From e18e5b3d2559f5f0395ffe79416cdca3abc89310 Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Sun, 14 Feb 2021 16:01:15 +0000 Subject: Start restructuring for Pelican --- markdown/Joachim%20Str%C3%B6mbergson.md | 336 -------------------------------- 1 file changed, 336 deletions(-) delete mode 100644 markdown/Joachim%20Str%C3%B6mbergson.md (limited to 'markdown/Joachim%20Str%C3%B6mbergson.md') diff --git a/markdown/Joachim%20Str%C3%B6mbergson.md b/markdown/Joachim%20Str%C3%B6mbergson.md deleted file mode 100644 index dcf0a94..0000000 --- a/markdown/Joachim%20Str%C3%B6mbergson.md +++ /dev/null @@ -1,336 +0,0 @@ -# Joachim Strömbergson -## Bio - - -## Current activities - -* Developing coretest - a core testing framework for FPGAs. -* Implementation of UART -* Verification of SHA-256 -* Verification of SHA-1 -* Implementation of AES-128 -* Design proposal for TRNG -* Design proposal for Curve25519 accelerator - - - -## Work Notes -### Presentations from meeting 2014-03-10 (updated and extended): - -* [browser:/doc/presentations/Cryptech_HW_status_2014-03-10.pdf "Cryptech HW status 2014-03-10"] -* [browser:/doc/presentations/Cryptech_TRNG_Ideas_2014-03-17.pdf "Cryptech TRNG Ideas 2014-03-17"] - - -### Open EDA Tools - -* http://torc-isi.sourceforge.net/index.php - Torc is an open-source C++ infrastructure and tool set for reconfigurable computing - - - -### Curve25519 -We need to create an accelerator or possibly a complete implementation of the Curve25519 EC based DH-excgange. We should be able to look at some previous work: - - -* http://eprint.iacr.org/2013/375 - NaCl on 8-Bit AVR Microcontrollers. Includes an iterative implementation of Curve25519 -* http://cryptojedi.org/crypto/index.shtml - The code to the implementation -* http://nacl.cr.yp.to/ - The main NaCl library by DJB. -* http://cr.yp.to/ecdh/curve25519-20060209.pdf - The Curve25519 paper by DJB. - - - -## Pre meeting notes - -### Stockholm 2013-12-05 - 2012-12-06 -Preparation notes for the OpenHSM meeting 2013-12-05 -- -2013-12-06. The notes contains topics, questions and ideas -I want to bring up, check and discuss on the meeting. - -Philosophy ----------- - -- How to build trust in the project? - - Total openess and transparency - - Traceability of decisions - - Focus on simple third party validation - - Partitioning of security functions - - - -Project goal ------------- - -- Low cost vs high performance - - - -- Scalability - - Functionality - - Performance - - Security - - - -- Target system - - Performance - - - - - Self contained, external - - USB, - - Ethernet - - - - - Integrated - - PCIe - - Mem module - - SD card - - - -- Target users - - Single user - - Enterprise - - - -- Roadmap and development plan - - Prototyp - första målplattform - - Establish first Use cases - - - -- Deliveries - - Proof of concept, prototype - - Self assembly and/or finished product - - Source code for SW, HW - - PCB - - Enclosures - - Development environment - - Test, validation environment - - Tool development - - - - - Time plan - - Start when - - Proto when - - v 1.0 when - - - - -Project management ------------------- - -- Status financing - - - -- Ownership - - - -- Oveerseeing board - - IETF, ISOC,... ? - - - -- Advisory board - - Reviewers, external experts - - FPGA key extract dude - - DJB - - - -- Team - - Addtiona competency needed? - - - -- Project security - - Communication - - ... - - - -Development general -------------------- - -- License(s) - - GPLv2, v3 - - BSD - - - -- Methodology - - Agile - - Minimal functionality in PoC - - Clear increments - - - -- Repository - - Github - - - -Technology ----------- - -- Target technologies - - FPGA (+ internal, external CPUs) - - ASIC - - Pure CPU based - - - -- Target PoC board - - Select one early - - - -- Toolchains and languages - - SW - - HW - - Verilog 2001, 2005, SystemVerilog - - Icarus, gplcver - - Vendor specific - - Validation of bitstream - - Edge of trust, dowm the Rabbit hole - - - -- Security support in design - - JTAG - - BIST for functionality - - BIST for security - - KATS - - - - - On-line self check - - RNG - - Pathological problems - - Stuck at fixed values - - variance - - bias - - - -- Reuse of existing design, code? - - Cores - OpenCores - - OpenRISC - - AES, SHA, RSA - - SoftHSM - DNSSEC PKCS#11 - - Nettle - - ... - - - -- On chip 32-bit or 64 bit CPU core - - OpenRISC - - LGPL - - http://openrisc.net/ - - http://opencores.org/or1k/Main_Page - - https://en.wikipedia.org/wiki/OpenRISC - - - -- RNG - - More than one entropy source - - Just external sources - - User/vendor/implemented supplied - - One external, one internal - - YubiHSM entropy source: https://www.yubico.com/products/yubihsm/ - - Haveged: http://www.issihosts.com/haveged/ - - DakaRand: http://dankaminsky.com/2012/08/15/dakarand/ - - Jytter a userspace RNG: http://www.chronox.de/ - - CPU Jitter RNG: http://www.chronox.de/ - - CSPRNG based on Linux, OpenBSD, Fortuna, NIST etc. - - NIST SP 800-90. CTR_DRBG - - Fortuna https://en.wikipedia.org/wiki/Fortuna_PRNG - - Schneier, Ferguson. No estimator needed. - - OpenBSD arc4random: http://www.openbsd.org/cgi-bin/man.cgi?query=arc4random&sektion=3 - - Raw read access in test mode to collected entropy pre whitening - - Write access in test mode to CSPRNG - - No key generation etc allowed during test mode. - - - -Technical requirements ----------------------- - -- Functional requirements - - TLS 1.x - - Need roadmap for functions - - AES, SHA-256, DH, RSA first iteration - - Why GOST? - - Why MD5? - - Curves supported? - - Curve25519 - - NIST, IEEE, RFC 4xxx - - - -- HW/SW partitioning - - Modularity - - - -- API - - DMA, buffering, formats - - PKCS#11 - - Observability and control - - - -- Security requirements - - Common Criteria - EAL - - FIPS 140-2 level 3-4 - - - -- Performance - - Operations/s - - Packets per second - - Latency - - - -Validaiton ----------- - -- Methodology - - Unit tests, KATs - - - -- Documentation - - What to document - - How - - - -- Reviews - - Plan for them - - Who to ask - - - -- Tools - - Valgrind, Purify, linters - - - -Documentation -------------- - -- Meetings - - Discussions, MoMs - - Decisiona - motivation - - - - - Design - - Test and validation -- cgit v1.2.3