blob: 3626c33691f2086ce90196bbb0d05a0949d9a36b (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
|
= Planning for SUNET funded Cryptech Work =
The following documents the first two development steps in Cryptech
funded by SUNET. The development is being done by Joachim Strömbergson
from Secworks AB.
== Step one (Deadline 2014-02-28) ==
- Acquire a FPGA development platform.
DONE. We have a Terasic DE0 board and a Terasic Cyclone V GX starter kit board.
- Create a working development and verification flow from RTL design
downto FPGA.
- Verify the functionality of the SHA-256 core in a physical FPGA.
=== Actions for step one ===
- Select FPGA development board to acquire
- Large enough to test sub systems and possibly a complete HSM.
- Good external interfaces for communication with host systems.
- Good external interfaces to entropy sources, memories,
GPIO. Arduino Shields would be good.
- Create a survey on interconnect standards usable for Cryptech
- Availability and market share/usage in third party cores.
- License
- Technical details - Bus, fabric, performance etc.
- Create base coretest functionality to allow testing of cores in the
FPGA on the development board. Read and write access to registers
over a known communication channel.
- Verify the development flow from Verilog RTL downto FPGA.
- Verifiera SHA-256 core using coretest.
- Start FPGA tool survey
- What is available as open tools and what is the status.
- What is available as open tools from the vendors.
- Talk to people in the industry to get their views on an open toolchain.
== Step two (Deadline 2014-03-31) ==
- Produce first draft of design proposal to the Cryptech True Random Number Generator (TRNG)
- Security target, security model and assumptions
- Structure, architecture
- API
- Functionality
- Online test system
- Verification model
- First two entropy sources
- Complete SHA-1 core. Including functional verification in FPGA.
- First draft of SHA-256 and SHA-1 core documentation.
=== Actions for step two ===
- Create template for documentation
- Collect info on known TRNGs and TRNG strategies
- Collect info on online tests being used.
- Create proposal for architecture.
- Write implementation proposal.
- Specify API.
- Write security target and security model.
- Write assumptions and limitations.
- Write verification model.
- Finalize SHA-1 core RTl.
- Build SHA-1 core in FPGA.
- Verify SHA-1 functionality in FPGA using coretest.
- Write documentation for SHA-256 core.
- Write documentation for SHA-1 core.
|
