aboutsummaryrefslogblamecommitdiff
path: root/content/SunetInitialDevelopment.md
blob: 8e65b93fb2363d9166e20e5dc70a3d06c90a6f34 (plain) (tree)
1
2
3
4
5
6
7
8
9
10
11
                             
                                              
                      
 
 





                                                                       
                                      




                                                                               
                                                                    


               
 
                                                                  




                        



                                                                   


                                         
 



                                                               



 
                                                                     



                                                                      
 
                                                           


 
                                        


 



                                                                             




                                 







                                                                                            


 
                                                                 


 
                                                      




                        
                                   


 
                                                 


 
                                          


 
                                   


 
                                


 
              


 
                                           


 
                                    


 
                           


 
                          


 
                           


 
                                                    


 
                                       


 
                                     

   

Slug: SunetInitialDevelopment Title: Planning for SUNET funded Cryptech Work Date: 2016-12-15 22:43

The following documents the first two development steps in Cryptech funded by SUNET. The development is being done by Joachim Strömbergson from Secworks AB.

Step one (Deadline 2014-02-28)

  • Acquire a FPGA development platform.

DONE. We have a Terasic DE0 board and a Terasic Cyclone V GX starter kit board.

  • Create a working development and verification flow from RTL design downto FPGA.

  • Verify the functionality of the SHA-256 core in a physical FPGA.

Actions for step one

  • Select FPGA development board to acquire

    • Large enough to test sub systems and possibly a complete HSM.
    • Good external interfaces for communication with host systems.
    • Good external interfaces to entropy sources, memories, GPIO. Arduino Shields would be good.
  • Create a survey on interconnect standards usable for Cryptech

    • Availability and market share/usage in third party cores.
    • License
    • Technical details - Bus, fabric, performance etc.
  • Create base coretest functionality to allow testing of cores in the FPGA on the development board. Read and write access to registers over a known communication channel.

  • Verify the development flow from Verilog RTL downto FPGA.

  • Verifiera SHA-256 core using coretest.

  • Start FPGA tool survey

    • What is available as open tools and what is the status.
    • What is available as open tools from the vendors.
    • Talk to people in the industry to get their views on an open toolchain.

Step two (Deadline 2014-03-31)

  • Produce first draft of design proposal to the Cryptech True Random Number Generator (TRNG)

    • Security target, security model and assumptions
    • Structure, architecture
    • API
    • Functionality
    • Online test system
    • Verification model
    • First two entropy sources
  • Complete SHA-1 core. Including functional verification in FPGA.

  • First draft of SHA-256 and SHA-1 core documentation.

Actions for step two

  • Create template for documentation

  • Collect info on known TRNGs and TRNG strategies

  • Collect info on online tests being used.

  • Create proposal for architecture.

  • Write implementation proposal.

  • Specify API.

  • Write security target and security model.

  • Write assumptions and limitations.

  • Write verification model.

  • Finalize SHA-1 core RTl.

  • Build SHA-1 core in FPGA.

  • Verify SHA-1 functionality in FPGA using coretest.

  • Write documentation for SHA-256 core.

  • Write documentation for SHA-1 core.