[Cryptech Tech] Working memory on HSM for decrypted private key components?
Joachim Strömbergson
joachim at secworks.se
Wed Dec 16 14:16:38 UTC 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Aloha!
Rob Austein wrote:
>> Since the AVR can talk to the MKM and the CPU can talk to the AVR,
>> would a third electrical path really be necessary?
>
> If it prevents us from having developers sitting idle while waiting
> for the MKM core, yes; otherwise, probably not.
Having physical traces on the board just to reduce dev time a week or so
sounds to me like a bad solution. Esp if we instead could handle it by
planning SW (or HW development for the FPGA) to make MKM cpu access
functionality one of the first things to develop for the Alpha board.
The traces will be there for much, much longer time. The traces adds
complexity and if somebody forgets that jumper, opens up for a leakage
path of the master key. Imho.
- --
Med vänlig hälsning, Yours
Joachim Strömbergson - Alltid i harmonisk svängning.
========================================================================
Joachim Strömbergson Secworks AB joachim at secworks.se
========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQIcBAEBCAAGBQJWcXJGAAoJEF3cfFQkIuyN36MP/1NERGOv3qe+6QCPQWui8yiF
52QizzXLHQotK2NOk5wE1LgAdK7H3hyLlxCo2Y39DNtST/pPxYNT+ZlT4i8HcvBV
1F5+bVMaLpCxKR0rm0kbLlxCk/gbgM31lAgMNTylHrXBcxlfuCuMB/4PO51Gq+HM
mNf48MwQwMtjrAYNQi+uIpf/hPU+J5AZrZAOmJFgWBXvzbknil/SizPyM+MRt5BN
TjQT5Bl1ETcL73jQPGqivS42uInN2eNv7dWJwU/TmUmZb32x1idlMYIKieZm0a5/
ox/sd+GC8XW1S78KFMc3sC7RpR1eeHsImduinNPHZ/JMfytyDh9Ox1kZcrxlPMrf
CJ8CQwIMvK3TcFS2AMfXVvNV2Rz75xoFJ4ndQqA3V1USmRV3JcXkHB2pVJFrFM1A
qT3m7KVvFfyaAF0QC9nPtFh7Tw9opM6VkcSRraf7DcZ3EI+LibsgtVPz/86bO5bJ
9GPWml5NCaK8loweZIrw7qFI2M7ebvTO6p0LCF4qVsc+Bx81c5ghY863xxjjQxeC
VmJ4RP/GLy5nPrcLZ0qoiGy8YXiCf1EkEJo+szm5fAWOTsdnkZ51mdsVbhiRDdvv
k7MiHE9pmaRvK4EsmAG+BaSFKN4Obge8qddUXlurkcGuEmX/dEE688BsFJ97dpb3
RyOP31zjydSO5MBbdUFL
=17su
-----END PGP SIGNATURE-----
More information about the Tech
mailing list