[Cryptech Core] Proposal for new FPGA architecture

Joachim Strömbergson joachim at assured.se
Tue Nov 13 09:34:56 UTC 2018


Aloha!

I want to expand on one point below.

On 2018-11-13 10:01, Joachim Strömbergson wrote:
> As long as the CPU can know beforehand which ASN.1 fields (but not their
> actual value) to use for different processing operations in the FPGA
> this should work. But, if the CPU needs to process, look at the
> unwrapped ASN.1-fields in order to know what to do next, then this of
> course won't work. The only solution then is to have CPU functionality
> in the FPGA itself.

Using the hybrid CPU-FPGA chips I've talked about in another thread
would of course solve this problem. Another solution would be to add a
separate CPU core to the FPGA.

If we could extract the CPU-related parts of key generation (Chinese
remainder for example), signing to separate value related processing
from task, job and blob handling we could have a CPU slave inside the
FPGA and have the MCU controlling the operations. Perhaps.

This would of course require more FPGA resources, and we might have have
to move to a bigger FPGA device. This would drive BOM cost and possibly
require the use of at-cost tools to build the FPGA design. But it might
still be cheaper and a smaller change compared to using the hybrid devices.

As an example there is the PicoRV32 RISC-V core. If I understand
correctly it provides about the same CPI as a Cortex-M3. It can be
clocked very high in Xilinx-7 devices. It comes with zero kitchen sinks.
BSD licensed and imho very well designed.

https://github.com/cliffordwolf/picorv32

If we used this core we could clock it at one frequency, say 100, 133,
200 MHz and have the cores running at suitable integer divisor below
that allows them to meet the timing. If the amount of shuffling over FMC
would go down, we could use the asynch FMC solution as before to
decouple clocks and dependencies between the MCU and the FPGA.

The RISC-V code would be stored in BlockRAM (as ROM) and it would then
have enough BlockRAM to store data for processing. The CPU core would be
responsible for controlling the cores as needed to perform its higher
level key dependent operations. All stored inside the FPGA.


Just a thought.
-- 
Med vänlig hälsning, Yours

Joachim Strömbergson
========================================================================
                               Assured AB
========================================================================

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <https://lists.cryptech.is/archives/core/attachments/20181113/25a4b927/attachment.sig>


More information about the Core mailing list