diff options
Diffstat (limited to 'tracwiki/Joachim%20Str%C3%B6mbergson.trac')
-rw-r--r-- | tracwiki/Joachim%20Str%C3%B6mbergson.trac | 253 |
1 files changed, 0 insertions, 253 deletions
diff --git a/tracwiki/Joachim%20Str%C3%B6mbergson.trac b/tracwiki/Joachim%20Str%C3%B6mbergson.trac deleted file mode 100644 index 151b814..0000000 --- a/tracwiki/Joachim%20Str%C3%B6mbergson.trac +++ /dev/null @@ -1,253 +0,0 @@ -= Joachim Strömbergson =
-== Bio ==
-
-
-== Current activities ==
-* Developing coretest - a core testing framework for FPGAs.
-* Implementation of UART
-* Verification of SHA-256
-* Verification of SHA-1
-* Implementation of AES-128
-* Design proposal for TRNG
-* Design proposal for Curve25519 accelerator
-
-
-== Work Notes ==
-=== Presentations from meeting 2014-03-10 (updated and extended):
-* [browser:/doc/presentations/Cryptech_HW_status_2014-03-10.pdf "Cryptech HW status 2014-03-10"]
-* [browser:/doc/presentations/Cryptech_TRNG_Ideas_2014-03-17.pdf "Cryptech TRNG Ideas 2014-03-17"]
-
-=== Open EDA Tools ===
-* http://torc-isi.sourceforge.net/index.php - Torc is an open-source C++ infrastructure and tool set for reconfigurable computing
-
-
-=== Curve25519 ===
-We need to create an accelerator or possibly a complete implementation of the Curve25519 EC based DH-excgange. We should be able to look at some previous work:
-
-* http://eprint.iacr.org/2013/375 - NaCl on 8-Bit AVR Microcontrollers. Includes an iterative implementation of Curve25519
-* http://cryptojedi.org/crypto/index.shtml - The code to the implementation
-* http://nacl.cr.yp.to/ - The main NaCl library by DJB.
-* http://cr.yp.to/ecdh/curve25519-20060209.pdf - The Curve25519 paper by DJB.
-
-
-== Pre meeting notes ==
-
-=== Stockholm 2013-12-05 - 2012-12-06 ===
-Preparation notes for the OpenHSM meeting 2013-12-05 --
-2013-12-06. The notes contains topics, questions and ideas
-I want to bring up, check and discuss on the meeting.
-
-Philosophy
-----------
-- How to build trust in the project?
- - Total openess and transparency
- - Traceability of decisions
- - Focus on simple third party validation
- - Partitioning of security functions
-
-
-Project goal
-------------
-- Low cost vs high performance
-
-- Scalability
- - Functionality
- - Performance
- - Security
-
-- Target system
- - Performance
-
- - Self contained, external
- - USB,
- - Ethernet
-
- - Integrated
- - PCIe
- - Mem module
- - SD card
-
-- Target users
- - Single user
- - Enterprise
-
-- Roadmap and development plan
- - Prototyp - första målplattform
- - Establish first Use cases
-
-- Deliveries
- - Proof of concept, prototype
- - Self assembly and/or finished product
- - Source code for SW, HW
- - PCB
- - Enclosures
- - Development environment
- - Test, validation environment
- - Tool development
-
- - Time plan
- - Start when
- - Proto when
- - v 1.0 when
-
-
-
-Project management
-------------------
-- Status financing
-
-- Ownership
-
-- Oveerseeing board
- - IETF, ISOC,... ?
-
-- Advisory board
- - Reviewers, external experts
- - FPGA key extract dude
- - DJB
-
-- Team
- - Addtiona competency needed?
-
-- Project security
- - Communication
- - ...
-
-
-Development general
--------------------
-- License(s)
- - GPLv2, v3
- - BSD
-
-- Methodology
- - Agile
- - Minimal functionality in PoC
- - Clear increments
-
-- Repository
- - Github
-
-
-Technology
-----------
-- Target technologies
- - FPGA (+ internal, external CPUs)
- - ASIC
- - Pure CPU based
-
-- Target PoC board
- - Select one early
-
-- Toolchains and languages
- - SW
- - HW
- - Verilog 2001, 2005, SystemVerilog
- - Icarus, gplcver
- - Vendor specific
- - Validation of bitstream
- - Edge of trust, dowm the Rabbit hole
-
-- Security support in design
- - JTAG
- - BIST for functionality
- - BIST for security
- - KATS
-
- - On-line self check
- - RNG
- - Pathological problems
- - Stuck at fixed values
- - variance
- - bias
-
-- Reuse of existing design, code?
- - Cores - OpenCores
- - OpenRISC
- - AES, SHA, RSA
- - SoftHSM - DNSSEC PKCS#11
- - Nettle
- - ...
-
-- On chip 32-bit or 64 bit CPU core
- - OpenRISC
- - LGPL
- - http://openrisc.net/
- - http://opencores.org/or1k/Main_Page
- - https://en.wikipedia.org/wiki/OpenRISC
-
-- RNG
- - More than one entropy source
- - Just external sources
- - User/vendor/implemented supplied
- - One external, one internal
- - YubiHSM entropy source: https://www.yubico.com/products/yubihsm/
- - Haveged: http://www.issihosts.com/haveged/
- - DakaRand: http://dankaminsky.com/2012/08/15/dakarand/
- - Jytter a userspace RNG: http://www.chronox.de/
- - CPU Jitter RNG: http://www.chronox.de/
- - CSPRNG based on Linux, OpenBSD, Fortuna, NIST etc.
- - NIST SP 800-90. CTR_DRBG
- - Fortuna https://en.wikipedia.org/wiki/Fortuna_PRNG
- - Schneier, Ferguson. No estimator needed.
- - OpenBSD arc4random: http://www.openbsd.org/cgi-bin/man.cgi?query=arc4random&sektion=3
- - Raw read access in test mode to collected entropy pre whitening
- - Write access in test mode to CSPRNG
- - No key generation etc allowed during test mode.
-
-
-Technical requirements
-----------------------
-- Functional requirements
- - TLS 1.x
- - Need roadmap for functions
- - AES, SHA-256, DH, RSA first iteration
- - Why GOST?
- - Why MD5?
- - Curves supported?
- - Curve25519
- - NIST, IEEE, RFC 4xxx
-
-- HW/SW partitioning
- - Modularity
-
-- API
- - DMA, buffering, formats
- - PKCS#11
- - Observability and control
-
-- Security requirements
- - Common Criteria - EAL
- - FIPS 140-2 level 3-4
-
-- Performance
- - Operations/s
- - Packets per second
- - Latency
-
-
-Validaiton
-----------
-- Methodology
- - Unit tests, KATs
-
-- Documentation
- - What to document
- - How
-
-- Reviews
- - Plan for them
- - Who to ask
-
-- Tools
- - Valgrind, Purify, linters
-
-
-Documentation
--------------
-- Meetings
- - Discussions, MoMs
- - Decisiona - motivation
-
- - Design
- - Test and validation
|