summaryrefslogtreecommitdiff
path: root/wiki/SunetInitialDevelopment.trac
blob: 3626c33691f2086ce90196bbb0d05a0949d9a36b (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
= Planning for SUNET funded Cryptech Work =
The following documents the first two development steps in Cryptech
funded by SUNET. The development is being done by Joachim Strömbergson
from Secworks AB.

== Step one (Deadline 2014-02-28) ==
 - Acquire a FPGA development platform.
DONE. We have a Terasic DE0 board and a Terasic Cyclone V GX starter kit board.


 - Create a working development and verification flow from RTL design
   downto FPGA.

 - Verify the functionality of the SHA-256 core in a physical FPGA.


=== Actions for step one ===
 - Select FPGA development board to acquire
   - Large enough to test sub systems and possibly a complete HSM.
   - Good external interfaces for communication with host systems.
   - Good external interfaces to entropy sources, memories,
     GPIO. Arduino Shields would be good.
   
   - Create a survey on interconnect standards usable for Cryptech
     - Availability and market share/usage in third party cores.
     - License
     - Technical details - Bus, fabric, performance etc.


   - Create base coretest functionality to allow testing of cores in the
     FPGA on the development board. Read and write access to registers
     over a known communication channel.

   - Verify the development flow from Verilog RTL downto FPGA.

   - Verifiera SHA-256 core using coretest.

   - Start FPGA tool survey
     - What is available as open tools and what is the status.
     - What is available as open tools from the vendors.
     - Talk to people in the industry to get their views on an open toolchain.


== Step two (Deadline 2014-03-31) ==
  - Produce first draft of design proposal to the Cryptech True Random Number Generator (TRNG)
    - Security target, security model and assumptions    
    - Structure, architecture
    - API
    - Functionality
    - Online test system
    - Verification model
    - First two entropy sources

  - Complete SHA-1 core. Including functional verification in FPGA.

  - First draft of SHA-256 and SHA-1 core documentation.


=== Actions for step two ===
  - Create template for documentation

  - Collect info on known TRNGs and TRNG strategies

  - Collect info on online tests being used.

  - Create proposal for architecture.

  - Write implementation proposal.

  - Specify API.

  - Write security target and security model.

  - Write assumptions and limitations.

  - Write verification model.

  - Finalize SHA-1 core RTl.

  - Build SHA-1 core in FPGA.

  - Verify SHA-1 functionality in FPGA using coretest.

  - Write documentation for SHA-256 core.

  - Write documentation for SHA-1 core.