path: root/markdown/Joachim%20Str%C3%B6mbergson.md

   
Joachim Strömbergson
Bio
Current activities

Developing coretest - a core testing framework for FPGAs.
Implementation of UART
Verification of SHA-256
Verification of SHA-1
Implementation of AES-128
Design proposal for TRNG
Design proposal for Curve25519 accelerator

Work Notes
Presentations from meeting 2014-03-10 (updated and extended):

[browser:/doc/presentations/Cryptech_HW_status_2014-03-10.pdf "Cryptech HW status 2014-03-10"]
[browser:/doc/presentations/Cryptech_TRNG_Ideas_2014-03-17.pdf "Cryptech TRNG Ideas 2014-03-17"]

Open EDA Tools

http://torc-isi.sourceforge.net/index.php - Torc is an open-source C++ infrastructure and tool set for reconfigurable computing

Curve25519
We need to create an accelerator or possibly a complete implementation of the Curve25519 EC based DH-excgange.  We should be able to look at some previous work:

http://eprint.iacr.org/2013/375 - NaCl on 8-Bit AVR Microcontrollers. Includes an iterative implementation of Curve25519
http://cryptojedi.org/crypto/index.shtml - The code to the implementation
http://nacl.cr.yp.to/ - The main NaCl library by DJB.
http://cr.yp.to/ecdh/curve25519-20060209.pdf - The Curve25519 paper by DJB.

Pre meeting notes
Stockholm 2013-12-05 - 2012-12-06
Preparation notes for the OpenHSM meeting 2013-12-05 --
2013-12-06. The notes contains topics, questions and ideas
I want to bring up, check and discuss on the meeting.
Philosophy

How to build trust in the project?

Total openess and transparency
Traceability of decisions
Focus on simple third party validation
Partitioning of security functions



Project goal


Low cost vs high performance


Scalability

Functionality
Performance
Security



Target system


Performance


Self contained, external

USB,
Ethernet



Integrated

PCIe
Mem module
SD card





Target users

Single user
Enterprise



Roadmap and development plan

Prototyp - första målplattform
Establish first Use cases



Deliveries

Proof of concept, prototype
Self assembly and/or finished product
Source code for SW, HW
PCB
Enclosures
Development environment
Test, validation environment

Tool development


Time plan

Start when
Proto when
v 1.0 when





Project management


Status financing


Ownership


Oveerseeing board

IETF, ISOC,... ?



Advisory board

Reviewers, external experts

FPGA key extract dude
DJB





Team

Addtiona competency needed?



Project security

Communication
...



Development general


License(s)

GPLv2, v3
BSD



Methodology

Agile
Minimal functionality in PoC
Clear increments



Repository

Github



Technology


Target technologies

FPGA (+ internal, external CPUs)
ASIC
Pure CPU based



Target PoC board

Select one early



Toolchains and languages

SW
HW

Verilog 2001, 2005, SystemVerilog
Icarus, gplcver
Vendor specific
Validation of bitstream

Edge of trust, dowm the Rabbit hole







Security support in design

JTAG
BIST for functionality

BIST for security

KATS



On-line self check

RNG

Pathological problems

Stuck at fixed values
variance
bias









Reuse of existing design, code?

Cores - OpenCores

OpenRISC
AES, SHA, RSA


SoftHSM - DNSSEC PKCS#11
Nettle
...



On chip 32-bit or 64 bit CPU core

OpenRISC

LGPL
http://openrisc.net/
http://opencores.org/or1k/Main_Page
https://en.wikipedia.org/wiki/OpenRISC





RNG

More than one entropy source

Just external sources

User/vendor/implemented supplied


One external, one internal

YubiHSM entropy source: https://www.yubico.com/products/yubihsm/
Haveged: http://www.issihosts.com/haveged/
DakaRand: http://dankaminsky.com/2012/08/15/dakarand/
Jytter a userspace RNG: http://www.chronox.de/
CPU Jitter RNG: http://www.chronox.de/


CSPRNG based on Linux, OpenBSD, Fortuna, NIST etc.

NIST SP 800-90. CTR_DRBG
Fortuna https://en.wikipedia.org/wiki/Fortuna_PRNG

Schneier, Ferguson. No estimator needed.


OpenBSD arc4random: http://www.openbsd.org/cgi-bin/man.cgi?query=arc4random&sektion=3


Raw read access in test mode to collected entropy pre whitening
Write access in test mode to CSPRNG
No key generation etc allowed during test mode.





Technical requirements


Functional requirements

TLS 1.x
Need roadmap for functions

AES, SHA-256, DH, RSA first iteration


Why GOST?
Why MD5?
Curves supported?

Curve25519
NIST, IEEE, RFC 4xxx





HW/SW partitioning

Modularity



API

DMA, buffering, formats
PKCS#11
Observability and control



Security requirements

Common Criteria - EAL
FIPS 140-2 level 3-4



Performance

Operations/s
Packets per second
Latency



Validaiton


Methodology

Unit tests, KATs



Documentation

What to document
How



Reviews

Plan for them
Who to ask



Tools

Valgrind, Purify, linters



Documentation


Meetings

Discussions, MoMs

Decisiona - motivation


Design

Test and validation