Title: SunetInitialDevelopment
Author: trac
Date: 2016-12-15 22:43
The following documents the first two development steps in Cryptech
funded by SUNET. The development is being done by Joachim Strömbergson
from Secworks AB.
- Acquire a FPGA development platform.
DONE. We have a Terasic DE0 board and a Terasic Cyclone V GX starter kit board.
- Create a working development and verification flow from RTL design
downto FPGA.
- Verify the functionality of the SHA-256 core in a physical FPGA.
- Select FPGA development board to acquire
- Large enough to test sub systems and possibly a complete HSM.
- Good external interfaces for communication with host systems.
- Good external interfaces to entropy sources, memories,
GPIO. Arduino Shields would be good.
- Create a survey on interconnect standards usable for Cryptech
- Availability and market share/usage in third party cores.
- License
- Technical details - Bus, fabric, performance etc.
- Create base coretest functionality to allow testing of cores in the
FPGA on the development board. Read and write access to registers
over a known communication channel.
- Verify the development flow from Verilog RTL downto FPGA.
- Verifiera SHA-256 core using coretest.
- Start FPGA tool survey
- What is available as open tools and what is the status.
- What is available as open tools from the vendors.
- Talk to people in the industry to get their views on an open toolchain.
- Produce first draft of design proposal to the Cryptech True Random Number Generator (TRNG)
- Security target, security model and assumptions
- Structure, architecture
- API
- Functionality
- Online test system
- Verification model
- First two entropy sources
- Complete SHA-1 core. Including functional verification in FPGA.
- First draft of SHA-256 and SHA-1 core documentation.
- Create template for documentation
- Collect info on known TRNGs and TRNG strategies
- Collect info on online tests being used.
- Create proposal for architecture.
- Write implementation proposal.
- Specify API.
- Write security target and security model.
- Write assumptions and limitations.
- Write verification model.
- Finalize SHA-1 core RTl.
- Build SHA-1 core in FPGA.
- Verify SHA-1 functionality in FPGA using coretest.
- Write documentation for SHA-256 core.
- Write documentation for SHA-1 core.