[Cryptech Tech] Noise board on Novena

Benedikt Stockebrand bs at stepladder-it.com
Sat Sep 20 11:24:20 UTC 2014


Hi once again,

Joachim Strömbergson <joachim at secworks.se> writes:

> I don't agree on the SPI interface though. ;-)

at least I see this as an issue we'll still have to talk about in more
detail.

> The important generic interface for the entropy sources in the TRNG
> looks like this:
>
>   output wire          enabled,
>   output wire          rnd_syn,
>   output wire [31 : 0] rnd_data,
>   input wire           rnd_ack,
>
> [...]

But this also has a major problem: With 32 bits in parallel this needs a
fairly serious MCU, which again makes it much easier to inject some sort
of malware since it offers way more resources.

How much of an effort would it be to reduce this to 8 or maybe even only
4 data wires?

And what about doing away with the MCU entirely, and feeding a raw noise
signal into the FPGA?  I'm aware that the edge detection algorithm for
the avalanche effect may be of little use to other sources (most notably
Bernd's ring oscillator) and as such any new kind of source will likely
need the FPGA code to be adapted again, but if there's no MCU then it
can't break and it can't be manipulated either.

> [...]
> You can see my first attempt of these interfaces here:
> http://trac.cryptech.is/browser/core/trng/src/rtl/trng.v

Yes yes yes, I'll learn about FPGAs.  Promised.  Next year or so:-)


Cheers,

    Benedikt

-- 
Benedikt Stockebrand,                   Stepladder IT Training+Consulting
Dipl.-Inform.                           http://www.stepladder-it.com/

          Business Grade IPv6 --- Consulting, Training, Projects

BIVBlog---Benedikt's IT Video Blog: http://www.stepladder-it.com/bivblog/


More information about the Tech mailing list