path: root/content/SunetInitialDevelopment.md

   
Title: Planning for SUNET funded Cryptech Work
Date: 2016-12-15 22:43
The following documents the first two development steps in Cryptech
funded by SUNET. The development is being done by Joachim Strömbergson
from Secworks AB.
Step one (Deadline 2014-02-28)

Acquire a FPGA development platform.

DONE. We have a Terasic DE0 board and a Terasic Cyclone V GX starter kit board.


Create a working development and verification flow from RTL design
   downto FPGA.


Verify the functionality of the SHA-256 core in a physical FPGA.


Actions for step one


Select FPGA development board to acquire

Large enough to test sub systems and possibly a complete HSM.
Good external interfaces for communication with host systems.
Good external interfaces to entropy sources, memories,
 GPIO. Arduino Shields would be good.



Create a survey on interconnect standards usable for Cryptech

Availability and market share/usage in third party cores.
License
Technical details - Bus, fabric, performance etc.



Create base coretest functionality to allow testing of cores in the
     FPGA on the development board. Read and write access to registers
     over a known communication channel.


Verify the development flow from Verilog RTL downto FPGA.


Verifiera SHA-256 core using coretest.


Start FPGA tool survey

What is available as open tools and what is the status.
What is available as open tools from the vendors.
Talk to people in the industry to get their views on an open toolchain.



Step two (Deadline 2014-03-31)


Produce first draft of design proposal to the Cryptech True Random Number Generator (TRNG)

Security target, security model and assumptions
Structure, architecture
API
Functionality
Online test system
Verification model
First two entropy sources



Complete SHA-1 core. Including functional verification in FPGA.


First draft of SHA-256 and SHA-1 core documentation.


Actions for step two


Create template for documentation


Collect info on known TRNGs and TRNG strategies


Collect info on online tests being used.


Create proposal for architecture.


Write implementation proposal.


Specify API.


Write security target and security model.


Write assumptions and limitations.


Write verification model.


Finalize SHA-1 core RTl.


Build SHA-1 core in FPGA.


Verify SHA-1 functionality in FPGA using coretest.


Write documentation for SHA-256 core.


Write documentation for SHA-1 core.