[Cryptech Tech] Hardware entropy

[Bernd Paysan]

Hi all,
Hi Peter Stuge (frequent LinuxTag booth neighbor),

Thanks to Heise, I got informed that you are working on a open+secure 
cryptochip.  Has anybody started with the entropy source yet?  I've several 
ideas how to create entropy on an FPGA, and I'd like to try them out...

The general structure of an entropy source would be: The source itself (using 
unreliable, self-timing, or instable configurations of the lookup tables, 
which probably requires some low-level entry, as the standard Verilog compiler 
might want to eliminate them...), which must have a raw access from the 
outside (to get and measure raw entropy, so we can be confident that it is 
good entropy), and a conditioner, which is a secure one-way function over the 
entropy bits (which makes measuring the entropy extremely hard, as the one-way 
function produces something that definitely looks like good entropy).

I'd prefer to use Keccak as conditioner, because that's a hash I have no 
doubts about.  There's a Keccak implementation on OpenCores.

For the protocol I'm designing, I want/need ed25519 (signatures+ecdh+keygen 
and revocation with derived keys), and Keccak for the hashes.  The thing 
should also have a keypad for PIN entry to unlock it.

-- 
Bernd Paysan
"If you want it done right, you have to do it yourself"
http://bernd-paysan.de/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cryptech.is/archives/tech/attachments/20140516/f52bf5e1/attachment.sig>