diff options
Diffstat (limited to 'raw-wiki-dump/GitRepositories%2Fcore%2Futil%2Fmkmif')
-rw-r--r-- | raw-wiki-dump/GitRepositories%2Fcore%2Futil%2Fmkmif | 131 |
1 files changed, 131 insertions, 0 deletions
diff --git a/raw-wiki-dump/GitRepositories%2Fcore%2Futil%2Fmkmif b/raw-wiki-dump/GitRepositories%2Fcore%2Futil%2Fmkmif new file mode 100644 index 0000000..b109e97 --- /dev/null +++ b/raw-wiki-dump/GitRepositories%2Fcore%2Futil%2Fmkmif @@ -0,0 +1,131 @@ +{{{ +#!htmlcomment + +This page is maintained automatically by a script. Don't modify this page by hand, +your changes will just be overwritten the next time the script runs. Talk to your +Friendly Neighborhood Repository Maintainer if you need to change something here. + +}}} + +{{{ +#!html +<h1>Master Key Memory Interface</h1> + +<p>This core provides a 32-bit interface to a master key memory (MKM) +implemented using an external volatile memory. The memory targeted is +<a href="https://www.microchip.com/wwwproducts/en/23K640">Microchip 23K640</a>, a +serial SRAM with a SPI interface.</p> + +<h2>Purpose and Functionality</h2> + +<p>The Master Key Memory is where a cryptographic master key is stored. The +key is used (for example) to cryptographically wrap other keys and +secrets. By wiping the MKM and thus the master key, the wrapped secrets +are protected against leakage to a local attacker that physically breaks +an active tamper detect shield.</p> + +<p>The core will in future versions provide functionality to autonomously +protect against memory remanence effects by rotating bits in stored data, +and moving data to different addresses in the external memory. The core +will also be able to autonomously zeroise the memory when given an alarm +signal.</p> + +<p>The current version however simply provides an interface to the slower, +serial memory including initializing the memory in the correct mode. The +core supports three commands: read word, write word, and initialize +memory.</p> + +<h2>Limitations</h2> + +<p>The SPI clock is generated by the core clock (clk) divided by the +SPI clock divisor * 2 (the divisor is the half period in cycles). The +default divisor is set to generate an SPI clock of less than 1 MHz when +the core clock is 50 MHz. For other speeds and other +core frequencies, the divisor will have to be adjusted.</p> + +<p>The core will only read and write complete 32-bit words.</p> + +<p>Commands given while the core is performing a read, write or +initialization operation will silently be ignored.</p> + +<h2>Implementation</h2> + +<p>The implementation is divided into three parts:</p> + +<ul> +<li><p>A SPI interface able to transmit a given number of bits at a given SPI +clock rate. Data received are simultaneously collected and provided as +read data. The SPI interface also generates the SPI clock and chip +enable.</p></li> +<li><p>A Microchip-specific command handler that sends the read, write, and +init commands to the memory using the SPI interface.</p></li> +<li><p>An API interface that provides the ability to configure the SPI clock +speed, set the address to read or write, and data access.</p></li> +</ul> + +<p>The current implementation will initiate the Microchip memory directly +after reset and set the memory in sequential mode. This means that it +would actually be possible to write a stream of data to the memory, but +since the API only handles a single 32-bit word, the mode is only used +to remove the need to update the address between bytes.</p> + +<h3>Implementation Results</h3> + +<p><strong>Altera Cyclone IV E</strong></p> + +<ul> +<li>Registers: 212</li> +<li>Logic Elements: 289</li> +<li>Fmax: 250 MHz</li> +</ul> + +<p><strong>Altera Cyclone V</strong></p> + +<ul> +<li>Registers: 221</li> +<li>ALMs: 113</li> +<li>Fmax: 194 MHz</li> +</ul> + +<p><strong>Xilinx Spartan 6</strong></p> + +<ul> +<li>Slice Registers: 206</li> +<li>Slice LUTs: 185</li> +<li>Fmax: 200 MHz</li> +</ul> + +<p><strong>Xilinx Artix 7</strong></p> + +<ul> +<li>Slice Registers: 205</li> +<li>Slice LUTs: 176</li> +<li>Fmax: 383 MHz</li> +</ul> + +<h2>Status</h2> + +<p><strong>(2016-05-10)</strong></p> + +<p>The core has now been verified in a Xilinx Spartan-6 FPGA and the target +Microchip memory connected to the FPGA memory. Read and write access has +successfully been performed with SPI clock speeds from 300 Hz to 10 MHz.</p> + +<p><strong>(2016-05-02)</strong></p> + +<p>Functional development completed. Simulation based debugging +completed. Built design for both Altera and Xilinx FPGAs.</p> + +<p><strong>(2016-04-25)</strong></p> + +<p>Refactored core into top_-, core- and spi-modules. Made the design much +simpler. First implementation almost completed.</p> + +<p><strong>(2016-04-21)</strong></p> + +<p>Core implementation started.</p> +}}} + +[[RepositoryIndex(format=table,glob=core/util/mkmif)]] + +|| Clone `https://git.cryptech.is/core/util/mkmif.git` || |