Slug: SunetInitialDevelopment Title: Planning for SUNET funded Cryptech Work Date: 2016-12-15 22:43 The following documents the first two development steps in Cryptech funded by SUNET. The development is being done by Joachim Strömbergson from Secworks AB. ## Step one (Deadline 2014-02-28) - Acquire a FPGA development platform. DONE. We have a Terasic DE0 board and a Terasic Cyclone V GX starter kit board. - Create a working development and verification flow from RTL design downto FPGA. - Verify the functionality of the SHA-256 core in a physical FPGA. ### Actions for step one - Select FPGA development board to acquire - Large enough to test sub systems and possibly a complete HSM. - Good external interfaces for communication with host systems. - Good external interfaces to entropy sources, memories, GPIO. Arduino Shields would be good. - Create a survey on interconnect standards usable for Cryptech - Availability and market share/usage in third party cores. - License - Technical details - Bus, fabric, performance etc. - Create base coretest functionality to allow testing of cores in the FPGA on the development board. Read and write access to registers over a known communication channel. - Verify the development flow from Verilog RTL downto FPGA. - Verifiera SHA-256 core using coretest. - Start FPGA tool survey - What is available as open tools and what is the status. - What is available as open tools from the vendors. - Talk to people in the industry to get their views on an open toolchain. ## Step two (Deadline 2014-03-31) - Produce first draft of design proposal to the Cryptech True Random Number Generator (TRNG) - Security target, security model and assumptions - Structure, architecture - API - Functionality - Online test system - Verification model - First two entropy sources - Complete SHA-1 core. Including functional verification in FPGA. - First draft of SHA-256 and SHA-1 core documentation. ### Actions for step two - Create template for documentation - Collect info on known TRNGs and TRNG strategies - Collect info on online tests being used. - Create proposal for architecture. - Write implementation proposal. - Specify API. - Write security target and security model. - Write assumptions and limitations. - Write verification model. - Finalize SHA-1 core RTl. - Build SHA-1 core in FPGA. - Verify SHA-1 functionality in FPGA using coretest. - Write documentation for SHA-256 core. - Write documentation for SHA-1 core.