From e18e5b3d2559f5f0395ffe79416cdca3abc89310 Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Sun, 14 Feb 2021 16:01:15 +0000 Subject: Start restructuring for Pelican --- tracwiki/Joachim%20Str%C3%B6mbergson.trac | 253 ------------------------------ 1 file changed, 253 deletions(-) delete mode 100644 tracwiki/Joachim%20Str%C3%B6mbergson.trac (limited to 'tracwiki/Joachim%20Str%C3%B6mbergson.trac') diff --git a/tracwiki/Joachim%20Str%C3%B6mbergson.trac b/tracwiki/Joachim%20Str%C3%B6mbergson.trac deleted file mode 100644 index 151b814..0000000 --- a/tracwiki/Joachim%20Str%C3%B6mbergson.trac +++ /dev/null @@ -1,253 +0,0 @@ -= Joachim Strömbergson = -== Bio == - - -== Current activities == -* Developing coretest - a core testing framework for FPGAs. -* Implementation of UART -* Verification of SHA-256 -* Verification of SHA-1 -* Implementation of AES-128 -* Design proposal for TRNG -* Design proposal for Curve25519 accelerator - - -== Work Notes == -=== Presentations from meeting 2014-03-10 (updated and extended): -* [browser:/doc/presentations/Cryptech_HW_status_2014-03-10.pdf "Cryptech HW status 2014-03-10"] -* [browser:/doc/presentations/Cryptech_TRNG_Ideas_2014-03-17.pdf "Cryptech TRNG Ideas 2014-03-17"] - -=== Open EDA Tools === -* http://torc-isi.sourceforge.net/index.php - Torc is an open-source C++ infrastructure and tool set for reconfigurable computing - - -=== Curve25519 === -We need to create an accelerator or possibly a complete implementation of the Curve25519 EC based DH-excgange. We should be able to look at some previous work: - -* http://eprint.iacr.org/2013/375 - NaCl on 8-Bit AVR Microcontrollers. Includes an iterative implementation of Curve25519 -* http://cryptojedi.org/crypto/index.shtml - The code to the implementation -* http://nacl.cr.yp.to/ - The main NaCl library by DJB. -* http://cr.yp.to/ecdh/curve25519-20060209.pdf - The Curve25519 paper by DJB. - - -== Pre meeting notes == - -=== Stockholm 2013-12-05 - 2012-12-06 === -Preparation notes for the OpenHSM meeting 2013-12-05 -- -2013-12-06. The notes contains topics, questions and ideas -I want to bring up, check and discuss on the meeting. - -Philosophy ----------- -- How to build trust in the project? - - Total openess and transparency - - Traceability of decisions - - Focus on simple third party validation - - Partitioning of security functions - - -Project goal ------------- -- Low cost vs high performance - -- Scalability - - Functionality - - Performance - - Security - -- Target system - - Performance - - - Self contained, external - - USB, - - Ethernet - - - Integrated - - PCIe - - Mem module - - SD card - -- Target users - - Single user - - Enterprise - -- Roadmap and development plan - - Prototyp - första målplattform - - Establish first Use cases - -- Deliveries - - Proof of concept, prototype - - Self assembly and/or finished product - - Source code for SW, HW - - PCB - - Enclosures - - Development environment - - Test, validation environment - - Tool development - - - Time plan - - Start when - - Proto when - - v 1.0 when - - - -Project management ------------------- -- Status financing - -- Ownership - -- Oveerseeing board - - IETF, ISOC,... ? - -- Advisory board - - Reviewers, external experts - - FPGA key extract dude - - DJB - -- Team - - Addtiona competency needed? - -- Project security - - Communication - - ... - - -Development general -------------------- -- License(s) - - GPLv2, v3 - - BSD - -- Methodology - - Agile - - Minimal functionality in PoC - - Clear increments - -- Repository - - Github - - -Technology ----------- -- Target technologies - - FPGA (+ internal, external CPUs) - - ASIC - - Pure CPU based - -- Target PoC board - - Select one early - -- Toolchains and languages - - SW - - HW - - Verilog 2001, 2005, SystemVerilog - - Icarus, gplcver - - Vendor specific - - Validation of bitstream - - Edge of trust, dowm the Rabbit hole - -- Security support in design - - JTAG - - BIST for functionality - - BIST for security - - KATS - - - On-line self check - - RNG - - Pathological problems - - Stuck at fixed values - - variance - - bias - -- Reuse of existing design, code? - - Cores - OpenCores - - OpenRISC - - AES, SHA, RSA - - SoftHSM - DNSSEC PKCS#11 - - Nettle - - ... - -- On chip 32-bit or 64 bit CPU core - - OpenRISC - - LGPL - - http://openrisc.net/ - - http://opencores.org/or1k/Main_Page - - https://en.wikipedia.org/wiki/OpenRISC - -- RNG - - More than one entropy source - - Just external sources - - User/vendor/implemented supplied - - One external, one internal - - YubiHSM entropy source: https://www.yubico.com/products/yubihsm/ - - Haveged: http://www.issihosts.com/haveged/ - - DakaRand: http://dankaminsky.com/2012/08/15/dakarand/ - - Jytter a userspace RNG: http://www.chronox.de/ - - CPU Jitter RNG: http://www.chronox.de/ - - CSPRNG based on Linux, OpenBSD, Fortuna, NIST etc. - - NIST SP 800-90. CTR_DRBG - - Fortuna https://en.wikipedia.org/wiki/Fortuna_PRNG - - Schneier, Ferguson. No estimator needed. - - OpenBSD arc4random: http://www.openbsd.org/cgi-bin/man.cgi?query=arc4random&sektion=3 - - Raw read access in test mode to collected entropy pre whitening - - Write access in test mode to CSPRNG - - No key generation etc allowed during test mode. - - -Technical requirements ----------------------- -- Functional requirements - - TLS 1.x - - Need roadmap for functions - - AES, SHA-256, DH, RSA first iteration - - Why GOST? - - Why MD5? - - Curves supported? - - Curve25519 - - NIST, IEEE, RFC 4xxx - -- HW/SW partitioning - - Modularity - -- API - - DMA, buffering, formats - - PKCS#11 - - Observability and control - -- Security requirements - - Common Criteria - EAL - - FIPS 140-2 level 3-4 - -- Performance - - Operations/s - - Packets per second - - Latency - - -Validaiton ----------- -- Methodology - - Unit tests, KATs - -- Documentation - - What to document - - How - -- Reviews - - Plan for them - - Who to ask - -- Tools - - Valgrind, Purify, linters - - -Documentation -------------- -- Meetings - - Discussions, MoMs - - Decisiona - motivation - - - Design - - Test and validation -- cgit v1.2.3