[Cryptech Tech] Restricting FPGA signing

Jakob Schlyter jakob at kirei.se
Mon Feb 2 06:49:27 UTC 2015


On 1 feb 2015, at 07:42, Basil Dolmatov <dol at reedcat.net> wrote:

> If HSM parses input and checks it against some policies, then it can do it more than once,
> 
> So, proposed algorithm has nothing with additional secuirty, it just can add performance to the security procedure which has been already set.

Your terse answer didn't really say if you were against the restriction per se, or against implementing it in the FGPA vs ARM. Now I understand.

I believe this boils down to how much separation we want between the ARM and the FGPA. If we consider them equal, I agree we can do all this in the ARM. If not, something like this would be useful.


	jakob



More information about the Tech mailing list