{{{ #!htmlcomment This page is maintained automatically by a script. Don't modify this page by hand, your changes will just be overwritten the next time the script runs. Talk to your Friendly Neighborhood Repository Maintainer if you need to change something here. }}} {{{ #!html
This core provides a 32-bit interface to a master key memory (MKM) implemented using an external volatile memory. The memory targeted is Microchip 23K640, a serial SRAM with a SPI interface.
The Master Key Memory is where a cryptographic master key is stored. The key is used (for example) to cryptographically wrap other keys and secrets. By wiping the MKM and thus the master key, the wrapped secrets are protected against leakage to a local attacker that physically breaks an active tamper detect shield.
The core will in future versions provide functionality to autonomously protect against memory remanence effects by rotating bits in stored data, and moving data to different addresses in the external memory. The core will also be able to autonomously zeroise the memory when given an alarm signal.
The current version however simply provides an interface to the slower, serial memory including initializing the memory in the correct mode. The core supports three commands: read word, write word, and initialize memory.
The SPI clock is generated by the core clock (clk) divided by the SPI clock divisor * 2 (the divisor is the half period in cycles). The default divisor is set to generate an SPI clock of less than 1 MHz when the core clock is 50 MHz. For other speeds and other core frequencies, the divisor will have to be adjusted.
The core will only read and write complete 32-bit words.
Commands given while the core is performing a read, write or initialization operation will silently be ignored.
The implementation is divided into three parts:
A SPI interface able to transmit a given number of bits at a given SPI clock rate. Data received are simultaneously collected and provided as read data. The SPI interface also generates the SPI clock and chip enable.
A Microchip-specific command handler that sends the read, write, and init commands to the memory using the SPI interface.
An API interface that provides the ability to configure the SPI clock speed, set the address to read or write, and data access.
The current implementation will initiate the Microchip memory directly after reset and set the memory in sequential mode. This means that it would actually be possible to write a stream of data to the memory, but since the API only handles a single 32-bit word, the mode is only used to remove the need to update the address between bytes.
Altera Cyclone IV E
Altera Cyclone V
Xilinx Spartan 6
Xilinx Artix 7
(2016-05-10)
The core has now been verified in a Xilinx Spartan-6 FPGA and the target Microchip memory connected to the FPGA memory. Read and write access has successfully been performed with SPI clock speeds from 300 Hz to 10 MHz.
(2016-05-02)
Functional development completed. Simulation based debugging completed. Built design for both Altera and Xilinx FPGAs.
(2016-04-25)
Refactored core into top_-, core- and spi-modules. Made the design much simpler. First implementation almost completed.
(2016-04-21)
Core implementation started.
}}} [[RepositoryIndex(format=table,glob=core/util/mkmif)]] || Clone `https://git.cryptech.is/core/util/mkmif.git` ||