
-[[Image(cryptech venn.png)]]
-
-== Basic Functions of Crypto Chip ==
-* Key Generation
-* Key Storage
-* Key Wrap
-* Key Unwrap
-* Hash
-* Sign
-* M of N Sign
-* Verify Signature
-* Encrypt
-* Decrypt
-* KDFs, e.g. Password Stretching (a la PBKDF2)
-* Random (RO + noisy diode?)
-
-== Key wrapping ==
-We need to support key wrapping. Some pointers:
-
-- https://en.wikipedia.org/wiki/Key_Wrap
-- http://tools.ietf.org/html/rfc5297
-- http://csrc.nist.gov/groups/ST/toolkit/documents/kms/key-wrap.pdf
-- https://tools.ietf.org/html/rfc3394
-- https://tools.ietf.org/html/rfc5649
-
-
-== Things we Should Try To Do, Even if we Can't Do Them Perfectly ==
-* Tamper Protection (wipe on signal, suggest detectors, suggest potting features)
-* Side Channel Attack Reduction
-
-
-
-= Rough Cut at v0.01 Proof of Concept Feature Set =
-As a proof of concept, to validate as much as possible the assurance of the tools and methods, and as a demonstration of the project tools, team, and architecture, we have a [wiki:RoughV1 proposed version 0.01 product] as a proof of concept and a demonstration of the project tools, team, and architecture
-\\
-\\
-= Ongoing Decisions and Research =
-* Security Target Description
-* Performance Target(s)
-* Tool-Chain Investigation
-* Prototype Design
-* Testing / Assurance Methods for all Components
-* Verilog/RTL assurance, with open source and with proprietary
-* Prototyping Platform(s)
-* Documentation, Decision History, & Transparency
-\\
-\\
-
-= Ongoing Development =
-* [wiki:SunetInitialDevelopment "SUNET is sponsoring the first two development steps"] currently being done.
-* [wiki:TRNGDevelopment " Investigation and planning of a TRNG with entropy sources"]
-* [wiki:EDAToolchainSurvey" Investigation of possible EDA tools and ways to do open and assured HW development"]
-* [wiki:SideChannel" Collection about side-channel attacks and detection, mitigation methods"]
-
-= v0.1 Major Sub-Projects =
-
-== Security Goals and Documentation ==
-* Agreement
-* Specification
-
-== Development Platform ==
-* The Bunnie laptop Novena. Includes a Xilinx Spartan 6 LX45 FPGHA. The specs, drivers, source for Novena can be found here: http://www.kosagi.com/w/index.php?title=Novena_Main_Page
-
-* TerasIC C5G Cyclone 5 GX Starter Kit. Includes an Altera C5GX FPGA. This board is used for core, subsystem development and verification. Info, documentation and ordering of the TerasIC board can be found here: http://www.terasic.com.tw/cgi-bin/page/archive.pl?Language=English&CategoryNo=167&No=830
-
-Here is a writeup on how to [wiki:CoretestHashesC5G "setup and run coretest_hashes on the C5G board"].
-
-* TerasIC DE0-Nano board. This tiny, USB powered board is used for core development and verification. Info, documentation, resources, ordering of the TerasIC board can be found here: http://www.terasic.com.tw/cgi-bin/page/archive.pl?Language=English&CategoryNo=139&No=593
-
-
-== Hardware Development Tools ==
-
-
-== Component Libraries ==
-* Research
-* Select
-* [wiki:InterconnectStandards "On-chip Interconnect Standards"] to use.
-
-== Methods and Validation ==
-* Overall Strategy
-* Following the Tool-Chain
-
-== Detailed Specification ==
-* Feature Set
-
-== QA & Documentation ==
-
-== !Green/Yellow Software Support ==
-* Spec / ABI
-* Development
-* Documentationa and Testing
-
-== Assured Linux Platform ==
-* DDC Compiler
-* System Build
-* Minimal Component Set
-
-= v0.1 Project Timeline =
-
-== February 2014 ==
-* Specification of v0.1 Goals and Feature Set
-* Security Goals & Documentation Outline
-
-== July 2014 ==
-* SHA & AES
-
-== September 2014 ==
-* TRNG
-* Assured Linux Platform - Initial Report
-
-== November 2014 ==
-* Security Goals & Documentation Overall and v0.1
-* RSA Signing on Bunnie Board
-* Assured Linux Platform - Compiler
-
-== March 2015 ==
-* v0.1 Protoype
-
-= Future Development =
-The v0.1 version of CrypTech is not the last version nor the only possible version. The project for example consider possible [wiki:ASICImplementations "ASIC Implementations"]. \ No newline at end of file