Slug: RoughV1 Title: Rough Cut at v0.01 Proof of Concept Feature Set Date: 2016-12-15 22:43 Modified: 2021-02-14 17:33 This is a proposed version 0.01 product as a proof of concept. The intent is not to have a very useful product, but rather to gain confidence in our architecture, tools, and team. The result is intended to be the basis for further development into a more useful second stage, in the sense of [agile development](https://en.wikipedia.org/wiki/Agile_software_development). It very intentionally is not a [waterfall design](https://en.wikipedia.org/wiki/Waterfall_model), The interface between the Green and Yellow layers is seen as an important design inflection. Some code will be in C in the Green (auxiliary core) because we can get it open source out of the can. for v.2 (or whatever) we would move it down to the FPGA in Verilog. ## FPGA Overview ![HW_sketch_v0001.png]({attach}/RoughV1/HW_sketch_v0001.png)

## Sketch of TRNG Chain ![HW_RNG.png]({attach}/RoughV1/HW_RNG.png)

## Off-FPGA * Persistent Storage * For Keys and Time * Or the battery for tamper wipe is big enough to hold the FPGA up * Or the Green processor has enough non-volatile store * Entropy Source * Realtime Clock * Tamper Mechanism ## Layers ``` #!html

Blue / FPGA

``` * TRNG * BigNumber, Modular, & Exponentiation (expose to green for RSA) * SHA-256 * AES-128 * EC for ECDH. Curve3617 would be nice, but whatever we can get open source to start * OpenRISC Core or ARM to support Green (maybe FreeScale from Bunnie) ``` #!html

Green / On-Chip Core

``` * RSA 2048 & 4096 (move to blue later) \[ 1024 for Tor? \] * MACs: HMAC, 1305, uMAC * DH (move to blue later) * Device Activation, Move Authorization, Wiping ``` #!html

Yellow / Off-Chip Support

``` * Interface to Red * PKCS#8 * PKCS#11 * PGP Support * X.509 and PGP * PKCS#11 for POLA resistance * No PKCS#10 because it will take a year * Backup may be just dump/restore of the whole FPGA/CoreState ``` #!html

Red / Applications

``` * X.509 CA * DNSSEC * PGP (asymmetric key sign/verify + symmetric message encryption/decryption) * Tor consensus(?) ## Issues in v0.01 * License of tool chain to build * License for borrowed components (open cores, open fpga) * License for result * What we build ourselves - BSD * What components we ship - life is compromise * Toolchains, Verilog, C, ... * FPGAs and ASICs use a Verilog-based toolchain. There are no mature open Verilog compilers so the [DDC approach](http://www.dwheeler.com/trusting-trust/) will not work. Net-list optimization is also an issue. We're looking into this, but it's going to be really hard. Research for v2. * Protoyping platform * [Bunnie's Novena laptop](http://www.bunniestudios.com/blog/?p=3265) * Altera Evaluation Board * RTC, external connectivity to et some sort of assured time * Repository - too many git junkies. Keep main repo on our server for the security boundary. Can mirror on GitHub to be socially cool. * Emacs or vi (no Rob, not TECO) :)