[Cryptech Tech] Noise board on Novena

[Benedikt Stockebrand]

Hi again,

Fredrik Thulin <fredrik at thulin.net> writes:

> In my mind, the HSM we build will support third party entropy sources through 
> a simple SPI interface.

as Joachim already pointed out, SPI may be awkward to implement on the
FPGA side.  And there are other issues with it:

- SPI isn't cleanly defined with regard to clock speeds, protocols and
  especially error handling.  *If* we want to use it, then we have to
  get this cleanly specified.

- SPI is nice with an MCU, but do we really want one in addition to the
  FPGA?  An alternative is to deliver the (pseudo-)digital signal to an
  input pin on the FPGA and do the actual processing there.

> We haven't gotten to sort of specifying what quality the FPGA will 
> expect/require from the external entropy source(s). I'd say it probably won't 
> be "must be perfectly random", but I don't know how we will define it.
>
> As food for thought, maybe the spec would be something like "must give a Monte 
> Carlo test value of less than 0.1% in 100k readings" (I totally just made up 
> those numbers).

As I mentioned before, to my understanding that makes testing/auditing
significantly more difficult.  But yes, we definitely have to work on
that some time.


Cheers,

    Benedikt

-- 
Benedikt Stockebrand,                   Stepladder IT Training+Consulting
Dipl.-Inform.                           http://www.stepladder-it.com/

          Business Grade IPv6 --- Consulting, Training, Projects

BIVBlog---Benedikt's IT Video Blog: http://www.stepladder-it.com/bivblog/