[Cryptech Core] arm

Peter Stuge peter at stuge.se
Sat Jan 10 13:35:26 UTC 2015


Randy Bush wrote:
> bunnie sez the board desiners in singapore and taiwan

Why wouldn't Cryptech design the board itself?

> so we kinda have to learn arm types to make a decision.

Regardless of neccessity this is just sound engineering.


> we think we want
>   o no or minimal magic blobs because it's inside the security boundary

"no" doesn't exist if the processor is capable of booting from an
external storage.


>   o support for booting, flash file system, and usb
>   o some speed, but the crypto is done in the fpga
>   o rtos components without rms virus
> 
> coretex

Please specify? Cortex spans from Cortex-M0 at 50MHz clock with a few
Kbyte of builtin flash and RAM with no external memory bus, to
Cortex-A15 at GHz with Gbyte of external flash and RAM. The larger
CPU family the more will be included in the physical component. You
may all already know that ARM (the company) is like a commercial
Cryptech for CPUs; they make no actual components, only processor
descriptions which are licensed to the component companies.


> + embkernel is one we looked at.  we worry about blobs and
> licensing.

embKernel is LGPL3 - does not really seem to fit the requirements for
Cryptech. LGPL means that given a product which includeds embKernel
the basic rules of GPL apply to the embKernel part (must provide to
customer source code or at least an offer, but see full license) and
in addition it must be possible for the customer to *replace*
embKernel with e.g. a newer version which is backwards compatible.

In practice this means that the application software must be included
at a minimum in object form, along with an appropriate toolchain, so
that the customer can rebuild the binaries themselves.

For Cryptech itself this isn't a problem, but LGPL like GPL will
certainly reduce uptake of the deliverables to zero in the market.

Nobody has time, money and interest to invest in the requirements
placed by GPL for an embedded system.


> so you have clue, advice, ...  or pointers to where we might find same?

Maybe I can contribute some advice, but I need to know requirements.


//Peter



More information about the Core mailing list