[Cryptech Tech] Roadmap & remarks about the opportunity of developing a secure TOR router on the Novena platform.

Randy Bush randy at psg.com
Sat Aug 2 14:59:04 UTC 2014


And the pee cee is such a safe environment. and very few of the parts at NSA poisoned. 
-- 
Phones are not computers and suck for email

On August 2, 2014 12:43:51 PM CEST, "★ STMAN ★" <stman at riseup.net> wrote:
>Hi Joachim & Linus & Lilith,
>
>For the replacement of the Novena which is not « suitable » for
>prototyping secure TOR routers (Too many custom additionnal hardware to
>build for being fully operationnel), I am think for the moment to this
>develpment board :
>
>http://www.em.avnet.com/en-us/design/drc/Pages/Xilinx-Spartan-6-FPGA-LX75T-Development-Kit.aspx
>
>- It has all what is needed to do the job right.
>- It is not expensive.
>- It is suitable with its PCIexpress bus to fit in standard PC’s.
>- It has a standard FMC expansion connector :D
>
>What do you think of it ?
>
>Kind regards,
>
>Stman.
>
>
>
>Le 1 août 2014 à 17:17, Joachim Strömbergson <joachim at secworks.se> a
>écrit :
>
>> Signé partie PGP
>> Aloha!
>> 
>> Thanks for good comments and thoughts.
>> 
>> ★ STMAN ★ wrote:
>> > As you requested me, here are my comments and remarks about a
>> > Roadmap and « What would happen if we wanted to develop a secure
>TOR
>> > Router on the Novena as is » :
>> >
>> > Indeed there are other facts that you must know about the Novena
>and
>> > the problems that would rise to build a secure TOR EndPoint (With 1
>> > dedicated Ethernet port), or a secure TOR router / firewall (With 2
>> > dedicated Ethernet Ports):
>> >
>> > In order to use it as a prototyping/development platform, I am now
>> > convinced it is not the best choice to have :
>> 
>> Do you see it as not useful even for development purpose?
>> 
>> We do also develop the Cryptech HW using dedicated FPGA boards like
>the
>> TerasIC C5G board. For Tor this might be a more suitable solution
>where
>> we can lock down the FPGA configuration, provide local physical and
>> electrical mechanisms that blocks remote tampetering (and local
>tamper
>> detect).
>> 
>>
>http://www.terasic.com.tw/cgi-bin/page/archive.pl?Language=English&No=830
>> 
>> The board is not equipped with any Ethernet interfaces, but these can
>be
>> added using a separate extension board. Either one we design
>ourselves
>> or using a ready made (if that is ok):
>> 
>>
>http://www.terasic.com.tw/cgi-bin/page/archive.pl?Language=English&CategoryNo=71&No=355
>> 
>> For the SW/control part we can either add a separate CPU/MCU or
>include
>> a CPU core in the FPGA design.
>> 
>> --
>> Med vänlig hälsning, Yours
>> 
>> Joachim Strömbergson - Alltid i harmonisk svängning.
>>
>========================================================================
>> Joachim Strömbergson          Secworks AB         
>joachim at secworks.se
>>
>========================================================================
>> 
>
>
>
>------------------------------------------------------------------------
>
>_______________________________________________
>Tech mailing list
>Tech at cryptech.is
>https://lists.cryptech.is/listinfo/tech
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.cryptech.is/archives/tech/attachments/20140802/ad8ef806/attachment.html>


More information about the Tech mailing list